Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/NcGdYlf318Vee1tFjqMMoHcEn2w.roa
File: NcGdYlf318Vee1tFjqMMoHcEn2w.roa (raw, json)
Hash identifier: 8aVlRfsTwUspxFbdPoLMQzhCqAeI8D3u/piAL2GgsZM=
Subject key identifier: 35:C1:9D:62:57:F7:D7:C5:5E:7B:5B:45:8E:A3:0C:A0:77:04:9F:6C
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018ED91D1A4DFF3B4ED71B5EE7C5191C57D0
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/NcGdYlf318Vee1tFjqMMoHcEn2w.roa
Signing time: Sat 13 Apr 2024 20:19:06 +0000
ROA not before: Sat 13 Apr 2024 20:19:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202636
IP address blocks: 37.32.96.0/23 maxlen: 23
45.134.87.0/24 maxlen: 24
93.189.121.0/24 maxlen: 24
93.189.122.0/24 maxlen: 24
185.150.77.0/24 maxlen: 24
185.150.78.0/23 maxlen: 23
185.179.233.0/24 maxlen: 24
185.191.44.0/22 maxlen: 22
185.218.18.0/24 maxlen: 24
185.227.205.0/24 maxlen: 24
185.239.254.0/24 maxlen: 24
185.248.200.0/22 maxlen: 24
185.252.44.0/22 maxlen: 22
194.35.41.0/24 maxlen: 24
194.41.116.0/23 maxlen: 23
194.41.118.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 15 Apr 2024 13:33:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:d9:1d:1a:4d:ff:3b:4e:d7:1b:5e:e7:c5:19:1c:57:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Apr 13 20:19:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=35c19d6257f7d7c55e7b5b458ea30ca077049f6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:8c:52:e7:b3:8a:75:5e:3c:d3:c1:eb:30:b5:
b4:19:0f:28:7d:22:16:97:c7:65:9c:49:dd:55:cd:
ea:1a:33:78:dc:a6:a4:f0:3e:db:a3:91:db:e0:67:
b3:9a:97:fb:4c:60:a1:32:7f:ea:d7:00:cd:cc:6f:
f4:1d:61:ab:0f:bb:e8:6a:71:57:d4:87:ff:58:f0:
94:8e:29:3f:57:ca:e3:4c:30:3b:1c:5f:bf:a6:00:
76:69:4d:77:5d:14:48:7a:d9:c3:1f:61:1c:d1:38:
ef:3c:20:c5:3f:d6:61:3b:ab:fb:82:7c:31:b6:55:
c8:97:4e:b9:73:b7:e7:c6:ee:27:6a:34:28:3e:32:
1d:dc:81:ad:ed:da:18:94:a9:70:91:fe:38:83:de:
a6:03:28:b5:26:de:87:0d:e3:05:a2:64:e4:14:ea:
c2:c1:6b:06:83:6c:79:e3:37:68:16:d0:af:9a:cb:
93:bd:1b:f1:28:39:d3:8d:a4:22:ef:a1:56:6a:b0:
59:41:88:e9:7c:b9:40:f1:e0:f2:f8:9b:d7:87:52:
88:1c:f0:20:ec:6f:c4:67:27:eb:f2:96:9f:ea:9e:
15:97:e0:e3:a0:95:48:ba:a9:06:bb:d9:77:7c:c3:
86:c3:c7:34:76:10:af:b3:8e:02:35:a1:af:db:2a:
c7:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:C1:9D:62:57:F7:D7:C5:5E:7B:5B:45:8E:A3:0C:A0:77:04:9F:6C
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/NcGdYlf318Vee1tFjqMMoHcEn2w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.32.96.0/23
45.134.87.0/24
93.189.121.0-93.189.122.255
185.150.77.0-185.150.79.255
185.179.233.0/24
185.191.44.0/22
185.218.18.0/24
185.227.205.0/24
185.239.254.0/24
185.248.200.0/22
185.252.44.0/22
194.35.41.0/24
194.41.116.0/22
Signature Algorithm: sha256WithRSAEncryption
8f:7a:85:ce:32:f8:73:87:83:bd:a0:3b:8e:d7:7a:42:0b:a1:
53:85:6b:ef:e1:59:db:b4:e3:92:c1:61:2c:16:1c:d7:e5:11:
e5:fe:9d:61:00:30:02:26:c2:2a:12:e6:46:d5:5f:49:c6:10:
ca:ef:eb:ac:fc:82:9e:e1:62:28:a9:68:01:7c:74:41:0f:96:
76:15:85:73:00:00:76:50:e0:4c:1f:f4:36:c0:3a:83:ef:51:
32:05:7f:bf:ec:ac:37:36:d0:cb:11:e4:85:ff:36:a4:62:44:
95:ef:0a:52:f7:0f:59:63:9e:a3:4e:8a:4d:2d:ef:cf:85:46:
cb:9f:fb:2a:06:b2:15:c0:88:01:31:37:ab:e9:43:2f:8a:07:
54:1a:19:5a:8f:76:03:23:9f:57:1b:95:09:38:52:63:75:43:
8d:e5:ab:5e:2c:9d:15:fb:30:2a:67:1b:52:06:2d:09:2f:d4:
99:23:a8:62:aa:fc:25:0d:a3:8e:bf:19:b5:99:de:9a:20:7f:
0a:38:39:0b:ae:c9:f0:9c:b3:a3:55:eb:2e:48:b8:ba:fc:7c:
93:52:69:b9:2b:f7:60:c7:c0:ea:18:d5:3b:12:4a:46:96:24:
7d:80:a7:2c:59:16:6f:fc:99:bb:53:8a:14:e6:c2:31:03:0f:
90:fe:db:86
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAY7ZHRpN/ztO1xte58UZHFfQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwNDEzMjAxOTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWMxOWQ2MjU3ZjdkN2M1NWU3YjViNDU4ZWEzMGNhMDc3MDQ5ZjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhoxS57OKdV4808HrMLW0GQ8ofSIW
l8dlnEndVc3qGjN43Kak8D7bo5Hb4Gezmpf7TGChMn/q1wDNzG/0HWGrD7voanFX
1If/WPCUjik/V8rjTDA7HF+/pgB2aU13XRRIetnDH2Ec0TjvPCDFP9ZhO6v7gnwx
tlXIl065c7fnxu4najQoPjId3IGt7doYlKlwkf44g96mAyi1Jt6HDeMFomTkFOrC
wWsGg2x54zdoFtCvmsuTvRvxKDnTjaQi76FWarBZQYjpfLlA8eDy+JvXh1KIHPAg
7G/EZyfr8paf6p4Vl+DjoJVIuqkGu9l3fMOGw8c0dhCvs44CNaGv2yrHKQIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFDXBnWJX99fFXntbRY6jDKB3BJ9sMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvTmNHZFlsZjMxOFZlZTF0RmpxTU1vSGNFbjJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBkBAIAATBeAwQBJSBgAwQA
LYZXMAwDBABdvXkDBABdvXowDAMEALmWTQMEBLmWQAMEALmz6QMEArm/LAMEALna
EgMEALnjzQMEALnv/gMEArn4yAMEArn8LAMEAMIjKQMEAsIpdDANBgkqhkiG9w0B
AQsFAAOCAQEAj3qFzjL4c4eDvaA7jtd6QguhU4Vr7+FZ27TjksFhLBYc1+UR5f6d
YQAwAibCKhLmRtVfScYQyu/rrPyCnuFiKKloAXx0QQ+WdhWFcwAAdlDgTB/0NsA6
g+9RMgV/v+ysNzbQyxHkhf82pGJEle8KUvcPWWOeo06KTS3vz4VGy5/7KgayFcCI
ATE3q+lDL4oHVBoZWo92AyOfVxuVCThSY3VDjeWrXiydFfswKmcbUgYtCS/UmSOo
Yqr8JQ2jjr8ZtZnemiB/Cjg5C67J8Jyzo1XrLki4uvx8k1JpuSv3YMfA6hjVOxJK
RpYkfYCnLFkWb/yZu1OKFObCMQMPkP7bhg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:41 2024 by rpki-client on console-fra.rpki-client.org