Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/N6pkSAby36g4gQP1np-rERjGB9A.roa
File: N6pkSAby36g4gQP1np-rERjGB9A.roa (raw, json)
Hash identifier: RIiVF2tmYX8uoJlIW7eH7rBYr7JGiUyqUgt7WmEJBZM=
Subject key identifier: 37:AA:64:48:06:F2:DF:A8:38:81:03:F5:9E:9F:AB:11:18:C6:07:D0
Certificate issuer: /CN=996721831afb8b38307b49f5b9ee6292ad1e5850
Certificate serial: 01859746D26DE6F787791D7F052AF6AEDF1C
Authority key identifier: 99:67:21:83:1A:FB:8B:38:30:7B:49:F5:B9:EE:62:92:AD:1E:58:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mWchgxr7izgwe0n1ue5ikq0eWFA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/N6pkSAby36g4gQP1np-rERjGB9A.roa
Signing time: Mon 09 Jan 2023 16:04:38 +0000
ROA not before: Mon 09 Jan 2023 16:04:38 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1299
IP address blocks: 86.107.255.0/24 maxlen: 24
89.43.156.0/22 maxlen: 24
79.132.145.0/24 maxlen: 24
46.247.245.0/24 maxlen: 24
79.132.153.0/24 maxlen: 24
79.132.154.0/24 maxlen: 24
85.112.211.0/24 maxlen: 24
185.223.148.0/24 maxlen: 24
185.183.63.0/24 maxlen: 24
86.107.248.0/21 maxlen: 24
Validation: Failed, certificate revoked on Wed 18 Jan 2023 13:40:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:97:46:d2:6d:e6:f7:87:79:1d:7f:05:2a:f6:ae:df:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=996721831afb8b38307b49f5b9ee6292ad1e5850
Validity
Not Before: Jan 9 16:04:38 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=37aa644806f2dfa8388103f59e9fab1118c607d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:4a:93:82:ad:c0:65:7c:b0:8d:68:b3:6e:41:
29:e8:f3:63:4e:d7:e6:b9:91:ba:21:44:83:6d:d8:
84:89:68:f8:bb:31:22:7d:c2:fe:28:e6:30:d8:6a:
04:c2:a7:02:a1:4a:29:84:44:17:6f:2e:bc:9e:18:
c8:37:d6:83:c4:68:0c:bf:e8:67:05:2f:1d:b7:23:
23:5e:6c:9f:73:e2:b4:8b:cd:f5:1f:03:10:90:81:
7b:0b:9f:43:3e:97:37:17:77:9d:1d:7d:92:d2:aa:
34:84:61:db:a9:a9:0f:5c:06:2a:24:b8:79:64:b8:
ec:6c:9e:09:73:fb:62:f3:0a:9e:37:ff:b0:58:93:
2a:52:84:68:09:5d:25:24:83:85:79:fe:67:b0:8a:
0b:58:5e:49:b7:58:6e:ef:ac:88:a1:1b:8c:86:71:
db:63:de:5f:97:24:c6:6a:fd:91:1b:6a:8a:dc:e2:
e8:d3:d2:9f:d2:87:58:b1:f0:83:61:ef:27:6d:e8:
2b:44:95:48:b9:96:3e:51:b9:e8:7c:33:19:7d:49:
cc:d5:ef:4c:cd:2d:68:83:b8:95:de:2b:63:f8:06:
72:ec:c6:da:70:4d:32:f4:ba:e6:2e:06:e7:61:4d:
e9:6d:41:c5:42:a2:f5:ca:db:c6:25:1d:b0:09:50:
c0:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:AA:64:48:06:F2:DF:A8:38:81:03:F5:9E:9F:AB:11:18:C6:07:D0
X509v3 Authority Key Identifier:
keyid:99:67:21:83:1A:FB:8B:38:30:7B:49:F5:B9:EE:62:92:AD:1E:58:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mWchgxr7izgwe0n1ue5ikq0eWFA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/N6pkSAby36g4gQP1np-rERjGB9A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/mWchgxr7izgwe0n1ue5ikq0eWFA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.247.245.0/24
79.132.145.0/24
79.132.153.0-79.132.154.255
85.112.211.0/24
86.107.248.0/21
89.43.156.0/22
185.183.63.0/24
185.223.148.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:20:60:9a:5b:95:1f:a7:e3:97:fa:4c:e1:c4:b7:a8:c0:2c:
e2:5d:54:bb:00:f4:13:98:40:7a:1c:0c:3e:64:cf:b9:a5:e4:
e9:47:a1:6b:c2:5c:3e:da:15:a7:ec:4b:eb:56:f3:00:26:f5:
c4:d6:9a:7b:0e:cb:5c:9e:31:61:27:36:c2:79:09:a2:0f:ca:
c2:0e:9e:97:3e:a3:f6:97:c9:e6:eb:67:cc:5a:e4:92:e1:ec:
8f:7b:1c:61:b0:11:68:38:63:f5:56:89:92:ab:2c:f0:05:53:
e0:f0:f6:9f:60:f1:f1:1b:6a:ac:55:e8:f4:92:e6:f9:31:52:
12:62:7e:42:b1:4e:79:17:34:bc:aa:46:de:d5:06:30:e9:b0:
c4:93:24:21:e9:d7:1e:de:db:ba:92:21:40:0b:b7:57:ae:67:
81:89:8e:0e:78:94:f8:31:cf:23:19:df:e9:02:be:ca:19:69:
e1:19:85:bc:06:88:33:fd:b0:98:67:4a:23:1a:8b:97:02:7d:
c7:ee:fa:f9:f8:7d:14:af:db:e2:ce:14:fc:9c:02:e5:71:71:
ed:ca:74:d3:b8:cc:6e:50:ed:f7:fa:1c:2c:2c:a7:28:d9:24:
1c:1e:7d:b6:e3:d2:0a:df:25:dd:7b:eb:99:3e:3f:cc:52:cd:
d9:60:13:d0
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYWXRtJt5veHeR1/BSr2rt8cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5NjcyMTgzMWFmYjhiMzgzMDdiNDlmNWI5ZWU2MjkyYWQx
ZTU4NTAwHhcNMjMwMTA5MTYwNDM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2FhNjQ0ODA2ZjJkZmE4Mzg4MTAzZjU5ZTlmYWIxMTE4YzYwN2QwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi0qTgq3AZXywjWizbkEp6PNjTtfm
uZG6IUSDbdiEiWj4uzEifcL+KOYw2GoEwqcCoUophEQXby68nhjIN9aDxGgMv+hn
BS8dtyMjXmyfc+K0i831HwMQkIF7C59DPpc3F3edHX2S0qo0hGHbqakPXAYqJLh5
ZLjsbJ4Jc/ti8wqeN/+wWJMqUoRoCV0lJIOFef5nsIoLWF5Jt1hu76yIoRuMhnHb
Y95flyTGav2RG2qK3OLo09Kf0odYsfCDYe8nbegrRJVIuZY+UbnofDMZfUnM1e9M
zS1og7iV3itj+AZy7MbacE0y9LrmLgbnYU3pbUHFQqL1ytvGJR2wCVDAtwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFDeqZEgG8t+oOIED9Z6fqxEYxgfQMB8GA1UdIwQY
MBaAFJlnIYMa+4s4MHtJ9bnuYpKtHlhQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVdjaGd4cjdpemd3ZTBuMXVlNWlrcTBlV0ZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS8xYzFlYjItMWY2NS00ZjcxLThiMzIt
YjRiZmU0NTZkZGUwLzEvTjZwa1NBYnkzNmc0Z1FQMW5wLXJFUmpHQjlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS8xYzFlYjItMWY2NS00ZjcxLThiMzItYjRiZmU0NTZkZGUw
LzEvbVdjaGd4cjdpemd3ZTBuMXVlNWlrcTBlV0ZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQALvf1AwQA
T4SRMAwDBABPhJkDBABPhJoDBABVcNMDBANWa/gDBAJZK5wDBAC5tz8DBAC535Qw
DQYJKoZIhvcNAQELBQADggEBAGwgYJpblR+n45f6TOHEt6jALOJdVLsA9BOYQHoc
DD5kz7ml5OlHoWvCXD7aFafsS+tW8wAm9cTWmnsOy1yeMWEnNsJ5CaIPysIOnpc+
o/aXyebrZ8xa5JLh7I97HGGwEWg4Y/VWiZKrLPAFU+Dw9p9g8fEbaqxV6PSS5vkx
UhJifkKxTnkXNLyqRt7VBjDpsMSTJCHp1x7e27qSIUALt1euZ4GJjg54lPgxzyMZ
3+kCvsoZaeEZhbwGiDP9sJhnSiMai5cCfcfu+vn4fRSv2+LOFPycAuVxce3KdNO4
zG5Q7ff6HCwspyjZJBwefbbj0grfJd1765k+P8xSzdlgE9A=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:46 2024 by rpki-client on console-ams.rpki-client.org