Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/ngna4g9UBKqMW9FfM6NNnjBFZus.roa
File: ngna4g9UBKqMW9FfM6NNnjBFZus.roa (raw, json)
Hash identifier: B1OP5Pzm01z9mkysB47upzCvpDLqw3OJclHJunTqbXU=
Subject key identifier: 9E:09:DA:E2:0F:54:04:AA:8C:5B:D1:5F:33:A3:4D:9E:30:45:66:EB
Certificate issuer: /CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
Certificate serial: 018FC03E59A7B3B2CF2337DD85A54F71FBDD
Authority key identifier: 9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/ngna4g9UBKqMW9FfM6NNnjBFZus.roa
Signing time: Tue 28 May 2024 17:27:42 +0000
ROA not before: Tue 28 May 2024 17:27:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.137.16.0/24 maxlen: 24
45.137.17.0/24 maxlen: 24
45.137.19.0/24 maxlen: 24
81.28.252.0/24 maxlen: 24
81.28.253.0/24 maxlen: 24
81.28.254.0/24 maxlen: 24
176.105.229.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Jun 2024 23:40:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:c0:3e:59:a7:b3:b2:cf:23:37:dd:85:a5:4f:71:fb:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
Validity
Not Before: May 28 17:27:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9e09dae20f5404aa8c5bd15f33a34d9e304566eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:e8:88:de:ff:9d:ee:ac:b6:28:e7:89:2f:39:
e5:a1:48:3a:95:65:e0:9c:08:37:61:10:04:c7:76:
cd:9d:d8:ff:02:be:25:de:85:00:a5:76:c3:70:6a:
1b:a3:a4:48:67:72:c1:6f:1b:28:03:43:af:ff:6c:
a0:5e:f5:2a:b6:7b:e4:99:fc:b2:52:3e:51:33:fa:
d4:ac:32:d7:00:d0:21:0f:16:5c:a4:82:d8:3c:c7:
40:5e:e7:f0:f2:d0:72:7b:8b:57:e1:8e:8e:57:5f:
7d:22:e2:b2:97:24:43:a3:a6:c5:2f:ee:a0:46:da:
2e:c9:03:a0:3a:6c:4e:49:94:15:38:c0:01:e2:a3:
88:f9:19:73:32:64:88:b4:3e:7e:cf:87:47:f8:90:
6d:93:2c:2e:e2:b1:64:c7:1f:b2:15:4d:9e:92:e2:
b8:5a:a7:95:e9:35:0c:3b:84:1f:6a:aa:c6:bc:c1:
93:51:55:26:36:41:f4:38:ad:f3:f0:8d:1a:e4:0b:
4e:b2:5b:da:d1:05:cf:c3:9f:41:54:fb:aa:b2:2e:
86:c7:57:ca:c0:6b:dc:9f:ec:81:21:3e:bd:0b:d9:
dc:2e:a4:6c:63:ba:62:4d:72:e5:ef:8d:48:48:54:
60:cb:e0:04:a8:eb:7a:79:b8:29:69:a5:95:4c:b0:
4d:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:09:DA:E2:0F:54:04:AA:8C:5B:D1:5F:33:A3:4D:9E:30:45:66:EB
X509v3 Authority Key Identifier:
keyid:9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/ngna4g9UBKqMW9FfM6NNnjBFZus.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/mwwNBCJVZtuV6a07LvYFAUl1qqI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.16.0/23
45.137.19.0/24
81.28.252.0-81.28.254.255
176.105.229.0/24
Signature Algorithm: sha256WithRSAEncryption
bd:af:0e:4a:2a:24:ca:1c:b3:57:b3:09:16:cc:76:8c:0b:54:
c0:d0:39:df:a1:1d:9c:33:c8:89:97:9f:50:9e:4e:1c:ba:8b:
0e:e9:bc:20:33:a0:40:3b:e8:99:87:0c:62:7c:ca:69:3c:6f:
02:d5:63:97:15:da:82:42:a5:96:24:74:c3:19:a9:9b:fc:c4:
7e:34:06:9e:30:b2:ca:9f:26:5d:a6:07:2f:59:37:03:0b:29:
1a:01:8a:18:67:9f:0e:d9:d9:90:b5:72:e4:d9:48:35:9d:3b:
ee:29:99:c7:0b:94:80:0d:13:65:eb:0b:7d:52:7f:3b:c4:d5:
e2:83:d5:f3:e3:da:26:8b:70:1d:78:24:9c:2a:ed:de:5d:f4:
b9:f8:b6:b8:17:38:21:9d:9e:6a:b6:2f:fa:d5:14:d8:a4:de:
a5:a9:ff:5e:38:14:2f:95:af:01:b7:ab:09:54:90:45:52:30:
02:4e:e3:46:e1:c2:84:93:1b:fa:a7:b0:8e:cc:f0:8b:08:4a:
8c:3a:a9:42:d1:75:79:f2:ad:f2:69:e2:d7:d2:a5:f5:2b:bb:
b7:7c:11:90:82:4d:cf:c4:96:fa:a4:75:13:ed:01:f5:57:c1:
9c:ee:70:25:e1:2b:90:6c:c1:67:56:5d:5c:76:d4:56:35:a3:
04:ef:ba:0c
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAY/APlmns7LPIzfdhaVPcfvdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliMGMwZDA0MjI1NTY2ZGI5NWU5YWQzYjJlZjYwNTAxNDk3
NWFhYTIwHhcNMjQwNTI4MTcyNzQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTA5ZGFlMjBmNTQwNGFhOGM1YmQxNWYzM2EzNGQ5ZTMwNDU2NmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6eiI3v+d7qy2KOeJLznloUg6lWXg
nAg3YRAEx3bNndj/Ar4l3oUApXbDcGobo6RIZ3LBbxsoA0Ov/2ygXvUqtnvkmfyy
Uj5RM/rUrDLXANAhDxZcpILYPMdAXufw8tBye4tX4Y6OV199IuKylyRDo6bFL+6g
RtouyQOgOmxOSZQVOMAB4qOI+RlzMmSItD5+z4dH+JBtkywu4rFkxx+yFU2ekuK4
WqeV6TUMO4QfaqrGvMGTUVUmNkH0OK3z8I0a5AtOslva0QXPw59BVPuqsi6Gx1fK
wGvcn+yBIT69C9ncLqRsY7piTXLl741ISFRgy+AEqOt6ebgpaaWVTLBN6wIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFJ4J2uIPVASqjFvRXzOjTZ4wRWbrMB8GA1UdIwQY
MBaAFJsMDQQiVWbblemtOy72BQFJdaqiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXd3TkJDSlZadHVWNmEwN0x2WUZBVWwxcXFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8wZWM2ZDItZjFkNy00YjBhLWFkMzMt
ZThlZjJmMDk1OThlLzEvbmduYTRnOVVCS3FNVzlGZk02Tk5uakJGWnVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8wZWM2ZDItZjFkNy00YjBhLWFkMzMtZThlZjJmMDk1OThl
LzEvbXd3TkJDSlZadHVWNmEwN0x2WUZBVWwxcXFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBLYkQAwQA
LYkTMAwDBAJRHPwDBABRHP4DBACwaeUwDQYJKoZIhvcNAQELBQADggEBAL2vDkoq
JMocs1ezCRbMdowLVMDQOd+hHZwzyImXn1CeThy6iw7pvCAzoEA76JmHDGJ8ymk8
bwLVY5cV2oJCpZYkdMMZqZv8xH40Bp4wssqfJl2mBy9ZNwMLKRoBihhnnw7Z2ZC1
cuTZSDWdO+4pmccLlIANE2XrC31SfzvE1eKD1fPj2iaLcB14JJwq7d5d9Ln4trgX
OCGdnmq2L/rVFNik3qWp/144FC+VrwG3qwlUkEVSMAJO40bhwoSTG/qnsI7M8IsI
Sow6qULRdXnyrfJp4tfSpfUru7d8EZCCTc/ElvqkdRPtAfVXwZzucCXhK5BswWdW
XVx21FY1owTvugw=
-----END CERTIFICATE-----
Generated at Tue Jun 11 00:26:10 2024 by rpki-client on console-ams.rpki-client.org