Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/njjT7ywMCCwgJKykclJU1k-b-3c.roa
File: njjT7ywMCCwgJKykclJU1k-b-3c.roa (raw, json)
Hash identifier: 1/FTV3I8CMR+A6nMcBNIV+YJPJfD9BePKHc9R0f0N4A=
Subject key identifier: 9E:38:D3:EF:2C:0C:08:2C:20:24:AC:A4:72:52:54:D6:4F:9B:FB:77
Certificate issuer: /CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Certificate serial: 01894459D7B6FCE5112EB1B200220862368E
Authority key identifier: 71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/njjT7ywMCCwgJKykclJU1k-b-3c.roa
Signing time: Tue 11 Jul 2023 09:48:05 +0000
ROA not before: Tue 11 Jul 2023 09:48:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200313
IP address blocks: 185.232.52.0/24 maxlen: 24
195.43.147.0/24 maxlen: 24
185.212.128.0/23 maxlen: 23
185.212.130.0/24 maxlen: 24
185.212.131.0/24 maxlen: 24
45.148.145.0/24 maxlen: 24
185.224.218.0/24 maxlen: 24
194.40.241.0/24 maxlen: 24
45.142.2.0/24 maxlen: 24
2a0d:1640::/32 maxlen: 32
2a0d:63c0::/32 maxlen: 32
2a0d:1643::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 31 Jul 2023 10:35:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:44:59:d7:b6:fc:e5:11:2e:b1:b2:00:22:08:62:36:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Validity
Not Before: Jul 11 09:48:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9e38d3ef2c0c082c2024aca4725254d64f9bfb77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:6b:4d:39:2c:67:48:fe:42:2d:05:9a:93:a0:
86:d5:9a:3f:79:cb:bf:ef:3f:ac:b1:bb:d9:0e:bc:
1f:02:8f:4c:90:ee:78:14:29:d9:1b:84:ed:8b:e1:
c8:aa:bf:84:79:a2:89:3c:12:37:a4:14:cc:91:73:
f3:dc:e0:ad:21:4a:6b:9f:23:f1:eb:b5:1c:c4:06:
ce:6c:81:02:78:35:40:ee:4c:81:f6:46:7c:c1:64:
9d:fc:c2:f8:32:9b:72:3d:e3:0f:f0:c6:d2:df:f9:
2e:e9:5c:f9:14:a2:7d:80:99:d3:1a:3c:9c:f0:e5:
7b:a8:7f:c5:32:01:cb:d5:be:83:a8:25:36:9d:93:
13:ed:c8:23:bf:f2:db:06:e7:3f:76:f4:6e:73:e7:
3b:56:52:a6:cc:26:18:f8:49:39:12:95:47:ec:10:
8a:6e:37:48:2f:10:58:d8:d9:e9:b5:90:02:a2:8a:
db:9c:17:4f:37:00:67:65:e1:c2:a3:68:38:89:56:
eb:1a:75:77:c5:74:59:d1:76:8c:c7:e6:1c:68:a8:
00:ec:6e:3f:2d:48:2b:ad:55:fd:de:c8:85:b3:ca:
f5:1d:e5:f5:8a:b8:93:66:3f:07:39:7a:3a:9e:16:
bd:3f:fa:a1:d7:27:62:62:58:14:f9:66:21:d2:81:
10:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:38:D3:EF:2C:0C:08:2C:20:24:AC:A4:72:52:54:D6:4F:9B:FB:77
X509v3 Authority Key Identifier:
keyid:71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/njjT7ywMCCwgJKykclJU1k-b-3c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/cb3erw8w-9r551uSrH1b0T8oXec.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.2.0/24
45.148.145.0/24
185.212.128.0/22
185.224.218.0/24
185.232.52.0/24
194.40.241.0/24
195.43.147.0/24
IPv6:
2a0d:1640::/32
2a0d:1643::/32
2a0d:63c0::/32
Signature Algorithm: sha256WithRSAEncryption
43:bf:4d:fb:df:bc:4b:d1:00:1a:15:b3:4b:e2:12:72:31:da:
e0:b2:86:e5:52:a0:32:32:ce:9d:3a:38:96:82:8e:4b:5b:4f:
8e:fc:e7:17:8d:4a:a5:41:f8:a8:91:61:5f:6b:14:68:15:c5:
af:60:c1:29:35:ee:cf:7f:06:3b:5f:5b:95:90:5e:69:0d:a6:
1c:d6:55:30:3e:a8:5d:ae:94:8b:8f:dd:87:86:2a:e6:61:d1:
1b:53:89:a3:c1:fc:45:7f:34:d7:f3:b7:8a:f9:78:23:93:36:
a4:90:aa:51:7b:5b:ae:02:9a:e4:d1:77:ba:32:a3:53:1f:60:
72:07:e7:95:a0:b8:d9:0c:49:ee:3c:4b:b8:15:c8:ad:ff:ae:
f0:56:62:a8:0c:0b:a5:5d:1f:d4:55:ab:27:dd:0f:f5:01:46:
00:b0:7d:d1:8a:5e:3a:d5:b1:f2:49:23:79:16:87:ee:bd:fd:
90:43:8e:45:b7:ee:af:30:28:68:87:5b:a7:d0:b2:64:72:d2:
5f:92:74:06:40:9f:2a:e3:8c:8c:c6:e2:6e:e6:04:0b:f9:75:
e5:6c:ae:90:6c:96:44:04:94:4b:ed:4a:a5:cb:5b:15:76:5b:
73:b8:a3:c9:a0:5c:a1:2c:6d:44:3b:29:29:72:78:9c:ef:e5:
12:d8:c6:e0
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAYlEWde2/OURLrGyACIIYjaOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYmRkZWFmMGYzMGZiZGFmOWU3NWI5MmFjN2Q1YmQxM2Yy
ODVkZTcwHhcNMjMwNzExMDk0ODA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTM4ZDNlZjJjMGMwODJjMjAyNGFjYTQ3MjUyNTRkNjRmOWJmYjc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA32tNOSxnSP5CLQWak6CG1Zo/ecu/
7z+ssbvZDrwfAo9MkO54FCnZG4Tti+HIqr+EeaKJPBI3pBTMkXPz3OCtIUprnyPx
67UcxAbObIECeDVA7kyB9kZ8wWSd/ML4MptyPeMP8MbS3/ku6Vz5FKJ9gJnTGjyc
8OV7qH/FMgHL1b6DqCU2nZMT7cgjv/LbBuc/dvRuc+c7VlKmzCYY+Ek5EpVH7BCK
bjdILxBY2NnptZACoorbnBdPNwBnZeHCo2g4iVbrGnV3xXRZ0XaMx+YcaKgA7G4/
LUgrrVX93siFs8r1HeX1iriTZj8HOXo6nha9P/qh1ydiYlgU+WYh0oEQbQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFJ440+8sDAgsICSspHJSVNZPm/t3MB8GA1UdIwQY
MBaAFHG93q8PMPva+edbkqx9W9E/KF3nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUt
NDc3MjMxMTkxYTM1LzEvbmpqVDd5d01DQ3dnSkt5a2NsSlUxay1iLTNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUtNDc3MjMxMTkxYTM1
LzEvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzAwBAIAATAqAwQALY4CAwQA
LZSRAwQCudSAAwQAueDaAwQAueg0AwQAwijxAwQAwyuTMBsEAgACMBUDBQAqDRZA
AwUAKg0WQwMFACoNY8AwDQYJKoZIhvcNAQELBQADggEBAEO/TfvfvEvRABoVs0vi
EnIx2uCyhuVSoDIyzp06OJaCjktbT4785xeNSqVB+KiRYV9rFGgVxa9gwSk17s9/
BjtfW5WQXmkNphzWVTA+qF2ulIuP3YeGKuZh0RtTiaPB/EV/NNfzt4r5eCOTNqSQ
qlF7W64CmuTRd7oyo1MfYHIH55WguNkMSe48S7gVyK3/rvBWYqgMC6VdH9RVqyfd
D/UBRgCwfdGKXjrVsfJJI3kWh+69/ZBDjkW37q8wKGiHW6fQsmRy0l+SdAZAnyrj
jIzG4m7mBAv5deVsrpBslkQElEvtSqXLWxV2W3O4o8mgXKEsbUQ7KSlyeJzv5RLY
xuA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:08 2024 by rpki-client on console-fra.rpki-client.org