Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/NK9W9oZASh-lyW9n_TonLJgTBu0.roa
File: NK9W9oZASh-lyW9n_TonLJgTBu0.roa (raw, json)
Hash identifier: dxhvQBUcgkx84jtR9mnhRV4+w6mkVYwwmS+0ZWvYSZg=
Subject key identifier: 34:AF:56:F6:86:40:4A:1F:A5:C9:6F:67:FD:3A:27:2C:98:13:06:ED
Certificate issuer: /CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Certificate serial: 018F1C52E973B1A6C04114DEEF42E1E270B8
Authority key identifier: 48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/NK9W9oZASh-lyW9n_TonLJgTBu0.roa
Signing time: Fri 26 Apr 2024 21:32:26 +0000
ROA not before: Fri 26 Apr 2024 21:32:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209737
IP address blocks: 5.180.107.0/24 maxlen: 24
45.131.0.0/24 maxlen: 24
45.131.1.0/24 maxlen: 24
45.136.5.0/24 maxlen: 24
45.141.148.0/24 maxlen: 24
45.147.44.0/24 maxlen: 24
77.83.200.0/24 maxlen: 24
77.83.201.0/24 maxlen: 24
77.83.202.0/24 maxlen: 24
77.83.203.0/24 maxlen: 24
194.116.228.0/24 maxlen: 24
194.116.236.0/24 maxlen: 24
194.116.237.0/24 maxlen: 24
194.146.26.0/24 maxlen: 24
194.146.36.0/24 maxlen: 24
194.146.47.0/24 maxlen: 24
2a09:8780::/29 maxlen: 29
2a0f:b700::/29 maxlen: 29
2a0f:e900::/29 maxlen: 29
2a0f:eb00::/29 maxlen: 29
2a0f:ed00::/29 maxlen: 29
2a0f:f900::/29 maxlen: 29
2a13:a440::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 07 May 2024 20:56:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:1c:52:e9:73:b1:a6:c0:41:14:de:ef:42:e1:e2:70:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Validity
Not Before: Apr 26 21:32:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=34af56f686404a1fa5c96f67fd3a272c981306ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:fb:c3:cf:a9:58:2a:3d:4a:83:8b:6c:c4:0d:
db:3d:76:c5:52:59:9a:a4:45:86:42:a7:2c:af:fc:
86:69:e8:7b:d2:a3:9e:82:a9:95:90:ab:b0:8a:6e:
6e:4e:27:31:64:e4:a8:09:8a:38:c4:1f:51:94:11:
a5:30:e6:ee:03:6a:9b:f9:f9:2d:4c:77:25:98:4b:
ed:80:60:8b:2f:c0:7a:57:35:93:86:60:8d:38:a3:
f8:cf:f0:ce:96:85:dd:04:38:72:ac:aa:53:01:60:
81:c6:68:5f:9d:0a:c4:ac:0f:9e:5c:77:58:c3:7e:
19:f8:da:88:1e:84:c9:8a:29:88:f6:66:ee:3e:84:
8e:38:00:1d:39:74:f9:73:34:d0:34:75:0a:a8:72:
a6:95:bb:f6:dc:8e:3a:3d:ec:3f:b0:2e:40:bb:74:
e4:55:56:db:ed:32:80:22:a6:46:e8:9c:6f:80:13:
59:61:76:74:d8:ce:12:d7:28:38:87:57:0d:de:8b:
7b:d1:f2:f5:1c:d6:4f:0f:ed:0b:58:d3:45:ab:6a:
04:0b:7e:ab:9b:d7:90:bb:37:c7:d8:27:ac:08:fb:
cb:80:3b:15:68:ae:56:9c:e4:8a:ce:e8:6d:d4:81:
62:30:01:55:3d:08:6f:5a:45:64:ec:58:db:cb:47:
91:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:AF:56:F6:86:40:4A:1F:A5:C9:6F:67:FD:3A:27:2C:98:13:06:ED
X509v3 Authority Key Identifier:
keyid:48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/NK9W9oZASh-lyW9n_TonLJgTBu0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.107.0/24
45.131.0.0/23
45.136.5.0/24
45.141.148.0/24
45.147.44.0/24
77.83.200.0/22
194.116.228.0/24
194.116.236.0/23
194.146.26.0/24
194.146.36.0/24
194.146.47.0/24
IPv6:
2a09:8780::/29
2a0f:b700::/29
2a0f:e900::/29
2a0f:eb00::/29
2a0f:ed00::/29
2a0f:f900::/29
2a13:a440::/29
Signature Algorithm: sha256WithRSAEncryption
44:ea:84:10:fe:9c:eb:f7:34:55:b5:2f:b6:d3:0b:62:e5:9c:
65:ac:58:d4:fa:b0:54:de:71:d1:bb:fb:a6:e9:ef:87:2e:2e:
b9:ac:32:98:68:0a:b7:4c:f4:f1:1e:3b:a6:48:2e:7c:6c:01:
d0:20:60:b4:ef:59:1a:d4:29:fd:e5:11:02:e9:cf:b4:e2:da:
9b:c2:d8:83:91:7c:80:f9:52:09:46:3a:14:e7:06:eb:cb:d5:
2f:fc:84:ff:04:db:de:22:8f:b2:d2:dc:68:ca:b6:bd:2a:a5:
77:63:5e:2d:25:2a:57:5b:82:76:5c:9d:66:07:d8:b4:32:85:
4e:b2:7c:55:bb:b0:c3:bd:5a:ab:49:f9:ff:d1:c8:0b:df:14:
a3:0a:00:22:cf:a1:86:79:2e:df:f2:de:76:54:4e:be:ae:7a:
81:36:35:fb:f5:f6:83:e4:b3:3f:ab:22:9c:dc:2b:7b:bf:d2:
d4:7b:18:98:d6:e6:a4:e9:54:c0:bc:c5:19:39:50:06:18:d8:
fb:7f:2c:e3:9a:8d:36:f9:16:29:e5:7a:a4:57:2e:de:56:e5:
fc:bc:00:8c:52:f0:ab:dc:9e:6b:de:ca:bc:31:21:20:c7:e3:
92:48:c8:0d:bd:82:68:f7:87:8f:4d:32:47:bf:f9:fe:b7:45:
0a:54:9b:78
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAY8cUulzsabAQRTe70Lh4nC4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MDVmMTdjMmQ3MTMzZDJkYWQzYThkZjdlMzUzMTVlMzdl
ZjVkYWYwHhcNMjQwNDI2MjEzMjI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGFmNTZmNjg2NDA0YTFmYTVjOTZmNjdmZDNhMjcyYzk4MTMwNmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAovvDz6lYKj1Kg4tsxA3bPXbFUlma
pEWGQqcsr/yGaeh70qOegqmVkKuwim5uTicxZOSoCYo4xB9RlBGlMObuA2qb+fkt
THclmEvtgGCLL8B6VzWThmCNOKP4z/DOloXdBDhyrKpTAWCBxmhfnQrErA+eXHdY
w34Z+NqIHoTJiimI9mbuPoSOOAAdOXT5czTQNHUKqHKmlbv23I46Pew/sC5Au3Tk
VVbb7TKAIqZG6JxvgBNZYXZ02M4S1yg4h1cN3ot70fL1HNZPD+0LWNNFq2oEC36r
m9eQuzfH2CesCPvLgDsVaK5WnOSKzuht1IFiMAFVPQhvWkVk7Fjby0eR7wIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFDSvVvaGQEofpclvZ/06JyyYEwbtMB8GA1UdIwQY
MBaAFEgF8XwtcTPS2tOo3341MV43712vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUt
NWRkNmUyMmViYWIwLzEvTks5VzlvWkFTaC1seVc5bl9Ub25MSmdUQnUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUtNWRkNmUyMmViYWIw
LzEvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzBIBAIAATBCAwQABbRr
AwQBLYMAAwQALYgFAwQALY2UAwQALZMsAwQCTVPIAwQAwnTkAwQBwnTsAwQAwpIa
AwQAwpIkAwQAwpIvMDcEAgACMDEDBQMqCYeAAwUDKg+3AAMFAyoP6QADBQMqD+sA
AwUDKg/tAAMFAyoP+QADBQMqE6RAMA0GCSqGSIb3DQEBCwUAA4IBAQBE6oQQ/pzr
9zRVtS+20wti5ZxlrFjU+rBU3nHRu/um6e+HLi65rDKYaAq3TPTxHjumSC58bAHQ
IGC071ka1Cn95REC6c+04tqbwtiDkXyA+VIJRjoU5wbry9Uv/IT/BNveIo+y0txo
yra9KqV3Y14tJSpXW4J2XJ1mB9i0MoVOsnxVu7DDvVqrSfn/0cgL3xSjCgAiz6GG
eS7f8t52VE6+rnqBNjX79faD5LM/qyKc3Ct7v9LUexiY1uak6VTAvMUZOVAGGNj7
fyzjmo02+RYp5XqkVy7eVuX8vACMUvCr3J5r3sq8MSEgx+OSSMgNvYJo94ePTTJH
v/n+t0UKVJt4
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:37:19 2025 by rpki-client