Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/NyVMGHehiHHBjSI3X1nFsNioyZI.roa
File: NyVMGHehiHHBjSI3X1nFsNioyZI.roa (raw, json)
Hash identifier: iP2UyUlEc5wh4Mq8ZhBFQ59WLg16NPofluLMySmO+GA=
Subject key identifier: 37:25:4C:18:77:A1:88:71:C1:8D:22:37:5F:59:C5:B0:D8:A8:C9:92
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 0186F4F8BC69974FB159D1660989779CB502
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/NyVMGHehiHHBjSI3X1nFsNioyZI.roa
Signing time: Sat 18 Mar 2023 13:46:27 +0000
ROA not before: Sat 18 Mar 2023 13:46:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 85.208.105.0/24 maxlen: 24
45.66.152.0/22 maxlen: 24
5.180.32.0/22 maxlen: 24
5.180.51.0/24 maxlen: 24
5.180.48.0/24 maxlen: 24
5.180.50.0/24 maxlen: 24
85.208.112.0/22 maxlen: 24
45.8.184.0/22 maxlen: 24
45.8.192.0/22 maxlen: 24
45.8.188.0/22 maxlen: 24
45.8.199.0/24 maxlen: 24
45.8.198.0/24 maxlen: 24
45.8.197.0/24 maxlen: 24
45.8.203.0/24 maxlen: 24
193.168.208.0/22 maxlen: 24
5.180.82.0/24 maxlen: 24
5.180.80.0/24 maxlen: 24
5.180.232.0/22 maxlen: 24
85.209.160.0/22 maxlen: 24
85.209.163.0/24 maxlen: 24
5.253.36.0/22 maxlen: 24
5.253.44.0/24 maxlen: 24
45.8.252.0/22 maxlen: 24
5.253.46.0/24 maxlen: 24
5.253.47.0/24 maxlen: 24
5.253.45.0/24 maxlen: 24
45.9.0.0/22 maxlen: 24
45.9.4.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 23 Mar 2023 21:07:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:f4:f8:bc:69:97:4f:b1:59:d1:66:09:89:77:9c:b5:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Mar 18 13:46:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=37254c1877a18871c18d22375f59c5b0d8a8c992
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:a4:77:c9:f0:06:f2:3b:e5:ab:b3:f9:4c:de:
b1:e9:45:62:08:a9:3a:80:b0:ac:20:a4:a1:0a:7a:
6c:4b:2c:b6:28:7b:95:72:cc:bd:d1:d6:22:af:41:
0f:cd:67:2d:ad:7f:53:bc:41:a1:ab:e7:37:85:c2:
96:a1:02:44:54:57:1d:98:63:7f:3b:0c:42:8f:4d:
d7:3f:fb:cd:a6:7a:0d:8c:fe:79:cd:95:92:93:ab:
1b:f4:a3:4c:a2:1e:57:9e:2e:1f:2f:d2:38:93:4c:
08:7a:d4:30:36:55:27:a0:19:41:08:2a:1e:e2:47:
f6:c8:61:d7:06:92:2d:c7:99:c6:8a:1d:7b:b6:52:
25:d2:35:22:61:de:16:be:90:a3:ee:e0:57:fe:70:
bc:17:3d:6c:6f:79:5d:34:26:c5:2e:0e:05:5e:36:
c6:2b:6a:fd:63:9e:b0:8b:74:19:fd:88:f8:36:b7:
cb:7f:30:cc:f0:7e:cf:d9:47:fa:f3:9c:04:78:de:
c8:c4:49:cd:ea:a8:ee:67:4b:99:c1:fc:2d:eb:1f:
df:a6:9e:56:8c:7c:a3:39:f0:44:f7:21:4c:a4:cf:
d7:62:98:50:b9:e1:14:53:5e:32:72:b4:05:9a:54:
99:df:c7:56:5d:93:26:18:bc:41:20:a1:ff:62:c4:
50:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:25:4C:18:77:A1:88:71:C1:8D:22:37:5F:59:C5:B0:D8:A8:C9:92
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/NyVMGHehiHHBjSI3X1nFsNioyZI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.32.0/22
5.180.48.0/24
5.180.50.0/23
5.180.80.0/24
5.180.82.0/24
5.180.232.0/22
5.253.36.0/22
5.253.44.0/22
45.8.184.0-45.8.195.255
45.8.197.0-45.8.199.255
45.8.203.0/24
45.8.252.0-45.9.7.255
45.66.152.0/22
85.208.105.0/24
85.208.112.0/22
85.209.160.0/22
193.168.208.0/22
Signature Algorithm: sha256WithRSAEncryption
cd:75:43:78:c5:1a:4f:ac:24:d9:bb:1d:26:db:ab:29:6f:0e:
d9:2c:aa:44:51:65:d7:64:e2:81:d8:8d:43:81:fb:33:6d:e0:
ad:1a:33:89:88:96:b4:ea:69:db:b8:5c:0a:52:07:b9:00:02:
45:41:9a:5d:7a:16:2e:6e:74:96:81:5b:8b:fa:23:54:90:b6:
d8:61:2d:06:f9:c4:47:cd:92:e6:8a:71:54:a3:5a:90:ac:12:
6d:86:9b:a8:e2:4d:80:21:ba:a7:32:ed:84:5d:42:42:6b:fc:
3d:9e:71:12:d1:41:70:4d:eb:f1:96:35:a9:f4:77:43:8a:81:
2c:29:c3:e9:23:9f:47:74:eb:07:72:f9:41:a5:d8:05:33:aa:
f1:94:9f:a7:16:ae:45:c0:79:eb:22:9e:c8:93:95:05:3c:48:
a2:4c:25:85:4e:f9:02:8d:9a:36:7c:6e:33:fa:b9:6f:a0:e7:
81:fa:57:32:d5:fe:6e:68:83:75:a4:31:b7:2e:aa:fd:0e:a4:
6f:02:bd:62:5b:7d:f0:a5:4a:8f:af:09:8c:72:63:1a:02:6b:
ed:36:f5:75:cd:b3:c4:80:b6:3f:2f:64:9b:5a:4b:1b:e0:4b:
ba:42:52:76:ce:8a:0f:88:a1:22:90:74:18:37:a7:ac:a1:23:
db:ae:70:1d
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAYb0+Lxpl0+xWdFmCYl3nLUCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjMwMzE4MTM0NjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzI1NGMxODc3YTE4ODcxYzE4ZDIyMzc1ZjU5YzViMGQ4YThjOTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6R3yfAG8jvlq7P5TN6x6UViCKk6
gLCsIKShCnpsSyy2KHuVcsy90dYir0EPzWctrX9TvEGhq+c3hcKWoQJEVFcdmGN/
OwxCj03XP/vNpnoNjP55zZWSk6sb9KNMoh5Xni4fL9I4k0wIetQwNlUnoBlBCCoe
4kf2yGHXBpItx5nGih17tlIl0jUiYd4WvpCj7uBX/nC8Fz1sb3ldNCbFLg4FXjbG
K2r9Y56wi3QZ/Yj4NrfLfzDM8H7P2Uf685wEeN7IxEnN6qjuZ0uZwfwt6x/fpp5W
jHyjOfBE9yFMpM/XYphQueEUU14ycrQFmlSZ38dWXZMmGLxBIKH/YsRQdwIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFDclTBh3oYhxwY0iN19ZxbDYqMmSMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvTnlWTUdIZWhpSEhCalNJM1gxbkZzTmlveVpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEAgW0
IAMEAAW0MAMEAQW0MgMEAAW0UAMEAAW0UgMEAgW06AMEAgX9JAMEAgX9LDAMAwQD
LQi4AwQCLQjAMAwDBAAtCMUDBAMtCMADBAAtCMswDAMEAi0I/AMEAy0JAAMEAi1C
mAMEAFXQaQMEAlXQcAMEAlXRoAMEAsGo0DANBgkqhkiG9w0BAQsFAAOCAQEAzXVD
eMUaT6wk2bsdJturKW8O2SyqRFFl12TigdiNQ4H7M23grRoziYiWtOpp27hcClIH
uQACRUGaXXoWLm50loFbi/ojVJC22GEtBvnER82S5opxVKNakKwSbYabqOJNgCG6
pzLthF1CQmv8PZ5xEtFBcE3r8ZY1qfR3Q4qBLCnD6SOfR3TrB3L5QaXYBTOq8ZSf
pxauRcB56yKeyJOVBTxIokwlhU75Ao2aNnxuM/q5b6DngfpXMtX+bmiDdaQxty6q
/Q6kbwK9Ylt98KVKj68JjHJjGgJr7Tb1dc2zxIC2Py9km1pLG+BLukJSds6KD4ih
IpB0GDenrKEj265wHQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:20 2024 by rpki-client on console-ams.rpki-client.org