Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/nTM_01aMNgM6_rwC_pHGHyR8XGo.roa
File: nTM_01aMNgM6_rwC_pHGHyR8XGo.roa (raw, json)
Hash identifier: cThuOgI7s59gVFDVijeKxigD3QC6HLXWsRRuESJcWHQ=
Subject key identifier: 9D:33:3F:D3:56:8C:36:03:3A:FE:BC:02:FE:91:C6:1F:24:7C:5C:6A
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01919EA338FCEAF578A4DC485780EC649A3A
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/nTM_01aMNgM6_rwC_pHGHyR8XGo.roa
Signing time: Thu 29 Aug 2024 14:56:22 +0000
ROA not before: Thu 29 Aug 2024 14:56:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44559
IP address blocks: 217.60.60.0/24 maxlen: 24
217.60.79.0/24 maxlen: 24
217.60.81.0/24 maxlen: 24
217.60.82.0/24 maxlen: 24
217.60.115.0/24 maxlen: 24
217.60.116.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 04 Sep 2024 06:19:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:9e:a3:38:fc:ea:f5:78:a4:dc:48:57:80:ec:64:9a:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Aug 29 14:56:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9d333fd3568c36033afebc02fe91c61f247c5c6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:90:c0:af:e5:16:d4:26:cf:b5:22:97:e3:bd:
8d:ea:ab:a3:2a:59:eb:78:bc:d3:9a:23:3b:c7:19:
50:1d:5b:2f:bd:f2:09:c2:de:33:9f:16:9e:78:5a:
97:1e:cc:c9:23:b9:29:65:be:85:ea:31:66:50:43:
8a:a2:a3:cb:42:f8:f8:53:fb:80:6d:85:5a:fb:56:
ed:3b:6a:92:0c:56:9f:07:d1:64:9d:1b:5d:55:81:
29:dd:64:52:6d:d6:5b:97:63:d0:34:bf:99:72:b7:
69:04:4e:13:17:38:db:53:a1:6a:09:82:27:91:f1:
d8:e7:61:13:09:79:d2:11:cd:fd:f5:67:34:01:3e:
8c:f0:78:15:bc:60:10:f7:0c:61:d5:d3:f3:6f:40:
63:d0:f4:b4:25:10:a4:9a:59:a3:18:26:d8:6b:59:
cb:38:55:eb:cd:3a:a4:98:83:8c:dd:05:63:14:c0:
04:93:80:88:56:58:97:1b:fe:d4:62:01:b7:73:9e:
5f:dc:68:d5:29:fa:03:75:19:64:ec:b3:4d:9a:00:
5f:83:34:86:ef:be:bd:e3:02:ed:5e:f0:f6:82:55:
c0:e1:b6:34:2e:e6:86:36:d1:e4:0f:fe:8c:10:47:
e4:81:70:e9:8e:38:5c:9e:a8:82:12:cc:85:35:03:
66:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:33:3F:D3:56:8C:36:03:3A:FE:BC:02:FE:91:C6:1F:24:7C:5C:6A
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/nTM_01aMNgM6_rwC_pHGHyR8XGo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.60.60.0/24
217.60.79.0/24
217.60.81.0-217.60.82.255
217.60.115.0-217.60.116.255
Signature Algorithm: sha256WithRSAEncryption
5b:40:d6:81:42:2a:ed:c6:32:a7:30:d8:bc:81:24:9b:ac:e3:
88:2f:0f:b0:b2:a6:98:ab:28:dc:a2:bf:88:5a:f0:51:89:29:
0b:c4:93:9b:04:d4:e5:98:3f:ba:79:99:51:7b:c9:14:89:40:
69:8e:7a:ee:c8:03:51:a6:5c:d5:e4:69:e7:90:32:a0:6a:90:
b0:27:b3:fe:92:b4:db:2c:45:25:e0:59:c0:7e:ea:14:6b:da:
ef:49:07:bf:13:3a:22:d0:06:72:f4:0d:80:ba:cb:f8:93:89:
30:e9:e5:9a:16:d9:27:6d:b7:09:4a:d3:9e:37:31:61:3f:0d:
3c:4a:fe:cd:6c:1d:34:74:6a:87:4e:8f:7e:c0:a3:3a:ff:38:
be:e1:ec:0b:80:d1:f7:78:ff:60:52:30:54:86:ce:24:7d:79:
6a:ca:04:78:fb:a1:e9:f7:e3:26:69:ad:8b:97:bb:00:d3:04:
94:29:b4:20:5e:95:02:3a:db:74:01:04:50:5d:b4:7a:f4:83:
d6:4f:9c:82:d7:1f:6a:20:c3:04:87:e2:c4:d5:5b:20:1c:00:
96:5f:05:b5:07:84:ec:10:44:79:c3:ed:68:79:9f:0f:bf:8f:
69:e8:e5:31:88:f7:cb:41:e7:fd:7a:d6:5a:0c:32:eb:36:ac:
24:76:f3:f5
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZGeozj86vV4pNxIV4DsZJo6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQwODI5MTQ1NjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDMzM2ZkMzU2OGMzNjAzM2FmZWJjMDJmZTkxYzYxZjI0N2M1YzZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq5DAr+UW1CbPtSKX472N6qujKlnr
eLzTmiM7xxlQHVsvvfIJwt4znxaeeFqXHszJI7kpZb6F6jFmUEOKoqPLQvj4U/uA
bYVa+1btO2qSDFafB9FknRtdVYEp3WRSbdZbl2PQNL+ZcrdpBE4TFzjbU6FqCYIn
kfHY52ETCXnSEc399Wc0AT6M8HgVvGAQ9wxh1dPzb0Bj0PS0JRCkmlmjGCbYa1nL
OFXrzTqkmIOM3QVjFMAEk4CIVliXG/7UYgG3c55f3GjVKfoDdRlk7LNNmgBfgzSG
77694wLtXvD2glXA4bY0LuaGNtHkD/6MEEfkgXDpjjhcnqiCEsyFNQNmXQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFJ0zP9NWjDYDOv68Av6Rxh8kfFxqMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvblRNXzAxYU1OZ002X3J3Q19wSEdIeVI4WEdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQA2Tw8AwQA
2TxPMAwDBADZPFEDBADZPFIwDAMEANk8cwMEANk8dDANBgkqhkiG9w0BAQsFAAOC
AQEAW0DWgUIq7cYypzDYvIEkm6zjiC8PsLKmmKso3KK/iFrwUYkpC8STmwTU5Zg/
unmZUXvJFIlAaY567sgDUaZc1eRp55AyoGqQsCez/pK02yxFJeBZwH7qFGva70kH
vxM6ItAGcvQNgLrL+JOJMOnlmhbZJ223CUrTnjcxYT8NPEr+zWwdNHRqh06PfsCj
Ov84vuHsC4DR93j/YFIwVIbOJH15asoEePuh6ffjJmmti5e7ANMElCm0IF6VAjrb
dAEEUF20evSD1k+cgtcfaiDDBIfixNVbIBwAll8FtQeE7BBEecPtaHmfD7+Paejl
MYj3y0Hn/XrWWgwy6zasJHbz9Q==
-----END CERTIFICATE-----
Generated at Wed Sep 4 09:06:01 2024 by rpki-client on console-ams.rpki-client.org