Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/n3gkBEawxDZYllfgSZQ1cFg0jr8.roa
File: n3gkBEawxDZYllfgSZQ1cFg0jr8.roa (raw, json)
Hash identifier: Ag+sIEEsTr6xPHRYZHEkHrZwwkHb0hz9Q220CFyOC/Q=
Subject key identifier: 9F:78:24:04:46:B0:C4:36:58:96:57:E0:49:94:35:70:58:34:8E:BF
Certificate issuer: /CN=0db67c5c7fa7fe2492eec37cf427642b71d425b0
Certificate serial: 01900D9C063D2722582175495FA832B8B197
Authority key identifier: 0D:B6:7C:5C:7F:A7:FE:24:92:EE:C3:7C:F4:27:64:2B:71:D4:25:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DbZ8XH-n_iSS7sN89CdkK3HUJbA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/n3gkBEawxDZYllfgSZQ1cFg0jr8.roa
Signing time: Wed 12 Jun 2024 18:00:47 +0000
ROA not before: Wed 12 Jun 2024 18:00:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50131
IP address blocks: 45.142.156.0/24 maxlen: 32
45.142.157.0/24 maxlen: 32
45.142.158.0/23 maxlen: 32
45.145.72.0/23 maxlen: 32
45.145.74.0/23 maxlen: 32
45.150.164.0/22 maxlen: 32
45.150.226.0/23 maxlen: 32
45.151.132.0/22 maxlen: 32
45.154.212.0/22 maxlen: 32
91.246.39.0/24 maxlen: 24
94.154.114.0/24 maxlen: 32
176.116.1.0/24 maxlen: 32
178.22.30.0/24 maxlen: 32
188.93.139.0/24 maxlen: 32
193.218.200.0/23 maxlen: 32
193.221.94.0/23 maxlen: 32
194.124.224.0/23 maxlen: 32
194.147.98.0/23 maxlen: 32
194.147.100.0/23 maxlen: 32
212.18.111.0/24 maxlen: 32
217.114.47.0/24 maxlen: 32
2a0e:da40:4000::/34 maxlen: 128
Validation: Failed, certificate revoked on Thu 15 Aug 2024 12:58:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:0d:9c:06:3d:27:22:58:21:75:49:5f:a8:32:b8:b1:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0db67c5c7fa7fe2492eec37cf427642b71d425b0
Validity
Not Before: Jun 12 18:00:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9f78240446b0c436589657e04994357058348ebf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:5b:03:b7:10:e8:d2:36:ea:62:04:3c:41:26:
8c:84:19:40:29:d4:5a:bf:4c:f4:cd:31:7f:a0:ab:
7a:76:cb:06:4d:17:23:4b:81:8e:2b:ac:47:4b:f4:
8f:f4:a7:06:6b:f7:52:bb:5d:cb:b2:7b:56:e0:e3:
5d:17:d3:07:a2:b2:8b:d6:02:8d:21:75:d3:92:ce:
29:57:c7:7f:47:b1:3d:0a:04:12:d4:ac:3d:f9:ca:
76:c0:2e:e7:ae:e9:d4:ce:79:cb:cb:65:d9:1b:77:
a0:f1:71:3c:2e:b5:8d:b4:bf:be:38:b2:cc:b9:1d:
5f:b2:b0:57:f9:26:a4:54:ab:da:19:54:c7:e9:1a:
fa:4a:ff:82:12:53:a2:79:e6:99:7b:cb:e0:39:c7:
67:1d:66:85:7e:b0:62:04:82:c0:6d:ef:c3:98:6d:
36:47:55:d2:4e:7a:5f:83:07:92:23:a4:00:07:56:
16:ff:c6:ca:e7:42:b6:4b:a3:62:a4:55:b4:39:32:
1f:54:8a:8b:23:63:37:0f:d3:ca:29:39:8d:2a:6b:
81:dd:70:24:31:01:1c:e9:68:ad:09:eb:41:67:c8:
42:ca:6a:19:7c:0d:94:47:e6:ef:82:e8:e5:6c:5f:
5c:b7:50:c6:6e:87:be:56:be:d6:00:d9:30:e0:49:
41:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:78:24:04:46:B0:C4:36:58:96:57:E0:49:94:35:70:58:34:8E:BF
X509v3 Authority Key Identifier:
keyid:0D:B6:7C:5C:7F:A7:FE:24:92:EE:C3:7C:F4:27:64:2B:71:D4:25:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DbZ8XH-n_iSS7sN89CdkK3HUJbA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/n3gkBEawxDZYllfgSZQ1cFg0jr8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/DbZ8XH-n_iSS7sN89CdkK3HUJbA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.156.0/22
45.145.72.0/22
45.150.164.0/22
45.150.226.0/23
45.151.132.0/22
45.154.212.0/22
91.246.39.0/24
94.154.114.0/24
176.116.1.0/24
178.22.30.0/24
188.93.139.0/24
193.218.200.0/23
193.221.94.0/23
194.124.224.0/23
194.147.98.0-194.147.101.255
212.18.111.0/24
217.114.47.0/24
IPv6:
2a0e:da40:4000::/34
Signature Algorithm: sha256WithRSAEncryption
6b:b3:c5:fa:53:c0:79:c1:b5:10:73:9c:4f:63:47:fa:b5:22:
09:e7:6f:68:3b:bf:f1:eb:46:86:4b:0a:c2:1e:7d:c1:ae:1c:
d0:da:0b:d2:ad:06:99:29:99:c9:bc:44:9d:59:57:38:52:16:
3f:23:98:50:fc:cf:d4:93:ed:1f:9c:35:48:3b:5a:a0:8c:d7:
bc:69:f5:69:27:bd:ad:e1:07:41:54:c7:73:ca:e0:88:fb:2e:
39:87:b4:5f:fe:97:a6:ec:05:9d:c8:ba:8e:23:d5:9b:64:20:
63:78:74:eb:45:d4:f1:6f:9c:32:13:ff:61:c0:c0:d7:d5:ab:
0d:9f:7e:98:07:91:17:54:f8:3a:51:ef:64:db:c9:58:0e:66:
79:50:48:21:e7:f6:ee:56:7c:70:b5:84:5f:c4:f8:7f:68:bb:
d4:9e:ab:d8:3f:40:26:c0:4c:ae:90:ba:2c:2d:5c:ad:42:18:
f0:09:99:d5:1f:12:5d:8e:5f:0b:ed:ee:73:70:f1:c6:f2:80:
01:82:0a:c7:d5:4f:0d:47:4a:1a:72:85:a1:9c:5d:01:f5:9b:
05:f1:79:68:f3:41:c1:15:b3:5e:5d:99:bd:94:72:e8:30:78:
ec:09:8c:c8:98:ff:84:93:f7:b9:b4:3c:bb:df:b5:6f:c8:8c:
53:8a:e9:e2
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAZANnAY9JyJYIXVJX6gyuLGXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkYjY3YzVjN2ZhN2ZlMjQ5MmVlYzM3Y2Y0Mjc2NDJiNzFk
NDI1YjAwHhcNMjQwNjEyMTgwMDQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Zjc4MjQwNDQ2YjBjNDM2NTg5NjU3ZTA0OTk0MzU3MDU4MzQ4ZWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu1sDtxDo0jbqYgQ8QSaMhBlAKdRa
v0z0zTF/oKt6dssGTRcjS4GOK6xHS/SP9KcGa/dSu13LsntW4ONdF9MHorKL1gKN
IXXTks4pV8d/R7E9CgQS1Kw9+cp2wC7nrunUznnLy2XZG3eg8XE8LrWNtL++OLLM
uR1fsrBX+SakVKvaGVTH6Rr6Sv+CElOieeaZe8vgOcdnHWaFfrBiBILAbe/DmG02
R1XSTnpfgweSI6QAB1YW/8bK50K2S6NipFW0OTIfVIqLI2M3D9PKKTmNKmuB3XAk
MQEc6WitCetBZ8hCymoZfA2UR+bvgujlbF9ct1DGboe+Vr7WANkw4ElBSwIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFJ94JARGsMQ2WJZX4EmUNXBYNI6/MB8GA1UdIwQY
MBaAFA22fFx/p/4kku7DfPQnZCtx1CWwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGJaOFhILW5faVNTN3NOODlDZGtLM0hVSmJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS8wZjM3NTctZjBlZC00ZTdlLTkzMjkt
YjAzZGY5OTZlNDgxLzEvbjNna0JFYXd4RFpZbGxmZ1NaUTFjRmcwanI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS8wZjM3NTctZjBlZC00ZTdlLTkzMjktYjAzZGY5OTZlNDgx
LzEvRGJaOFhILW5faVNTN3NOODlDZGtLM0hVSmJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGZBggrBgEFBQcBBwEB/wSBiTCBhjB0BAIAATBuAwQCLY6c
AwQCLZFIAwQCLZakAwQBLZbiAwQCLZeEAwQCLZrUAwQAW/YnAwQAXppyAwQAsHQB
AwQAshYeAwQAvF2LAwQBwdrIAwQBwd1eAwQBwnzgMAwDBAHCk2IDBAHCk2QDBADU
Em8DBADZci8wDgQCAAIwCAMGBioO2kBAMA0GCSqGSIb3DQEBCwUAA4IBAQBrs8X6
U8B5wbUQc5xPY0f6tSIJ529oO7/x60aGSwrCHn3BrhzQ2gvSrQaZKZnJvESdWVc4
UhY/I5hQ/M/Uk+0fnDVIO1qgjNe8afVpJ72t4QdBVMdzyuCI+y45h7Rf/pem7AWd
yLqOI9WbZCBjeHTrRdTxb5wyE/9hwMDX1asNn36YB5EXVPg6Ue9k28lYDmZ5UEgh
5/buVnxwtYRfxPh/aLvUnqvYP0AmwEyukLosLVytQhjwCZnVHxJdjl8L7e5zcPHG
8oABggrH1U8NR0oacoWhnF0B9ZsF8Xlo80HBFbNeXZm9lHLoMHjsCYzImP+Ek/e5
tDy737VvyIxTiuni
-----END CERTIFICATE-----
Generated at Thu Aug 15 17:31:37 2024 by rpki-client on console-ams.rpki-client.org