Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/nz74E1Q9tzPczyT7z4x4H4M3NXk.roa
File: nz74E1Q9tzPczyT7z4x4H4M3NXk.roa (raw, json)
Hash identifier: HdufO23z11B0yq8+eCmKncVuVLl8rn3HJjYnNLYiWZE=
Subject key identifier: 9F:3E:F8:13:54:3D:B7:33:DC:CF:24:FB:CF:8C:78:1F:83:37:35:79
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018F3A06D3EBCC36EB7414A85A52AFBB7F3D
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/nz74E1Q9tzPczyT7z4x4H4M3NXk.roa
Signing time: Thu 02 May 2024 15:57:57 +0000
ROA not before: Thu 02 May 2024 15:57:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202636
IP address blocks: 37.32.96.0/23 maxlen: 23
45.90.238.0/24 maxlen: 24
45.134.87.0/24 maxlen: 24
93.189.121.0/24 maxlen: 24
93.189.122.0/24 maxlen: 24
185.150.77.0/24 maxlen: 24
185.150.78.0/23 maxlen: 23
185.179.233.0/24 maxlen: 24
185.179.235.0/24 maxlen: 24
185.191.44.0/22 maxlen: 22
185.199.55.0/24 maxlen: 24
185.218.18.0/24 maxlen: 24
185.227.205.0/24 maxlen: 24
185.239.254.0/24 maxlen: 24
185.248.200.0/22 maxlen: 24
185.252.44.0/22 maxlen: 22
194.35.41.0/24 maxlen: 24
194.41.116.0/23 maxlen: 23
194.41.118.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 06 May 2024 18:36:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:3a:06:d3:eb:cc:36:eb:74:14:a8:5a:52:af:bb:7f:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: May 2 15:57:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9f3ef813543db733dccf24fbcf8c781f83373579
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:6b:37:1b:8b:e7:48:a0:ed:9e:f9:62:f0:b2:
16:35:0a:13:10:60:2c:70:8d:c6:88:ba:62:b9:2e:
f2:f3:bb:1c:df:61:4c:ff:fb:13:c2:6b:3d:ed:62:
b4:0c:62:b6:f7:c5:c5:4c:4b:d0:75:6c:b6:fc:81:
83:40:3b:ec:7e:de:68:d1:df:c6:a2:d1:40:4a:76:
18:80:5d:b1:45:01:da:d6:95:63:bd:49:b3:17:61:
0e:2b:87:07:8a:b6:f5:8d:49:ae:a3:82:29:d0:3c:
04:2a:ed:3b:d9:e8:ca:5b:4d:c6:2b:ef:e8:51:ba:
d7:4a:40:b0:d7:f3:53:ec:7e:1e:48:92:c1:49:7f:
d8:4c:8d:57:cb:cd:2a:36:57:bd:57:00:08:05:e4:
a3:47:c2:c3:85:b7:5b:96:a6:c2:38:d6:4a:55:0e:
e9:01:57:f0:f9:38:a7:ac:3e:29:82:7e:94:98:e7:
fb:40:fe:2a:2b:9b:d2:45:5e:28:d7:75:c0:32:a2:
47:df:cb:e1:1d:4c:db:84:57:ab:72:5d:c3:65:67:
4b:bc:68:87:53:16:a1:a7:f7:18:c0:b7:78:f8:0f:
11:48:d5:72:a0:8c:5e:06:0d:11:ff:60:a1:97:91:
bb:38:92:41:52:3c:ce:65:d0:d8:6f:39:fb:fd:a9:
b1:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:3E:F8:13:54:3D:B7:33:DC:CF:24:FB:CF:8C:78:1F:83:37:35:79
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/nz74E1Q9tzPczyT7z4x4H4M3NXk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.32.96.0/23
45.90.238.0/24
45.134.87.0/24
93.189.121.0-93.189.122.255
185.150.77.0-185.150.79.255
185.179.233.0/24
185.179.235.0/24
185.191.44.0/22
185.199.55.0/24
185.218.18.0/24
185.227.205.0/24
185.239.254.0/24
185.248.200.0/22
185.252.44.0/22
194.35.41.0/24
194.41.116.0/22
Signature Algorithm: sha256WithRSAEncryption
49:4d:09:1d:47:3d:13:35:70:74:da:3b:16:e9:9d:c7:73:8c:
d4:41:60:71:f6:16:fa:9c:68:49:49:d4:f3:f7:fe:fd:11:84:
54:5f:30:16:63:d4:b5:22:cd:7f:ae:d8:fc:ef:45:c7:46:63:
ec:7d:86:fd:69:a5:2c:30:46:92:37:32:ea:19:69:eb:bf:51:
f1:55:43:95:20:5d:ae:b6:96:a5:f4:15:f7:8f:94:19:8f:49:
90:b1:81:f4:e8:32:e0:21:49:28:93:31:fb:34:11:40:4b:80:
24:3f:d2:9e:0b:f7:cb:2e:5d:25:ea:84:e2:f3:f7:67:41:a1:
fd:cb:b6:f9:b0:a1:61:30:81:0a:a4:ba:3c:a8:da:78:dd:7b:
2d:ed:1d:a3:13:e5:89:e9:9e:e4:fb:80:e6:a0:14:77:c0:5a:
23:de:23:f6:b3:88:6d:b9:33:26:8b:63:0f:3b:d0:77:24:e4:
58:9e:ba:11:df:86:f7:6d:81:b8:a5:ad:25:9a:62:c4:63:47:
e4:ff:6d:d9:f1:1d:bc:70:bf:af:6b:fd:1f:28:fd:dd:7b:6e:
98:55:af:12:bf:22:d8:0a:0f:be:10:81:d3:82:08:07:24:ac:
f6:dd:d4:83:08:f2:45:1a:00:09:1c:f9:19:f7:38:98:f6:a7:
99:8d:f2:00
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgISAY86BtPrzDbrdBSoWlKvu389MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwNTAyMTU1NzU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjNlZjgxMzU0M2RiNzMzZGNjZjI0ZmJjZjhjNzgxZjgzMzczNTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmms3G4vnSKDtnvli8LIWNQoTEGAs
cI3GiLpiuS7y87sc32FM//sTwms97WK0DGK298XFTEvQdWy2/IGDQDvsft5o0d/G
otFASnYYgF2xRQHa1pVjvUmzF2EOK4cHirb1jUmuo4Ip0DwEKu072ejKW03GK+/o
UbrXSkCw1/NT7H4eSJLBSX/YTI1Xy80qNle9VwAIBeSjR8LDhbdblqbCONZKVQ7p
AVfw+TinrD4pgn6UmOf7QP4qK5vSRV4o13XAMqJH38vhHUzbhFercl3DZWdLvGiH
Uxahp/cYwLd4+A8RSNVyoIxeBg0R/2Chl5G7OJJBUjzOZdDYbzn7/amxXQIDAQAB
o4ICdDCCAnAwHQYDVR0OBBYEFJ8++BNUPbcz3M8k+8+MeB+DNzV5MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvbno3NEUxUTl0elBjenlUN3o0eDRINE0zTlhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGJBggrBgEFBQcBBwEB/wR6MHgwdgQCAAEwcAMEASUgYAME
AC1a7gMEAC2GVzAMAwQAXb15AwQAXb16MAwDBAC5lk0DBAS5lkADBAC5s+kDBAC5
s+sDBAK5vywDBAC5xzcDBAC52hIDBAC5480DBAC57/4DBAK5+MgDBAK5/CwDBADC
IykDBALCKXQwDQYJKoZIhvcNAQELBQADggEBAElNCR1HPRM1cHTaOxbpncdzjNRB
YHH2FvqcaElJ1PP3/v0RhFRfMBZj1LUizX+u2PzvRcdGY+x9hv1ppSwwRpI3MuoZ
aeu/UfFVQ5UgXa62lqX0FfePlBmPSZCxgfToMuAhSSiTMfs0EUBLgCQ/0p4L98su
XSXqhOLz92dBof3LtvmwoWEwgQqkujyo2njdey3tHaMT5YnpnuT7gOagFHfAWiPe
I/aziG25MyaLYw870Hck5FieuhHfhvdtgbilrSWaYsRjR+T/bdnxHbxwv69r/R8o
/d17bphVrxK/ItgKD74QgdOCCAckrPbd1IMI8kUaAAkc+Rn3OJj2p5mN8gA=
-----END CERTIFICATE-----
Generated at Mon May 6 21:52:08 2024 by rpki-client on console-ams.rpki-client.org