Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/7bdafb-4951-43b3-aef0-b5438b92c99b/1/NH10tNpTekmfYM4YKqKHECnl-4c.roa
File: NH10tNpTekmfYM4YKqKHECnl-4c.roa (raw, json)
Hash identifier: uF2NhjgmaETqLwgIUIlu2W8e9K9eO6a8Bf/i9xGO62A=
Subject key identifier: 34:7D:74:B4:DA:53:7A:49:9F:60:CE:18:2A:A2:87:10:29:E5:FB:87
Certificate issuer: /CN=0013ca9a0ae71b10d29dba0cb3ecab5f10df5179
Certificate serial: 01857203155EC75C952DBC80DB30AA8B6024
Authority key identifier: 00:13:CA:9A:0A:E7:1B:10:D2:9D:BA:0C:B3:EC:AB:5F:10:DF:51:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ABPKmgrnGxDSnboMs-yrXxDfUXk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/7bdafb-4951-43b3-aef0-b5438b92c99b/1/NH10tNpTekmfYM4YKqKHECnl-4c.roa
Signing time: Mon 02 Jan 2023 10:24:42 +0000
ROA not before: Mon 02 Jan 2023 10:24:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39425
IP address blocks: 37.156.37.0/24 maxlen: 24
89.40.133.0/24 maxlen: 27
89.43.240.0/22 maxlen: 23
89.43.246.0/24 maxlen: 24
89.43.240.0/21 maxlen: 24
89.43.244.0/23 maxlen: 24
89.43.247.0/24 maxlen: 24
188.241.121.0/24 maxlen: 24
89.37.186.0/23 maxlen: 23
92.114.88.0/22 maxlen: 22
94.176.186.0/23 maxlen: 23
89.35.4.0/23 maxlen: 23
188.241.111.0/24 maxlen: 24
89.46.24.0/21 maxlen: 21
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:03:15:5e:c7:5c:95:2d:bc:80:db:30:aa:8b:60:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0013ca9a0ae71b10d29dba0cb3ecab5f10df5179
Validity
Not Before: Jan 2 10:24:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=347d74b4da537a499f60ce182aa2871029e5fb87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:aa:6b:d6:3e:34:c3:2e:cf:a0:0a:d1:25:4b:
d2:29:09:cc:aa:6f:63:5e:79:54:7d:f1:7a:f8:40:
4d:79:1f:55:f7:12:d5:56:f8:23:75:e4:7f:49:94:
3a:1b:56:63:39:91:7b:23:69:08:2a:5a:72:43:98:
ea:95:db:3c:25:2a:a8:42:d6:67:cf:ac:3c:22:d0:
d7:16:a1:2b:9b:56:b7:e6:77:d2:4d:47:e6:b6:47:
25:c6:e5:9b:0f:26:56:58:49:13:0f:13:34:08:54:
08:18:1f:08:22:84:d1:e6:36:23:07:0d:2b:7a:15:
00:2c:06:2a:51:4d:7c:76:9d:cd:4f:39:e7:fc:31:
1b:fb:87:21:71:a3:96:19:eb:b4:36:2b:f4:7b:b3:
09:49:04:55:f1:32:cf:e0:11:49:29:ba:59:f7:41:
3f:77:1b:01:65:35:01:d2:7a:76:61:22:56:dc:1a:
0b:74:16:a3:97:34:3c:35:3e:56:48:af:9b:76:5c:
46:89:66:8a:68:32:4e:a2:7a:49:89:58:b0:a9:6e:
e9:39:f2:2b:fa:80:f7:04:ab:ce:ad:0e:35:8c:1e:
5e:68:af:be:53:0c:e3:1c:13:ba:a9:83:43:b5:90:
55:47:b4:d8:4d:68:84:cb:63:8b:e0:2d:ec:c3:87:
46:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:7D:74:B4:DA:53:7A:49:9F:60:CE:18:2A:A2:87:10:29:E5:FB:87
X509v3 Authority Key Identifier:
keyid:00:13:CA:9A:0A:E7:1B:10:D2:9D:BA:0C:B3:EC:AB:5F:10:DF:51:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ABPKmgrnGxDSnboMs-yrXxDfUXk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/7bdafb-4951-43b3-aef0-b5438b92c99b/1/NH10tNpTekmfYM4YKqKHECnl-4c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/7bdafb-4951-43b3-aef0-b5438b92c99b/1/ABPKmgrnGxDSnboMs-yrXxDfUXk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.156.37.0/24
89.35.4.0/23
89.37.186.0/23
89.40.133.0/24
89.43.240.0/21
89.46.24.0/21
92.114.88.0/22
94.176.186.0/23
188.241.111.0/24
188.241.121.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:ed:9c:f5:78:8f:1c:95:71:7f:10:31:ec:3b:05:9e:b3:f5:
bc:37:20:ae:6b:da:12:94:92:67:1a:29:cf:89:1a:16:fa:c8:
c4:f5:d6:31:3d:bb:25:f5:58:81:da:b0:d4:d1:44:23:4e:17:
cc:e4:71:eb:e8:ee:de:78:f4:cb:0f:61:68:13:19:a2:96:7f:
cf:07:cd:74:56:c3:eb:d1:a6:38:7b:e4:30:7d:6d:75:d2:93:
04:05:1f:17:72:eb:2f:01:02:79:44:67:7a:d4:8f:97:fb:2a:
2d:ea:d0:3d:48:a0:01:73:6e:5c:0b:12:64:84:a2:af:3a:a2:
fb:d6:af:4f:00:09:2b:3b:4d:f0:d9:d8:3d:1e:4e:4f:9a:90:
dd:01:73:04:d0:45:3d:ee:15:dc:5c:b0:3a:e2:52:37:38:4a:
2a:e8:62:b2:a5:a8:8b:9e:4d:36:85:08:da:0b:d4:d0:bc:8c:
a0:9d:63:37:8e:c6:40:4d:b5:b7:77:39:ff:23:91:13:9f:13:
5a:8a:e3:32:ea:c3:8a:0c:63:6d:6c:4d:f0:1c:52:55:46:86:
e5:64:33:f1:57:7f:fc:8e:ad:c8:b7:ec:65:49:5d:47:66:a8:
90:6b:b5:3d:9c:0e:3f:34:99:83:01:19:44:5e:9c:22:dd:ae:
c0:ce:5f:b2
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYVyAxVex1yVLbyA2zCqi2AkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwMTNjYTlhMGFlNzFiMTBkMjlkYmEwY2IzZWNhYjVmMTBk
ZjUxNzkwHhcNMjMwMTAyMTAyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDdkNzRiNGRhNTM3YTQ5OWY2MGNlMTgyYWEyODcxMDI5ZTVmYjg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsKpr1j40wy7PoArRJUvSKQnMqm9j
XnlUffF6+EBNeR9V9xLVVvgjdeR/SZQ6G1ZjOZF7I2kIKlpyQ5jqlds8JSqoQtZn
z6w8ItDXFqErm1a35nfSTUfmtkclxuWbDyZWWEkTDxM0CFQIGB8IIoTR5jYjBw0r
ehUALAYqUU18dp3NTznn/DEb+4chcaOWGeu0Niv0e7MJSQRV8TLP4BFJKbpZ90E/
dxsBZTUB0np2YSJW3BoLdBajlzQ8NT5WSK+bdlxGiWaKaDJOonpJiViwqW7pOfIr
+oD3BKvOrQ41jB5eaK++UwzjHBO6qYNDtZBVR7TYTWiEy2OL4C3sw4dGGwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFDR9dLTaU3pJn2DOGCqihxAp5fuHMB8GA1UdIwQY
MBaAFAATypoK5xsQ0p26DLPsq18Q31F5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUJQS21ncm5HeERTbmJvTXMteXJYeERmVVhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi83YmRhZmItNDk1MS00M2IzLWFlZjAt
YjU0MzhiOTJjOTliLzEvTkgxMHROcFRla21mWU00WUtxS0hFQ25sLTRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi83YmRhZmItNDk1MS00M2IzLWFlZjAtYjU0MzhiOTJjOTli
LzEvQUJQS21ncm5HeERTbmJvTXMteXJYeERmVVhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAJZwlAwQB
WSMEAwQBWSW6AwQAWSiFAwQDWSvwAwQDWS4YAwQCXHJYAwQBXrC6AwQAvPFvAwQA
vPF5MA0GCSqGSIb3DQEBCwUAA4IBAQAq7Zz1eI8clXF/EDHsOwWes/W8NyCua9oS
lJJnGinPiRoW+sjE9dYxPbsl9ViB2rDU0UQjThfM5HHr6O7eePTLD2FoExmiln/P
B810VsPr0aY4e+QwfW110pMEBR8XcusvAQJ5RGd61I+X+yot6tA9SKABc25cCxJk
hKKvOqL71q9PAAkrO03w2dg9Hk5PmpDdAXME0EU97hXcXLA64lI3OEoq6GKypaiL
nk02hQjaC9TQvIygnWM3jsZATbW3dzn/I5ETnxNaiuMy6sOKDGNtbE3wHFJVRobl
ZDPxV3/8jq3It+xlSV1HZqiQa7U9nA4/NJmDARlEXpwi3a7Azl+y
Generated at Thu Aug 31 00:09:08 2023 by rpki-client on console-fra.rpki-client.org