Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/NtW1x35-rHF5XMIWEZbeo6i_Uzg.roa
File: NtW1x35-rHF5XMIWEZbeo6i_Uzg.roa (raw, json)
Hash identifier: cknvP+laUDLl8h8DlsMmRifQFvxFngpNDC/BK+YjCdM=
Subject key identifier: 36:D5:B5:C7:7E:7E:AC:71:79:5C:C2:16:11:96:DE:A3:A8:BF:53:38
Certificate issuer: /CN=5fbe65ae23f207fa695255f55a907ac1608be094
Certificate serial: 018EA8188CE672A461D3DD01C91040C03D1F
Authority key identifier: 5F:BE:65:AE:23:F2:07:FA:69:52:55:F5:5A:90:7A:C1:60:8B:E0:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X75lriPyB_ppUlX1WpB6wWCL4JQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/NtW1x35-rHF5XMIWEZbeo6i_Uzg.roa
Signing time: Thu 04 Apr 2024 07:52:44 +0000
ROA not before: Thu 04 Apr 2024 07:52:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215272
IP address blocks: 45.128.205.0/24 maxlen: 24
45.129.186.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 10 Apr 2024 13:50:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a8:18:8c:e6:72:a4:61:d3:dd:01:c9:10:40:c0:3d:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5fbe65ae23f207fa695255f55a907ac1608be094
Validity
Not Before: Apr 4 07:52:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=36d5b5c77e7eac71795cc2161196dea3a8bf5338
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:d4:c1:f8:6d:cb:5e:6c:59:b1:ed:9b:e6:13:
2e:88:ed:66:ab:be:34:5b:33:2b:fb:9a:19:80:08:
08:c9:1e:5c:cd:81:19:6e:2f:d9:1f:13:ae:2d:7b:
cd:14:36:ea:e2:3b:ee:cc:b5:18:d5:fe:47:21:53:
b1:18:31:53:96:60:38:6a:10:3f:da:87:ee:93:53:
5f:92:26:33:bf:0f:3e:29:86:6f:2b:40:59:ec:ea:
3f:61:cc:cd:4c:ad:25:bb:20:89:3a:77:14:c8:17:
56:36:85:ea:ba:a3:a9:5d:39:61:00:35:17:ca:d8:
fe:20:c7:06:8e:92:35:6a:2f:da:75:bc:be:2e:e4:
4f:19:96:73:07:84:76:36:c1:8c:3b:fb:6f:e7:91:
a1:61:4a:df:6b:02:62:03:51:65:eb:cd:82:cb:91:
84:1c:db:6d:63:66:1d:de:f7:00:48:a1:b4:40:10:
cd:e1:45:a8:51:22:d4:c8:99:31:bb:05:aa:f5:96:
3e:1d:7e:fb:0e:fa:4a:2f:2b:26:9e:fe:6d:ed:85:
b3:3c:95:26:79:a9:27:8f:15:f4:9d:be:96:e1:d7:
01:61:c8:fd:03:b8:d7:11:69:80:bf:28:e1:f8:78:
a8:f8:a0:02:4d:db:18:e8:ff:26:41:bd:52:e9:de:
77:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:D5:B5:C7:7E:7E:AC:71:79:5C:C2:16:11:96:DE:A3:A8:BF:53:38
X509v3 Authority Key Identifier:
keyid:5F:BE:65:AE:23:F2:07:FA:69:52:55:F5:5A:90:7A:C1:60:8B:E0:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X75lriPyB_ppUlX1WpB6wWCL4JQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/NtW1x35-rHF5XMIWEZbeo6i_Uzg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/X75lriPyB_ppUlX1WpB6wWCL4JQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.205.0/24
45.129.186.0/24
Signature Algorithm: sha256WithRSAEncryption
20:c6:8e:6a:1a:70:ab:a9:1d:52:55:b1:93:f0:a4:c0:eb:3c:
46:1b:11:fb:b7:03:c2:d6:d4:25:92:82:57:78:84:f5:28:f2:
c0:0e:0b:0f:52:1c:38:f3:4e:e4:9a:f7:93:a9:f0:e1:b3:91:
ab:20:2c:78:e4:31:77:9e:84:e0:cb:87:e3:53:46:cb:80:04:
7b:59:c1:e6:55:c6:f3:2f:50:8f:61:dc:b2:68:a2:38:f7:c0:
fb:b7:21:61:e3:40:41:f7:b0:fe:42:e0:aa:d1:19:74:04:8b:
e3:cb:b0:aa:8d:4f:8b:53:cd:04:14:36:1a:76:45:14:21:8c:
6b:0d:b7:12:9e:5d:31:f3:18:e8:7d:67:62:bc:7f:0b:92:db:
13:4c:1b:27:80:b5:56:81:11:f0:d1:f1:d5:7a:f0:18:d9:e7:
b3:40:e5:0f:dc:b6:00:09:af:dc:7c:77:82:58:47:95:48:84:
46:42:bc:17:32:95:df:fa:c7:42:80:d5:1b:2f:e0:d5:d8:e3:
99:44:b5:5b:b7:b1:23:a9:7d:46:46:27:12:52:28:b7:82:9a:
21:75:16:c7:a7:cd:9e:4f:12:5f:87:d5:78:2b:ee:65:85:05:
96:e5:6a:eb:f2:60:f9:91:a2:fa:94:66:75:b7:23:48:7c:48:
69:ee:1d:63
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY6oGIzmcqRh090ByRBAwD0fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmYmU2NWFlMjNmMjA3ZmE2OTUyNTVmNTVhOTA3YWMxNjA4
YmUwOTQwHhcNMjQwNDA0MDc1MjQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmQ1YjVjNzdlN2VhYzcxNzk1Y2MyMTYxMTk2ZGVhM2E4YmY1MzM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwdTB+G3LXmxZse2b5hMuiO1mq740
WzMr+5oZgAgIyR5czYEZbi/ZHxOuLXvNFDbq4jvuzLUY1f5HIVOxGDFTlmA4ahA/
2ofuk1NfkiYzvw8+KYZvK0BZ7Oo/YczNTK0luyCJOncUyBdWNoXquqOpXTlhADUX
ytj+IMcGjpI1ai/adby+LuRPGZZzB4R2NsGMO/tv55GhYUrfawJiA1Fl682Cy5GE
HNttY2Yd3vcASKG0QBDN4UWoUSLUyJkxuwWq9ZY+HX77DvpKLysmnv5t7YWzPJUm
eaknjxX0nb6W4dcBYcj9A7jXEWmAvyjh+Hio+KACTdsY6P8mQb1S6d536QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDbVtcd+fqxxeVzCFhGW3qOov1M4MB8GA1UdIwQY
MBaAFF++Za4j8gf6aVJV9VqQesFgi+CUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDc1bHJpUHlCX3BwVWxYMVdwQjZ3V0NMNEpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9mNDMxOWYtM2RmYi00MmVhLWJhOTUt
NDkyYWIzNzI2ODlkLzEvTnRXMXgzNS1ySEY1WE1JV0VaYmVvNmlfVXpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9mNDMxOWYtM2RmYi00MmVhLWJhOTUtNDkyYWIzNzI2ODlk
LzEvWDc1bHJpUHlCX3BwVWxYMVdwQjZ3V0NMNEpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALYDNAwQA
LYG6MA0GCSqGSIb3DQEBCwUAA4IBAQAgxo5qGnCrqR1SVbGT8KTA6zxGGxH7twPC
1tQlkoJXeIT1KPLADgsPUhw4807kmveTqfDhs5GrICx45DF3noTgy4fjU0bLgAR7
WcHmVcbzL1CPYdyyaKI498D7tyFh40BB97D+QuCq0Rl0BIvjy7CqjU+LU80EFDYa
dkUUIYxrDbcSnl0x8xjofWdivH8LktsTTBsngLVWgRHw0fHVevAY2eezQOUP3LYA
Ca/cfHeCWEeVSIRGQrwXMpXf+sdCgNUbL+DV2OOZRLVbt7EjqX1GRicSUii3gpoh
dRbHp82eTxJfh9V4K+5lhQWW5Wrr8mD5kaL6lGZ1tyNIfEhp7h1j
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:59 2024 by rpki-client on console-fra.rpki-client.org