Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/6555e3-82f6-46ca-a170-48f77ee85ab9/1/NBFhrr4IC16g6sYAZj8s8sp-so0.roa
File: NBFhrr4IC16g6sYAZj8s8sp-so0.roa (raw, json)
Hash identifier: 4RzvV9bwnp9iNeBTuu9xy/dWFXDfl2efEkGnPvtYlgo=
Subject key identifier: 34:11:61:AE:BE:08:0B:5E:A0:EA:C6:00:66:3F:2C:F2:CA:7E:B2:8D
Certificate issuer: /CN=5bc9a6c85ca7a5657b9e8ae80865d12ef8166a03
Certificate serial: 01856E8B383F092D50B5B59FA7A6F6585154
Authority key identifier: 5B:C9:A6:C8:5C:A7:A5:65:7B:9E:8A:E8:08:65:D1:2E:F8:16:6A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W8mmyFynpWV7noroCGXRLvgWagM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/6555e3-82f6-46ca-a170-48f77ee85ab9/1/NBFhrr4IC16g6sYAZj8s8sp-so0.roa
Signing time: Sun 01 Jan 2023 18:14:55 +0000
ROA not before: Sun 01 Jan 2023 18:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13172
IP address blocks: 195.225.127.0/24 maxlen: 24
91.211.232.0/24 maxlen: 24
185.108.188.0/24 maxlen: 24
91.211.235.0/24 maxlen: 24
91.211.234.0/24 maxlen: 24
2a03:d180::/32 maxlen: 32
2a03:d180:fffe::/48 maxlen: 48
2a03:d180:ffff::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:30:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:8b:38:3f:09:2d:50:b5:b5:9f:a7:a6:f6:58:51:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5bc9a6c85ca7a5657b9e8ae80865d12ef8166a03
Validity
Not Before: Jan 1 18:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=341161aebe080b5ea0eac600663f2cf2ca7eb28d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:bf:8a:ef:cd:94:b6:fa:ff:92:50:39:57:15:
84:2a:9a:53:38:94:4f:d2:65:12:00:0a:0e:07:8c:
3e:2e:af:d9:34:fa:53:ac:02:04:76:f3:0c:9d:ab:
e2:e7:6b:8b:cd:91:0f:f9:bd:f5:67:af:91:e7:85:
ea:b2:57:4a:10:5e:48:bb:bf:0c:14:33:d2:12:1f:
75:2d:e3:15:e2:a1:01:c7:c7:4a:ab:fb:1e:e4:13:
41:ad:4d:cf:d5:58:dc:6d:ea:0b:2a:79:b1:76:cd:
cc:06:51:49:51:64:47:6a:90:1a:15:11:bb:06:d3:
b1:a0:22:8d:74:58:07:23:0b:8d:c7:79:96:e3:0e:
98:6f:00:cf:13:16:c3:f8:e1:93:df:ee:7a:cf:e7:
85:ac:d8:71:65:0a:2d:44:13:88:a9:68:43:8e:ee:
98:ff:78:f1:0f:f8:23:cc:32:cb:7f:e0:b4:df:ad:
98:b0:69:b3:e0:a5:25:0e:50:95:1d:eb:71:a1:ef:
94:72:f3:30:7a:5e:49:29:f0:91:55:03:26:f3:8f:
33:f4:13:f0:71:eb:3a:9d:f8:d8:bb:b4:d3:6c:d6:
49:38:d4:32:3a:da:63:26:a5:28:af:ef:30:17:c3:
74:2e:f3:c1:4b:df:0b:85:79:71:0b:2f:1d:f8:e1:
2d:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:11:61:AE:BE:08:0B:5E:A0:EA:C6:00:66:3F:2C:F2:CA:7E:B2:8D
X509v3 Authority Key Identifier:
keyid:5B:C9:A6:C8:5C:A7:A5:65:7B:9E:8A:E8:08:65:D1:2E:F8:16:6A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W8mmyFynpWV7noroCGXRLvgWagM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/6555e3-82f6-46ca-a170-48f77ee85ab9/1/NBFhrr4IC16g6sYAZj8s8sp-so0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/6555e3-82f6-46ca-a170-48f77ee85ab9/1/W8mmyFynpWV7noroCGXRLvgWagM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.211.232.0/24
91.211.234.0/23
185.108.188.0/24
195.225.127.0/24
IPv6:
2a03:d180::/32
Signature Algorithm: sha256WithRSAEncryption
1c:7f:f8:15:b9:86:31:dc:a2:a3:15:b3:2a:fc:51:b3:53:95:
38:e4:3c:47:78:33:b2:4a:bc:3f:2f:55:ed:f3:73:f4:93:af:
f0:9e:5a:fb:a4:47:56:72:49:21:61:45:a6:7b:f8:aa:62:8f:
4d:3a:14:9b:bf:90:1b:93:8d:62:0a:c1:00:32:2e:08:cb:11:
7f:3c:70:f7:2e:84:0f:12:6f:c2:62:b7:9e:73:84:03:18:cf:
03:4a:bc:e1:8d:e3:43:43:9c:4b:ec:bf:3a:16:f8:e1:7a:3e:
45:aa:05:87:e4:da:45:bb:7f:01:36:2f:98:50:7e:ff:36:ce:
06:42:17:18:80:bc:f6:d9:8f:71:a0:74:80:ff:51:6d:26:ba:
e3:fc:52:bf:37:2d:24:51:96:51:c5:c4:bd:54:1f:fc:3b:92:
8f:b4:f4:5f:e1:af:72:90:65:a7:2e:f4:83:fc:03:87:0d:5a:
0c:89:d9:ed:60:b4:cf:7b:84:60:3f:68:e7:f8:16:7c:a6:49:
f6:15:0a:f3:49:7e:bf:ec:37:82:b6:10:47:53:ae:c5:e9:23:
0d:55:bd:56:6a:c7:69:f8:8b:fd:54:c0:0e:ea:9f:29:ab:e0:
39:c2:18:c1:f2:aa:4c:1e:3e:f4:78:11:aa:62:6e:d2:43:9b:
10:5d:70:c8
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVuizg/CS1QtbWfp6b2WFFUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViYzlhNmM4NWNhN2E1NjU3YjllOGFlODA4NjVkMTJlZjgx
NjZhMDMwHhcNMjMwMTAxMTgxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDExNjFhZWJlMDgwYjVlYTBlYWM2MDA2NjNmMmNmMmNhN2ViMjhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgr+K782Utvr/klA5VxWEKppTOJRP
0mUSAAoOB4w+Lq/ZNPpTrAIEdvMMnavi52uLzZEP+b31Z6+R54XqsldKEF5Iu78M
FDPSEh91LeMV4qEBx8dKq/se5BNBrU3P1VjcbeoLKnmxds3MBlFJUWRHapAaFRG7
BtOxoCKNdFgHIwuNx3mW4w6YbwDPExbD+OGT3+56z+eFrNhxZQotRBOIqWhDju6Y
/3jxD/gjzDLLf+C0362YsGmz4KUlDlCVHetxoe+UcvMwel5JKfCRVQMm848z9BPw
ces6nfjYu7TTbNZJONQyOtpjJqUor+8wF8N0LvPBS98LhXlxCy8d+OEtUwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFDQRYa6+CAteoOrGAGY/LPLKfrKNMB8GA1UdIwQY
MBaAFFvJpshcp6Vle56K6Ahl0S74FmoDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzhtbXlGeW5wV1Y3bm9yb0NHWFJMdmdXYWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS82NTU1ZTMtODJmNi00NmNhLWExNzAt
NDhmNzdlZTg1YWI5LzEvTkJGaHJyNElDMTZnNnNZQVpqOHM4c3Atc28wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS82NTU1ZTMtODJmNi00NmNhLWExNzAtNDhmNzdlZTg1YWI5
LzEvVzhtbXlGeW5wV1Y3bm9yb0NHWFJMdmdXYWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAW9PoAwQB
W9PqAwQAuWy8AwQAw+F/MA0EAgACMAcDBQAqA9GAMA0GCSqGSIb3DQEBCwUAA4IB
AQAcf/gVuYYx3KKjFbMq/FGzU5U45DxHeDOySrw/L1Xt83P0k6/wnlr7pEdWckkh
YUWme/iqYo9NOhSbv5Abk41iCsEAMi4IyxF/PHD3LoQPEm/CYreec4QDGM8DSrzh
jeNDQ5xL7L86Fvjhej5FqgWH5NpFu38BNi+YUH7/Ns4GQhcYgLz22Y9xoHSA/1Ft
Jrrj/FK/Ny0kUZZRxcS9VB/8O5KPtPRf4a9ykGWnLvSD/AOHDVoMidntYLTPe4Rg
P2jn+BZ8pkn2FQrzSX6/7DeCthBHU67F6SMNVb1Wasdp+Iv9VMAO6p8pq+A5whjB
8qpMHj70eBGqYm7SQ5sQXXDI
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:20 2024 by rpki-client on console-ams.rpki-client.org