Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/6137b8-1383-4b71-a189-063b40174597/1/N3L_QbqFBD0Z0uPZXvhl4h05hoQ.roa
File: N3L_QbqFBD0Z0uPZXvhl4h05hoQ.roa (raw, json)
Hash identifier: 9AnR9Sdnj39BSicwwOXBPpWjCaS5UFOdxL+Xt8I09O8=
Subject key identifier: 37:72:FF:41:BA:85:04:3D:19:D2:E3:D9:5E:F8:65:E2:1D:39:86:84
Certificate issuer: /CN=c4b21c89bc7e2b214067f30707a4a03dc346ee05
Certificate serial: 01856EC23B6228E2B8EEC944626A82EBE334
Authority key identifier: C4:B2:1C:89:BC:7E:2B:21:40:67:F3:07:07:A4:A0:3D:C3:46:EE:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xLIcibx-KyFAZ_MHB6SgPcNG7gU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/6137b8-1383-4b71-a189-063b40174597/1/N3L_QbqFBD0Z0uPZXvhl4h05hoQ.roa
Signing time: Sun 01 Jan 2023 19:15:00 +0000
ROA not before: Sun 01 Jan 2023 19:15:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205893
IP address blocks: 45.11.40.0/24 maxlen: 24
185.202.242.0/24 maxlen: 24
185.202.243.0/24 maxlen: 24
185.202.241.0/24 maxlen: 24
185.202.240.0/24 maxlen: 24
2a0a:e246::/32 maxlen: 32
2a0a:e245::/32 maxlen: 32
2a0a:e242::/32 maxlen: 32
2a0a:e241::/32 maxlen: 32
2a0a:e244::/32 maxlen: 32
2a0a:e247::/32 maxlen: 32
2a0a:e240::/32 maxlen: 32
2a0a:e243::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:30:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:c2:3b:62:28:e2:b8:ee:c9:44:62:6a:82:eb:e3:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4b21c89bc7e2b214067f30707a4a03dc346ee05
Validity
Not Before: Jan 1 19:15:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3772ff41ba85043d19d2e3d95ef865e21d398684
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:1a:1e:b5:1b:f8:12:6e:4f:f8:49:84:9c:0f:
1a:20:83:d6:82:7f:ad:dd:49:ca:3f:96:0a:fd:de:
a9:66:c6:ee:3f:74:72:4f:1f:1e:8e:f3:33:ed:22:
bc:9d:3d:19:f5:1c:60:95:7b:9a:d1:a1:aa:a8:aa:
69:c6:22:90:e4:65:c3:c0:d5:2f:1c:02:36:ed:de:
c5:81:e2:61:e5:e0:96:43:9f:07:de:4b:ff:f9:75:
b5:de:9f:b5:01:6d:cd:4d:a2:e3:2d:4e:f6:42:3f:
a0:3c:a5:26:1c:ef:e0:f2:42:34:b3:c1:a7:f8:15:
8e:da:d0:82:61:a9:50:c0:8c:be:43:1c:31:53:c9:
cc:70:0d:12:65:a3:d0:9b:d1:4a:86:56:c5:45:5f:
0e:f7:8a:cc:1a:02:d7:59:f7:99:ee:96:b2:ed:d1:
1f:ee:00:5b:2e:7a:f1:77:b3:98:93:f9:1c:38:4b:
b5:0a:30:13:ee:d4:5a:3a:00:b5:32:7d:36:1b:74:
be:39:84:11:3e:2f:f3:77:a5:bf:cf:a2:56:3c:83:
4d:0f:08:59:90:94:4b:e4:24:6f:88:49:cc:a2:68:
cb:6b:ec:e5:36:fd:b6:97:3d:26:5b:24:2b:68:f4:
e9:a1:9a:7b:8d:24:55:55:51:a7:3e:ba:c9:6d:5c:
1c:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:72:FF:41:BA:85:04:3D:19:D2:E3:D9:5E:F8:65:E2:1D:39:86:84
X509v3 Authority Key Identifier:
keyid:C4:B2:1C:89:BC:7E:2B:21:40:67:F3:07:07:A4:A0:3D:C3:46:EE:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xLIcibx-KyFAZ_MHB6SgPcNG7gU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/6137b8-1383-4b71-a189-063b40174597/1/N3L_QbqFBD0Z0uPZXvhl4h05hoQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/6137b8-1383-4b71-a189-063b40174597/1/xLIcibx-KyFAZ_MHB6SgPcNG7gU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.40.0/24
185.202.240.0/22
IPv6:
2a0a:e240::/29
Signature Algorithm: sha256WithRSAEncryption
0e:be:1e:ea:46:d0:2c:96:1b:e3:e5:4a:e4:e0:c4:ad:c1:de:
65:7e:0f:de:85:4c:27:df:ec:9e:fb:b7:96:d9:16:53:64:58:
20:69:2b:ab:fb:1c:eb:fd:80:4d:df:00:c3:bc:f2:26:60:2a:
0a:33:ca:32:42:c0:b1:be:35:35:6a:48:67:69:67:2f:54:06:
1a:7b:70:48:fb:03:a0:56:53:fe:76:e4:c5:15:14:de:3a:f2:
64:fe:1b:dc:ff:63:6e:36:5b:76:2d:97:a7:38:a1:6e:c3:c3:
c1:e4:4c:46:d6:d8:67:47:84:bd:c4:7f:00:ed:54:fa:db:fb:
48:d2:ba:51:8b:f3:a3:61:83:13:a3:9a:1b:f6:72:a5:03:11:
02:7e:77:f2:04:db:7e:48:43:72:17:e0:6e:fd:26:1b:ad:a4:
1b:e6:ea:d3:89:2d:97:26:2f:71:8a:7e:36:c4:29:d3:a6:83:
98:51:e9:7d:67:9b:f9:0f:58:cc:e9:6c:95:9d:bc:17:0c:49:
50:d2:1b:3b:ac:71:60:90:c3:3a:a8:59:fa:0e:89:9f:ea:f5:
51:e9:98:a7:a9:63:fd:34:07:54:57:4b:09:7b:d0:d8:1f:be:
74:57:e9:df:9c:b5:65:0a:27:ab:e2:67:3f:78:dd:64:0f:05:
ff:f7:ee:ab
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVuwjtiKOK47slEYmqC6+M0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0YjIxYzg5YmM3ZTJiMjE0MDY3ZjMwNzA3YTRhMDNkYzM0
NmVlMDUwHhcNMjMwMTAxMTkxNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzcyZmY0MWJhODUwNDNkMTlkMmUzZDk1ZWY4NjVlMjFkMzk4Njg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoxoetRv4Em5P+EmEnA8aIIPWgn+t
3UnKP5YK/d6pZsbuP3RyTx8ejvMz7SK8nT0Z9RxglXua0aGqqKppxiKQ5GXDwNUv
HAI27d7FgeJh5eCWQ58H3kv/+XW13p+1AW3NTaLjLU72Qj+gPKUmHO/g8kI0s8Gn
+BWO2tCCYalQwIy+QxwxU8nMcA0SZaPQm9FKhlbFRV8O94rMGgLXWfeZ7pay7dEf
7gBbLnrxd7OYk/kcOEu1CjAT7tRaOgC1Mn02G3S+OYQRPi/zd6W/z6JWPINNDwhZ
kJRL5CRviEnMomjLa+zlNv22lz0mWyQraPTpoZp7jSRVVVGnPrrJbVwcVQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDdy/0G6hQQ9GdLj2V74ZeIdOYaEMB8GA1UdIwQY
MBaAFMSyHIm8fishQGfzBwekoD3DRu4FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveExJY2lieC1LeUZBWl9NSEI2U2dQY05HN2dVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi82MTM3YjgtMTM4My00YjcxLWExODkt
MDYzYjQwMTc0NTk3LzEvTjNMX1FicUZCRDBaMHVQWlh2aGw0aDA1aG9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi82MTM3YjgtMTM4My00YjcxLWExODktMDYzYjQwMTc0NTk3
LzEveExJY2lieC1LeUZBWl9NSEI2U2dQY05HN2dVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQALQsoAwQC
ucrwMA0EAgACMAcDBQMqCuJAMA0GCSqGSIb3DQEBCwUAA4IBAQAOvh7qRtAslhvj
5Urk4MStwd5lfg/ehUwn3+ye+7eW2RZTZFggaSur+xzr/YBN3wDDvPImYCoKM8oy
QsCxvjU1akhnaWcvVAYae3BI+wOgVlP+duTFFRTeOvJk/hvc/2NuNlt2LZenOKFu
w8PB5ExG1thnR4S9xH8A7VT62/tI0rpRi/OjYYMTo5ob9nKlAxECfnfyBNt+SENy
F+Bu/SYbraQb5urTiS2XJi9xin42xCnTpoOYUel9Z5v5D1jM6WyVnbwXDElQ0hs7
rHFgkMM6qFn6Domf6vVR6ZinqWP9NAdUV0sJe9DYH750V+nfnLVlCier4mc/eN1k
DwX/9+6r
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:49 2024 by rpki-client on console-fra.rpki-client.org