Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/NXrJE_ASG1LNFndQ26xB8XpOewc.roa
File: NXrJE_ASG1LNFndQ26xB8XpOewc.roa (raw, json)
Hash identifier: DCPWzuF+KmCrTVNAI3m68oG/I/8yLa4b2bbPyGEOh9U=
Subject key identifier: 35:7A:C9:13:F0:12:1B:52:CD:16:77:50:DB:AC:41:F1:7A:4E:7B:07
Certificate issuer: /CN=b32c9c26df7ccd8ad38d89bd5d49380b93b1e009
Certificate serial: 01901D806E103718DDEC016F2FC39152BC0A
Authority key identifier: B3:2C:9C:26:DF:7C:CD:8A:D3:8D:89:BD:5D:49:38:0B:93:B1:E0:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/syycJt98zYrTjYm9XUk4C5Ox4Ak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/NXrJE_ASG1LNFndQ26xB8XpOewc.roa
Signing time: Sat 15 Jun 2024 20:04:34 +0000
ROA not before: Sat 15 Jun 2024 20:04:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43641
IP address blocks: 45.11.56.0/24 maxlen: 24
45.11.59.0/24 maxlen: 24
45.134.174.0/24 maxlen: 24
45.134.175.0/24 maxlen: 24
91.222.172.0/22 maxlen: 24
91.234.198.0/23 maxlen: 24
91.234.199.0/24 maxlen: 24
176.97.120.0/23 maxlen: 23
176.97.125.0/24 maxlen: 24
185.254.199.0/24 maxlen: 24
194.42.206.0/23 maxlen: 24
195.26.86.0/23 maxlen: 24
195.160.220.0/22 maxlen: 24
2a09:2dc1::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 26 Jun 2024 20:49:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:1d:80:6e:10:37:18:dd:ec:01:6f:2f:c3:91:52:bc:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b32c9c26df7ccd8ad38d89bd5d49380b93b1e009
Validity
Not Before: Jun 15 20:04:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=357ac913f0121b52cd167750dbac41f17a4e7b07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:c0:7d:51:d8:ea:1e:f3:15:2d:59:52:f7:43:
27:48:a1:84:fe:0e:25:55:4c:43:cd:a8:2a:42:a5:
76:46:c2:ed:dd:f1:95:34:04:ff:29:27:cd:94:34:
60:a0:88:90:24:68:ae:62:a6:f1:5a:21:50:92:88:
3a:f3:34:f1:75:81:d8:9a:c7:c1:b2:fa:4e:75:db:
56:04:4d:e0:f5:d0:f5:0c:67:ff:74:23:74:9f:15:
12:14:59:14:e1:f8:94:c7:4d:e6:ea:ef:58:c0:64:
f2:e0:ad:6a:4e:09:8f:01:9c:9d:d1:87:95:53:6d:
a9:9c:f3:78:ce:c3:18:38:9f:46:74:e8:46:f8:85:
8c:9a:a8:35:27:71:37:04:bb:9e:7b:38:3c:ea:a7:
16:41:65:99:70:25:ee:54:c3:d2:07:d4:32:47:82:
e0:12:22:81:2a:48:1c:a7:b9:17:4c:cd:1e:5d:78:
e6:31:17:66:e5:9a:53:b5:a5:22:51:ff:fe:f4:8f:
bb:45:8d:ed:b1:9e:37:a2:2a:46:81:65:1f:9c:51:
f4:43:92:88:e0:07:68:72:7c:a5:ef:05:64:a9:5a:
b3:d7:c9:59:5b:ca:2f:d7:eb:f4:bb:22:b8:ff:92:
60:96:9e:72:be:12:8f:78:37:73:55:00:ae:21:d7:
3d:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:7A:C9:13:F0:12:1B:52:CD:16:77:50:DB:AC:41:F1:7A:4E:7B:07
X509v3 Authority Key Identifier:
keyid:B3:2C:9C:26:DF:7C:CD:8A:D3:8D:89:BD:5D:49:38:0B:93:B1:E0:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/syycJt98zYrTjYm9XUk4C5Ox4Ak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/NXrJE_ASG1LNFndQ26xB8XpOewc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/syycJt98zYrTjYm9XUk4C5Ox4Ak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.56.0/24
45.11.59.0/24
45.134.174.0/23
91.222.172.0/22
91.234.198.0/23
176.97.120.0/23
176.97.125.0/24
185.254.199.0/24
194.42.206.0/23
195.26.86.0/23
195.160.220.0/22
IPv6:
2a09:2dc1::/32
Signature Algorithm: sha256WithRSAEncryption
22:77:5c:35:3a:39:6a:d9:92:ef:ab:f1:1c:87:f8:c9:93:9e:
70:61:f4:2c:0e:b2:10:56:9f:53:b4:c6:cb:87:ec:d6:5d:ea:
df:8d:d4:42:ae:20:0a:e5:f4:1f:bc:49:be:63:0e:80:3c:d5:
36:cb:a5:25:30:a7:bd:3b:25:58:30:8e:bd:f7:84:c7:f8:4c:
87:d4:b9:0c:e7:9f:86:30:4b:88:8e:60:d5:a4:cc:00:e2:e0:
f7:b1:d3:8f:ce:44:e2:62:91:ee:a7:f5:1f:00:6e:ef:db:ef:
f0:b3:5e:3e:45:27:7d:f7:e1:56:7d:cf:b4:6e:9b:69:c8:d5:
22:49:07:b3:57:f6:8b:5c:52:4a:35:e7:c8:72:33:48:48:50:
cf:b7:2c:21:23:cd:fa:be:2d:ff:66:ba:9d:f7:a3:38:1f:91:
a9:f0:e3:e2:58:12:da:72:f8:8f:9d:08:f3:39:b1:26:8e:af:
ef:c4:5c:f5:26:2f:ee:4d:b4:f5:d8:20:cc:f1:12:ad:24:67:
c3:fc:65:a6:5b:02:f6:97:d4:ae:aa:87:26:8d:cd:d9:81:d4:
ed:8b:a3:ae:5b:8c:36:d2:76:2e:bb:51:13:b3:0e:81:3d:6e:
00:8e:d0:d5:23:35:07:f0:32:c4:1c:b7:1a:d7:b5:21:ff:d5:
31:a9:13:f7
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAZAdgG4QNxjd7AFvL8ORUrwKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMmM5YzI2ZGY3Y2NkOGFkMzhkODliZDVkNDkzODBiOTNi
MWUwMDkwHhcNMjQwNjE1MjAwNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTdhYzkxM2YwMTIxYjUyY2QxNjc3NTBkYmFjNDFmMTdhNGU3YjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApMB9UdjqHvMVLVlS90MnSKGE/g4l
VUxDzagqQqV2RsLt3fGVNAT/KSfNlDRgoIiQJGiuYqbxWiFQkog68zTxdYHYmsfB
svpOddtWBE3g9dD1DGf/dCN0nxUSFFkU4fiUx03m6u9YwGTy4K1qTgmPAZyd0YeV
U22pnPN4zsMYOJ9GdOhG+IWMmqg1J3E3BLueezg86qcWQWWZcCXuVMPSB9QyR4Lg
EiKBKkgcp7kXTM0eXXjmMRdm5ZpTtaUiUf/+9I+7RY3tsZ43oipGgWUfnFH0Q5KI
4Adocnyl7wVkqVqz18lZW8ov1+v0uyK4/5Jglp5yvhKPeDdzVQCuIdc9PQIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFDV6yRPwEhtSzRZ3UNusQfF6TnsHMB8GA1UdIwQY
MBaAFLMsnCbffM2K042JvV1JOAuTseAJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3l5Y0p0OTh6WXJUalltOVhVazRDNU94NEFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9kNWRhMGMtOWNmMy00ZjhiLWE1NjIt
Y2IxMWJjNWIyZjFiLzEvTlhySkVfQVNHMUxORm5kUTI2eEI4WHBPZXdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9kNWRhMGMtOWNmMy00ZjhiLWE1NjItY2IxMWJjNWIyZjFi
LzEvc3l5Y0p0OTh6WXJUalltOVhVazRDNU94NEFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBIBAIAATBCAwQALQs4AwQA
LQs7AwQBLYauAwQCW96sAwQBW+rGAwQBsGF4AwQAsGF9AwQAuf7HAwQBwirOAwQB
wxpWAwQCw6DcMA0EAgACMAcDBQAqCS3BMA0GCSqGSIb3DQEBCwUAA4IBAQAid1w1
Ojlq2ZLvq/Ech/jJk55wYfQsDrIQVp9TtMbLh+zWXerfjdRCriAK5fQfvEm+Yw6A
PNU2y6UlMKe9OyVYMI6994TH+EyH1LkM55+GMEuIjmDVpMwA4uD3sdOPzkTiYpHu
p/UfAG7v2+/ws14+RSd99+FWfc+0bptpyNUiSQezV/aLXFJKNefIcjNISFDPtywh
I836vi3/Zrqd96M4H5Gp8OPiWBLacviPnQjzObEmjq/vxFz1Ji/uTbT12CDM8RKt
JGfD/GWmWwL2l9Suqocmjc3ZgdTti6OuW4w20nYuu1ETsw6BPW4AjtDVIzUH8DLE
HLca17Uh/9UxqRP3
-----END CERTIFICATE-----
Generated at Thu Jun 27 00:14:25 2024 by rpki-client on console-fra.rpki-client.org