Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/N8Uy-NMmyzJAocYePspP2EOx9Mw.roa
File: N8Uy-NMmyzJAocYePspP2EOx9Mw.roa (raw, json)
Hash identifier: i7cXAyRdmJApewLulODPVP0QRzeSFl8u2RHgP8DNSXg=
Subject key identifier: 37:C5:32:F8:D3:26:CB:32:40:A1:C6:1E:3E:CA:4F:D8:43:B1:F4:CC
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 019058660214E1790A02A6F9747515F16B3E
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/N8Uy-NMmyzJAocYePspP2EOx9Mw.roa
Signing time: Thu 27 Jun 2024 06:33:18 +0000
ROA not before: Thu 27 Jun 2024 06:33:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209854
IP address blocks: 45.141.232.0/24 maxlen: 24
45.141.235.0/24 maxlen: 24
91.92.47.0/24 maxlen: 24
93.152.205.0/24 maxlen: 24
93.152.206.0/24 maxlen: 24
93.152.209.0/24 maxlen: 24
93.152.210.0/24 maxlen: 24
93.152.211.0/24 maxlen: 24
93.152.212.0/24 maxlen: 24
93.152.213.0/24 maxlen: 24
93.152.214.0/24 maxlen: 24
93.152.215.0/24 maxlen: 24
93.152.216.0/24 maxlen: 24
93.152.220.0/24 maxlen: 24
93.152.221.0/24 maxlen: 24
93.152.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 05 Aug 2024 12:26:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:58:66:02:14:e1:79:0a:02:a6:f9:74:75:15:f1:6b:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Jun 27 06:33:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=37c532f8d326cb3240a1c61e3eca4fd843b1f4cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:1c:49:f2:e0:19:37:c9:d9:f6:50:b4:8b:75:
32:d0:08:ce:d4:74:08:73:45:c6:b1:7f:8b:80:0a:
c0:da:f6:78:05:fc:04:9b:e6:85:8f:66:24:3d:ee:
6e:73:a5:ca:97:32:6a:8b:fc:05:be:6f:7c:65:a6:
97:07:2a:cd:b0:cd:ba:f9:58:31:43:d4:9b:82:a5:
d5:e3:ac:d8:ca:24:c4:7f:9a:ed:39:87:7f:3f:8c:
04:dc:f0:b3:ec:34:86:c0:5f:a0:78:0d:9a:8b:88:
15:a5:47:be:80:31:a5:2f:2f:89:7c:94:06:ed:a3:
fa:08:a9:f8:83:e1:c0:2b:6b:cf:08:0e:81:45:fb:
2e:c1:16:a0:34:82:44:58:bf:84:6d:50:80:95:60:
4e:69:e6:a2:7c:ca:54:1c:a6:38:30:6e:e5:f1:46:
1e:a0:59:c1:a7:c7:d6:a0:c6:84:4a:ee:65:b7:f9:
35:58:82:8d:4c:65:e6:5e:2a:1b:f5:d6:ed:54:12:
cd:22:ca:51:65:06:cc:01:3f:8b:bf:ea:f2:0e:4f:
70:73:42:d1:c9:17:63:7b:54:8b:83:8f:72:45:bc:
bc:6f:87:33:1b:4d:b9:75:57:89:7f:17:b2:db:90:
12:45:7d:63:d9:49:60:ca:7d:d4:d3:db:ad:dc:d4:
eb:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:C5:32:F8:D3:26:CB:32:40:A1:C6:1E:3E:CA:4F:D8:43:B1:F4:CC
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/N8Uy-NMmyzJAocYePspP2EOx9Mw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.232.0/24
45.141.235.0/24
91.92.47.0/24
93.152.205.0-93.152.206.255
93.152.209.0-93.152.216.255
93.152.220.0/23
93.152.223.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:02:bb:e8:4b:3e:b7:86:4a:86:b8:fb:ee:1d:7e:28:70:1d:
58:3b:7d:28:a6:aa:dd:5d:19:a1:b7:b0:9f:e8:7c:08:b5:1e:
4b:db:a5:d3:70:dc:c8:3f:af:5e:ad:12:6c:16:9e:a6:6a:3e:
ea:bb:9c:c3:ec:92:93:7f:a5:a1:e4:52:9e:df:fa:8c:09:ec:
76:63:7c:48:c0:df:d7:c9:de:76:a4:53:da:ab:35:cb:67:b0:
24:39:34:34:cd:49:fc:76:59:f8:48:f0:5a:42:3a:0b:47:43:
8c:74:ec:14:cb:9b:ce:4f:15:8b:5a:69:a1:b3:99:0d:b8:e7:
94:fb:e3:eb:45:4b:67:89:99:1a:86:cf:34:fc:6c:0d:0f:a1:
48:04:a9:cb:9d:26:5a:a0:b4:1a:4f:74:11:73:6a:9f:fb:c6:
f5:4d:6f:6d:0c:00:d5:45:8f:60:eb:8f:09:05:27:b5:26:89:
3f:d2:65:22:02:99:ed:c5:a8:ab:dc:fc:2c:21:62:48:0a:41:
1a:75:07:43:0d:d1:9b:c6:05:3b:1c:7f:de:0c:8b:9b:bf:e0:
10:8e:a5:06:33:68:90:c3:bf:0e:d3:b2:25:a8:ed:f1:cf:9a:
b7:77:2c:44:d3:0b:96:48:60:a4:78:2d:09:d1:93:1e:80:4d:
c7:43:e8:3e
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZBYZgIU4XkKAqb5dHUV8Ws+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjQwNjI3MDYzMzE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2M1MzJmOGQzMjZjYjMyNDBhMWM2MWUzZWNhNGZkODQzYjFmNGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoRxJ8uAZN8nZ9lC0i3Uy0AjO1HQI
c0XGsX+LgArA2vZ4BfwEm+aFj2YkPe5uc6XKlzJqi/wFvm98ZaaXByrNsM26+Vgx
Q9SbgqXV46zYyiTEf5rtOYd/P4wE3PCz7DSGwF+geA2ai4gVpUe+gDGlLy+JfJQG
7aP6CKn4g+HAK2vPCA6BRfsuwRagNIJEWL+EbVCAlWBOaeaifMpUHKY4MG7l8UYe
oFnBp8fWoMaESu5lt/k1WIKNTGXmXiob9dbtVBLNIspRZQbMAT+Lv+ryDk9wc0LR
yRdje1SLg49yRby8b4czG025dVeJfxey25ASRX1j2Ulgyn3U09ut3NTryQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFDfFMvjTJssyQKHGHj7KT9hDsfTMMB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvTjhVeS1OTW15ekpBb2NZZVBzcFAyRU94OU13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAATA6AwQALY3oAwQA
LY3rAwQAW1wvMAwDBABdmM0DBABdmM4wDAMEAF2Y0QMEAF2Y2AMEAV2Y3AMEAF2Y
3zANBgkqhkiG9w0BAQsFAAOCAQEAXwK76Es+t4ZKhrj77h1+KHAdWDt9KKaq3V0Z
obewn+h8CLUeS9ul03DcyD+vXq0SbBaepmo+6rucw+ySk3+loeRSnt/6jAnsdmN8
SMDf18nedqRT2qs1y2ewJDk0NM1J/HZZ+EjwWkI6C0dDjHTsFMubzk8Vi1ppobOZ
DbjnlPvj60VLZ4mZGobPNPxsDQ+hSASpy50mWqC0Gk90EXNqn/vG9U1vbQwA1UWP
YOuPCQUntSaJP9JlIgKZ7cWoq9z8LCFiSApBGnUHQw3Rm8YFOxx/3gyLm7/gEI6l
BjNokMO/DtOyJajt8c+at3csRNMLlkhgpHgtCdGTHoBNx0PoPg==
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:31:37 2025 by rpki-client