Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/a46c86-4b08-482b-92ca-84ee22a3ee5b/1/NAWuvCN1hB-Y9etFw5DeUDl27kk.roa
File: NAWuvCN1hB-Y9etFw5DeUDl27kk.roa (raw, json)
Hash identifier: KxNI8dutWNqWeqf7umw1g6YLYZctA486ahCXgZOFegQ=
Subject key identifier: 34:05:AE:BC:23:75:84:1F:98:F5:EB:45:C3:90:DE:50:39:76:EE:49
Certificate issuer: /CN=fdad61d8e8c1abda8596930e21f18211a517681f
Certificate serial: 018D5946F7B851245783D7DDF3609C6CB1D1
Authority key identifier: FD:AD:61:D8:E8:C1:AB:DA:85:96:93:0E:21:F1:82:11:A5:17:68:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_a1h2OjBq9qFlpMOIfGCEaUXaB8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/a46c86-4b08-482b-92ca-84ee22a3ee5b/1/NAWuvCN1hB-Y9etFw5DeUDl27kk.roa
Signing time: Tue 30 Jan 2024 07:30:39 +0000
ROA not before: Tue 30 Jan 2024 07:30:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51178
IP address blocks: 5.61.13.0/24 maxlen: 24
5.61.14.0/23 maxlen: 24
91.219.64.0/22 maxlen: 24
92.249.4.0/24 maxlen: 24
185.218.68.0/23 maxlen: 24
185.218.70.0/24 maxlen: 24
188.68.184.0/22 maxlen: 23
2a00:9801::/32 maxlen: 32
2a0b:d0c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 30 May 2024 07:17:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:59:46:f7:b8:51:24:57:83:d7:dd:f3:60:9c:6c:b1:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fdad61d8e8c1abda8596930e21f18211a517681f
Validity
Not Before: Jan 30 07:30:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3405aebc2375841f98f5eb45c390de503976ee49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:5c:b0:3b:90:f7:4a:39:01:20:9e:fa:82:ef:
0b:da:b1:d1:42:76:6f:7d:b6:2d:5d:43:66:33:5e:
0c:7d:d4:50:36:3d:e6:88:4e:4d:45:ea:de:78:d6:
17:6e:2e:f0:e0:f1:19:25:1e:d0:c3:2a:c0:81:d6:
8b:97:37:e8:db:6f:1f:fb:46:4b:4d:1d:f3:4a:37:
c5:72:04:ad:a2:a0:84:90:5a:cd:39:c9:a3:09:10:
18:00:5b:a2:ea:2f:9f:09:d1:52:d5:8a:32:b9:10:
8b:fe:99:88:9d:7b:81:fb:76:00:bc:06:2d:3e:3f:
b6:1b:76:7c:26:32:13:65:17:86:24:45:a5:ef:33:
af:a0:a5:0d:74:5f:e4:e9:3d:73:8b:38:41:35:62:
17:26:1e:0a:18:8e:16:83:14:15:52:1c:f2:af:a1:
d4:06:93:3a:ca:0d:d1:fc:a0:9c:bb:ff:ce:73:f9:
4a:5f:de:63:6d:80:ca:47:4b:1f:08:69:65:b2:fe:
85:ec:76:ff:de:2c:99:ea:0c:67:ea:6d:3e:65:6b:
16:f3:24:95:1e:7d:3d:e9:cb:09:0c:e5:84:e0:f3:
9b:94:3d:87:f9:1d:07:d7:7f:29:9a:d1:57:46:41:
36:1a:42:dc:20:ee:46:12:52:64:bd:a4:5b:01:c5:
29:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:05:AE:BC:23:75:84:1F:98:F5:EB:45:C3:90:DE:50:39:76:EE:49
X509v3 Authority Key Identifier:
keyid:FD:AD:61:D8:E8:C1:AB:DA:85:96:93:0E:21:F1:82:11:A5:17:68:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_a1h2OjBq9qFlpMOIfGCEaUXaB8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/a46c86-4b08-482b-92ca-84ee22a3ee5b/1/NAWuvCN1hB-Y9etFw5DeUDl27kk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/a46c86-4b08-482b-92ca-84ee22a3ee5b/1/_a1h2OjBq9qFlpMOIfGCEaUXaB8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.13.0-5.61.15.255
91.219.64.0/22
92.249.4.0/24
185.218.68.0-185.218.70.255
188.68.184.0/22
IPv6:
2a00:9801::/32
2a0b:d0c0::/29
Signature Algorithm: sha256WithRSAEncryption
6e:0f:76:7d:b5:33:af:42:97:50:36:44:4d:ad:2b:fb:7b:04:
a8:68:ce:84:35:4f:0c:c1:bd:b2:e7:29:98:e3:60:cc:02:ce:
7f:16:71:8a:13:8c:21:3f:2b:d7:69:93:a2:9f:8f:c7:32:1c:
d0:3b:0c:cd:59:0d:e3:c6:11:af:44:24:47:17:ef:99:0b:c0:
61:84:fc:80:c6:29:32:1c:a3:68:1f:e7:d3:72:e8:e2:00:7a:
22:93:58:f9:46:d2:86:d9:f1:38:93:52:1f:ea:d6:4a:89:c9:
da:42:1c:b3:02:b0:83:3a:3c:e7:7a:7a:8c:5e:7b:02:d8:6c:
d5:93:f9:13:58:4a:28:15:4d:8e:3d:b0:20:e4:49:98:81:3d:
4f:d6:37:ab:39:a0:d9:1a:8a:fb:80:43:e6:64:bc:12:74:60:
ba:a2:66:89:f4:85:f5:ef:43:31:aa:20:e0:f4:b5:3f:d9:50:
70:68:d7:65:dd:3d:de:00:f6:75:9f:dd:2f:bf:67:30:65:7f:
38:8d:6a:12:5b:0a:90:60:ef:6f:57:5a:56:63:74:a8:fd:d9:
1a:3e:60:88:51:dc:6d:d8:05:81:97:11:63:82:ec:72:26:7b:
b2:eb:9f:ed:df:9f:ea:e7:db:38:b5:3b:c1:db:ad:73:5e:c1:
5c:fb:8f:e0
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAY1ZRve4USRXg9fd82CcbLHRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkYWQ2MWQ4ZThjMWFiZGE4NTk2OTMwZTIxZjE4MjExYTUx
NzY4MWYwHhcNMjQwMTMwMDczMDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDA1YWViYzIzNzU4NDFmOThmNWViNDVjMzkwZGU1MDM5NzZlZTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAllywO5D3SjkBIJ76gu8L2rHRQnZv
fbYtXUNmM14MfdRQNj3miE5NRereeNYXbi7w4PEZJR7QwyrAgdaLlzfo228f+0ZL
TR3zSjfFcgStoqCEkFrNOcmjCRAYAFui6i+fCdFS1YoyuRCL/pmInXuB+3YAvAYt
Pj+2G3Z8JjITZReGJEWl7zOvoKUNdF/k6T1zizhBNWIXJh4KGI4WgxQVUhzyr6HU
BpM6yg3R/KCcu//Oc/lKX95jbYDKR0sfCGllsv6F7Hb/3iyZ6gxn6m0+ZWsW8ySV
Hn096csJDOWE4POblD2H+R0H138pmtFXRkE2GkLcIO5GElJkvaRbAcUp4QIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFDQFrrwjdYQfmPXrRcOQ3lA5du5JMB8GA1UdIwQY
MBaAFP2tYdjowavahZaTDiHxghGlF2gfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2ExaDJPakJxOXFGbHBNT0lmR0NFYVVYYUI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9hNDZjODYtNGIwOC00ODJiLTkyY2Et
ODRlZTIyYTNlZTViLzEvTkFXdXZDTjFoQi1ZOWV0Rnc1RGVVRGwyN2trLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy9hNDZjODYtNGIwOC00ODJiLTkyY2EtODRlZTIyYTNlZTVi
LzEvX2ExaDJPakJxOXFGbHBNT0lmR0NFYVVYYUI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDA0BAIAATAuMAwDBAAFPQ0D
BAQFPQADBAJb20ADBABc+QQwDAMEArnaRAMEALnaRgMEArxEuDAUBAIAAjAOAwUA
KgCYAQMFAyoL0MAwDQYJKoZIhvcNAQELBQADggEBAG4Pdn21M69Cl1A2RE2tK/t7
BKhozoQ1TwzBvbLnKZjjYMwCzn8WcYoTjCE/K9dpk6Kfj8cyHNA7DM1ZDePGEa9E
JEcX75kLwGGE/IDGKTIco2gf59Ny6OIAeiKTWPlG0obZ8TiTUh/q1kqJydpCHLMC
sIM6POd6eoxeewLYbNWT+RNYSigVTY49sCDkSZiBPU/WN6s5oNkaivuAQ+ZkvBJ0
YLqiZon0hfXvQzGqIOD0tT/ZUHBo12XdPd4A9nWf3S+/ZzBlfziNahJbCpBg729X
WlZjdKj92Ro+YIhR3G3YBYGXEWOC7HIme7Lrn+3fn+rn2zi1O8HbrXNewVz7j+A=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:28:38 2025 by rpki-client