Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/ndEZOafQ3X9E0HA-5jMn-wFNoeg.roa
File: ndEZOafQ3X9E0HA-5jMn-wFNoeg.roa (raw, json)
Hash identifier: qxTMN85SrExNPWa835tHbkh0BcK02CdiPVdT38riqJo=
Subject key identifier: 9D:D1:19:39:A7:D0:DD:7F:44:D0:70:3E:E6:33:27:FB:01:4D:A1:E8
Certificate issuer: /CN=0febfbfd6f937c5ae39e3e38e8ab8384107421a6
Certificate serial: 018B8AC6F2A059586DB40512CF3BA7B18ACB
Authority key identifier: 0F:EB:FB:FD:6F:93:7C:5A:E3:9E:3E:38:E8:AB:83:84:10:74:21:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D-v7_W-TfFrjnj446KuDhBB0IaY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/ndEZOafQ3X9E0HA-5jMn-wFNoeg.roa
Signing time: Wed 01 Nov 2023 12:06:15 +0000
ROA not before: Wed 01 Nov 2023 12:06:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8849
IP address blocks: 185.230.245.0/24 maxlen: 24
91.192.81.0/24 maxlen: 24
5.44.249.0/24 maxlen: 24
176.97.192.0/24 maxlen: 24
158.255.76.0/24 maxlen: 24
185.140.210.0/24 maxlen: 24
185.140.211.0/24 maxlen: 24
62.122.187.0/24 maxlen: 24
185.147.53.0/24 maxlen: 24
95.174.71.0/24 maxlen: 24
95.174.68.0/24 maxlen: 24
95.174.69.0/24 maxlen: 24
95.174.70.0/24 maxlen: 24
89.36.163.0/24 maxlen: 24
89.36.162.0/24 maxlen: 24
89.40.226.0/24 maxlen: 24
88.210.36.0/23 maxlen: 24
193.35.224.0/24 maxlen: 24
31.222.226.0/24 maxlen: 24
2a06:f902:4000::/36 maxlen: 36
2a06:f901:4000::/36 maxlen: 36
2a06:f901:8000::/36 maxlen: 36
2a06:f901:c000::/36 maxlen: 36
Validation: Failed, certificate revoked on Sat 11 Nov 2023 09:46:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8a:c6:f2:a0:59:58:6d:b4:05:12:cf:3b:a7:b1:8a:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0febfbfd6f937c5ae39e3e38e8ab8384107421a6
Validity
Not Before: Nov 1 12:06:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9dd11939a7d0dd7f44d0703ee63327fb014da1e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:03:dc:fa:56:f3:69:a6:0c:aa:86:f4:e9:d1:
75:26:41:76:1e:4c:fa:43:82:b8:13:a0:75:3f:0c:
0a:95:63:6c:51:6e:a3:79:f3:8a:28:8a:ff:8a:42:
15:46:1c:b0:75:1e:63:cc:96:2a:bb:57:6c:eb:90:
23:33:3f:00:7d:ce:a0:1f:f2:54:04:2e:c6:f3:cf:
1c:8f:4d:3e:c0:1d:d6:6b:bd:8f:bf:81:22:7c:e3:
02:ec:5d:e2:9d:73:3c:d9:8f:50:62:7f:e4:a5:c0:
4f:1b:fb:f9:2f:e5:d2:e7:12:e5:fc:e4:a3:12:38:
bb:e5:c3:b1:cd:c8:f5:d9:7f:b8:ec:9c:1f:8a:9d:
32:71:72:67:26:d3:1b:2c:2f:94:6f:76:81:70:eb:
47:05:a4:4f:ed:8b:14:73:0c:43:91:50:4f:83:74:
9c:b6:52:e7:02:04:f9:43:e2:f5:8f:6e:f9:70:f7:
d7:49:6f:fc:67:ce:fb:51:2b:2b:ed:ea:06:d5:bd:
e7:28:7e:fe:4d:25:4f:10:3b:35:07:5d:fe:9e:e0:
de:a2:dd:7c:7e:79:f7:f1:9a:e2:ee:52:61:14:7b:
00:4d:5a:a7:86:18:fa:78:37:f1:9f:28:01:47:19:
d6:fb:13:14:25:95:93:d7:44:16:e3:56:1b:43:8b:
54:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:D1:19:39:A7:D0:DD:7F:44:D0:70:3E:E6:33:27:FB:01:4D:A1:E8
X509v3 Authority Key Identifier:
keyid:0F:EB:FB:FD:6F:93:7C:5A:E3:9E:3E:38:E8:AB:83:84:10:74:21:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D-v7_W-TfFrjnj446KuDhBB0IaY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/ndEZOafQ3X9E0HA-5jMn-wFNoeg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/D-v7_W-TfFrjnj446KuDhBB0IaY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.249.0/24
31.222.226.0/24
62.122.187.0/24
88.210.36.0/23
89.36.162.0/23
89.40.226.0/24
91.192.81.0/24
95.174.68.0/22
158.255.76.0/24
176.97.192.0/24
185.140.210.0/23
185.147.53.0/24
185.230.245.0/24
193.35.224.0/24
IPv6:
2a06:f901:4000::/36
2a06:f901:8000::/36
2a06:f901:c000::/36
2a06:f902:4000::/36
Signature Algorithm: sha256WithRSAEncryption
6e:9d:9c:ee:3b:39:6f:2a:54:8b:f1:3c:9e:d6:75:59:33:c9:
f8:f0:d4:e9:f3:de:7b:c7:ef:43:4e:13:8f:f1:dc:7d:fe:f7:
13:b9:4e:e4:25:3c:a6:30:dc:2f:b2:0d:d8:69:84:72:10:1e:
3d:60:a9:a3:d7:67:35:a6:d3:72:57:c6:13:fe:02:13:e6:5c:
97:b5:45:f0:d2:13:0c:24:ca:5b:6c:7b:a3:96:12:82:b9:b0:
52:60:83:ac:99:33:17:90:80:a3:3b:cc:3e:48:d0:c2:bb:74:
6c:46:94:26:7c:af:e5:d2:f6:b7:b4:cb:a7:f3:79:12:b1:f3:
8a:fd:dd:0f:c1:c8:57:07:33:95:e5:42:c6:fd:6c:76:8c:a1:
ad:f3:50:3c:4b:d0:0f:be:ee:03:49:8e:8b:32:1a:d7:12:9e:
0e:a4:ae:75:51:d7:91:f7:f7:03:b0:9a:46:39:94:ed:3e:e7:
00:77:ab:05:c0:a4:71:d2:34:63:4b:58:00:1d:26:82:0f:e6:
d4:0b:7a:96:92:2d:b1:02:75:07:d2:86:43:88:0f:f3:69:62:
05:42:0c:81:fb:3e:68:8c:df:ee:03:e6:dd:da:fd:37:7a:93:
69:0a:18:2f:a9:84:3f:c6:bc:28:bb:99:4c:78:a0:40:af:7e:
a1:9f:bc:b2
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgISAYuKxvKgWVhttAUSzzunsYrLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZWJmYmZkNmY5MzdjNWFlMzllM2UzOGU4YWI4Mzg0MTA3
NDIxYTYwHhcNMjMxMTAxMTIwNjE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGQxMTkzOWE3ZDBkZDdmNDRkMDcwM2VlNjMzMjdmYjAxNGRhMWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlgPc+lbzaaYMqob06dF1JkF2Hkz6
Q4K4E6B1PwwKlWNsUW6jefOKKIr/ikIVRhywdR5jzJYqu1ds65AjMz8Afc6gH/JU
BC7G888cj00+wB3Wa72Pv4EifOMC7F3inXM82Y9QYn/kpcBPG/v5L+XS5xLl/OSj
Eji75cOxzcj12X+47Jwfip0ycXJnJtMbLC+Ub3aBcOtHBaRP7YsUcwxDkVBPg3Sc
tlLnAgT5Q+L1j275cPfXSW/8Z877USsr7eoG1b3nKH7+TSVPEDs1B13+nuDeot18
fnn38Zri7lJhFHsATVqnhhj6eDfxnygBRxnW+xMUJZWT10QW41YbQ4tUBQIDAQAB
o4ICgjCCAn4wHQYDVR0OBBYEFJ3RGTmn0N1/RNBwPuYzJ/sBTaHoMB8GA1UdIwQY
MBaAFA/r+/1vk3xa454+OOirg4QQdCGmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRC12N19XLVRmRnJqbmo0NDZLdURoQkIwSWFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82N2Q4MzQtMjYxMi00NzM5LTlmNGIt
N2Q3MDM3NGQ3NmQyLzEvbmRFWk9hZlEzWDlFMEhBLTVqTW4td0ZOb2VnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS82N2Q4MzQtMjYxMi00NzM5LTlmNGItN2Q3MDM3NGQ3NmQy
LzEvRC12N19XLVRmRnJqbmo0NDZLdURoQkIwSWFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGXBggrBgEFBQcBBwEB/wSBhzCBhDBaBAIAATBUAwQABSz5
AwQAH97iAwQAPnq7AwQBWNIkAwQBWSSiAwQAWSjiAwQAW8BRAwQCX65EAwQAnv9M
AwQAsGHAAwQBuYzSAwQAuZM1AwQAueb1AwQAwSPgMCYEAgACMCADBgQqBvkBQAMG
BCoG+QGAAwYEKgb5AcADBgQqBvkCQDANBgkqhkiG9w0BAQsFAAOCAQEAbp2c7js5
bypUi/E8ntZ1WTPJ+PDU6fPee8fvQ04Tj/Hcff73E7lO5CU8pjDcL7IN2GmEchAe
PWCpo9dnNabTclfGE/4CE+Zcl7VF8NITDCTKW2x7o5YSgrmwUmCDrJkzF5CAozvM
PkjQwrt0bEaUJnyv5dL2t7TLp/N5ErHziv3dD8HIVwczleVCxv1sdoyhrfNQPEvQ
D77uA0mOizIa1xKeDqSudVHXkff3A7CaRjmU7T7nAHerBcCkcdI0Y0tYAB0mgg/m
1At6lpItsQJ1B9KGQ4gP82liBUIMgfs+aIzf7gPm3dr9N3qTaQoYL6mEP8a8KLuZ
THigQK9+oZ+8sg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:04 2024 by rpki-client on console-fra.rpki-client.org