Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ntMFH11x_Xm4OP4NmE6B2NYYIVk.roa
File: ntMFH11x_Xm4OP4NmE6B2NYYIVk.roa (raw, json)
Hash identifier: cldpDjlPyeIPewzCzpQZH9LjyBcJ+YzpCp+SJ9pZdpE=
Subject key identifier: 9E:D3:05:1F:5D:71:FD:79:B8:38:FE:0D:98:4E:81:D8:D6:18:21:59
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018CC903CC5CF5CEBB34BCFBF1AC68FD11CF
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ntMFH11x_Xm4OP4NmE6B2NYYIVk.roa
Signing time: Tue 02 Jan 2024 07:11:58 +0000
ROA not before: Tue 02 Jan 2024 07:11:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 185.218.84.0/22 maxlen: 24
178.215.224.0/24 maxlen: 24
94.156.239.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
185.252.176.0/24 maxlen: 24
147.78.101.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
185.226.172.0/24 maxlen: 24
185.226.175.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
185.216.84.0/22 maxlen: 24
45.88.90.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
94.154.172.0/24 maxlen: 24
87.121.221.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:03:cc:5c:f5:ce:bb:34:bc:fb:f1:ac:68:fd:11:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 07:11:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9ed3051f5d71fd79b838fe0d984e81d8d6182159
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:fb:dd:dd:e1:5b:1a:fd:0b:c8:5b:b4:07:e3:
a4:18:ea:b0:d9:7e:d6:5c:d3:70:0b:14:aa:e7:4e:
9d:75:30:92:71:ec:be:85:ed:73:e4:52:cc:7f:17:
00:f6:76:c7:f5:5c:02:be:8d:c6:54:1b:32:68:ca:
21:53:0c:45:cf:69:c0:ac:8e:48:43:53:44:60:1f:
46:15:8c:92:af:44:d7:a0:bc:86:3c:ec:c9:04:22:
a9:1d:74:8c:e4:e1:91:31:31:50:53:62:f3:04:d5:
c1:e0:2f:a0:23:ab:7c:27:b7:a0:5a:bf:2e:9e:99:
86:28:0a:5f:36:fe:ff:c8:0c:01:dd:f9:6a:51:95:
b7:d9:6e:b9:5a:23:5e:fa:a2:6c:0e:2e:3f:ba:75:
23:1d:a3:53:90:f5:52:de:a3:1e:5f:42:8f:61:cf:
5a:bc:20:42:fc:0b:95:d4:8a:7c:de:e8:05:ae:cf:
7b:07:52:8e:04:92:87:3c:33:47:0f:b7:e9:12:46:
c4:bf:e7:b1:fb:b4:3a:c0:df:54:c7:a4:31:7f:fe:
1f:57:f5:2e:11:29:48:e3:b1:87:09:00:9a:be:79:
30:24:d0:79:5c:ba:9d:3d:61:41:ff:4b:43:a2:a8:
d6:30:c5:5a:2d:29:32:91:85:2a:42:5f:ea:4a:0a:
d9:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:D3:05:1F:5D:71:FD:79:B8:38:FE:0D:98:4E:81:D8:D6:18:21:59
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ntMFH11x_Xm4OP4NmE6B2NYYIVk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.90.0/24
45.151.89.0/24
87.120.87.0/24
87.121.45.0/24
87.121.221.0/24
92.119.196.0/23
94.154.161.0-94.154.163.255
94.154.172.0/24
94.156.239.0/24
147.78.101.0-147.78.102.255
171.22.72.0/22
178.215.224.0/24
178.215.236.0/24
185.216.84.0/22
185.218.84.0/22
185.226.172.0/24
185.226.175.0/24
185.252.176.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:1f:66:e7:02:8d:56:c0:1c:d3:6a:35:0b:09:87:5d:1d:70:
50:72:41:f5:e0:1f:26:bd:01:56:43:a4:62:76:81:96:7e:c3:
07:2d:5d:09:d0:89:05:8a:f2:0f:19:bf:2b:ed:e4:a6:ca:1f:
77:9c:57:0e:dd:19:3c:9f:e6:57:51:b6:c2:3f:89:7a:72:26:
7a:0d:7b:dc:fb:bd:0a:18:3f:57:89:8a:07:ba:78:e4:55:15:
ca:14:3b:c8:d2:1a:b4:89:e1:66:b6:8b:9e:58:83:ea:41:40:
f5:e2:1b:0b:1f:38:5a:e9:5a:bc:d8:e5:a7:76:5a:01:ad:a2:
4e:85:1d:d6:c8:98:d3:08:66:30:62:c1:bb:33:4b:45:54:24:
9d:7e:04:3e:ec:01:9f:56:18:b6:a2:79:bd:3f:d3:a1:a1:d8:
88:1d:75:c8:c7:3c:b9:ac:49:69:09:c2:fc:51:b5:25:62:83:
6e:16:f7:4a:8e:12:86:fc:8f:0b:be:5d:df:6a:ad:f5:8f:13:
7c:f5:26:48:9f:5e:0f:98:74:68:52:ca:97:2e:97:8d:34:76:
c8:bb:25:34:aa:10:5e:54:52:45:70:fc:ee:5c:83:88:95:d9:
12:bc:5f:52:65:76:a3:9f:c1:da:97:68:5d:f6:47:dc:2a:6b:
c0:bd:b6:ff
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAYzJA8xc9c67NLz78axo/RHPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTAyMDcxMTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWQzMDUxZjVkNzFmZDc5YjgzOGZlMGQ5ODRlODFkOGQ2MTgyMTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApPvd3eFbGv0LyFu0B+OkGOqw2X7W
XNNwCxSq506ddTCScey+he1z5FLMfxcA9nbH9VwCvo3GVBsyaMohUwxFz2nArI5I
Q1NEYB9GFYySr0TXoLyGPOzJBCKpHXSM5OGRMTFQU2LzBNXB4C+gI6t8J7egWr8u
npmGKApfNv7/yAwB3flqUZW32W65WiNe+qJsDi4/unUjHaNTkPVS3qMeX0KPYc9a
vCBC/AuV1Ip83ugFrs97B1KOBJKHPDNHD7fpEkbEv+ex+7Q6wN9Ux6Qxf/4fV/Uu
ESlI47GHCQCavnkwJNB5XLqdPWFB/0tDoqjWMMVaLSkykYUqQl/qSgrZBwIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFJ7TBR9dcf15uDj+DZhOgdjWGCFZMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvbnRNRkgxMXhfWG00T1A0Tm1FNkIyTllZSVZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTCBggQCAAEwfAMEAC1Y
WgMEAC2XWQMEAFd4VwMEAFd5LQMEAFd53QMEAVx3xDAMAwQAXpqhAwQCXpqgAwQA
XpqsAwQAXpzvMAwDBACTTmUDBACTTmYDBAKrFkgDBACy1+ADBACy1+wDBAK52FQD
BAK52lQDBAC54qwDBAC54q8DBAC5/LAwDQYJKoZIhvcNAQELBQADggEBAKsfZucC
jVbAHNNqNQsJh10dcFByQfXgHya9AVZDpGJ2gZZ+wwctXQnQiQWK8g8Zvyvt5KbK
H3ecVw7dGTyf5ldRtsI/iXpyJnoNe9z7vQoYP1eJige6eORVFcoUO8jSGrSJ4Wa2
i55Yg+pBQPXiGwsfOFrpWrzY5ad2WgGtok6FHdbImNMIZjBiwbszS0VUJJ1+BD7s
AZ9WGLaieb0/06Gh2IgddcjHPLmsSWkJwvxRtSVig24W90qOEob8jwu+Xd9qrfWP
E3z1JkifXg+YdGhSypcul400dsi7JTSqEF5UUkVw/O5cg4iV2RK8X1JldqOfwdqX
aF32R9wqa8C9tv8=
-----END CERTIFICATE-----
Generated at Fri Jan 5 08:48:37 2024 by rpki-client on console-ams.rpki-client.org