Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/NXRFOyaDNtr__HoSEVOVvrfIYUM.roa
File: NXRFOyaDNtr__HoSEVOVvrfIYUM.roa (raw, json)
Hash identifier: hqj7jlKZlDxVq+bF9F5bdhNPrUBsIMze7a5D973lM9s=
Subject key identifier: 35:74:45:3B:26:83:36:DA:FF:FC:7A:12:11:53:95:BE:B7:C8:61:43
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 0191FD080DB2ED652D632FE874647661ADB8
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/NXRFOyaDNtr__HoSEVOVvrfIYUM.roa
Signing time: Mon 16 Sep 2024 22:50:49 +0000
ROA not before: Mon 16 Sep 2024 22:50:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 94.241.164.0/23 maxlen: 23
178.253.12.0/23 maxlen: 24
178.253.16.0/24 maxlen: 24
178.253.44.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 08 Oct 2024 09:37:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:fd:08:0d:b2:ed:65:2d:63:2f:e8:74:64:76:61:ad:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Sep 16 22:50:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3574453b268336dafffc7a12115395beb7c86143
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:32:19:ed:09:b0:b6:00:d5:4f:94:a0:fb:4b:
e1:3d:f5:ff:ee:76:48:e5:29:1e:61:28:8e:e7:1a:
56:cc:f3:a6:4d:e2:e0:d2:9e:0c:c1:c5:3a:59:34:
6c:b4:24:36:9a:80:0b:f0:95:89:c7:13:29:e9:fe:
09:b3:f3:52:f8:06:d8:c5:30:63:7e:b2:87:68:e6:
46:54:94:fa:e6:05:c7:06:73:90:ac:46:d1:cb:99:
38:e6:c3:ca:83:f7:2a:89:d5:6a:8c:f1:7d:5b:2e:
e0:a6:3f:16:38:d5:ce:bb:e0:d0:e3:35:dd:2a:63:
57:a6:b5:c1:8c:1a:ec:7f:73:bf:59:ea:72:db:1a:
a1:9a:66:7c:e9:00:98:09:82:79:fd:6b:50:ba:b8:
7c:e3:9a:aa:9b:ed:f9:7d:d5:fc:bc:30:84:d4:95:
b3:86:3f:d2:0b:e6:3a:1d:88:1a:9f:a7:ef:e7:70:
97:9e:e9:d3:52:97:bc:f0:13:de:30:df:3c:dd:97:
51:4f:3d:81:1b:50:dc:84:d9:cb:ca:f0:9b:a9:e2:
c4:15:27:cb:51:4e:6d:f8:e9:dc:b9:b1:8d:8c:20:
0a:4d:3a:94:13:92:7d:bc:07:cd:c6:df:61:4f:27:
fb:6f:2b:8f:89:16:fd:49:b1:b8:0b:dc:77:6c:57:
8f:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:74:45:3B:26:83:36:DA:FF:FC:7A:12:11:53:95:BE:B7:C8:61:43
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/NXRFOyaDNtr__HoSEVOVvrfIYUM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.241.164.0/23
178.253.12.0/23
178.253.16.0/24
178.253.44.0/23
Signature Algorithm: sha256WithRSAEncryption
3f:25:e9:af:a8:11:cf:08:1e:de:b3:1b:84:4d:8d:c9:37:1a:
87:86:ef:90:0d:6c:52:1f:b7:f1:1c:e4:4f:c3:9c:3b:78:30:
68:87:56:1e:26:9c:a5:83:b1:f4:65:0e:62:d2:1e:02:cd:5f:
bc:2d:38:16:10:a6:35:6f:f2:2e:fa:83:29:31:57:ff:c8:45:
ac:33:28:93:f7:c0:15:32:eb:23:3e:3a:2e:e8:8a:c0:91:17:
2c:99:d4:e9:29:c7:92:83:c4:23:7a:72:0a:ef:cf:47:2a:ef:
d6:5d:85:fa:69:5f:60:83:b7:98:d3:c0:2c:a0:48:18:2e:9f:
96:8c:31:13:0b:30:d3:cf:23:c0:e8:ca:46:08:42:ad:4e:77:
e9:45:fc:39:a3:d0:90:20:8d:79:6f:87:73:de:d4:04:2e:b7:
d4:8c:8a:bb:fb:c0:34:68:ef:c0:61:1d:be:54:77:6b:19:76:
4b:49:78:6e:a9:96:00:49:ab:75:36:c1:a8:64:1e:f9:b0:7d:
ba:88:83:98:c6:83:8b:59:d5:a4:27:b7:d2:ae:3a:f8:2f:4c:
da:14:15:f5:f4:05:70:12:91:c4:f9:a6:e4:7b:27:93:1c:50:
0f:02:a8:49:94:d3:ab:09:c3:3a:62:c4:c5:00:49:0d:39:3a:
50:c0:64:4f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZH9CA2y7WUtYy/odGR2Ya24MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjQwOTE2MjI1MDQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTc0NDUzYjI2ODMzNmRhZmZmYzdhMTIxMTUzOTViZWI3Yzg2MTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxDIZ7QmwtgDVT5Sg+0vhPfX/7nZI
5SkeYSiO5xpWzPOmTeLg0p4MwcU6WTRstCQ2moAL8JWJxxMp6f4Js/NS+AbYxTBj
frKHaOZGVJT65gXHBnOQrEbRy5k45sPKg/cqidVqjPF9Wy7gpj8WONXOu+DQ4zXd
KmNXprXBjBrsf3O/Wepy2xqhmmZ86QCYCYJ5/WtQurh845qqm+35fdX8vDCE1JWz
hj/SC+Y6HYgan6fv53CXnunTUpe88BPeMN883ZdRTz2BG1DchNnLyvCbqeLEFSfL
UU5t+OncubGNjCAKTTqUE5J9vAfNxt9hTyf7byuPiRb9SbG4C9x3bFeP5wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDV0RTsmgzba//x6EhFTlb63yGFDMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvTlhSRk95YUROdHJfX0hvU0VWT1Z2cmZJWVVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBXvGkAwQB
sv0MAwQAsv0QAwQBsv0sMA0GCSqGSIb3DQEBCwUAA4IBAQA/JemvqBHPCB7esxuE
TY3JNxqHhu+QDWxSH7fxHORPw5w7eDBoh1YeJpylg7H0ZQ5i0h4CzV+8LTgWEKY1
b/Iu+oMpMVf/yEWsMyiT98AVMusjPjou6IrAkRcsmdTpKceSg8QjenIK789HKu/W
XYX6aV9gg7eY08AsoEgYLp+WjDETCzDTzyPA6MpGCEKtTnfpRfw5o9CQII15b4dz
3tQELrfUjIq7+8A0aO/AYR2+VHdrGXZLSXhuqZYASat1NsGoZB75sH26iIOYxoOL
WdWkJ7fSrjr4L0zaFBX19AVwEpHE+abkeyeTHFAPAqhJlNOrCcM6YsTFAEkNOTpQ
wGRP
-----END CERTIFICATE-----
Generated at Tue Oct 8 13:43:46 2024 by rpki-client on console-ams.rpki-client.org