Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/naGZKmNXPIL2e9NUn28pdGssvpg.roa
File: naGZKmNXPIL2e9NUn28pdGssvpg.roa (raw, json)
Hash identifier: 8bcEIgA4Tr4pJB3zzfaSQXpQ3HeB7newyIOE62la5HM=
Subject key identifier: 9D:A1:99:2A:63:57:3C:82:F6:7B:D3:54:9F:6F:29:74:6B:2C:BE:98
Certificate issuer: /CN=6c03a2caf298019fbd668621516c8c6e1d10e83c
Certificate serial: 018DD56E09CAC2000EB3E48D5DA056B3FB9D
Authority key identifier: 6C:03:A2:CA:F2:98:01:9F:BD:66:86:21:51:6C:8C:6E:1D:10:E8:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/naGZKmNXPIL2e9NUn28pdGssvpg.roa
Signing time: Fri 23 Feb 2024 10:06:14 +0000
ROA not before: Fri 23 Feb 2024 10:06:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203020
IP address blocks: 45.114.12.0/22 maxlen: 32
45.145.104.0/22 maxlen: 32
91.132.114.0/23 maxlen: 32
103.53.82.0/23 maxlen: 32
103.53.216.0/22 maxlen: 32
103.240.180.0/22 maxlen: 32
193.19.204.0/24 maxlen: 32
193.19.205.0/24 maxlen: 32
193.19.206.0/24 maxlen: 32
193.19.207.0/24 maxlen: 32
193.28.182.0/24 maxlen: 32
193.28.191.0/24 maxlen: 32
193.28.202.0/24 maxlen: 32
193.28.237.0/24 maxlen: 32
Validation: Failed, certificate revoked on Fri 10 May 2024 09:32:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:d5:6e:09:ca:c2:00:0e:b3:e4:8d:5d:a0:56:b3:fb:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c03a2caf298019fbd668621516c8c6e1d10e83c
Validity
Not Before: Feb 23 10:06:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9da1992a63573c82f67bd3549f6f29746b2cbe98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:a6:b2:4a:1a:3f:ef:ef:54:95:c4:8d:b7:7d:
e6:6f:2a:55:4e:08:be:cc:3a:4b:75:a1:0d:15:77:
ae:b7:92:b1:35:72:9c:9c:20:56:d0:27:01:c0:bd:
d5:5d:65:31:76:94:35:7c:be:e4:46:62:18:b0:52:
6f:3e:15:5e:7f:e0:5c:89:30:7c:a9:5b:5c:f5:74:
aa:b7:8a:00:88:11:63:ef:43:c2:1c:82:15:97:2b:
ac:fc:1e:8c:9a:fc:fe:05:76:dd:aa:01:f0:d4:87:
33:ba:d0:7a:cc:27:c6:74:35:ed:a2:e5:3b:da:a2:
39:ff:d3:ee:4a:26:3b:fe:c5:d1:20:85:96:7a:15:
23:31:c8:d2:7b:1c:ea:b9:ec:94:98:09:2d:99:5c:
09:de:98:87:b4:cf:ad:f8:b6:38:bc:e1:9b:72:88:
0e:99:88:18:50:44:4d:11:2c:da:2b:90:b3:e3:76:
23:f7:cf:24:d8:45:49:2d:5b:0b:c4:c8:04:db:68:
7d:5c:23:ec:47:a8:47:d4:09:df:f8:10:09:c2:bb:
09:8b:f8:9d:5d:79:aa:0c:e1:3a:56:29:ab:ea:bb:
5b:b2:97:cf:32:a6:5d:7d:a0:9b:fc:5c:0e:04:17:
f5:89:c7:db:18:fd:43:f1:1f:4e:0e:de:e3:ae:0f:
8a:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:A1:99:2A:63:57:3C:82:F6:7B:D3:54:9F:6F:29:74:6B:2C:BE:98
X509v3 Authority Key Identifier:
keyid:6C:03:A2:CA:F2:98:01:9F:BD:66:86:21:51:6C:8C:6E:1D:10:E8:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/naGZKmNXPIL2e9NUn28pdGssvpg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.114.12.0/22
45.145.104.0/22
91.132.114.0/23
103.53.82.0/23
103.53.216.0/22
103.240.180.0/22
193.19.204.0/22
193.28.182.0/24
193.28.191.0/24
193.28.202.0/24
193.28.237.0/24
Signature Algorithm: sha256WithRSAEncryption
53:54:cb:91:39:29:59:a9:7b:96:15:db:1c:ba:58:0e:7b:4c:
61:72:74:25:df:af:e2:ce:2d:dc:f5:51:4b:b2:01:b9:82:1e:
b7:bb:e0:20:bb:1d:91:a3:58:e0:93:53:c1:c5:eb:b8:68:84:
85:3a:40:61:36:7a:ee:9f:b3:c9:c2:b4:57:6b:33:2a:09:b2:
0e:eb:eb:6f:a4:53:e9:07:f4:b9:4d:53:2b:93:64:8e:9b:c7:
e9:68:3f:b3:56:a2:d1:70:cb:fc:c1:bf:b5:87:93:68:e8:f3:
b0:10:bc:7d:61:44:c6:b4:07:e3:7f:23:cd:08:9d:cf:f1:2c:
2a:29:ab:ab:4e:79:4c:68:cd:55:85:e9:cf:bc:12:85:37:0b:
58:3f:8c:f1:93:95:13:41:d4:8c:e0:d3:9a:0c:e5:ff:4c:87:
59:b1:d9:78:90:a4:e4:c7:08:6f:c8:e2:bb:de:67:de:9c:01:
d3:8a:69:f2:4c:af:72:87:9e:d7:2c:17:ca:3a:7b:ca:f0:f1:
d1:05:c2:f3:4e:06:a3:9d:6b:2f:a7:05:1c:4c:6d:c7:d3:7b:
8e:e6:7f:98:0e:85:13:97:d6:ea:a0:b1:c4:b9:ed:a2:a6:89:
9a:5c:f8:d3:ac:75:bf:91:2f:13:4c:84:b6:ae:d0:38:93:95:
f5:42:b7:e8
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAY3VbgnKwgAOs+SNXaBWs/udMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjMDNhMmNhZjI5ODAxOWZiZDY2ODYyMTUxNmM4YzZlMWQx
MGU4M2MwHhcNMjQwMjIzMTAwNjE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGExOTkyYTYzNTczYzgyZjY3YmQzNTQ5ZjZmMjk3NDZiMmNiZTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoqaySho/7+9UlcSNt33mbypVTgi+
zDpLdaENFXeut5KxNXKcnCBW0CcBwL3VXWUxdpQ1fL7kRmIYsFJvPhVef+BciTB8
qVtc9XSqt4oAiBFj70PCHIIVlyus/B6Mmvz+BXbdqgHw1IczutB6zCfGdDXtouU7
2qI5/9PuSiY7/sXRIIWWehUjMcjSexzqueyUmAktmVwJ3piHtM+t+LY4vOGbcogO
mYgYUERNESzaK5Cz43Yj988k2EVJLVsLxMgE22h9XCPsR6hH1Anf+BAJwrsJi/id
XXmqDOE6Vimr6rtbspfPMqZdfaCb/FwOBBf1icfbGP1D8R9ODt7jrg+K5QIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFJ2hmSpjVzyC9nvTVJ9vKXRrLL6YMB8GA1UdIwQY
MBaAFGwDosrymAGfvWaGIVFsjG4dEOg8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkFPaXl2S1lBWi05Wm9ZaFVXeU1iaDBRNkR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8xNmI4ZTQtMTI1My00ZDllLWJkNDkt
ZmMzN2ZiMGNkNDNiLzEvbmFHWkttTlhQSUwyZTlOVW4yOHBkR3NzdnBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8xNmI4ZTQtMTI1My00ZDllLWJkNDktZmMzN2ZiMGNkNDNi
LzEvYkFPaXl2S1lBWi05Wm9ZaFVXeU1iaDBRNkR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQCLXIMAwQC
LZFoAwQBW4RyAwQBZzVSAwQCZzXYAwQCZ/C0AwQCwRPMAwQAwRy2AwQAwRy/AwQA
wRzKAwQAwRztMA0GCSqGSIb3DQEBCwUAA4IBAQBTVMuROSlZqXuWFdsculgOe0xh
cnQl36/izi3c9VFLsgG5gh63u+Agux2Ro1jgk1PBxeu4aISFOkBhNnrun7PJwrRX
azMqCbIO6+tvpFPpB/S5TVMrk2SOm8fpaD+zVqLRcMv8wb+1h5No6POwELx9YUTG
tAfjfyPNCJ3P8SwqKaurTnlMaM1VhenPvBKFNwtYP4zxk5UTQdSM4NOaDOX/TIdZ
sdl4kKTkxwhvyOK73mfenAHTimnyTK9yh57XLBfKOnvK8PHRBcLzTgajnWsvpwUc
TG3H03uO5n+YDoUTl9bqoLHEue2ipomaXPjTrHW/kS8TTIS2rtA4k5X1Qrfo
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:58 2024 by rpki-client on console-fra.rpki-client.org