Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/5d454b-9d1d-4e7d-ae73-7f5f4d604731/1/NAzREo7PIjSR-IlHzbg-amEz240.roa
File: NAzREo7PIjSR-IlHzbg-amEz240.roa (raw, json)
Hash identifier: JX9RuHY4889byMtjlNeMm1dRgdVCnc3hd4X3ovSIgKI=
Subject key identifier: 34:0C:D1:12:8E:CF:22:34:91:F8:89:47:CD:B8:3E:6A:61:33:DB:8D
Certificate issuer: /CN=441d4b92dd150364c65b7d21299028678b0a5296
Certificate serial: 01856CCAF865296119F8D288578A2DCB3889
Authority key identifier: 44:1D:4B:92:DD:15:03:64:C6:5B:7D:21:29:90:28:67:8B:0A:52:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RB1Lkt0VA2TGW30hKZAoZ4sKUpY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/5d454b-9d1d-4e7d-ae73-7f5f4d604731/1/NAzREo7PIjSR-IlHzbg-amEz240.roa
Signing time: Sun 01 Jan 2023 10:05:19 +0000
ROA not before: Sun 01 Jan 2023 10:05:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57370
IP address blocks: 178.238.160.0/21 maxlen: 24
178.238.160.0/22 maxlen: 24
178.238.168.0/21 maxlen: 24
185.119.179.0/24 maxlen: 24
185.119.177.0/24 maxlen: 24
185.119.178.0/24 maxlen: 24
185.119.178.0/23 maxlen: 24
185.119.176.0/22 maxlen: 24
185.119.176.0/23 maxlen: 24
185.119.176.0/24 maxlen: 24
144.2.80.0/20 maxlen: 24
144.2.96.0/20 maxlen: 24
144.2.96.0/19 maxlen: 24
144.2.112.0/20 maxlen: 24
144.2.64.0/20 maxlen: 24
144.2.64.0/19 maxlen: 24
144.2.64.0/18 maxlen: 24
2a02:21b2:beee::/48 maxlen: 48
2a02:21b2:b3ee::/48 maxlen: 48
2a02:21b2:b2ee::/48 maxlen: 48
2a02:21b2:ac18::/48 maxlen: 48
2a02:21b2:ac14::/48 maxlen: 48
2a02:21b1::/32 maxlen: 48
2a02:21b4:c000::/34 maxlen: 48
2a02:21b4:8000::/34 maxlen: 48
2a02:21b4:8000::/33 maxlen: 48
2a02:21b4:4000::/34 maxlen: 48
2a02:21b4::/34 maxlen: 48
2a02:21b4::/33 maxlen: 48
2a02:21b4::/32 maxlen: 48
2a02:21b0::/32 maxlen: 48
2a02:21b2:ac10::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 19 Jun 2023 18:53:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ca:f8:65:29:61:19:f8:d2:88:57:8a:2d:cb:38:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=441d4b92dd150364c65b7d21299028678b0a5296
Validity
Not Before: Jan 1 10:05:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=340cd1128ecf223491f88947cdb83e6a6133db8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:8b:e0:e9:86:bf:b4:33:52:11:17:c0:a0:e9:
a6:35:e7:c7:e9:a4:ec:36:88:f7:ec:1e:6e:7c:92:
3c:54:e0:6f:2d:48:bc:33:b2:dc:ab:81:e2:fd:fe:
68:e3:a6:17:ad:ad:e4:0f:01:61:7a:59:15:bf:66:
94:c8:36:c6:ab:54:81:c3:22:eb:b9:b4:5a:86:ce:
7d:22:8f:6f:2d:97:0c:34:ff:09:91:9f:8f:f2:3c:
5a:e0:5a:dc:18:90:5b:72:86:41:34:67:68:46:e3:
1d:c6:dd:a8:8a:8f:79:ec:bd:0c:23:5f:42:b2:80:
8c:6c:9b:9f:3c:5d:a7:32:7d:ac:80:4c:28:45:33:
84:94:c3:c1:e8:4a:b3:da:7b:75:88:e4:6b:f9:ba:
6e:87:1f:36:4d:22:67:b9:5d:fc:49:04:27:31:2d:
8f:58:32:30:e8:ce:3e:ed:86:2d:cd:93:29:ba:c0:
12:08:45:8a:9a:c2:26:a4:05:8a:36:6b:e0:e3:eb:
e5:e5:d5:7b:9b:39:78:38:83:7e:e4:25:a0:57:2f:
7d:46:d5:ee:22:3a:27:25:91:17:c5:8c:e3:9a:89:
4c:84:48:31:83:6f:0a:b4:20:1d:be:3b:7b:fc:7d:
be:ee:ce:5b:0a:8d:03:da:c6:58:b6:8e:0e:d4:2e:
c8:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:0C:D1:12:8E:CF:22:34:91:F8:89:47:CD:B8:3E:6A:61:33:DB:8D
X509v3 Authority Key Identifier:
keyid:44:1D:4B:92:DD:15:03:64:C6:5B:7D:21:29:90:28:67:8B:0A:52:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RB1Lkt0VA2TGW30hKZAoZ4sKUpY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/5d454b-9d1d-4e7d-ae73-7f5f4d604731/1/NAzREo7PIjSR-IlHzbg-amEz240.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/5d454b-9d1d-4e7d-ae73-7f5f4d604731/1/RB1Lkt0VA2TGW30hKZAoZ4sKUpY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.2.64.0/18
178.238.160.0/20
185.119.176.0/22
IPv6:
2a02:21b0::/31
2a02:21b2:ac10::/48
2a02:21b2:ac14::/48
2a02:21b2:ac18::/48
2a02:21b2:b2ee::/48
2a02:21b2:b3ee::/48
2a02:21b2:beee::/48
2a02:21b4::/32
Signature Algorithm: sha256WithRSAEncryption
1e:a4:34:2e:a0:a1:ea:0c:b1:87:ba:f2:45:3f:5b:d0:65:75:
cd:61:86:44:ee:f1:d3:a7:c8:3e:88:22:1c:f2:41:18:4e:86:
8c:f4:59:db:57:97:bc:e7:29:dd:25:40:c1:9a:50:82:d1:d9:
9b:13:99:ff:2c:0a:e5:52:ba:b6:3f:05:b7:a8:2f:0f:5a:d6:
ea:b4:9e:9d:9c:33:73:66:f8:1b:1e:2a:6d:b5:d7:75:6d:40:
16:95:c8:9b:1e:0e:ac:be:d0:da:9d:05:66:fb:bf:6b:8e:6c:
64:cf:04:f4:1c:06:4a:d9:95:dd:53:c9:10:12:67:3d:03:c5:
3d:62:87:29:9f:79:5e:34:34:0e:8a:89:cd:9f:3b:cc:37:fc:
af:e9:ea:8d:4e:18:66:99:91:9e:f0:dd:06:b2:06:95:d7:7a:
40:fb:67:c4:7b:69:ce:55:0f:18:59:4d:f2:a2:7b:cd:04:b0:
3c:af:ab:ce:67:b5:c4:94:ff:28:97:8b:2a:99:85:9a:c7:e5:
2c:18:59:bc:e9:f9:24:3c:52:66:2c:86:2b:f0:7f:ea:8b:4d:
de:a5:d4:94:a4:c1:97:50:24:e7:34:34:9a:a4:bf:df:a2:09:
ee:96:14:57:24:2a:65:4c:9e:9a:40:c9:b3:57:e7:52:32:ce:
56:2d:ca:5c
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAYVsyvhlKWEZ+NKIV4otyziJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0MWQ0YjkyZGQxNTAzNjRjNjViN2QyMTI5OTAyODY3OGIw
YTUyOTYwHhcNMjMwMTAxMTAwNTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDBjZDExMjhlY2YyMjM0OTFmODg5NDdjZGI4M2U2YTYxMzNkYjhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwovg6Ya/tDNSERfAoOmmNefH6aTs
Noj37B5ufJI8VOBvLUi8M7Lcq4Hi/f5o46YXra3kDwFhelkVv2aUyDbGq1SBwyLr
ubRahs59Io9vLZcMNP8JkZ+P8jxa4FrcGJBbcoZBNGdoRuMdxt2oio957L0MI19C
soCMbJufPF2nMn2sgEwoRTOElMPB6Eqz2nt1iORr+bpuhx82TSJnuV38SQQnMS2P
WDIw6M4+7YYtzZMpusASCEWKmsImpAWKNmvg4+vl5dV7mzl4OIN+5CWgVy99RtXu
IjonJZEXxYzjmolMhEgxg28KtCAdvjt7/H2+7s5bCo0D2sZYto4O1C7IuQIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFDQM0RKOzyI0kfiJR824PmphM9uNMB8GA1UdIwQY
MBaAFEQdS5LdFQNkxlt9ISmQKGeLClKWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkIxTGt0MFZBMlRHVzMwaEtaQW9aNHNLVXBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS81ZDQ1NGItOWQxZC00ZTdkLWFlNzMt
N2Y1ZjRkNjA0NzMxLzEvTkF6UkVvN1BJalNSLUlsSHpiZy1hbUV6MjQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS81ZDQ1NGItOWQxZC00ZTdkLWFlNzMtN2Y1ZjRkNjA0NzMx
LzEvUkIxTGt0MFZBMlRHVzMwaEtaQW9aNHNLVXBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjAYBAIAATASAwQGkAJAAwQE
su6gAwQCuXewMEoEAgACMEQDBQEqAiGwAwcAKgIhsqwQAwcAKgIhsqwUAwcAKgIh
sqwYAwcAKgIhsrLuAwcAKgIhsrPuAwcAKgIhsr7uAwUAKgIhtDANBgkqhkiG9w0B
AQsFAAOCAQEAHqQ0LqCh6gyxh7ryRT9b0GV1zWGGRO7x06fIPogiHPJBGE6GjPRZ
21eXvOcp3SVAwZpQgtHZmxOZ/ywK5VK6tj8Ft6gvD1rW6rSenZwzc2b4Gx4qbbXX
dW1AFpXImx4OrL7Q2p0FZvu/a45sZM8E9BwGStmV3VPJEBJnPQPFPWKHKZ95XjQ0
DoqJzZ87zDf8r+nqjU4YZpmRnvDdBrIGldd6QPtnxHtpzlUPGFlN8qJ7zQSwPK+r
zme1xJT/KJeLKpmFmsflLBhZvOn5JDxSZiyGK/B/6otN3qXUlKTBl1Ak5zQ0mqS/
36IJ7pYUVyQqZUyemkDJs1fnUjLOVi3KXA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:33 2024 by rpki-client on console-fra.rpki-client.org