Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/nyOmwlxV5K704jlIq59l5QgU9h8.roa
File: nyOmwlxV5K704jlIq59l5QgU9h8.roa (raw, json)
Hash identifier: Urdjo/C3Ex4F8Vs7LpnH851/UxTyKUFcKbZY/qgAsTk=
Subject key identifier: 9F:23:A6:C2:5C:55:E4:AE:F4:E2:39:48:AB:9F:65:E5:08:14:F6:1F
Certificate issuer: /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial: 01866DF3C56DCF264FDF4F2E400F60C52B62
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/nyOmwlxV5K704jlIq59l5QgU9h8.roa
Signing time: Mon 20 Feb 2023 08:32:17 +0000
ROA not before: Mon 20 Feb 2023 08:32:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209408
IP address blocks: 80.71.228.0/24 maxlen: 24
45.66.224.0/22 maxlen: 22
81.29.146.0/24 maxlen: 24
81.29.149.0/24 maxlen: 24
81.29.147.0/24 maxlen: 24
81.29.156.0/24 maxlen: 24
2a09:6c40::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 07 Mar 2023 12:19:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:6d:f3:c5:6d:cf:26:4f:df:4f:2e:40:0f:60:c5:2b:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Validity
Not Before: Feb 20 08:32:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9f23a6c25c55e4aef4e23948ab9f65e50814f61f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:5b:ee:6f:64:f2:b0:b5:11:90:99:d9:e2:13:
11:55:c4:10:c6:c8:b1:52:44:49:a0:37:26:6e:16:
b0:75:30:4c:de:ef:56:2e:8c:3f:59:13:f5:ca:3e:
df:37:7f:16:5a:fa:a6:3e:8d:07:9f:ae:d0:ce:44:
2b:a4:2f:85:87:55:cd:28:af:42:52:3f:40:33:af:
75:65:4a:01:f0:ed:e7:28:24:07:03:8c:53:79:66:
99:0a:64:77:4b:4f:e2:f2:ff:ec:8c:fc:3c:d2:40:
9f:f0:81:b3:38:de:de:8a:50:ea:07:9a:13:3e:78:
22:c1:da:52:cb:9d:0e:b1:89:38:a4:7f:04:29:33:
29:37:bc:c0:ad:bb:e4:64:5c:e6:bc:1c:ba:e9:5e:
43:72:8e:78:ed:b2:59:c1:d6:08:56:36:e9:62:c0:
f8:89:c7:61:5d:27:4b:78:c3:a0:1b:d5:5c:83:4a:
18:e7:38:dc:d1:3c:3a:15:aa:39:6b:4b:a9:34:ca:
73:ad:84:ff:1c:42:a2:f3:8e:99:e8:45:62:e9:a6:
a7:88:50:68:b0:3f:ec:72:5a:bc:48:24:87:cd:c9:
30:39:21:f7:a4:d8:52:42:51:18:ce:dd:ae:3e:b0:
ea:13:f3:33:d8:ff:34:64:dd:ab:e2:f1:3a:e4:3d:
be:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:23:A6:C2:5C:55:E4:AE:F4:E2:39:48:AB:9F:65:E5:08:14:F6:1F
X509v3 Authority Key Identifier:
keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/nyOmwlxV5K704jlIq59l5QgU9h8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.224.0/22
80.71.228.0/24
81.29.146.0/23
81.29.149.0/24
81.29.156.0/24
IPv6:
2a09:6c40::/29
Signature Algorithm: sha256WithRSAEncryption
6c:af:09:b1:9d:f7:58:e8:8b:06:95:cb:42:6c:bf:d3:9c:f8:
8e:31:d6:14:01:d8:da:56:93:c2:f4:50:f3:07:7c:12:d0:71:
a4:1d:d5:d7:62:b7:0e:f1:1c:e9:f1:51:b2:04:0b:43:39:8f:
d6:ff:73:03:92:97:85:c8:3c:ab:18:da:bf:b3:59:e3:c9:c7:
31:f5:11:4c:3f:9c:e1:20:82:27:a2:6e:e6:46:18:52:62:5f:
74:30:97:50:4d:99:a0:00:11:40:35:4c:f4:6f:d2:c4:69:90:
c3:f8:2a:a1:1f:71:61:99:67:e5:1c:7c:0e:16:e7:40:1a:d7:
da:d0:e6:19:f8:95:1c:66:f4:36:04:0f:ad:8d:a1:da:35:32:
b2:f4:54:15:8d:89:b2:3b:76:28:26:22:8a:52:d3:5a:4d:66:
07:c7:72:7a:f3:72:f5:ee:24:46:eb:a2:df:c2:16:41:e2:c8:
1f:62:43:8f:22:b9:36:73:89:fa:a3:4a:d0:ef:2b:2b:d7:c4:
df:5d:ad:0f:5e:70:79:62:57:dc:ef:96:2f:fa:f3:02:30:f5:
a3:d1:e4:d7:52:5c:81:06:67:4a:13:ab:a7:a1:76:64:80:e4:
e0:02:b4:6d:8b:d5:57:5c:d7:91:0d:95:d8:40:a5:0e:c5:86:
3e:9d:e6:de
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYZt88VtzyZP308uQA9gxStiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjMwMjIwMDgzMjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjIzYTZjMjVjNTVlNGFlZjRlMjM5NDhhYjlmNjVlNTA4MTRmNjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAllvub2TysLURkJnZ4hMRVcQQxsix
UkRJoDcmbhawdTBM3u9WLow/WRP1yj7fN38WWvqmPo0Hn67QzkQrpC+Fh1XNKK9C
Uj9AM691ZUoB8O3nKCQHA4xTeWaZCmR3S0/i8v/sjPw80kCf8IGzON7eilDqB5oT
PngiwdpSy50OsYk4pH8EKTMpN7zArbvkZFzmvBy66V5Dco547bJZwdYIVjbpYsD4
icdhXSdLeMOgG9Vcg0oY5zjc0Tw6Fao5a0upNMpzrYT/HEKi846Z6EVi6aaniFBo
sD/sclq8SCSHzckwOSH3pNhSQlEYzt2uPrDqE/Mz2P80ZN2r4vE65D2+vwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFJ8jpsJcVeSu9OI5SKufZeUIFPYfMB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvbnlPbXdseFY1SzcwNGpsSXE1OWw1UWdVOWg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCLULgAwQA
UEfkAwQBUR2SAwQAUR2VAwQAUR2cMA0EAgACMAcDBQMqCWxAMA0GCSqGSIb3DQEB
CwUAA4IBAQBsrwmxnfdY6IsGlctCbL/TnPiOMdYUAdjaVpPC9FDzB3wS0HGkHdXX
YrcO8Rzp8VGyBAtDOY/W/3MDkpeFyDyrGNq/s1njyccx9RFMP5zhIIInom7mRhhS
Yl90MJdQTZmgABFANUz0b9LEaZDD+CqhH3FhmWflHHwOFudAGtfa0OYZ+JUcZvQ2
BA+tjaHaNTKy9FQVjYmyO3YoJiKKUtNaTWYHx3J683L17iRG66LfwhZB4sgfYkOP
Irk2c4n6o0rQ7ysr18TfXa0PXnB5Ylfc75Yv+vMCMPWj0eTXUlyBBmdKE6unoXZk
gOTgArRti9VXXNeRDZXYQKUOxYY+nebe
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:40 2024 by rpki-client on console-fra.rpki-client.org