Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/NwiRpVbAJnMKzQ3uKyv4aiUxrzo.roa
File: NwiRpVbAJnMKzQ3uKyv4aiUxrzo.roa (raw, json)
Hash identifier: rWVAZUWzOL57jicIQAYHUl7+MCs3f1yLbWH9Av83/DI=
Subject key identifier: 37:08:91:A5:56:C0:26:73:0A:CD:0D:EE:2B:2B:F8:6A:25:31:AF:3A
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 018CC8DFABC9EB7B19B60D7635F81C7406E7
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/NwiRpVbAJnMKzQ3uKyv4aiUxrzo.roa
Signing time: Tue 02 Jan 2024 06:32:30 +0000
ROA not before: Tue 02 Jan 2024 06:32:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207569
IP address blocks: 139.28.221.0/24 maxlen: 24
139.28.220.0/24 maxlen: 24
5.180.136.0/24 maxlen: 24
5.180.137.0/24 maxlen: 24
185.94.167.0/24 maxlen: 24
45.133.245.0/24 maxlen: 24
185.188.181.0/24 maxlen: 24
95.214.8.0/24 maxlen: 24
185.17.2.0/24 maxlen: 24
194.53.54.0/24 maxlen: 24
85.209.0.0/24 maxlen: 24
185.105.118.0/24 maxlen: 24
195.66.87.0/24 maxlen: 24
5.252.116.0/24 maxlen: 24
193.109.84.0/24 maxlen: 24
45.89.64.0/24 maxlen: 24
194.67.200.0/24 maxlen: 24
185.104.250.0/24 maxlen: 24
46.17.106.0/24 maxlen: 24
2a0a:9300:1::/48 maxlen: 48
2a0a:9300:aaaa::/48 maxlen: 48
2a0a:9300::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 17 Jan 2024 12:30:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:ab:c9:eb:7b:19:b6:0d:76:35:f8:1c:74:06:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jan 2 06:32:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=370891a556c026730acd0dee2b2bf86a2531af3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:f6:64:74:29:74:3c:fd:bd:e6:b9:69:0c:48:
c0:81:ca:2a:c8:aa:10:67:04:cf:71:b5:30:2f:17:
69:dc:47:df:aa:d6:81:42:89:34:c8:9a:2b:d4:bf:
da:56:93:79:9d:3c:78:18:96:6e:da:1f:b2:42:cb:
d9:0a:3b:9e:24:18:30:c1:0b:8b:c6:cd:a3:51:e0:
9e:a8:ed:c5:90:af:1f:f5:4d:52:50:9c:5a:a9:90:
25:ed:73:e8:b4:b5:a6:25:49:6c:5b:bd:73:f9:a0:
6a:a4:c5:09:d2:b9:f0:17:a0:34:1b:26:2b:6b:3a:
64:ea:ec:5c:f3:43:57:23:6c:4b:04:08:4a:ea:9c:
6f:32:f7:31:ea:5d:dc:30:56:4a:5c:93:54:7f:47:
8d:56:d6:4b:fd:bc:4c:53:17:ae:71:d7:4a:ff:93:
35:74:92:d2:1a:05:12:b1:29:49:cd:83:98:62:20:
5a:24:c5:a7:c9:fd:d1:4c:29:5f:e9:c7:c5:df:b3:
ad:fb:7c:46:fa:e2:d1:69:43:af:c5:b6:f1:01:54:
4f:93:fe:c1:56:75:26:f1:e5:84:75:b1:99:86:4e:
6b:fa:b4:02:a7:34:ac:38:db:c7:47:05:73:3a:ce:
c3:7c:72:04:40:4b:9d:7c:71:77:fd:c2:c3:37:12:
41:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:08:91:A5:56:C0:26:73:0A:CD:0D:EE:2B:2B:F8:6A:25:31:AF:3A
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/NwiRpVbAJnMKzQ3uKyv4aiUxrzo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.136.0/23
5.252.116.0/24
45.89.64.0/24
45.133.245.0/24
46.17.106.0/24
85.209.0.0/24
95.214.8.0/24
139.28.220.0/23
185.17.2.0/24
185.94.167.0/24
185.104.250.0/24
185.105.118.0/24
185.188.181.0/24
193.109.84.0/24
194.53.54.0/24
194.67.200.0/24
195.66.87.0/24
IPv6:
2a0a:9300::/32
Signature Algorithm: sha256WithRSAEncryption
59:08:0e:fe:ed:f4:da:e1:9e:68:cb:bd:b0:c3:04:72:ef:29:
b3:ae:b1:5b:28:08:48:75:70:33:8c:b0:1a:0f:7a:c5:5f:2c:
22:91:49:9b:6b:65:35:ca:40:57:15:19:28:0e:72:e3:58:cd:
74:a2:aa:00:f3:09:ad:01:2e:4b:1a:67:11:1c:73:95:53:d6:
23:6c:0a:49:88:b4:3e:c3:a9:96:f3:43:90:7b:83:42:0a:95:
41:37:40:4c:a2:74:9f:4b:e5:c7:1d:3a:17:14:e3:d2:fc:8b:
b9:6c:0a:47:ab:b5:d8:5e:1d:0f:2e:6d:5d:b4:61:b4:a4:9a:
69:3c:87:e1:b8:51:9e:25:34:89:41:63:bb:c8:5a:e9:1c:87:
43:e7:c0:71:c9:9f:51:5c:64:8c:39:ca:7e:5a:88:9c:ef:b3:
6a:44:1a:0e:f6:55:c9:0e:74:76:0b:76:e0:ff:ad:ec:c3:36:
26:a8:fa:9d:7b:d5:1e:1f:3b:a9:3b:18:92:f0:54:e3:8c:d8:
a8:a1:ee:ba:f9:cb:7c:05:e8:66:e8:19:79:c5:77:90:25:ff:
98:55:d0:90:99:8b:06:45:d0:0d:a6:7b:6a:2d:a3:ac:e3:0c:
6b:ce:c4:64:ec:6e:dc:31:44:40:3f:e3:00:42:7a:91:e6:2f:
00:50:63:bb
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgISAYzI36vJ63sZtg12NfgcdAbnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjQwMTAyMDYzMjMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzA4OTFhNTU2YzAyNjczMGFjZDBkZWUyYjJiZjg2YTI1MzFhZjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApPZkdCl0PP295rlpDEjAgcoqyKoQ
ZwTPcbUwLxdp3EffqtaBQok0yJor1L/aVpN5nTx4GJZu2h+yQsvZCjueJBgwwQuL
xs2jUeCeqO3FkK8f9U1SUJxaqZAl7XPotLWmJUlsW71z+aBqpMUJ0rnwF6A0GyYr
azpk6uxc80NXI2xLBAhK6pxvMvcx6l3cMFZKXJNUf0eNVtZL/bxMUxeucddK/5M1
dJLSGgUSsSlJzYOYYiBaJMWnyf3RTClf6cfF37Ot+3xG+uLRaUOvxbbxAVRPk/7B
VnUm8eWEdbGZhk5r+rQCpzSsONvHRwVzOs7DfHIEQEudfHF3/cLDNxJBZQIDAQAB
o4ICeTCCAnUwHQYDVR0OBBYEFDcIkaVWwCZzCs0N7isr+GolMa86MB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvTndpUnBWYkFKbk1LelEzdUt5djRhaVV4cnpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGOBggrBgEFBQcBBwEB/wR/MH0wbAQCAAEwZgMEAQW0iAME
AAX8dAMEAC1ZQAMEAC2F9QMEAC4RagMEAFXRAAMEAF/WCAMEAYsc3AMEALkRAgME
ALlepwMEALlo+gMEALlpdgMEALm8tQMEAMFtVAMEAMI1NgMEAMJDyAMEAMNCVzAN
BAIAAjAHAwUAKgqTADANBgkqhkiG9w0BAQsFAAOCAQEAWQgO/u302uGeaMu9sMME
cu8ps66xWygISHVwM4ywGg96xV8sIpFJm2tlNcpAVxUZKA5y41jNdKKqAPMJrQEu
SxpnERxzlVPWI2wKSYi0PsOplvNDkHuDQgqVQTdATKJ0n0vlxx06FxTj0vyLuWwK
R6u12F4dDy5tXbRhtKSaaTyH4bhRniU0iUFju8ha6RyHQ+fAccmfUVxkjDnKflqI
nO+zakQaDvZVyQ50dgt24P+t7MM2Jqj6nXvVHh87qTsYkvBU44zYqKHuuvnLfAXo
ZugZecV3kCX/mFXQkJmLBkXQDaZ7ai2jrOMMa87EZOxu3DFEQD/jAEJ6keYvAFBj
uw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:10 2024 by rpki-client on console-ams.rpki-client.org