Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/NTK3tKk2h_EKROLTnIN35SR4weU.roa
File: NTK3tKk2h_EKROLTnIN35SR4weU.roa (raw, json)
Hash identifier: BhGvXwn9PgZw20kHN+lRu61N+s/Vwq5HMHc1aGcpGwU=
Subject key identifier: 35:32:B7:B4:A9:36:87:F1:0A:44:E2:D3:9C:83:77:E5:24:78:C1:E5
Certificate issuer: /CN=686d1840493eee345f8c02ad8aa7f0f0f41ba450
Certificate serial: 01856CAEEF9F7DFB66B7DD7DC1EE192F64BC
Authority key identifier: 68:6D:18:40:49:3E:EE:34:5F:8C:02:AD:8A:A7:F0:F0:F4:1B:A4:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aG0YQEk-7jRfjAKtiqfw8PQbpFA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/NTK3tKk2h_EKROLTnIN35SR4weU.roa
Signing time: Sun 01 Jan 2023 09:34:41 +0000
ROA not before: Sun 01 Jan 2023 09:34:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208988
IP address blocks: 185.44.4.0/22 maxlen: 22
37.10.110.0/23 maxlen: 23
85.190.184.0/21 maxlen: 21
91.208.17.0/24 maxlen: 24
185.123.4.0/22 maxlen: 22
185.195.120.0/22 maxlen: 22
37.10.68.0/23 maxlen: 23
94.126.36.0/22 maxlen: 22
31.214.150.0/23 maxlen: 23
185.50.108.0/22 maxlen: 22
62.221.228.0/22 maxlen: 22
185.125.232.0/22 maxlen: 22
128.0.120.0/23 maxlen: 23
85.222.208.0/20 maxlen: 20
2a01:71a0::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 13 Apr 2023 09:59:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ae:ef:9f:7d:fb:66:b7:dd:7d:c1:ee:19:2f:64:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=686d1840493eee345f8c02ad8aa7f0f0f41ba450
Validity
Not Before: Jan 1 09:34:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3532b7b4a93687f10a44e2d39c8377e52478c1e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:11:36:0c:22:10:2d:a0:a4:a7:0b:76:90:bb:
05:82:30:cf:e8:a5:7e:3e:ed:35:98:07:38:6b:32:
fc:d9:b0:45:ac:19:17:4f:e7:f7:6a:72:f8:93:2d:
c0:fb:9c:86:31:38:19:20:c8:de:57:9b:aa:22:5e:
0f:af:57:0a:ba:08:9d:bf:28:50:ed:55:24:75:a0:
c6:82:b4:78:58:2e:f3:ac:72:9d:c5:08:fe:31:18:
70:ba:3c:24:65:72:23:c8:e3:30:35:3c:da:0d:20:
00:52:69:11:65:f9:1f:b6:e0:5b:9b:e7:42:bb:24:
3e:78:f1:7c:20:93:1a:59:9b:3d:6d:75:d9:22:ef:
b9:98:77:6e:1c:b4:33:39:84:ad:ce:3f:71:21:11:
52:5a:b9:24:83:26:8f:73:37:38:41:b2:20:51:48:
fd:f0:4a:23:22:b9:1c:06:db:9e:b5:e6:5a:d5:d9:
49:09:bf:b3:1b:54:52:3b:bb:4b:6e:23:bd:f7:56:
a5:e3:00:27:7f:32:ea:a2:34:59:cb:9d:45:d0:65:
77:27:fe:2e:62:3e:fc:c4:36:43:83:8f:8a:ef:26:
b1:d3:4b:ca:18:de:12:d1:92:13:1c:0a:4c:f7:9a:
cf:c4:19:c5:23:f4:e3:01:87:a3:7b:1f:17:3b:56:
cf:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:32:B7:B4:A9:36:87:F1:0A:44:E2:D3:9C:83:77:E5:24:78:C1:E5
X509v3 Authority Key Identifier:
keyid:68:6D:18:40:49:3E:EE:34:5F:8C:02:AD:8A:A7:F0:F0:F4:1B:A4:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aG0YQEk-7jRfjAKtiqfw8PQbpFA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/NTK3tKk2h_EKROLTnIN35SR4weU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/aG0YQEk-7jRfjAKtiqfw8PQbpFA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.214.150.0/23
37.10.68.0/23
37.10.110.0/23
62.221.228.0/22
85.190.184.0/21
85.222.208.0/20
91.208.17.0/24
94.126.36.0/22
128.0.120.0/23
185.44.4.0/22
185.50.108.0/22
185.123.4.0/22
185.125.232.0/22
185.195.120.0/22
IPv6:
2a01:71a0::/32
Signature Algorithm: sha256WithRSAEncryption
5f:b5:2c:e8:fe:e2:a7:31:35:bb:57:85:58:bf:c7:37:98:ad:
db:53:72:49:3c:1a:a5:e6:d5:1e:e3:fa:f5:5d:63:03:76:6c:
52:ea:0b:07:8d:9a:ee:f0:60:c1:27:0a:e4:8f:f2:29:fe:da:
ac:70:b8:4d:c7:30:3b:62:39:ff:fa:a4:89:03:da:77:f9:2d:
ec:ee:51:d1:a8:3b:e8:cf:d9:14:5b:02:32:80:28:50:86:51:
90:33:d5:40:73:75:dc:c5:25:9b:24:ae:12:b2:56:a3:49:08:
bb:15:4a:a4:c4:5b:32:47:05:94:29:9e:fd:53:2a:4a:c3:2c:
b4:e5:b2:bf:4b:b1:66:88:b2:f1:3b:ee:0a:85:fb:32:52:de:
73:3a:e7:8d:e9:04:43:e1:92:71:cd:2b:2a:84:59:fc:75:cf:
73:ef:be:ba:fc:e0:fd:54:42:1c:72:f5:23:f3:fc:db:8b:2d:
d7:ed:7f:8c:5f:1c:45:e0:d1:1f:e7:c0:33:6a:ba:f6:28:7c:
84:dc:dc:47:00:00:e8:02:5a:ab:66:17:43:23:ba:08:ff:36:
d0:e4:10:a9:e9:34:cd:30:e2:73:f8:cc:d7:ff:e5:58:ad:5f:
b3:f2:89:1d:93:32:bc:60:ee:d7:a8:be:6d:45:fc:9b:e9:27:
be:d9:ba:40
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgISAYVsru+ffftmt919we4ZL2S8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4NmQxODQwNDkzZWVlMzQ1ZjhjMDJhZDhhYTdmMGYwZjQx
YmE0NTAwHhcNMjMwMTAxMDkzNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTMyYjdiNGE5MzY4N2YxMGE0NGUyZDM5YzgzNzdlNTI0NzhjMWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnhE2DCIQLaCkpwt2kLsFgjDP6KV+
Pu01mAc4azL82bBFrBkXT+f3anL4ky3A+5yGMTgZIMjeV5uqIl4Pr1cKugidvyhQ
7VUkdaDGgrR4WC7zrHKdxQj+MRhwujwkZXIjyOMwNTzaDSAAUmkRZfkftuBbm+dC
uyQ+ePF8IJMaWZs9bXXZIu+5mHduHLQzOYStzj9xIRFSWrkkgyaPczc4QbIgUUj9
8EojIrkcBtueteZa1dlJCb+zG1RSO7tLbiO991al4wAnfzLqojRZy51F0GV3J/4u
Yj78xDZDg4+K7yax00vKGN4S0ZITHApM95rPxBnFI/TjAYejex8XO1bP3QIDAQAB
o4ICZjCCAmIwHQYDVR0OBBYEFDUyt7SpNofxCkTi05yDd+UkeMHlMB8GA1UdIwQY
MBaAFGhtGEBJPu40X4wCrYqn8PD0G6RQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUcwWVFFay03alJmakFLdGlxZnc4UFFicEZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9lNDJlY2YtNzhmZi00YjU4LTg3NjAt
ODI2ZDA1Y2NmZTI1LzEvTlRLM3RLazJoX0VLUk9MVG5JTjM1U1I0d2VVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9lNDJlY2YtNzhmZi00YjU4LTg3NjAtODI2ZDA1Y2NmZTI1
LzEvYUcwWVFFay03alJmakFLdGlxZnc4UFFicEZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHwGCCsGAQUFBwEHAQH/BG0wazBaBAIAATBUAwQBH9aWAwQB
JQpEAwQBJQpuAwQCPt3kAwQDVb64AwQEVd7QAwQAW9ARAwQCXn4kAwQBgAB4AwQC
uSwEAwQCuTJsAwQCuXsEAwQCuX3oAwQCucN4MA0EAgACMAcDBQAqAXGgMA0GCSqG
SIb3DQEBCwUAA4IBAQBftSzo/uKnMTW7V4VYv8c3mK3bU3JJPBql5tUe4/r1XWMD
dmxS6gsHjZru8GDBJwrkj/Ip/tqscLhNxzA7Yjn/+qSJA9p3+S3s7lHRqDvoz9kU
WwIygChQhlGQM9VAc3XcxSWbJK4SslajSQi7FUqkxFsyRwWUKZ79UypKwyy05bK/
S7FmiLLxO+4KhfsyUt5zOueN6QRD4ZJxzSsqhFn8dc9z7766/OD9VEIccvUj8/zb
iy3X7X+MXxxF4NEf58Azarr2KHyE3NxHAADoAlqrZhdDI7oI/zbQ5BCp6TTNMOJz
+MzX/+VYrV+z8okdkzK8YO7XqL5tRfyb6Se+2bpA
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:46 2024 by rpki-client on console-ams.rpki-client.org