Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/NJKM3R9BOMhoEExOz5l0hft00YQ.roa
File: NJKM3R9BOMhoEExOz5l0hft00YQ.roa (raw, json)
Hash identifier: 72LxxoQ8dbYL5awozKygb3W01VSYSWF0+Smbr3cH52A=
Subject key identifier: 34:92:8C:DD:1F:41:38:C8:68:10:4C:4E:CF:99:74:85:FB:74:D1:84
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018BF6D787531C873F0372C563B5823C59CC
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/NJKM3R9BOMhoEExOz5l0hft00YQ.roa
Signing time: Wed 22 Nov 2023 11:43:21 +0000
ROA not before: Wed 22 Nov 2023 11:43:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.218.84.0/22 maxlen: 24
91.92.24.0/23 maxlen: 24
147.78.101.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
185.246.223.0/24 maxlen: 24
185.226.173.0/24 maxlen: 24
185.226.175.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.59.0/24 maxlen: 24
194.180.50.0/24 maxlen: 24
194.169.174.0/24 maxlen: 24
94.156.78.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
178.215.224.0/24 maxlen: 24
94.156.239.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
185.252.176.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
185.216.84.0/22 maxlen: 24
45.88.90.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
93.123.116.0/24 maxlen: 24
87.120.33.0/24 maxlen: 24
87.121.221.0/24 maxlen: 24
87.121.220.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f6:d7:87:53:1c:87:3f:03:72:c5:63:b5:82:3c:59:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 22 11:43:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=34928cdd1f4138c868104c4ecf997485fb74d184
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:2f:7a:b1:3c:4a:23:c3:e4:d2:83:f5:8d:3f:
09:27:16:42:d4:22:5c:41:5d:5d:4f:34:b8:75:a1:
1a:d6:2e:d9:fa:2b:f1:ae:c0:08:e2:af:6d:3b:4f:
80:95:0c:c5:d0:7a:b4:4b:ef:2f:4e:f9:8b:03:20:
ab:e8:73:12:20:28:d5:9c:65:b6:ef:36:c8:52:da:
6a:d3:63:7c:9a:db:70:fa:83:f8:f8:c8:dc:74:b1:
3e:3a:fb:70:d7:d6:30:12:d3:6c:f2:e8:ad:c0:21:
0d:70:78:f3:68:42:c2:4f:8a:84:aa:5c:ca:7e:ef:
32:94:96:ef:de:8a:3c:7c:44:74:c1:36:61:2c:78:
de:3f:dd:71:f0:9a:d6:eb:98:f8:b2:92:34:16:1d:
4d:40:c1:9b:bf:b8:b3:5f:b6:3e:84:04:66:2d:09:
ea:1d:9e:7e:ba:af:65:78:8a:3b:54:5d:0f:ef:0c:
b9:80:79:17:98:31:83:69:3c:79:f9:ec:74:63:79:
7b:1f:05:07:fa:dc:76:ab:a1:e1:42:56:c2:9c:df:
06:36:1f:52:e0:a7:80:f8:b7:5e:98:28:7d:b5:5c:
4c:5b:95:99:c0:a3:83:2f:f9:b5:77:1f:f3:f3:9f:
e3:f5:9e:28:f9:61:28:2e:36:c3:9c:54:38:af:48:
65:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:92:8C:DD:1F:41:38:C8:68:10:4C:4E:CF:99:74:85:FB:74:D1:84
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/NJKM3R9BOMhoEExOz5l0hft00YQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.90.0/24
45.151.89.0/24
87.120.33.0/24
87.120.87.0/24
87.121.45.0/24
87.121.59.0/24
87.121.220.0/23
91.92.24.0/23
92.119.196.0/23
93.123.116.0/24
94.154.161.0-94.154.163.255
94.156.78.0/24
94.156.239.0/24
147.78.100.0-147.78.102.255
171.22.72.0/22
178.215.224.0/24
178.215.236.0/24
185.216.84.0/22
185.218.84.0/22
185.226.173.0/24
185.226.175.0/24
185.246.223.0/24
185.252.176.0/24
194.169.174.0/24
194.180.50.0/24
Signature Algorithm: sha256WithRSAEncryption
38:12:ac:7f:6d:a8:62:84:51:5a:85:95:6f:fa:83:30:06:c5:
0a:f9:a5:af:fd:77:34:fe:e4:57:97:6c:33:7f:4c:af:45:e6:
af:76:e9:ef:c1:56:3d:5c:17:fb:fe:fd:5f:ab:53:0a:a0:84:
66:09:66:70:8f:51:7b:c4:20:9b:5a:c6:a5:88:41:d4:06:1c:
f4:c1:79:5d:78:40:5f:07:61:02:d7:87:4b:95:55:c3:e1:dc:
c7:d5:c1:4b:b8:ac:dd:b9:3c:26:36:c4:e6:d2:ce:28:71:2b:
54:96:52:4c:56:8c:e1:3f:ae:f1:3a:48:72:4d:a8:16:26:47:
2a:5e:15:ad:f6:33:c6:8d:1d:80:77:e9:98:44:e9:ca:e4:91:
72:58:07:89:60:b3:56:c0:b0:92:f1:a2:51:65:6b:9c:a0:c5:
4b:17:ae:08:cb:4a:f5:ae:09:c2:29:93:14:f3:f1:10:8b:0e:
c4:a8:c6:bf:12:e0:36:0d:1e:f9:c6:5c:7a:5e:55:a3:a5:86:
92:89:3a:64:79:e4:69:b6:cf:dc:53:cd:05:2f:d1:7a:08:fd:
d5:8f:1a:9d:42:78:2f:5a:f0:d9:78:2f:c0:26:27:64:ba:b4:
18:91:0f:ad:61:0a:3f:67:b2:1f:20:b6:ac:d4:6a:58:c5:a7:
3b:93:f8:28
-----BEGIN CERTIFICATE-----
MIIFojCCBIqgAwIBAgISAYv214dTHIc/A3LFY7WCPFnMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMTIyMTE0MzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDkyOGNkZDFmNDEzOGM4NjgxMDRjNGVjZjk5NzQ4NWZiNzRkMTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmy96sTxKI8Pk0oP1jT8JJxZC1CJc
QV1dTzS4daEa1i7Z+ivxrsAI4q9tO0+AlQzF0Hq0S+8vTvmLAyCr6HMSICjVnGW2
7zbIUtpq02N8mttw+oP4+MjcdLE+Ovtw19YwEtNs8uitwCENcHjzaELCT4qEqlzK
fu8ylJbv3oo8fER0wTZhLHjeP91x8JrW65j4spI0Fh1NQMGbv7izX7Y+hARmLQnq
HZ5+uq9leIo7VF0P7wy5gHkXmDGDaTx5+ex0Y3l7HwUH+tx2q6HhQlbCnN8GNh9S
4KeA+LdemCh9tVxMW5WZwKODL/m1dx/z85/j9Z4o+WEoLjbDnFQ4r0hlnQIDAQAB
o4ICrjCCAqowHQYDVR0OBBYEFDSSjN0fQTjIaBBMTs+ZdIX7dNGEMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvTkpLTTNSOUJPTWhvRUV4T3o1bDBoZnQwMFlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHDBggrBgEFBQcBBwEB/wSBszCBsDCBrQQCAAEwgaYDBAAt
WFoDBAAtl1kDBABXeCEDBABXeFcDBABXeS0DBABXeTsDBAFXedwDBAFbXBgDBAFc
d8QDBABde3QwDAMEAF6aoQMEAl6aoAMEAF6cTgMEAF6c7zAMAwQCk05kAwQAk05m
AwQCqxZIAwQAstfgAwQAstfsAwQCudhUAwQCudpUAwQAueKtAwQAueKvAwQAufbf
AwQAufywAwQAwqmuAwQAwrQyMA0GCSqGSIb3DQEBCwUAA4IBAQA4Eqx/bahihFFa
hZVv+oMwBsUK+aWv/Xc0/uRXl2wzf0yvReavdunvwVY9XBf7/v1fq1MKoIRmCWZw
j1F7xCCbWsaliEHUBhz0wXldeEBfB2EC14dLlVXD4dzH1cFLuKzduTwmNsTm0s4o
cStUllJMVozhP67xOkhyTagWJkcqXhWt9jPGjR2Ad+mYROnK5JFyWAeJYLNWwLCS
8aJRZWucoMVLF64Iy0r1rgnCKZMU8/EQiw7EqMa/EuA2DR75xlx6XlWjpYaSiTpk
eeRpts/cU80FL9F6CP3VjxqdQngvWvDZeC/AJidkurQYkQ+tYQo/Z7IfILas1GpY
xac7k/go
-----END CERTIFICATE-----
Generated at Wed Nov 22 12:58:56 2023 by rpki-client on console-ams.rpki-client.org