Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/b8d29c-3333-493c-9739-df56ec670de7/1/NC-xC-qsGolE34Y8dZaJW6GaO5s.roa
File: NC-xC-qsGolE34Y8dZaJW6GaO5s.roa (raw, json)
Hash identifier: aSJzEP9qrBg/mrAtZ2QhhxfYGIG9d3Im1D23mkUZ2jg=
Subject key identifier: 34:2F:B1:0B:EA:AC:1A:89:44:DF:86:3C:75:96:89:5B:A1:9A:3B:9B
Certificate issuer: /CN=fcbe62378bb580af4ed70bfa35abc840945d7803
Certificate serial: 0185718C3949197D9FC34973E85BAAFCA70E
Authority key identifier: FC:BE:62:37:8B:B5:80:AF:4E:D7:0B:FA:35:AB:C8:40:94:5D:78:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_L5iN4u1gK9O1wv6NavIQJRdeAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/b8d29c-3333-493c-9739-df56ec670de7/1/NC-xC-qsGolE34Y8dZaJW6GaO5s.roa
Signing time: Mon 02 Jan 2023 08:14:53 +0000
ROA not before: Mon 02 Jan 2023 08:14:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42300
IP address blocks: 194.15.248.0/24 maxlen: 24
194.15.248.0/22 maxlen: 22
77.240.240.0/22 maxlen: 22
77.240.240.0/24 maxlen: 24
77.240.241.0/24 maxlen: 24
77.240.242.0/24 maxlen: 24
77.240.243.0/24 maxlen: 24
178.236.200.0/24 maxlen: 24
178.236.201.0/24 maxlen: 24
178.236.202.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:8c:39:49:19:7d:9f:c3:49:73:e8:5b:aa:fc:a7:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fcbe62378bb580af4ed70bfa35abc840945d7803
Validity
Not Before: Jan 2 08:14:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=342fb10beaac1a8944df863c7596895ba19a3b9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:6a:62:7c:ab:ad:e7:0e:7d:29:23:6f:81:37:
44:82:1d:a5:14:03:47:dc:46:ea:62:02:0c:f4:51:
5e:27:9f:97:a5:36:54:72:0a:b9:32:db:e9:e7:0c:
f0:87:44:bc:0e:23:d4:42:6c:c6:71:76:d0:b9:1c:
da:23:60:6d:ca:54:95:ec:86:00:2d:02:07:50:e7:
06:cf:7f:90:03:38:32:4a:59:e6:35:f5:8b:2f:97:
df:dc:48:15:69:e0:a0:8c:08:5b:09:f2:a7:00:45:
d0:a1:ce:1e:4e:be:a5:cb:39:05:d2:f3:5f:47:2a:
04:ca:8e:8f:49:f9:91:bb:23:ea:18:b3:24:ad:3b:
dc:f1:58:8d:36:6e:4e:cd:02:38:c1:cf:df:be:5a:
d6:e0:d1:39:1f:00:ce:06:4d:cb:95:72:78:21:bc:
29:fc:3d:37:c0:9c:cf:93:9a:0b:65:1a:53:61:9a:
c9:51:80:4e:39:30:44:05:94:e3:ae:a5:35:eb:3c:
89:77:ae:7d:0d:67:ec:a5:da:b1:25:74:36:86:f2:
30:35:5f:b5:91:6c:f0:36:28:06:dd:28:64:58:dc:
5d:42:cd:59:85:06:7f:66:05:8c:82:3e:c4:f4:06:
2e:a3:73:dd:52:1c:30:0c:d2:60:2d:df:d4:79:8d:
7c:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:2F:B1:0B:EA:AC:1A:89:44:DF:86:3C:75:96:89:5B:A1:9A:3B:9B
X509v3 Authority Key Identifier:
keyid:FC:BE:62:37:8B:B5:80:AF:4E:D7:0B:FA:35:AB:C8:40:94:5D:78:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_L5iN4u1gK9O1wv6NavIQJRdeAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/b8d29c-3333-493c-9739-df56ec670de7/1/NC-xC-qsGolE34Y8dZaJW6GaO5s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/b8d29c-3333-493c-9739-df56ec670de7/1/_L5iN4u1gK9O1wv6NavIQJRdeAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.240.240.0/22
178.236.200.0-178.236.202.255
194.15.248.0/22
Signature Algorithm: sha256WithRSAEncryption
14:fd:5f:c2:aa:ca:7e:09:58:13:ce:a1:f6:db:98:95:2c:9c:
59:fd:9d:d0:ad:12:c0:40:ee:14:05:76:b3:55:4c:2b:1d:7c:
48:7e:2d:44:9a:77:eb:7e:87:cd:de:eb:65:f1:10:e1:66:ac:
51:a7:98:8b:d3:4b:66:f5:67:14:9f:33:42:96:92:f2:cc:bf:
d2:b3:0b:ca:a9:00:02:4d:9a:13:37:c6:47:cb:db:ca:c7:64:
ee:93:3b:19:61:ab:23:57:1a:68:6b:97:ad:c2:4b:7d:6d:5e:
55:b0:88:02:86:bd:81:56:9f:26:b5:24:9f:77:99:d9:34:1e:
e5:f7:4d:8a:7f:14:3c:b8:b0:b6:37:44:05:49:0b:ba:d7:32:
4e:24:9d:31:16:91:61:e1:75:d5:54:31:a5:51:0e:15:31:16:
1b:6e:9e:9f:a3:1f:c6:e1:4f:ec:35:a8:5b:68:0d:68:d6:e2:
de:fa:97:05:b9:63:80:37:20:f0:c3:c4:af:12:db:4c:e8:7c:
c0:e2:32:f2:63:6b:c9:f1:12:13:aa:9e:62:47:a1:ce:41:33:
52:83:0f:5a:5c:db:31:29:fb:e6:1d:c8:2f:98:4b:68:19:01:
7b:a4:63:92:9a:88:80:57:7a:ef:84:8a:3c:88:6d:ad:0e:c5:
74:b2:2f:83
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYVxjDlJGX2fw0lz6Fuq/KcOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjYmU2MjM3OGJiNTgwYWY0ZWQ3MGJmYTM1YWJjODQwOTQ1
ZDc4MDMwHhcNMjMwMTAyMDgxNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDJmYjEwYmVhYWMxYTg5NDRkZjg2M2M3NTk2ODk1YmExOWEzYjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwGpifKut5w59KSNvgTdEgh2lFANH
3EbqYgIM9FFeJ5+XpTZUcgq5Mtvp5wzwh0S8DiPUQmzGcXbQuRzaI2BtylSV7IYA
LQIHUOcGz3+QAzgySlnmNfWLL5ff3EgVaeCgjAhbCfKnAEXQoc4eTr6lyzkF0vNf
RyoEyo6PSfmRuyPqGLMkrTvc8ViNNm5OzQI4wc/fvlrW4NE5HwDOBk3LlXJ4Ibwp
/D03wJzPk5oLZRpTYZrJUYBOOTBEBZTjrqU16zyJd659DWfspdqxJXQ2hvIwNV+1
kWzwNigG3ShkWNxdQs1ZhQZ/ZgWMgj7E9AYuo3PdUhwwDNJgLd/UeY18pQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFDQvsQvqrBqJRN+GPHWWiVuhmjubMB8GA1UdIwQY
MBaAFPy+YjeLtYCvTtcL+jWryECUXXgDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0w1aU40dTFnSzlPMXd2Nk5hdklRSlJkZUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9iOGQyOWMtMzMzMy00OTNjLTk3Mzkt
ZGY1NmVjNjcwZGU3LzEvTkMteEMtcXNHb2xFMzRZOGRaYUpXNkdhTzVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9iOGQyOWMtMzMzMy00OTNjLTk3MzktZGY1NmVjNjcwZGU3
LzEvX0w1aU40dTFnSzlPMXd2Nk5hdklRSlJkZUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCTfDwMAwD
BAOy7MgDBACy7MoDBALCD/gwDQYJKoZIhvcNAQELBQADggEBABT9X8Kqyn4JWBPO
ofbbmJUsnFn9ndCtEsBA7hQFdrNVTCsdfEh+LUSad+t+h83e62XxEOFmrFGnmIvT
S2b1ZxSfM0KWkvLMv9KzC8qpAAJNmhM3xkfL28rHZO6TOxlhqyNXGmhrl63CS31t
XlWwiAKGvYFWnya1JJ93mdk0HuX3TYp/FDy4sLY3RAVJC7rXMk4knTEWkWHhddVU
MaVRDhUxFhtunp+jH8bhT+w1qFtoDWjW4t76lwW5Y4A3IPDDxK8S20zofMDiMvJj
a8nxEhOqnmJHoc5BM1KDD1pc2zEp++YdyC+YS2gZAXukY5KaiIBXeu+EijyIba0O
xXSyL4M=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:24 2024 by rpki-client on console-ams.rpki-client.org