Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/NSEOSQb9fyNEVe6dCee7G0XWWC8.roa
File: NSEOSQb9fyNEVe6dCee7G0XWWC8.roa (raw, json)
Hash identifier: SnVhVhu/myTpbGlTbKewGJVVIofuhP/cY/wLHbPNmpQ=
Subject key identifier: 35:21:0E:49:06:FD:7F:23:44:55:EE:9D:09:E7:BB:1B:45:D6:58:2F
Certificate issuer: /CN=bd3668628f0df79d047eca0d9adcfc0b6693e309
Certificate serial: 0187ECC1A13DE019DCB6541A55DE4E666C36
Authority key identifier: BD:36:68:62:8F:0D:F7:9D:04:7E:CA:0D:9A:DC:FC:0B:66:93:E3:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vTZoYo8N950EfsoNmtz8C2aT4wk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/NSEOSQb9fyNEVe6dCee7G0XWWC8.roa
Signing time: Fri 05 May 2023 16:32:05 +0000
ROA not before: Fri 05 May 2023 16:32:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201206
IP address blocks: 185.82.21.0/24 maxlen: 24
185.82.20.0/24 maxlen: 24
185.82.23.0/24 maxlen: 24
185.82.22.0/24 maxlen: 24
83.171.236.0/24 maxlen: 24
83.171.238.0/24 maxlen: 24
83.171.237.0/24 maxlen: 24
83.171.239.0/24 maxlen: 24
185.185.24.0/24 maxlen: 24
185.185.25.0/24 maxlen: 24
185.185.26.0/24 maxlen: 24
185.185.27.0/24 maxlen: 24
45.95.224.0/24 maxlen: 24
193.57.61.0/24 maxlen: 24
193.57.60.0/24 maxlen: 24
193.57.63.0/24 maxlen: 24
193.57.62.0/24 maxlen: 24
2a05:8b80::/29 maxlen: 29
Validation: Failed, certificate revoked on Sun 07 May 2023 21:14:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:ec:c1:a1:3d:e0:19:dc:b6:54:1a:55:de:4e:66:6c:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd3668628f0df79d047eca0d9adcfc0b6693e309
Validity
Not Before: May 5 16:32:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=35210e4906fd7f234455ee9d09e7bb1b45d6582f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:a5:1c:ec:91:fe:a8:dd:d9:37:b2:5a:9e:96:
82:da:b7:70:b9:87:35:53:1d:19:fe:5a:ec:8e:ee:
62:7a:5e:cb:58:4c:18:eb:85:27:6c:84:3c:39:52:
1b:0b:32:1c:0c:98:35:e1:5a:26:e0:a7:95:27:2b:
6b:bb:0b:a1:73:d4:16:dc:6a:c2:f9:d5:36:35:e3:
b8:4e:32:95:60:87:f3:18:74:44:f0:19:5e:d8:18:
e2:90:12:3d:f8:4c:ee:54:23:6b:54:02:ef:92:3b:
5f:88:ee:26:fe:7b:bc:ee:ff:c6:e2:8d:c1:21:7b:
f5:b6:35:4f:d9:e0:f8:a0:b8:d7:06:1f:ef:e3:39:
26:da:d2:be:24:a2:a8:58:24:55:16:15:bb:da:98:
06:b9:c3:1e:ae:95:95:2d:a9:5a:4d:c8:c5:67:e6:
45:1b:09:d2:ea:ce:53:79:45:c3:9b:e8:10:f0:8c:
b9:52:81:a9:b9:64:7c:68:e7:74:aa:89:63:b3:73:
63:15:b8:ab:a9:9b:6c:4a:db:58:c9:c4:5e:56:1a:
b0:42:c0:1c:84:53:1e:6b:4d:61:de:be:76:2c:66:
54:e3:58:2c:0e:a8:28:16:bc:41:77:0b:15:2d:e9:
19:e9:f7:78:19:eb:3c:14:16:e6:01:90:fa:27:0b:
1c:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:21:0E:49:06:FD:7F:23:44:55:EE:9D:09:E7:BB:1B:45:D6:58:2F
X509v3 Authority Key Identifier:
keyid:BD:36:68:62:8F:0D:F7:9D:04:7E:CA:0D:9A:DC:FC:0B:66:93:E3:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vTZoYo8N950EfsoNmtz8C2aT4wk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/NSEOSQb9fyNEVe6dCee7G0XWWC8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/vTZoYo8N950EfsoNmtz8C2aT4wk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.224.0/24
83.171.236.0/22
185.82.20.0/22
185.185.24.0/22
193.57.60.0/22
IPv6:
2a05:8b80::/29
Signature Algorithm: sha256WithRSAEncryption
30:46:cd:eb:a3:19:c5:fe:b9:c0:a3:58:89:28:c4:d6:2c:fb:
8d:26:79:67:93:5b:1a:c1:77:c8:ed:dc:19:81:92:ec:a5:0c:
a1:c1:d5:88:45:2c:6a:f2:1b:c1:60:61:97:c4:38:4c:05:3a:
f5:f1:2f:ec:23:e6:d3:a9:53:66:32:2e:ba:15:dc:a0:36:09:
5a:42:48:8f:e5:61:24:f9:fc:2f:d8:96:80:3c:cc:f0:9d:74:
24:73:fc:23:84:e0:33:10:0e:2d:99:4c:d9:2a:e7:c5:99:66:
d4:14:b6:b4:f3:e0:e1:23:da:cf:08:24:eb:80:05:93:46:53:
7e:5e:2f:f0:d2:ac:78:ff:4e:1f:66:a6:8f:c9:4e:ec:2a:b9:
f7:dd:1a:cd:52:79:fb:77:af:48:44:31:bb:16:38:b2:9e:f7:
6b:d9:74:16:aa:a4:4e:07:2b:d2:f9:ec:5e:57:b9:b9:78:62:
c1:2d:45:33:21:a0:69:32:aa:4a:e2:e9:5b:27:09:3a:36:37:
8f:c2:85:a3:e2:a7:72:cf:46:d0:cf:03:52:02:52:05:24:67:
f2:74:d5:2b:36:ea:39:b9:8f:bf:af:36:a7:99:63:ea:a1:16:
13:fc:ce:dd:35:d2:6d:3e:fd:c2:bf:9e:8e:20:ef:aa:b6:d3:
c8:00:12:cb
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYfswaE94BnctlQaVd5OZmw2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkMzY2ODYyOGYwZGY3OWQwNDdlY2EwZDlhZGNmYzBiNjY5
M2UzMDkwHhcNMjMwNTA1MTYzMjA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTIxMGU0OTA2ZmQ3ZjIzNDQ1NWVlOWQwOWU3YmIxYjQ1ZDY1ODJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj6Uc7JH+qN3ZN7JanpaC2rdwuYc1
Ux0Z/lrsju5iel7LWEwY64UnbIQ8OVIbCzIcDJg14Vom4KeVJytruwuhc9QW3GrC
+dU2NeO4TjKVYIfzGHRE8Ble2BjikBI9+EzuVCNrVALvkjtfiO4m/nu87v/G4o3B
IXv1tjVP2eD4oLjXBh/v4zkm2tK+JKKoWCRVFhW72pgGucMerpWVLalaTcjFZ+ZF
GwnS6s5TeUXDm+gQ8Iy5UoGpuWR8aOd0qoljs3NjFbirqZtsSttYycReVhqwQsAc
hFMea01h3r52LGZU41gsDqgoFrxBdwsVLekZ6fd4Ges8FBbmAZD6JwscmwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFDUhDkkG/X8jRFXunQnnuxtF1lgvMB8GA1UdIwQY
MBaAFL02aGKPDfedBH7KDZrc/Atmk+MJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlRab1lvOE45NTBFZnNvTm10ejhDMmFUNHdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi8xYjU3MjItMWRkYS00ZGYzLWE0NWMt
ZTZiZjMxNmM5NGExLzEvTlNFT1NRYjlmeU5FVmU2ZENlZTdHMFhXV0M4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi8xYjU3MjItMWRkYS00ZGYzLWE0NWMtZTZiZjMxNmM5NGEx
LzEvdlRab1lvOE45NTBFZnNvTm10ejhDMmFUNHdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQALV/gAwQC
U6vsAwQCuVIUAwQCubkYAwQCwTk8MA0EAgACMAcDBQMqBYuAMA0GCSqGSIb3DQEB
CwUAA4IBAQAwRs3roxnF/rnAo1iJKMTWLPuNJnlnk1sawXfI7dwZgZLspQyhwdWI
RSxq8hvBYGGXxDhMBTr18S/sI+bTqVNmMi66FdygNglaQkiP5WEk+fwv2JaAPMzw
nXQkc/wjhOAzEA4tmUzZKufFmWbUFLa08+DhI9rPCCTrgAWTRlN+Xi/w0qx4/04f
ZqaPyU7sKrn33RrNUnn7d69IRDG7Fjiynvdr2XQWqqROByvS+exeV7m5eGLBLUUz
IaBpMqpK4ulbJwk6NjePwoWj4qdyz0bQzwNSAlIFJGfydNUrNuo5uY+/rzanmWPq
oRYT/M7dNdJtPv3Cv56OIO+qttPIABLL
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:04 2024 by rpki-client on console-fra.rpki-client.org