Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/715835-bc1d-4cb8-9618-4ef283ce7ff1/1/nGBNfbXHsfL11Z7LJy6JbX_wKLM.roa
File: nGBNfbXHsfL11Z7LJy6JbX_wKLM.roa (raw, json)
Hash identifier: 5+2UeW0Ic0rP3zy/CH5Slh0gDsoYFOt0yKwxBYKthCg=
Subject key identifier: 9C:60:4D:7D:B5:C7:B1:F2:F5:D5:9E:CB:27:2E:89:6D:7F:F0:28:B3
Certificate issuer: /CN=29921518c5da1b84c5971a79bc74e8ac0770fd49
Certificate serial: 018571FA3357180A35247D7EF589A3FEC7D2
Authority key identifier: 29:92:15:18:C5:DA:1B:84:C5:97:1A:79:BC:74:E8:AC:07:70:FD:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KZIVGMXaG4TFlxp5vHTorAdw_Uk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/715835-bc1d-4cb8-9618-4ef283ce7ff1/1/nGBNfbXHsfL11Z7LJy6JbX_wKLM.roa
Signing time: Mon 02 Jan 2023 10:15:00 +0000
ROA not before: Mon 02 Jan 2023 10:15:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201603
IP address blocks: 94.177.20.0/24 maxlen: 24
91.217.32.0/23 maxlen: 23
185.69.104.0/22 maxlen: 22
188.214.108.0/24 maxlen: 24
2a05:2140::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:fa:33:57:18:0a:35:24:7d:7e:f5:89:a3:fe:c7:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29921518c5da1b84c5971a79bc74e8ac0770fd49
Validity
Not Before: Jan 2 10:15:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9c604d7db5c7b1f2f5d59ecb272e896d7ff028b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:4d:28:6f:ee:d3:c2:47:25:72:4c:79:57:c3:
58:48:bb:94:78:c5:25:d7:f3:2d:62:24:ec:e0:6b:
8b:3f:24:6b:62:d7:04:8d:ed:56:76:b5:84:f3:49:
96:fe:c0:ce:1c:1a:f4:5d:6f:8c:e3:45:ca:9d:8a:
06:7e:fa:68:06:fe:97:65:df:b2:57:b5:df:2e:06:
b1:91:00:1a:e3:24:62:df:62:d2:e4:dc:27:c0:0d:
fe:2a:1d:5c:a7:99:e1:08:ff:92:52:ca:b8:a3:08:
e6:3c:f0:72:5e:6a:4c:f3:c2:8c:75:60:78:b0:f3:
5e:6f:86:58:6b:88:4a:16:c4:e1:f5:28:94:bb:3d:
15:04:c7:62:83:7c:93:2c:63:ae:eb:8a:94:f7:da:
fc:a9:7f:70:9a:48:2c:33:5d:42:38:11:f0:fb:a5:
7b:e5:c7:b0:8c:6c:a5:8c:6d:66:3d:15:2d:de:04:
c0:0a:03:fb:e7:b8:23:cc:4b:4d:01:88:5a:e1:a4:
14:5f:cc:eb:7c:65:33:0a:25:44:a7:dd:fe:5d:24:
59:c8:1e:85:67:a0:93:dc:47:77:eb:66:a3:5e:7f:
29:36:c0:74:93:fd:ce:44:e8:f0:08:66:fd:fe:ef:
84:8c:9a:8b:3f:a0:4c:e6:66:44:4b:a5:ca:b5:09:
f0:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:60:4D:7D:B5:C7:B1:F2:F5:D5:9E:CB:27:2E:89:6D:7F:F0:28:B3
X509v3 Authority Key Identifier:
keyid:29:92:15:18:C5:DA:1B:84:C5:97:1A:79:BC:74:E8:AC:07:70:FD:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KZIVGMXaG4TFlxp5vHTorAdw_Uk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/715835-bc1d-4cb8-9618-4ef283ce7ff1/1/nGBNfbXHsfL11Z7LJy6JbX_wKLM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/715835-bc1d-4cb8-9618-4ef283ce7ff1/1/KZIVGMXaG4TFlxp5vHTorAdw_Uk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.32.0/23
94.177.20.0/24
185.69.104.0/22
188.214.108.0/24
IPv6:
2a05:2140::/29
Signature Algorithm: sha256WithRSAEncryption
8b:16:24:8c:d1:33:de:b9:0c:06:5d:de:33:56:45:6e:b5:76:
e6:34:6b:ca:95:fa:02:c9:49:39:dd:9e:e4:2a:c8:fe:fa:11:
d3:94:57:26:1f:f0:ba:ae:da:51:1b:d8:aa:8b:6e:bb:f4:57:
d3:92:ab:42:13:72:5e:c7:31:ac:f9:f6:14:89:dd:35:af:72:
08:ca:4d:39:fe:db:9e:a8:e6:1c:62:c6:3f:e8:02:f8:d0:79:
4e:d6:24:1e:7b:04:90:08:fd:8c:80:91:2c:ca:1d:40:c8:3f:
1b:64:64:d7:9e:c0:e7:01:b5:ce:84:f0:16:ef:9b:9c:13:d3:
60:95:64:3b:85:a4:4d:4f:65:9f:85:9d:97:62:2d:37:81:b8:
3c:1b:b9:8f:f0:45:1d:44:9d:92:32:06:15:c6:37:b1:c9:9f:
1b:82:5b:3b:d5:db:a7:48:77:3a:ca:1e:58:d7:94:d7:4a:3a:
c1:2c:20:7d:85:52:2b:d9:d7:84:8b:56:c7:d4:b7:b4:ad:20:
ab:38:aa:3a:ce:5f:07:97:ce:b8:f2:2b:3e:7f:fc:19:46:d5:
cf:05:b3:98:0d:91:27:dc:48:89:23:75:01:fe:6d:07:b4:60:
81:e7:77:f5:6b:df:7c:9b:17:28:c7:2f:06:99:05:40:bc:12:
bd:77:ee:49
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVx+jNXGAo1JH1+9Ymj/sfSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5OTIxNTE4YzVkYTFiODRjNTk3MWE3OWJjNzRlOGFjMDc3
MGZkNDkwHhcNMjMwMTAyMTAxNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzYwNGQ3ZGI1YzdiMWYyZjVkNTllY2IyNzJlODk2ZDdmZjAyOGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAik0ob+7Twkclckx5V8NYSLuUeMUl
1/MtYiTs4GuLPyRrYtcEje1WdrWE80mW/sDOHBr0XW+M40XKnYoGfvpoBv6XZd+y
V7XfLgaxkQAa4yRi32LS5NwnwA3+Kh1cp5nhCP+SUsq4owjmPPByXmpM88KMdWB4
sPNeb4ZYa4hKFsTh9SiUuz0VBMdig3yTLGOu64qU99r8qX9wmkgsM11COBHw+6V7
5cewjGyljG1mPRUt3gTACgP757gjzEtNAYha4aQUX8zrfGUzCiVEp93+XSRZyB6F
Z6CT3Ed362ajXn8pNsB0k/3OROjwCGb9/u+EjJqLP6BM5mZES6XKtQnwqwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFJxgTX21x7Hy9dWeyycuiW1/8CizMB8GA1UdIwQY
MBaAFCmSFRjF2huExZcaebx06KwHcP1JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1pJVkdNWGFHNFRGbHhwNXZIVG9yQWR3X1VrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy83MTU4MzUtYmMxZC00Y2I4LTk2MTgt
NGVmMjgzY2U3ZmYxLzEvbkdCTmZiWEhzZkwxMVo3TEp5NkpiWF93S0xNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy83MTU4MzUtYmMxZC00Y2I4LTk2MTgtNGVmMjgzY2U3ZmYx
LzEvS1pJVkdNWGFHNFRGbHhwNXZIVG9yQWR3X1VrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQBW9kgAwQA
XrEUAwQCuUVoAwQAvNZsMA0EAgACMAcDBQMqBSFAMA0GCSqGSIb3DQEBCwUAA4IB
AQCLFiSM0TPeuQwGXd4zVkVutXbmNGvKlfoCyUk53Z7kKsj++hHTlFcmH/C6rtpR
G9iqi2679FfTkqtCE3JexzGs+fYUid01r3IIyk05/tueqOYcYsY/6AL40HlO1iQe
ewSQCP2MgJEsyh1AyD8bZGTXnsDnAbXOhPAW75ucE9NglWQ7haRNT2WfhZ2XYi03
gbg8G7mP8EUdRJ2SMgYVxjexyZ8bgls71dunSHc6yh5Y15TXSjrBLCB9hVIr2deE
i1bH1Le0rSCrOKo6zl8Hl8648is+f/wZRtXPBbOYDZEn3EiJI3UB/m0HtGCB53f1
a998mxcoxy8GmQVAvBK9d+5J
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:44 2024 by rpki-client on console-ams.rpki-client.org