Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/NLhgqlpiCrPRZw85wNPttP4dEm4.roa
File: NLhgqlpiCrPRZw85wNPttP4dEm4.roa (raw, json)
Hash identifier: B/ERendM1W+uf2pEhzST04oL6BqxxWvOWqRvh9QLjUo=
Subject key identifier: 34:B8:60:AA:5A:62:0A:B3:D1:67:0F:39:C0:D3:ED:B4:FE:1D:12:6E
Certificate issuer: /CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
Certificate serial: 01891B0BAD838AE0B5F9945F81EA3CF6D527
Authority key identifier: 82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/NLhgqlpiCrPRZw85wNPttP4dEm4.roa
Signing time: Mon 03 Jul 2023 09:18:17 +0000
ROA not before: Mon 03 Jul 2023 09:18:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 88.218.101.0/24 maxlen: 24
88.218.102.0/23 maxlen: 23
88.218.100.0/24 maxlen: 24
141.98.240.0/24 maxlen: 24
195.206.108.0/24 maxlen: 24
195.206.109.0/24 maxlen: 24
193.31.72.0/24 maxlen: 24
193.31.73.0/24 maxlen: 24
193.31.75.0/24 maxlen: 24
85.209.218.0/23 maxlen: 23
85.209.216.0/24 maxlen: 24
139.28.138.0/23 maxlen: 23
139.28.137.0/24 maxlen: 24
45.84.44.0/24 maxlen: 24
194.5.0.0/22 maxlen: 22
45.84.45.0/24 maxlen: 24
45.84.47.0/24 maxlen: 24
141.98.241.0/24 maxlen: 24
141.98.242.0/23 maxlen: 23
194.124.52.0/22 maxlen: 22
85.8.188.0/24 maxlen: 24
85.8.189.0/24 maxlen: 24
85.8.190.0/23 maxlen: 23
92.119.180.0/24 maxlen: 24
92.119.181.0/24 maxlen: 24
45.157.74.0/23 maxlen: 23
45.14.72.0/24 maxlen: 24
5.182.100.0/24 maxlen: 24
5.182.101.0/24 maxlen: 24
5.182.103.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:31:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:1b:0b:ad:83:8a:e0:b5:f9:94:5f:81:ea:3c:f6:d5:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
Validity
Not Before: Jul 3 09:18:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=34b860aa5a620ab3d1670f39c0d3edb4fe1d126e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:d6:bd:b4:86:24:c2:1f:79:1d:8d:10:7f:31:
60:02:8e:3c:db:c0:6f:9c:4c:93:e4:03:34:6a:d5:
35:ea:04:39:b0:32:70:86:b9:f0:2b:cd:b7:9a:a8:
ce:89:73:6b:ff:da:96:a8:a1:48:ea:2b:9e:76:75:
45:36:3a:30:c1:f9:2b:8f:d4:21:32:d2:66:10:f2:
cd:31:dd:f0:54:e3:8e:e0:61:3c:e5:36:aa:05:3f:
9e:10:3c:7c:02:c9:1f:68:3d:8e:c5:fa:f9:64:2e:
89:a2:79:db:d0:ec:da:8b:d1:f5:d1:95:db:b0:7c:
25:d4:e6:92:95:60:14:b5:4d:04:e7:5d:60:ff:08:
08:8d:fe:7e:40:86:ae:85:f6:e4:85:a6:db:c3:95:
42:57:c1:28:e4:5a:b0:70:45:f6:29:f4:38:3f:26:
41:11:3a:d4:c7:5f:27:5c:2c:d2:4a:84:6d:9b:2a:
9a:d3:98:87:09:6b:d5:eb:7e:11:21:eb:f2:c3:c7:
47:29:6f:dd:17:61:d5:56:32:b7:c6:35:22:ff:97:
6b:f4:81:40:70:48:d1:7b:42:da:9a:0b:2d:0b:22:
5c:05:6c:5e:5c:aa:7e:67:83:14:f2:fa:bd:1b:11:
67:ea:05:dc:0f:87:61:04:4d:94:e1:28:5c:4e:19:
ec:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:B8:60:AA:5A:62:0A:B3:D1:67:0F:39:C0:D3:ED:B4:FE:1D:12:6E
X509v3 Authority Key Identifier:
keyid:82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/NLhgqlpiCrPRZw85wNPttP4dEm4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.100.0/23
5.182.103.0/24
45.14.72.0/24
45.84.44.0/23
45.84.47.0/24
45.157.74.0/23
85.8.188.0/22
85.209.216.0/24
85.209.218.0/23
88.218.100.0/22
92.119.180.0/23
139.28.137.0-139.28.139.255
141.98.240.0/22
193.31.72.0/23
193.31.75.0/24
194.5.0.0/22
194.124.52.0/22
195.206.108.0/23
Signature Algorithm: sha256WithRSAEncryption
1f:e7:07:d8:6e:00:fd:ce:dc:d2:ae:35:43:cb:bf:b9:b3:03:
dd:2d:12:de:cf:22:93:8d:a7:c4:75:3a:c8:6b:dc:97:fc:55:
44:49:3c:e6:cb:fe:27:4e:29:18:a3:c1:a0:cb:0a:d2:52:2a:
5f:6c:3f:e1:cb:8f:57:97:4b:a1:9f:b6:c5:b9:07:35:ad:62:
b0:3b:e9:f1:29:c3:2c:da:81:31:22:33:e0:ac:17:7b:71:ed:
e2:5c:c6:66:27:b8:cb:71:41:63:0f:5d:48:87:a7:11:2d:83:
0f:0e:ed:55:41:16:88:48:3c:e1:18:8d:68:52:b8:01:1e:d4:
5c:2e:fd:53:d4:bd:09:e3:7f:db:e1:0b:8a:28:63:02:1b:45:
c4:db:aa:99:9a:49:38:03:a3:6d:9e:4e:92:a6:3c:60:9b:eb:
25:66:d0:02:4b:fd:0f:57:ee:ae:26:ae:2a:b9:71:d3:27:33:
49:a8:66:ae:02:88:0a:7b:0d:e8:3e:b5:95:a6:92:5e:7d:5b:
48:17:f7:75:99:fd:d0:2c:6b:4a:0a:fd:d2:d2:9f:dc:77:ba:
75:6b:d5:76:5f:1f:96:75:8c:f8:00:73:82:d7:5a:50:8f:99:
8f:ac:81:d2:7c:a5:5e:84:46:1c:7b:f5:c6:d1:96:c4:4a:19:
63:3a:7e:a5
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgISAYkbC62DiuC1+ZRfgeo89tUnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMWEzZjIxZmIwYzI5NGQ2ZDRhNTI5YjJmMWRiZDRiZDEx
MTliZDcwHhcNMjMwNzAzMDkxODE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGI4NjBhYTVhNjIwYWIzZDE2NzBmMzljMGQzZWRiNGZlMWQxMjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyda9tIYkwh95HY0QfzFgAo4828Bv
nEyT5AM0atU16gQ5sDJwhrnwK823mqjOiXNr/9qWqKFI6iuednVFNjowwfkrj9Qh
MtJmEPLNMd3wVOOO4GE85TaqBT+eEDx8AskfaD2Oxfr5ZC6Jonnb0Ozai9H10ZXb
sHwl1OaSlWAUtU0E511g/wgIjf5+QIauhfbkhabbw5VCV8Eo5FqwcEX2KfQ4PyZB
ETrUx18nXCzSSoRtmyqa05iHCWvV634RIevyw8dHKW/dF2HVVjK3xjUi/5dr9IFA
cEjRe0LamgstCyJcBWxeXKp+Z4MU8vq9GxFn6gXcD4dhBE2U4ShcThnsWwIDAQAB
o4ICeDCCAnQwHQYDVR0OBBYEFDS4YKpaYgqz0WcPOcDT7bT+HRJuMB8GA1UdIwQY
MBaAFIIaPyH7DClNbUpSmy8dvUvREZvXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMt
YjZmMmFjODZlZjI3LzEvTkxoZ3FscGlDclBSWnc4NXdOUHR0UDRkRW00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMtYjZmMmFjODZlZjI3
LzEvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGNBggrBgEFBQcBBwEB/wR+MHwwegQCAAEwdAMEAQW2ZAME
AAW2ZwMEAC0OSAMEAS1ULAMEAC1ULwMEAS2dSgMEAlUIvAMEAFXR2AMEAVXR2gME
AljaZAMEAVx3tDAMAwQAixyJAwQCixyIAwQCjWLwAwQBwR9IAwQAwR9LAwQCwgUA
AwQCwnw0AwQBw85sMA0GCSqGSIb3DQEBCwUAA4IBAQAf5wfYbgD9ztzSrjVDy7+5
swPdLRLezyKTjafEdTrIa9yX/FVESTzmy/4nTikYo8GgywrSUipfbD/hy49Xl0uh
n7bFuQc1rWKwO+nxKcMs2oExIjPgrBd7ce3iXMZmJ7jLcUFjD11Ih6cRLYMPDu1V
QRaISDzhGI1oUrgBHtRcLv1T1L0J43/b4QuKKGMCG0XE26qZmkk4A6Ntnk6Spjxg
m+slZtACS/0PV+6uJq4quXHTJzNJqGauAogKew3oPrWVppJefVtIF/d1mf3QLGtK
Cv3S0p/cd7p1a9V2Xx+WdYz4AHOC11pQj5mPrIHSfKVehEYce/XG0ZbEShljOn6l
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:20 2024 by rpki-client on console-ams.rpki-client.org