Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/704973-1866-40d1-9a1d-b5f8ec0aad7c/1/NcM67xRuNkYo6-OV8w9vrXLlu5M.roa
File: NcM67xRuNkYo6-OV8w9vrXLlu5M.roa (raw, json)
Hash identifier: l4WPnmvOtmxUfCw13vBSiRJxLeIjhYmJTa6vCRW5y6Q=
Subject key identifier: 35:C3:3A:EF:14:6E:36:46:28:EB:E3:95:F3:0F:6F:AD:72:E5:BB:93
Certificate issuer: /CN=3a936d2f298e6cfd56604573d1ef9e0e8299b529
Certificate serial: 0186CBEC18C5176CD9C8507F11F513F7EBCE
Authority key identifier: 3A:93:6D:2F:29:8E:6C:FD:56:60:45:73:D1:EF:9E:0E:82:99:B5:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OpNtLymObP1WYEVz0e-eDoKZtSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/704973-1866-40d1-9a1d-b5f8ec0aad7c/1/NcM67xRuNkYo6-OV8w9vrXLlu5M.roa
Signing time: Fri 10 Mar 2023 14:28:13 +0000
ROA not before: Fri 10 Mar 2023 14:28:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60855
IP address blocks: 164.131.80.0/24 maxlen: 24
164.131.160.0/24 maxlen: 24
164.131.198.0/23 maxlen: 23
164.131.198.0/24 maxlen: 24
164.131.197.0/24 maxlen: 24
164.131.199.0/24 maxlen: 24
164.131.125.0/24 maxlen: 24
164.131.124.0/23 maxlen: 23
164.131.124.0/24 maxlen: 24
164.131.127.0/24 maxlen: 24
164.131.126.0/23 maxlen: 23
164.131.126.0/24 maxlen: 24
164.131.130.0/23 maxlen: 23
164.131.130.0/24 maxlen: 24
164.131.132.0/23 maxlen: 23
164.131.132.0/24 maxlen: 24
164.131.131.0/24 maxlen: 24
164.131.133.0/24 maxlen: 24
164.131.143.0/24 maxlen: 24
164.131.142.0/24 maxlen: 24
164.131.142.0/23 maxlen: 23
164.131.212.0/23 maxlen: 24
164.131.214.0/23 maxlen: 24
164.131.224.0/24 maxlen: 24
164.131.226.0/23 maxlen: 24
164.131.233.0/24 maxlen: 24
164.131.232.0/23 maxlen: 23
164.131.232.0/24 maxlen: 24
164.131.244.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:cb:ec:18:c5:17:6c:d9:c8:50:7f:11:f5:13:f7:eb:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a936d2f298e6cfd56604573d1ef9e0e8299b529
Validity
Not Before: Mar 10 14:28:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=35c33aef146e364628ebe395f30f6fad72e5bb93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:69:d0:e1:23:55:e6:bd:55:e5:35:50:da:f6:
70:39:89:40:9a:81:58:7e:8a:01:1e:e7:b0:62:f3:
e1:fc:04:d1:3d:f6:e6:ba:bc:ae:1b:19:9d:90:75:
c6:9e:27:9b:29:da:ea:ea:59:d9:b5:a0:18:17:5b:
4a:91:fb:11:bf:ad:f0:02:e3:90:84:43:7a:b2:82:
ac:91:bd:40:f6:bf:37:b3:53:ad:2c:c0:41:00:c8:
70:61:f7:9c:e5:c3:34:1b:87:e0:56:3a:82:ed:16:
f1:71:0a:e9:c3:69:97:24:df:ef:d8:80:16:ac:07:
eb:89:cb:f3:46:1b:7c:14:b6:86:cc:15:14:52:37:
d1:2e:83:b7:fa:70:c1:2d:a6:84:84:30:49:6b:60:
96:60:23:4b:a7:37:a4:0c:42:71:b6:eb:63:72:73:
46:c4:43:52:dd:a4:46:04:c3:cf:c7:be:d0:01:da:
9f:e4:72:27:fb:0e:31:94:12:73:ed:f8:e1:6f:33:
05:d4:89:c4:90:e9:57:bd:ff:ed:a8:4f:70:07:55:
aa:1b:8d:a2:8e:7a:a3:a1:5d:76:fa:02:d8:88:b1:
71:0a:8e:fb:48:32:ca:9e:0e:32:d0:af:13:62:7a:
93:75:3b:07:00:57:e1:d0:ec:7c:44:f2:8a:db:2c:
fe:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:C3:3A:EF:14:6E:36:46:28:EB:E3:95:F3:0F:6F:AD:72:E5:BB:93
X509v3 Authority Key Identifier:
keyid:3A:93:6D:2F:29:8E:6C:FD:56:60:45:73:D1:EF:9E:0E:82:99:B5:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OpNtLymObP1WYEVz0e-eDoKZtSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/704973-1866-40d1-9a1d-b5f8ec0aad7c/1/NcM67xRuNkYo6-OV8w9vrXLlu5M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/704973-1866-40d1-9a1d-b5f8ec0aad7c/1/OpNtLymObP1WYEVz0e-eDoKZtSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
164.131.80.0/24
164.131.124.0/22
164.131.130.0-164.131.133.255
164.131.142.0/23
164.131.160.0/24
164.131.197.0-164.131.199.255
164.131.212.0/22
164.131.224.0/24
164.131.226.0/23
164.131.232.0/23
164.131.244.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:c1:30:18:96:7f:6a:6f:39:4a:ec:04:ed:94:c6:97:72:45:
fe:53:dd:87:41:00:9b:b6:e1:06:3a:80:8d:3b:0e:94:76:8b:
22:c4:eb:b8:fe:39:5e:be:66:f5:16:2b:10:9d:6c:8c:6b:e1:
90:6b:28:09:0b:3f:77:d2:8f:a4:9e:83:7b:53:a2:d9:de:ff:
f6:b2:fa:fb:37:45:b0:ee:a0:91:ff:e5:7d:10:e3:31:6f:6c:
ec:3a:7b:66:32:ba:d2:2d:4a:8c:56:e8:b6:ab:3e:25:a5:92:
43:ef:b0:5c:ed:71:05:90:b9:8d:4f:1e:a3:0d:09:2e:aa:2e:
d3:bd:e5:14:fa:4a:24:d8:b3:17:1e:b9:13:e0:40:50:ab:f2:
67:b1:97:61:2f:a5:8b:81:21:25:d9:02:0c:38:32:c4:5d:0d:
62:38:40:c6:fd:18:95:b3:7d:80:f9:ed:73:fd:78:bf:68:d5:
84:6e:b7:65:60:10:06:62:d6:be:98:5a:bc:07:cf:a3:c7:ba:
72:59:30:b5:4d:5d:9a:99:9b:e5:08:44:af:ab:26:08:5a:b4:
d2:6f:6d:91:41:f8:d0:78:32:87:b5:e3:4b:84:93:fb:24:d9:
4e:ba:05:20:bb:06:51:8e:0b:a8:39:60:13:db:3f:97:6b:ab:
5c:51:16:7d
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAYbL7BjFF2zZyFB/EfUT9+vOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhOTM2ZDJmMjk4ZTZjZmQ1NjYwNDU3M2QxZWY5ZTBlODI5
OWI1MjkwHhcNMjMwMzEwMTQyODEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWMzM2FlZjE0NmUzNjQ2MjhlYmUzOTVmMzBmNmZhZDcyZTViYjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAimnQ4SNV5r1V5TVQ2vZwOYlAmoFY
fooBHuewYvPh/ATRPfbmuryuGxmdkHXGniebKdrq6lnZtaAYF1tKkfsRv63wAuOQ
hEN6soKskb1A9r83s1OtLMBBAMhwYfec5cM0G4fgVjqC7RbxcQrpw2mXJN/v2IAW
rAfricvzRht8FLaGzBUUUjfRLoO3+nDBLaaEhDBJa2CWYCNLpzekDEJxtutjcnNG
xENS3aRGBMPPx77QAdqf5HIn+w4xlBJz7fjhbzMF1InEkOlXvf/tqE9wB1WqG42i
jnqjoV12+gLYiLFxCo77SDLKng4y0K8TYnqTdTsHAFfh0Ox8RPKK2yz+OwIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFDXDOu8UbjZGKOvjlfMPb61y5buTMB8GA1UdIwQY
MBaAFDqTbS8pjmz9VmBFc9Hvng6CmbUpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3BOdEx5bU9iUDFXWUVWejBlLWVEb0tadFNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy83MDQ5NzMtMTg2Ni00MGQxLTlhMWQt
YjVmOGVjMGFhZDdjLzEvTmNNNjd4UnVOa1lvNi1PVjh3OXZyWExsdTVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy83MDQ5NzMtMTg2Ni00MGQxLTlhMWQtYjVmOGVjMGFhZDdj
LzEvT3BOdEx5bU9iUDFXWUVWejBlLWVEb0tadFNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBYBAIAATBSAwQApINQAwQC
pIN8MAwDBAGkg4IDBAGkg4QDBAGkg44DBACkg6AwDAMEAKSDxQMEA6SDwAMEAqSD
1AMEAKSD4AMEAaSD4gMEAaSD6AMEAKSD9DANBgkqhkiG9w0BAQsFAAOCAQEAqMEw
GJZ/am85SuwE7ZTGl3JF/lPdh0EAm7bhBjqAjTsOlHaLIsTruP45Xr5m9RYrEJ1s
jGvhkGsoCQs/d9KPpJ6De1Oi2d7/9rL6+zdFsO6gkf/lfRDjMW9s7Dp7ZjK60i1K
jFbotqs+JaWSQ++wXO1xBZC5jU8eow0JLqou073lFPpKJNizFx65E+BAUKvyZ7GX
YS+li4EhJdkCDDgyxF0NYjhAxv0YlbN9gPntc/14v2jVhG63ZWAQBmLWvphavAfP
o8e6clkwtU1dmpmb5QhEr6smCFq00m9tkUH40Hgyh7XjS4ST+yTZTroFILsGUY4L
qDlgE9s/l2urXFEWfQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:33 2024 by rpki-client on console-fra.rpki-client.org