Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/a4c6f1-7c93-45ee-8eaf-4394052cd65e/1/NSaxxdpDOiTIPNWW7Y_GxIhOAKg.roa
File: NSaxxdpDOiTIPNWW7Y_GxIhOAKg.roa (raw, json)
Hash identifier: 0fjq/63OM9I/dmbEjHUShrWiFfLMcwxZ9HEWYJqoSS8=
Subject key identifier: 35:26:B1:C5:DA:43:3A:24:C8:3C:D5:96:ED:8F:C6:C4:88:4E:00:A8
Certificate issuer: /CN=c1adbdfe01e9a3f96d50022c3cdafdc3e1a8d988
Certificate serial: 018571556303B93A2F2EC8561B3DC253EF6B
Authority key identifier: C1:AD:BD:FE:01:E9:A3:F9:6D:50:02:2C:3C:DA:FD:C3:E1:A8:D9:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wa29_gHpo_ltUAIsPNr9w-Go2Yg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/a4c6f1-7c93-45ee-8eaf-4394052cd65e/1/NSaxxdpDOiTIPNWW7Y_GxIhOAKg.roa
Signing time: Mon 02 Jan 2023 07:14:59 +0000
ROA not before: Mon 02 Jan 2023 07:14:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35328
IP address blocks: 80.87.208.0/21 maxlen: 21
80.87.208.0/20 maxlen: 20
80.87.216.0/21 maxlen: 21
145.255.144.0/21 maxlen: 21
145.255.144.0/20 maxlen: 20
77.234.240.0/20 maxlen: 20
217.31.40.0/21 maxlen: 21
46.18.144.0/22 maxlen: 22
46.18.144.0/21 maxlen: 21
46.18.148.0/22 maxlen: 22
185.42.4.0/22 maxlen: 22
185.42.4.0/23 maxlen: 23
77.234.224.0/19 maxlen: 19
77.234.224.0/20 maxlen: 20
185.42.6.0/23 maxlen: 23
217.31.32.0/20 maxlen: 20
217.31.32.0/21 maxlen: 21
145.255.152.0/21 maxlen: 21
2a00:e380::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:34:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:55:63:03:b9:3a:2f:2e:c8:56:1b:3d:c2:53:ef:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1adbdfe01e9a3f96d50022c3cdafdc3e1a8d988
Validity
Not Before: Jan 2 07:14:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3526b1c5da433a24c83cd596ed8fc6c4884e00a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:c9:b4:7f:e7:24:7b:b3:92:49:b3:be:36:c6:
0a:41:1d:d9:cf:32:0d:c2:d1:1b:93:25:b0:49:ef:
26:b0:49:db:ad:7a:97:a9:fa:da:e3:82:5e:c9:bc:
17:36:84:8c:29:76:7e:c8:08:82:29:c1:51:37:b2:
31:37:55:76:32:a1:80:04:b7:e0:82:c1:a7:96:8b:
ad:36:c7:9e:d8:f1:3b:26:4c:07:61:21:eb:21:ef:
62:97:1a:6f:11:62:f9:07:80:3e:fb:35:47:b9:3a:
6a:a2:7a:ce:1e:6f:fc:12:95:0d:b0:f2:5d:05:8e:
e5:f1:18:53:fa:be:f1:65:ab:02:9e:e9:da:cd:50:
0f:45:4a:5d:0b:8c:35:6f:be:fd:96:d7:44:85:c1:
c8:29:6a:fe:ed:76:35:5f:89:7c:60:c1:5c:74:60:
42:30:7d:7d:85:8e:99:52:8e:f0:07:57:92:44:b7:
c9:eb:0d:4b:20:68:0a:3e:c9:2c:cb:95:31:6e:3f:
4d:b9:a3:21:77:a2:a2:cc:7e:3b:df:f9:08:ec:d1:
09:7f:ae:31:68:de:8e:46:4c:5b:62:a3:b5:3c:b2:
69:be:f9:3e:80:ce:75:b5:d7:0f:0a:51:01:cf:8e:
53:ba:6c:3a:53:64:8c:dd:ea:f5:2d:56:1b:81:21:
2c:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:26:B1:C5:DA:43:3A:24:C8:3C:D5:96:ED:8F:C6:C4:88:4E:00:A8
X509v3 Authority Key Identifier:
keyid:C1:AD:BD:FE:01:E9:A3:F9:6D:50:02:2C:3C:DA:FD:C3:E1:A8:D9:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wa29_gHpo_ltUAIsPNr9w-Go2Yg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/a4c6f1-7c93-45ee-8eaf-4394052cd65e/1/NSaxxdpDOiTIPNWW7Y_GxIhOAKg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/a4c6f1-7c93-45ee-8eaf-4394052cd65e/1/wa29_gHpo_ltUAIsPNr9w-Go2Yg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.18.144.0/21
77.234.224.0/19
80.87.208.0/20
145.255.144.0/20
185.42.4.0/22
217.31.32.0/20
IPv6:
2a00:e380::/29
Signature Algorithm: sha256WithRSAEncryption
24:9f:d6:09:d6:28:15:ed:4f:1d:39:2c:f8:b1:0c:4a:fd:1d:
22:28:fc:df:36:52:e1:14:57:07:c4:5b:57:45:94:6a:53:10:
6f:5a:eb:b8:ef:97:64:bb:b7:b6:70:f7:b2:57:c9:a1:ed:98:
dc:45:56:f8:90:0d:c9:36:e5:d3:f7:11:03:03:bb:30:d7:cc:
70:b4:3a:5e:be:29:b9:c2:88:49:06:d8:8d:bd:09:c2:77:3a:
20:b1:80:a3:e4:4a:0a:e1:65:26:c2:29:2a:45:d0:1a:b9:97:
28:68:33:df:6b:d0:1b:36:52:2e:b4:ca:f9:47:03:07:f4:a4:
d8:2b:50:e0:48:25:29:15:34:31:4e:3d:75:e4:ca:d2:47:01:
a3:c8:17:3b:a6:c8:83:26:db:91:c2:e3:65:d0:f7:4e:f6:f7:
b6:03:a4:0d:c0:ec:e2:71:13:45:c7:88:04:b7:2d:e0:1b:ce:
99:ea:30:e1:ec:b9:cb:23:9f:4a:ac:cd:a5:3e:f5:8a:4a:a4:
01:67:b1:6b:a6:07:3e:be:d5:12:b5:8d:de:62:6d:5c:99:e5:
7e:bb:66:c7:8c:e4:57:cd:df:3c:f6:10:d1:fb:41:c2:63:ff:
a3:36:d4:92:3c:5c:87:68:91:c3:f6:cc:fb:10:ab:a8:d3:b3:
eb:24:7d:9a
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYVxVWMDuTovLshWGz3CU+9rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxYWRiZGZlMDFlOWEzZjk2ZDUwMDIyYzNjZGFmZGMzZTFh
OGQ5ODgwHhcNMjMwMTAyMDcxNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTI2YjFjNWRhNDMzYTI0YzgzY2Q1OTZlZDhmYzZjNDg4NGUwMGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAucm0f+cke7OSSbO+NsYKQR3ZzzIN
wtEbkyWwSe8msEnbrXqXqfra44JeybwXNoSMKXZ+yAiCKcFRN7IxN1V2MqGABLfg
gsGnloutNsee2PE7JkwHYSHrIe9ilxpvEWL5B4A++zVHuTpqonrOHm/8EpUNsPJd
BY7l8RhT+r7xZasCnunazVAPRUpdC4w1b779ltdEhcHIKWr+7XY1X4l8YMFcdGBC
MH19hY6ZUo7wB1eSRLfJ6w1LIGgKPsksy5Uxbj9NuaMhd6KizH473/kI7NEJf64x
aN6ORkxbYqO1PLJpvvk+gM51tdcPClEBz45Tumw6U2SM3er1LVYbgSEs7QIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFDUmscXaQzokyDzVlu2PxsSITgCoMB8GA1UdIwQY
MBaAFMGtvf4B6aP5bVACLDza/cPhqNmIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2EyOV9nSHBvX2x0VUFJc1BOcjl3LUdvMllnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9hNGM2ZjEtN2M5My00NWVlLThlYWYt
NDM5NDA1MmNkNjVlLzEvTlNheHhkcERPaVRJUE5XVzdZX0d4SWhPQUtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9hNGM2ZjEtN2M5My00NWVlLThlYWYtNDM5NDA1MmNkNjVl
LzEvd2EyOV9nSHBvX2x0VUFJc1BOcjl3LUdvMllnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDLhKQAwQF
TergAwQEUFfQAwQEkf+QAwQCuSoEAwQE2R8gMA0EAgACMAcDBQMqAOOAMA0GCSqG
SIb3DQEBCwUAA4IBAQAkn9YJ1igV7U8dOSz4sQxK/R0iKPzfNlLhFFcHxFtXRZRq
UxBvWuu475dku7e2cPeyV8mh7ZjcRVb4kA3JNuXT9xEDA7sw18xwtDpevim5wohJ
BtiNvQnCdzogsYCj5EoK4WUmwikqRdAauZcoaDPfa9AbNlIutMr5RwMH9KTYK1Dg
SCUpFTQxTj115MrSRwGjyBc7psiDJtuRwuNl0PdO9ve2A6QNwOzicRNFx4gEty3g
G86Z6jDh7LnLI59KrM2lPvWKSqQBZ7Frpgc+vtUStY3eYm1cmeV+u2bHjORXzd88
9hDR+0HCY/+jNtSSPFyHaJHD9sz7EKuo07PrJH2a
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:23 2024 by rpki-client on console-ams.rpki-client.org