Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/71fea1-3919-42f7-9e03-e4030fa1b04a/1/NSy3A8B5s_Zo37PyP77si7sfNXw.roa
File: NSy3A8B5s_Zo37PyP77si7sfNXw.roa (raw, json)
Hash identifier: M6wGloGtqAvmKnwwQ5355XWGjETpBq4S8SSDtPJzMj4=
Subject key identifier: 35:2C:B7:03:C0:79:B3:F6:68:DF:B3:F2:3F:BE:EC:8B:BB:1F:35:7C
Certificate issuer: /CN=2c6d66124362880f5e4c54852f8376d2b9d137f4
Certificate serial: 0194266B741F68011DFF8E02837DE798EFAF
Authority key identifier: 2C:6D:66:12:43:62:88:0F:5E:4C:54:85:2F:83:76:D2:B9:D1:37:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LG1mEkNiiA9eTFSFL4N20rnRN_Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/71fea1-3919-42f7-9e03-e4030fa1b04a/1/NSy3A8B5s_Zo37PyP77si7sfNXw.roa
Signing time: Thu 02 Jan 2025 09:49:23 +0000
ROA not before: Thu 02 Jan 2025 09:49:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50326
IP address blocks: 45.158.176.0/22 maxlen: 22
185.101.240.0/22 maxlen: 22
185.227.220.0/22 maxlen: 22
195.191.28.0/23 maxlen: 24
2a0c:ce00::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 24 Jan 2025 11:37:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:74:1f:68:01:1d:ff:8e:02:83:7d:e7:98:ef:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c6d66124362880f5e4c54852f8376d2b9d137f4
Validity
Not Before: Jan 2 09:49:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=352cb703c079b3f668dfb3f23fbeec8bbb1f357c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:92:9f:a3:8b:f6:17:be:d0:a6:39:45:49:e2:
68:ba:03:c6:60:dc:55:a4:5b:5d:7e:12:62:ca:99:
1c:9e:4c:60:c5:06:0a:24:0b:e8:0a:38:21:04:83:
52:a0:63:a1:76:15:a6:77:3d:d3:fc:5c:bc:fa:66:
61:d4:9a:c3:12:79:a2:79:b6:bd:1e:8f:f8:58:82:
ad:0b:a4:60:0d:cc:55:86:f1:f7:a1:2e:90:87:31:
03:a9:61:4a:84:85:a7:6c:e0:59:4d:68:9e:87:f7:
53:70:b9:fc:ba:52:18:1c:24:d3:35:b5:67:9b:65:
88:97:c4:c1:ad:27:e2:af:9e:8a:46:be:83:32:57:
a7:a5:2e:b9:fd:c3:2c:ed:4a:30:6a:32:be:b9:96:
63:1a:ef:f6:ec:c7:b6:10:1c:3c:da:1c:96:7a:b8:
41:b9:44:df:77:7f:2f:a2:0e:35:59:62:50:66:53:
7d:91:29:16:90:93:bb:8f:73:39:f7:bf:e3:55:8c:
1c:4b:26:d3:87:8b:27:8d:d9:d8:11:a1:bf:d9:ff:
cb:91:53:23:9a:81:b3:20:c4:3c:0e:84:74:3b:10:
05:78:b4:73:72:50:81:c4:a3:e5:7d:76:95:0c:05:
d3:7d:5f:07:3f:a4:97:8d:04:37:6b:d1:f7:86:a3:
e4:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:2C:B7:03:C0:79:B3:F6:68:DF:B3:F2:3F:BE:EC:8B:BB:1F:35:7C
X509v3 Authority Key Identifier:
keyid:2C:6D:66:12:43:62:88:0F:5E:4C:54:85:2F:83:76:D2:B9:D1:37:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LG1mEkNiiA9eTFSFL4N20rnRN_Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/71fea1-3919-42f7-9e03-e4030fa1b04a/1/NSy3A8B5s_Zo37PyP77si7sfNXw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/71fea1-3919-42f7-9e03-e4030fa1b04a/1/LG1mEkNiiA9eTFSFL4N20rnRN_Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.176.0/22
185.101.240.0/22
185.227.220.0/22
195.191.28.0/23
IPv6:
2a0c:ce00::/29
Signature Algorithm: sha256WithRSAEncryption
c0:95:eb:4d:5f:02:03:7d:06:73:ba:14:3e:33:1f:86:a5:bb:
81:ac:86:39:e1:fd:0e:9d:c4:41:4d:4d:bb:30:1e:d9:e2:d8:
b2:5b:64:c3:20:31:87:19:2b:30:94:89:67:6d:17:e6:67:1c:
06:3b:5a:48:a1:31:01:e5:ec:96:e1:08:d6:22:4f:a0:25:b7:
48:f1:14:5a:dc:5a:6a:84:81:ee:bc:af:e8:ca:ae:76:f5:3b:
f0:0b:4b:81:78:60:6b:51:06:44:32:ba:6c:ab:41:0f:26:e1:
41:f7:e0:03:e3:b6:36:08:5f:a4:66:81:93:ff:62:91:10:8a:
5c:17:d2:6b:fd:1a:1c:06:36:51:c2:39:dd:53:be:42:3d:85:
37:9b:9a:cf:8b:79:72:39:b0:d9:b2:4c:10:d3:99:e1:ba:47:
f3:7d:46:83:85:6f:6a:51:b1:0b:c0:41:6f:c3:2a:eb:c6:41:
d9:42:a5:2d:fa:1b:89:b7:26:7f:23:1c:9f:55:10:b8:85:24:
c0:19:fd:1d:38:91:a6:be:36:1a:7f:32:4d:4e:6d:9d:27:f4:
03:c1:01:6e:12:d2:3c:43:21:da:da:b5:82:45:89:e1:68:4d:
0b:4f:ea:23:08:65:0e:b4:43:e4:f9:2d:c8:58:6c:84:39:57:
45:69:52:48
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQma3QfaAEd/44Cg33nmO+vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjNmQ2NjEyNDM2Mjg4MGY1ZTRjNTQ4NTJmODM3NmQyYjlk
MTM3ZjQwHhcNMjUwMTAyMDk0OTIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTJjYjcwM2MwNzliM2Y2NjhkZmIzZjIzZmJlZWM4YmJiMWYzNTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl5Kfo4v2F77QpjlFSeJougPGYNxV
pFtdfhJiypkcnkxgxQYKJAvoCjghBINSoGOhdhWmdz3T/Fy8+mZh1JrDEnmieba9
Ho/4WIKtC6RgDcxVhvH3oS6QhzEDqWFKhIWnbOBZTWieh/dTcLn8ulIYHCTTNbVn
m2WIl8TBrSfir56KRr6DMlenpS65/cMs7UowajK+uZZjGu/27Me2EBw82hyWerhB
uUTfd38vog41WWJQZlN9kSkWkJO7j3M597/jVYwcSybTh4snjdnYEaG/2f/LkVMj
moGzIMQ8DoR0OxAFeLRzclCBxKPlfXaVDAXTfV8HP6SXjQQ3a9H3hqPkkwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFDUstwPAebP2aN+z8j++7Iu7HzV8MB8GA1UdIwQY
MBaAFCxtZhJDYogPXkxUhS+DdtK50Tf0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEcxbUVrTmlpQTllVEZTRkw0TjIwcm5STl9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS83MWZlYTEtMzkxOS00MmY3LTllMDMt
ZTQwMzBmYTFiMDRhLzEvTlN5M0E4QjVzX1pvMzdQeVA3N3NpN3NmTlh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS83MWZlYTEtMzkxOS00MmY3LTllMDMtZTQwMzBmYTFiMDRh
LzEvTEcxbUVrTmlpQTllVEZTRkw0TjIwcm5STl9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCLZ6wAwQC
uWXwAwQCuePcAwQBw78cMA0EAgACMAcDBQMqDM4AMA0GCSqGSIb3DQEBCwUAA4IB
AQDAletNXwIDfQZzuhQ+Mx+GpbuBrIY54f0OncRBTU27MB7Z4tiyW2TDIDGHGSsw
lIlnbRfmZxwGO1pIoTEB5eyW4QjWIk+gJbdI8RRa3FpqhIHuvK/oyq529TvwC0uB
eGBrUQZEMrpsq0EPJuFB9+AD47Y2CF+kZoGT/2KREIpcF9Jr/RocBjZRwjndU75C
PYU3m5rPi3lyObDZskwQ05nhukfzfUaDhW9qUbELwEFvwyrrxkHZQqUt+huJtyZ/
IxyfVRC4hSTAGf0dOJGmvjYafzJNTm2dJ/QDwQFuEtI8QyHa2rWCRYnhaE0LT+oj
CGUOtEPk+S3IWGyEOVdFaVJI
-----END CERTIFICATE-----
Generated at Sat Apr 19 16:05:40 2025 by rpki-client