Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/67703c-0ef9-465e-8a5a-314f729fa595/1/nNSPwnVvPpRZZjFE6iHVPX5Qfvc.roa
File: nNSPwnVvPpRZZjFE6iHVPX5Qfvc.roa (raw, json)
Hash identifier: heLDi6t35r3t/0ZGbL4flNfpnQT8t1un7LnXePwXpIg=
Subject key identifier: 9C:D4:8F:C2:75:6F:3E:94:59:66:31:44:EA:21:D5:3D:7E:50:7E:F7
Certificate issuer: /CN=a28815e43926af7eb961de7b703aed6328953e30
Certificate serial: 018AE11E40341A4F36CB4E4A482EE008350F
Authority key identifier: A2:88:15:E4:39:26:AF:7E:B9:61:DE:7B:70:3A:ED:63:28:95:3E:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oogV5Dkmr365Yd57cDrtYyiVPjA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/67703c-0ef9-465e-8a5a-314f729fa595/1/nNSPwnVvPpRZZjFE6iHVPX5Qfvc.roa
Signing time: Fri 29 Sep 2023 13:26:10 +0000
ROA not before: Fri 29 Sep 2023 13:26:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35625
IP address blocks: 195.90.116.0/22 maxlen: 22
94.158.180.0/22 maxlen: 22
85.208.216.0/22 maxlen: 22
109.197.240.0/21 maxlen: 21
185.39.168.0/22 maxlen: 22
195.190.27.0/24 maxlen: 24
45.15.204.0/22 maxlen: 22
91.212.236.0/24 maxlen: 24
185.218.212.0/22 maxlen: 22
185.181.4.0/22 maxlen: 22
185.31.148.0/22 maxlen: 22
91.229.136.0/24 maxlen: 24
2a00:ba60::/32 maxlen: 32
2a00:ba60::/31 maxlen: 31
2a00:ba62::/32 maxlen: 32
2a09:8c40::/29 maxlen: 29
2a00:ba61::/32 maxlen: 32
2a00:ba67::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:e1:1e:40:34:1a:4f:36:cb:4e:4a:48:2e:e0:08:35:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a28815e43926af7eb961de7b703aed6328953e30
Validity
Not Before: Sep 29 13:26:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9cd48fc2756f3e9459663144ea21d53d7e507ef7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:48:f0:a7:5e:94:0f:1c:0e:68:b2:a0:68:6f:
40:4b:35:8c:b8:92:c0:35:22:83:96:a9:e5:5b:8f:
56:81:ed:69:39:ba:ee:be:9b:fb:de:5f:1b:3d:12:
4c:6e:ae:66:f7:ee:2d:92:26:8e:91:ce:de:03:ce:
ff:e1:2b:a3:54:98:53:86:d4:4a:7f:61:d8:cf:d7:
01:02:ef:c5:d0:d5:d6:5a:a8:a6:d4:b0:7c:55:49:
07:79:34:6a:fd:c7:64:20:67:27:6e:6f:60:ea:fd:
cd:08:8c:a1:62:ec:6a:a4:2b:d0:d7:2e:8a:0b:0a:
89:73:2e:29:6c:cd:05:b3:4d:df:b6:88:86:a8:f7:
ba:9f:05:dd:e1:94:68:b9:92:fd:ad:4c:4b:b3:25:
09:0d:e5:66:91:24:bd:43:df:95:d7:2d:92:08:e9:
40:00:cb:2d:a5:68:20:be:53:71:a9:51:a2:dd:9d:
3a:95:e1:fd:1e:dc:10:52:ec:58:1c:8d:de:9c:bb:
fe:88:f5:3e:84:fa:1f:02:7b:aa:ce:11:5d:4b:d7:
10:ee:6f:2a:e7:6c:d6:9d:61:d8:a2:eb:e7:e2:ab:
a4:25:66:1f:90:b0:d7:83:e8:ff:0c:30:bd:59:ba:
c2:df:8c:0a:0e:6b:d6:e1:0f:f3:9d:06:18:1e:7f:
bf:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:D4:8F:C2:75:6F:3E:94:59:66:31:44:EA:21:D5:3D:7E:50:7E:F7
X509v3 Authority Key Identifier:
keyid:A2:88:15:E4:39:26:AF:7E:B9:61:DE:7B:70:3A:ED:63:28:95:3E:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oogV5Dkmr365Yd57cDrtYyiVPjA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/67703c-0ef9-465e-8a5a-314f729fa595/1/nNSPwnVvPpRZZjFE6iHVPX5Qfvc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/67703c-0ef9-465e-8a5a-314f729fa595/1/oogV5Dkmr365Yd57cDrtYyiVPjA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.204.0/22
85.208.216.0/22
91.212.236.0/24
91.229.136.0/24
94.158.180.0/22
109.197.240.0/21
185.31.148.0/22
185.39.168.0/22
185.181.4.0/22
185.218.212.0/22
195.90.116.0/22
195.190.27.0/24
IPv6:
2a00:ba60::-2a00:ba62:ffff:ffff:ffff:ffff:ffff:ffff
2a00:ba67::/32
2a09:8c40::/29
Signature Algorithm: sha256WithRSAEncryption
7f:1e:6a:40:31:dd:82:2c:2e:08:cc:59:1f:6e:7c:1e:bc:a5:
75:5c:9b:28:88:69:e4:cf:64:17:5a:99:1b:ff:ea:e5:2e:43:
e3:46:0e:6f:56:1b:d5:b1:78:87:94:d7:2e:37:db:e4:7e:7a:
f6:bf:46:74:aa:c8:26:b8:0d:91:2f:d5:f7:49:e3:71:12:87:
24:47:c4:a9:c7:b2:a3:5b:96:a6:f3:ef:44:ff:9e:58:7f:c2:
85:c2:31:f0:fc:5c:84:53:b6:61:4c:30:bc:b3:3e:95:d3:db:
d7:39:3e:de:67:23:1c:55:33:63:7c:1d:82:d2:25:c4:27:6e:
bd:d0:c3:90:35:b1:89:f3:81:3f:20:c8:d9:d6:11:0e:6f:b2:
1d:c9:42:c0:29:f8:eb:4b:6d:a5:85:fc:f0:b0:7a:c0:75:a7:
e1:56:1e:5d:ce:09:b8:d8:8c:7a:b4:f0:f3:d9:a2:07:19:af:
94:ad:2d:82:a4:47:db:d9:1f:14:56:3d:44:73:3e:4b:1e:42:
21:35:2c:83:90:ad:18:13:f2:cc:0b:85:ea:ed:cb:5d:30:d0:
ba:36:94:59:29:c6:6b:47:e1:c0:8c:75:95:33:28:33:d5:2e:
c1:61:99:e8:03:f2:22:2b:4d:78:69:7f:74:21:35:ef:42:21:
cf:9d:39:8c
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgISAYrhHkA0Gk82y05KSC7gCDUPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyODgxNWU0MzkyNmFmN2ViOTYxZGU3YjcwM2FlZDYzMjg5
NTNlMzAwHhcNMjMwOTI5MTMyNjEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2Q0OGZjMjc1NmYzZTk0NTk2NjMxNDRlYTIxZDUzZDdlNTA3ZWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhkjwp16UDxwOaLKgaG9ASzWMuJLA
NSKDlqnlW49Wge1pObruvpv73l8bPRJMbq5m9+4tkiaOkc7eA87/4SujVJhThtRK
f2HYz9cBAu/F0NXWWqim1LB8VUkHeTRq/cdkIGcnbm9g6v3NCIyhYuxqpCvQ1y6K
CwqJcy4pbM0Fs03ftoiGqPe6nwXd4ZRouZL9rUxLsyUJDeVmkSS9Q9+V1y2SCOlA
AMstpWggvlNxqVGi3Z06leH9HtwQUuxYHI3enLv+iPU+hPofAnuqzhFdS9cQ7m8q
52zWnWHYouvn4qukJWYfkLDXg+j/DDC9WbrC34wKDmvW4Q/znQYYHn+/NwIDAQAB
o4ICcjCCAm4wHQYDVR0OBBYEFJzUj8J1bz6UWWYxROoh1T1+UH73MB8GA1UdIwQY
MBaAFKKIFeQ5Jq9+uWHee3A67WMolT4wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb29nVjVEa21yMzY1WWQ1N2NEcnRZeWlWUGpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS82NzcwM2MtMGVmOS00NjVlLThhNWEt
MzE0ZjcyOWZhNTk1LzEvbk5TUHduVnZQcFJaWmpGRTZpSFZQWDVRZnZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS82NzcwM2MtMGVmOS00NjVlLThhNWEtMzE0ZjcyOWZhNTk1
LzEvb29nVjVEa21yMzY1WWQ1N2NEcnRZeWlWUGpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGHBggrBgEFBQcBBwEB/wR4MHYwTgQCAAEwSAMEAi0PzAME
AlXQ2AMEAFvU7AMEAFvliAMEAl6etAMEA23F8AMEArkflAMEArknqAMEArm1BAME
Arna1AMEAsNadAMEAMO+GzAkBAIAAjAeMA4DBQUqALpgAwUAKgC6YgMFACoAumcD
BQMqCYxAMA0GCSqGSIb3DQEBCwUAA4IBAQB/HmpAMd2CLC4IzFkfbnwevKV1XJso
iGnkz2QXWpkb/+rlLkPjRg5vVhvVsXiHlNcuN9vkfnr2v0Z0qsgmuA2RL9X3SeNx
EockR8Spx7KjW5am8+9E/55Yf8KFwjHw/FyEU7ZhTDC8sz6V09vXOT7eZyMcVTNj
fB2C0iXEJ2690MOQNbGJ84E/IMjZ1hEOb7IdyULAKfjrS22lhfzwsHrAdafhVh5d
zgm42Ix6tPDz2aIHGa+UrS2CpEfb2R8UVj1Ecz5LHkIhNSyDkK0YE/LMC4Xq7ctd
MNC6NpRZKcZrR+HAjHWVMygz1S7BYZnoA/IiK014aX90ITXvQiHPnTmM
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:16:13 2024 by rpki-client on console-ams.rpki-client.org