Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/ba88f2-215f-4f89-a3af-138b787de3e3/1/NWiXmCNZUzxkQ9djmI2tctPjX7U.roa
File: NWiXmCNZUzxkQ9djmI2tctPjX7U.roa (raw, json)
Hash identifier: hUvxiuUrFTetAyePKaTLktLzch0QhH0ht7xLydcnDBA=
Subject key identifier: 35:68:97:98:23:59:53:3C:64:43:D7:63:98:8D:AD:72:D3:E3:5F:B5
Certificate issuer: /CN=999df7dc0ed518f1ec69974cf98cecaada1a8680
Certificate serial: 018D11CA82599E7F59FA065CAC18D6645658
Authority key identifier: 99:9D:F7:DC:0E:D5:18:F1:EC:69:97:4C:F9:8C:EC:AA:DA:1A:86:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mZ333A7VGPHsaZdM-YzsqtoahoA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/ba88f2-215f-4f89-a3af-138b787de3e3/1/NWiXmCNZUzxkQ9djmI2tctPjX7U.roa
Signing time: Tue 16 Jan 2024 10:21:40 +0000
ROA not before: Tue 16 Jan 2024 10:21:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42018
IP address blocks: 85.255.204.0/24 maxlen: 24
85.255.205.0/24 maxlen: 24
85.255.206.0/24 maxlen: 24
85.255.200.0/24 maxlen: 24
85.255.201.0/24 maxlen: 24
85.255.202.0/24 maxlen: 24
85.255.203.0/24 maxlen: 24
85.255.207.0/24 maxlen: 24
185.35.52.0/24 maxlen: 24
185.35.53.0/24 maxlen: 24
185.35.52.0/22 maxlen: 22
85.255.198.0/24 maxlen: 24
85.255.199.0/24 maxlen: 24
85.255.193.0/24 maxlen: 24
85.255.194.0/24 maxlen: 24
85.255.195.0/24 maxlen: 24
85.255.196.0/24 maxlen: 24
2a01:498::/32 maxlen: 32
2a01:498:8500::/40 maxlen: 40
2a01:498:8100::/40 maxlen: 40
2a01:498:500::/40 maxlen: 40
Validation: Failed, certificate revoked on Tue 28 May 2024 09:20:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:11:ca:82:59:9e:7f:59:fa:06:5c:ac:18:d6:64:56:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=999df7dc0ed518f1ec69974cf98cecaada1a8680
Validity
Not Before: Jan 16 10:21:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=356897982359533c6443d763988dad72d3e35fb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:d8:85:53:47:e6:de:04:39:ee:82:87:70:33:
0b:34:b2:9c:29:54:48:45:c0:dd:93:08:47:b3:50:
46:a8:00:53:86:06:a7:7a:a5:02:2f:c7:99:25:fe:
75:ac:00:2b:50:3e:28:ba:fe:5d:7d:59:01:ed:ee:
23:3c:fc:e1:24:a9:70:61:ef:4b:9a:fe:c8:e6:b8:
02:86:35:a8:16:fd:bc:82:62:53:23:93:44:41:95:
80:48:29:80:24:1f:7c:c4:72:41:42:de:11:4b:18:
e6:3f:0d:90:a1:36:28:48:f1:59:cd:c6:07:32:4d:
07:61:6e:d9:2c:85:03:2b:d3:2a:1d:54:a1:3d:6e:
e0:18:95:ad:d1:4d:9b:ca:bc:6a:66:96:bc:81:60:
9a:12:62:98:17:18:8e:6b:c5:d1:f5:e6:bf:3e:8c:
c5:f1:00:7d:2b:70:e6:94:74:92:6d:ca:a4:90:45:
3e:71:b4:9f:a5:28:6f:3b:48:e0:82:ba:f1:76:8e:
2f:94:ee:7d:92:4d:8f:0b:b6:3c:44:63:d5:b5:7e:
97:cf:ee:9b:ab:4c:c3:85:a4:1e:db:64:03:36:08:
47:93:09:86:15:92:a8:70:cf:21:a3:a9:ce:08:f1:
6d:9e:ce:35:71:5d:d1:de:48:32:d1:eb:63:76:1e:
e7:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:68:97:98:23:59:53:3C:64:43:D7:63:98:8D:AD:72:D3:E3:5F:B5
X509v3 Authority Key Identifier:
keyid:99:9D:F7:DC:0E:D5:18:F1:EC:69:97:4C:F9:8C:EC:AA:DA:1A:86:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mZ333A7VGPHsaZdM-YzsqtoahoA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/ba88f2-215f-4f89-a3af-138b787de3e3/1/NWiXmCNZUzxkQ9djmI2tctPjX7U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/ba88f2-215f-4f89-a3af-138b787de3e3/1/mZ333A7VGPHsaZdM-YzsqtoahoA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.255.193.0-85.255.196.255
85.255.198.0-85.255.207.255
185.35.52.0/22
IPv6:
2a01:498::/32
Signature Algorithm: sha256WithRSAEncryption
84:34:ec:e9:83:03:8f:59:4c:ef:b4:94:b1:44:75:11:38:d5:
05:4c:dd:3d:e9:3d:4f:4f:95:df:29:67:e4:86:cf:4b:55:a8:
88:c5:c3:ce:e3:16:2b:95:06:4a:b4:b7:39:34:c2:9f:5c:e7:
59:10:37:83:1a:50:f2:37:15:53:2d:73:cd:73:a6:9e:77:a0:
8f:15:75:e2:4a:6c:25:f8:46:d2:a9:b0:22:4d:20:83:9f:c9:
f0:ff:cc:cf:fe:cf:d9:1f:62:4c:f2:a3:23:02:61:04:00:04:
4d:3d:2e:e8:bc:d3:d4:50:54:2d:f8:bf:a7:0b:2a:39:b1:d3:
5d:bc:85:e0:2b:f4:75:cb:30:a1:28:b1:4c:82:03:5d:e7:d3:
bb:08:77:f0:79:42:5e:fe:30:cd:9a:c5:43:9f:01:bb:db:38:
e9:c5:79:25:7d:b3:f1:32:37:21:e2:73:6d:7b:d7:46:5c:37:
28:7d:b2:f7:fa:91:ba:b3:72:99:99:69:30:9d:28:7d:6f:18:
f6:48:35:67:e1:38:14:fa:30:c5:59:8b:0a:87:3c:a6:3e:cc:
a7:12:eb:93:62:82:0e:4f:c8:0e:42:9d:a8:c8:0e:f6:ad:2f:
a9:08:9a:e1:e4:23:50:63:23:4d:35:3f:12:28:84:da:66:e1:
61:47:0c:29
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAY0RyoJZnn9Z+gZcrBjWZFZYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5OWRmN2RjMGVkNTE4ZjFlYzY5OTc0Y2Y5OGNlY2FhZGEx
YTg2ODAwHhcNMjQwMTE2MTAyMTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTY4OTc5ODIzNTk1MzNjNjQ0M2Q3NjM5ODhkYWQ3MmQzZTM1ZmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy9iFU0fm3gQ57oKHcDMLNLKcKVRI
RcDdkwhHs1BGqABThganeqUCL8eZJf51rAArUD4ouv5dfVkB7e4jPPzhJKlwYe9L
mv7I5rgChjWoFv28gmJTI5NEQZWASCmAJB98xHJBQt4RSxjmPw2QoTYoSPFZzcYH
Mk0HYW7ZLIUDK9MqHVShPW7gGJWt0U2byrxqZpa8gWCaEmKYFxiOa8XR9ea/PozF
8QB9K3DmlHSSbcqkkEU+cbSfpShvO0jggrrxdo4vlO59kk2PC7Y8RGPVtX6Xz+6b
q0zDhaQe22QDNghHkwmGFZKocM8ho6nOCPFtns41cV3R3kgy0etjdh7n+QIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFDVol5gjWVM8ZEPXY5iNrXLT41+1MB8GA1UdIwQY
MBaAFJmd99wO1Rjx7GmXTPmM7KraGoaAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVozMzNBN1ZHUEhzYVpkTS1ZenNxdG9haG9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9iYTg4ZjItMjE1Zi00Zjg5LWEzYWYt
MTM4Yjc4N2RlM2UzLzEvTldpWG1DTlpVenhrUTlkam1JMnRjdFBqWDdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9iYTg4ZjItMjE1Zi00Zjg5LWEzYWYtMTM4Yjc4N2RlM2Uz
LzEvbVozMzNBN1ZHUEhzYVpkTS1ZenNxdG9haG9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTAoBAIAATAiMAwDBABV/8ED
BABV/8QwDAMEAVX/xgMEBFX/wAMEArkjNDANBAIAAjAHAwUAKgEEmDANBgkqhkiG
9w0BAQsFAAOCAQEAhDTs6YMDj1lM77SUsUR1ETjVBUzdPek9T0+V3yln5IbPS1Wo
iMXDzuMWK5UGSrS3OTTCn1znWRA3gxpQ8jcVUy1zzXOmnnegjxV14kpsJfhG0qmw
Ik0gg5/J8P/Mz/7P2R9iTPKjIwJhBAAETT0u6LzT1FBULfi/pwsqObHTXbyF4Cv0
dcswoSixTIIDXefTuwh38HlCXv4wzZrFQ58Bu9s46cV5JX2z8TI3IeJzbXvXRlw3
KH2y9/qRurNymZlpMJ0ofW8Y9kg1Z+E4FPowxVmLCoc8pj7MpxLrk2KCDk/IDkKd
qMgO9q0vqQia4eQjUGMjTTU/EiiE2mbhYUcMKQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:33 2024 by rpki-client on console-fra.rpki-client.org