Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/48cbcb-50de-4838-a887-7e451c80d56f/1/ntV--_DRi9Eiyh3-RvE0xAw8joM.roa
File: ntV--_DRi9Eiyh3-RvE0xAw8joM.roa (raw, json)
Hash identifier: 7rvNjdP11Lr5+vSQKlu1daynRDPiAtiIcLIBX4cL7i8=
Subject key identifier: 9E:D5:7E:FB:F0:D1:8B:D1:22:CA:1D:FE:46:F1:34:C4:0C:3C:8E:83
Certificate issuer: /CN=0330d772ba83225bed588ccd1c5c96af03b3770f
Certificate serial: 018CC3B6F34F9B129FBFC7D689D72D6C0AF3
Authority key identifier: 03:30:D7:72:BA:83:22:5B:ED:58:8C:CD:1C:5C:96:AF:03:B3:77:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AzDXcrqDIlvtWIzNHFyWrwOzdw8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/48cbcb-50de-4838-a887-7e451c80d56f/1/ntV--_DRi9Eiyh3-RvE0xAw8joM.roa
Signing time: Mon 01 Jan 2024 06:29:56 +0000
ROA not before: Mon 01 Jan 2024 06:29:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50920
IP address blocks: 185.64.62.0/23 maxlen: 24
185.64.60.0/24 maxlen: 24
185.64.60.0/22 maxlen: 22
193.28.229.0/24 maxlen: 24
92.39.160.0/22 maxlen: 22
92.39.160.0/20 maxlen: 22
193.151.60.0/22 maxlen: 24
193.28.91.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 13 Mar 2024 17:24:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:f3:4f:9b:12:9f:bf:c7:d6:89:d7:2d:6c:0a:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0330d772ba83225bed588ccd1c5c96af03b3770f
Validity
Not Before: Jan 1 06:29:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9ed57efbf0d18bd122ca1dfe46f134c40c3c8e83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:53:2e:da:86:06:51:30:1f:c5:66:f1:90:4a:
22:82:4d:7f:c8:de:83:af:f3:5d:a7:c5:73:47:53:
f2:f2:42:8b:9d:05:21:b9:f0:4f:3b:ba:d3:da:c1:
bc:9e:37:d1:c2:f6:82:41:49:ba:a0:ba:41:c3:87:
c0:51:f9:e6:69:9c:cc:5c:77:65:1f:26:e1:f6:f3:
40:67:ad:de:70:38:ef:4a:16:48:d1:ad:6f:2a:48:
a5:d7:c8:e5:8a:7c:2e:0a:02:e4:6d:32:b5:91:67:
4b:07:a1:dc:d1:53:a2:4a:56:96:6e:c6:ac:4d:f9:
38:3c:6c:6f:c6:86:3c:8d:61:cc:e2:3f:ef:bd:fd:
1a:b2:5b:4d:ab:03:15:c7:40:0b:02:73:40:a2:b5:
46:ba:59:c7:39:0e:65:a4:29:b3:42:86:21:57:30:
1c:32:67:8c:f8:91:c3:a0:17:f4:5c:bb:07:30:af:
81:32:3f:24:ed:0f:45:0e:1d:a1:51:4c:82:11:7f:
70:be:18:9c:51:1e:e1:7f:e0:64:59:e9:75:f6:86:
ed:d9:53:51:7c:8c:79:43:76:21:7d:f2:2d:f1:fa:
9b:7f:01:b0:84:c6:65:95:4e:f8:89:f8:57:9b:05:
4b:ee:b3:01:21:8e:bc:1c:51:b4:fd:28:98:9f:90:
6e:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:D5:7E:FB:F0:D1:8B:D1:22:CA:1D:FE:46:F1:34:C4:0C:3C:8E:83
X509v3 Authority Key Identifier:
keyid:03:30:D7:72:BA:83:22:5B:ED:58:8C:CD:1C:5C:96:AF:03:B3:77:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AzDXcrqDIlvtWIzNHFyWrwOzdw8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/48cbcb-50de-4838-a887-7e451c80d56f/1/ntV--_DRi9Eiyh3-RvE0xAw8joM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/48cbcb-50de-4838-a887-7e451c80d56f/1/AzDXcrqDIlvtWIzNHFyWrwOzdw8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.39.160.0/20
185.64.60.0/22
193.28.91.0/24
193.28.229.0/24
193.151.60.0/22
Signature Algorithm: sha256WithRSAEncryption
dd:89:af:de:bd:46:20:12:84:72:d1:08:90:e1:3c:0a:d1:a0:
46:9e:ef:f1:fb:3e:a4:4a:d9:4c:7c:d7:26:4d:63:92:27:ad:
f4:d4:f4:3b:8c:ed:b7:f2:ba:36:74:b5:37:d5:20:e5:52:89:
45:c3:30:c6:fb:83:40:a4:81:46:1e:ec:73:6f:27:fd:4d:36:
cd:8f:ee:a6:a1:91:fb:9c:4a:a8:7d:97:4b:7b:3a:0e:9e:c8:
eb:71:b0:81:d9:84:cc:12:59:79:a1:78:d9:d9:7b:fa:f7:3f:
a9:0b:31:08:d2:48:f5:32:bc:71:f8:c1:3a:7a:33:b6:9b:00:
8a:26:e4:89:27:f3:ca:6b:6e:16:7b:9c:7f:92:42:68:00:7d:
10:c8:b6:67:08:7a:4a:94:ea:b5:7c:e9:51:43:02:47:5c:dd:
71:cd:47:7a:ff:c9:e8:bd:e8:3a:55:14:b6:9d:b0:a3:40:e1:
2e:a8:36:64:f5:96:26:11:a5:e5:19:e4:28:71:6b:ab:36:64:
75:02:cf:b1:97:48:87:3d:45:13:08:49:09:f8:43:ed:4c:0e:
f9:79:d4:cf:7b:80:d0:e5:59:e9:1a:37:d1:ad:8a:58:53:e2:
f4:e6:34:f8:b8:4c:10:db:e9:7f:1b:6a:e7:7a:8e:1e:1b:ba:
d6:09:c8:f5
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzDtvNPmxKfv8fWidctbArzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzMzBkNzcyYmE4MzIyNWJlZDU4OGNjZDFjNWM5NmFmMDNi
Mzc3MGYwHhcNMjQwMTAxMDYyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWQ1N2VmYmYwZDE4YmQxMjJjYTFkZmU0NmYxMzRjNDBjM2M4ZTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAklMu2oYGUTAfxWbxkEoigk1/yN6D
r/Ndp8VzR1Py8kKLnQUhufBPO7rT2sG8njfRwvaCQUm6oLpBw4fAUfnmaZzMXHdl
Hybh9vNAZ63ecDjvShZI0a1vKkil18jlinwuCgLkbTK1kWdLB6Hc0VOiSlaWbsas
Tfk4PGxvxoY8jWHM4j/vvf0asltNqwMVx0ALAnNAorVGulnHOQ5lpCmzQoYhVzAc
MmeM+JHDoBf0XLsHMK+BMj8k7Q9FDh2hUUyCEX9wvhicUR7hf+BkWel19obt2VNR
fIx5Q3YhffIt8fqbfwGwhMZllU74ifhXmwVL7rMBIY68HFG0/SiYn5BulwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJ7Vfvvw0YvRIsod/kbxNMQMPI6DMB8GA1UdIwQY
MBaAFAMw13K6gyJb7ViMzRxclq8Ds3cPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXpEWGNycURJbHZ0V0l6TkhGeVdyd096ZHc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS80OGNiY2ItNTBkZS00ODM4LWE4ODct
N2U0NTFjODBkNTZmLzEvbnRWLS1fRFJpOUVpeWgzLVJ2RTB4QXc4am9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS80OGNiY2ItNTBkZS00ODM4LWE4ODctN2U0NTFjODBkNTZm
LzEvQXpEWGNycURJbHZ0V0l6TkhGeVdyd096ZHc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQEXCegAwQC
uUA8AwQAwRxbAwQAwRzlAwQCwZc8MA0GCSqGSIb3DQEBCwUAA4IBAQDdia/evUYg
EoRy0QiQ4TwK0aBGnu/x+z6kStlMfNcmTWOSJ6301PQ7jO238ro2dLU31SDlUolF
wzDG+4NApIFGHuxzbyf9TTbNj+6moZH7nEqofZdLezoOnsjrcbCB2YTMEll5oXjZ
2Xv69z+pCzEI0kj1Mrxx+ME6ejO2mwCKJuSJJ/PKa24We5x/kkJoAH0QyLZnCHpK
lOq1fOlRQwJHXN1xzUd6/8noveg6VRS2nbCjQOEuqDZk9ZYmEaXlGeQocWurNmR1
As+xl0iHPUUTCEkJ+EPtTA75edTPe4DQ5VnpGjfRrYpYU+L05jT4uEwQ2+l/G2rn
eo4eG7rWCcj1
-----END CERTIFICATE-----
Generated at Sat Apr 19 11:36:24 2025 by rpki-client