Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/NlhjTb9XsLGa9JBLvig5SFq43Q0.roa
File: NlhjTb9XsLGa9JBLvig5SFq43Q0.roa (raw, json)
Hash identifier: wDU4QbM9g0QeWY5C4bl8F8ferzKiXoBWvXDmISY3UqY=
Subject key identifier: 36:58:63:4D:BF:57:B0:B1:9A:F4:90:4B:BE:28:39:48:5A:B8:DD:0D
Certificate issuer: /CN=653f55629121b60fb19c97f99c75dd6f015dd6e8
Certificate serial: 018AF9BB1BF8568AE855615897ED5A3E03A7
Authority key identifier: 65:3F:55:62:91:21:B6:0F:B1:9C:97:F9:9C:75:DD:6F:01:5D:D6:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZT9VYpEhtg-xnJf5nHXdbwFd1ug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/NlhjTb9XsLGa9JBLvig5SFq43Q0.roa
Signing time: Wed 04 Oct 2023 08:08:23 +0000
ROA not before: Wed 04 Oct 2023 08:08:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 4637
IP address blocks: 193.82.192.0/19 maxlen: 24
195.153.124.0/24 maxlen: 24
217.151.32.0/20 maxlen: 24
154.32.0.0/16 maxlen: 24
195.153.74.0/24 maxlen: 24
193.117.32.0/19 maxlen: 24
195.153.108.0/22 maxlen: 22
195.153.19.0/24 maxlen: 24
193.82.96.0/19 maxlen: 24
193.82.128.0/19 maxlen: 24
146.101.0.0/16 maxlen: 24
195.153.216.0/24 maxlen: 24
195.153.217.0/24 maxlen: 24
2a02:1620::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 06 Oct 2023 01:28:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f9:bb:1b:f8:56:8a:e8:55:61:58:97:ed:5a:3e:03:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=653f55629121b60fb19c97f99c75dd6f015dd6e8
Validity
Not Before: Oct 4 08:08:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3658634dbf57b0b19af4904bbe2839485ab8dd0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:4a:62:4e:e7:b3:cc:25:6f:6f:c8:fc:fb:51:
c5:11:44:2e:6d:a7:9c:a0:f1:6f:75:ec:7c:29:bf:
c8:c0:a9:8d:72:a4:cb:43:34:80:e9:3e:95:3d:1d:
82:5c:06:0c:79:74:74:ef:4b:89:8f:08:94:3d:8f:
c3:88:68:56:56:91:5a:ad:1e:e3:cf:07:90:e6:0e:
c7:9a:ee:a7:ae:59:b4:e4:8b:92:bc:a0:e8:6f:6e:
23:c6:8d:8c:bf:ac:fd:56:39:d4:28:15:b8:0f:97:
6a:68:e7:77:e6:3f:67:01:8d:67:63:8b:7a:68:37:
07:a3:b0:c0:fc:48:eb:e4:38:b6:ae:72:d3:9a:75:
20:30:8f:79:ba:66:02:b3:15:56:0e:09:66:67:e0:
ea:6d:1b:d2:1a:72:db:0e:8d:53:41:7c:2d:fe:70:
9c:f3:3e:ef:24:73:fa:be:be:b6:73:41:93:d2:24:
97:a2:2e:7a:84:cd:f6:54:bf:57:6b:41:fc:38:9d:
ad:cb:3c:59:6a:70:94:b4:53:7f:b5:32:ff:32:18:
31:91:ce:0f:f4:5a:9e:55:2f:08:e4:4a:ee:68:db:
98:51:83:78:cf:51:aa:0f:6d:41:35:f7:0f:d6:b6:
21:5a:c5:f3:a0:c6:d1:4b:c9:4c:5b:bb:b2:1b:e0:
a3:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:58:63:4D:BF:57:B0:B1:9A:F4:90:4B:BE:28:39:48:5A:B8:DD:0D
X509v3 Authority Key Identifier:
keyid:65:3F:55:62:91:21:B6:0F:B1:9C:97:F9:9C:75:DD:6F:01:5D:D6:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZT9VYpEhtg-xnJf5nHXdbwFd1ug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/NlhjTb9XsLGa9JBLvig5SFq43Q0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/ZT9VYpEhtg-xnJf5nHXdbwFd1ug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.101.0.0/16
154.32.0.0/16
193.82.96.0-193.82.159.255
193.82.192.0/19
193.117.32.0/19
195.153.19.0/24
195.153.74.0/24
195.153.108.0/22
195.153.124.0/24
195.153.216.0/23
217.151.32.0/20
IPv6:
2a02:1620::/32
Signature Algorithm: sha256WithRSAEncryption
81:fe:91:4c:58:48:66:4d:ab:d8:1a:d5:e2:6a:a8:88:8f:52:
25:c5:c6:79:d6:44:7e:b5:9e:ec:4a:30:56:63:3b:b1:a2:42:
f7:2e:c8:8e:c2:e4:48:41:96:49:16:9d:b7:02:74:5b:b9:ec:
db:a5:0b:0e:27:db:bf:82:e7:91:00:6d:bd:39:5f:b1:44:6d:
58:f5:f5:b0:56:e1:c1:ef:d2:46:a5:03:12:b5:70:8a:47:b7:
13:86:15:09:01:a8:6c:9d:43:66:6f:b4:4e:26:6d:ce:35:46:
2f:97:9b:6a:43:04:94:da:38:00:c3:d0:7d:5e:3c:75:ba:62:
cc:18:38:9b:0a:5a:59:fd:b6:9d:6c:6f:a4:c9:55:6d:99:5a:
4b:db:bc:f1:0f:9b:b9:f4:5d:bf:82:30:a8:1c:05:98:fd:8d:
c6:36:5f:77:54:dd:c2:9b:cf:7d:58:e5:96:c7:f2:bc:a4:6b:
4f:5b:d9:7c:a3:d5:f1:fd:d2:ab:b9:70:b4:65:80:e6:9d:6b:
b2:cf:18:74:18:d1:f3:c5:ff:cf:cd:cb:dc:91:f3:87:32:bc:
eb:c4:d7:ee:02:08:19:c4:21:57:d1:d4:61:f4:9d:a6:44:8c:
18:3e:08:dd:5d:99:91:12:53:f0:9f:2a:0c:82:02:57:ad:01:
89:43:6e:9b
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAYr5uxv4VoroVWFYl+1aPgOnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1M2Y1NTYyOTEyMWI2MGZiMTljOTdmOTljNzVkZDZmMDE1
ZGQ2ZTgwHhcNMjMxMDA0MDgwODIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjU4NjM0ZGJmNTdiMGIxOWFmNDkwNGJiZTI4Mzk0ODVhYjhkZDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArUpiTuezzCVvb8j8+1HFEUQubaec
oPFvdex8Kb/IwKmNcqTLQzSA6T6VPR2CXAYMeXR070uJjwiUPY/DiGhWVpFarR7j
zweQ5g7Hmu6nrlm05IuSvKDob24jxo2Mv6z9VjnUKBW4D5dqaOd35j9nAY1nY4t6
aDcHo7DA/Ejr5Di2rnLTmnUgMI95umYCsxVWDglmZ+DqbRvSGnLbDo1TQXwt/nCc
8z7vJHP6vr62c0GT0iSXoi56hM32VL9Xa0H8OJ2tyzxZanCUtFN/tTL/Mhgxkc4P
9FqeVS8I5EruaNuYUYN4z1GqD21BNfcP1rYhWsXzoMbRS8lMW7uyG+CjzQIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFDZYY02/V7CxmvSQS74oOUhauN0NMB8GA1UdIwQY
MBaAFGU/VWKRIbYPsZyX+Zx13W8BXdboMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlQ5VllwRWh0Zy14bkpmNW5IWGRid0ZkMXVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83NGNmM2ItOWY1Yy00ZjVlLTk2YzQt
MjkyNmQyODFiNTE0LzEvTmxoalRiOVhzTEdhOUpCTHZpZzVTRnE0M1EwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83NGNmM2ItOWY1Yy00ZjVlLTk2YzQtMjkyNmQyODFiNTE0
LzEvWlQ5VllwRWh0Zy14bkpmNW5IWGRid0ZkMXVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwMAkmUDAwCa
IDAMAwQFwVJgAwQFwVKAAwQFwVLAAwQFwXUgAwQAw5kTAwQAw5lKAwQCw5lsAwQA
w5l8AwQBw5nYAwQE2ZcgMA0EAgACMAcDBQAqAhYgMA0GCSqGSIb3DQEBCwUAA4IB
AQCB/pFMWEhmTavYGtXiaqiIj1IlxcZ51kR+tZ7sSjBWYzuxokL3LsiOwuRIQZZJ
Fp23AnRbuezbpQsOJ9u/gueRAG29OV+xRG1Y9fWwVuHB79JGpQMStXCKR7cThhUJ
AahsnUNmb7ROJm3ONUYvl5tqQwSU2jgAw9B9Xjx1umLMGDibClpZ/badbG+kyVVt
mVpL27zxD5u59F2/gjCoHAWY/Y3GNl93VN3Cm899WOWWx/K8pGtPW9l8o9Xx/dKr
uXC0ZYDmnWuyzxh0GNHzxf/PzcvckfOHMrzrxNfuAggZxCFX0dRh9J2mRIwYPgjd
XZmRElPwnyoMggJXrQGJQ26b
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:15 2024 by rpki-client on console-fra.rpki-client.org