Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/N4qQymJ9QOjwcXAnb1v4NZJI8s8.roa
File: N4qQymJ9QOjwcXAnb1v4NZJI8s8.roa (raw, json)
Hash identifier: uY4fFezl82Rn/ZahR5g4Qovcqgl3JZb6jQXJZtAtISg=
Subject key identifier: 37:8A:90:CA:62:7D:40:E8:F0:71:70:27:6F:5B:F8:35:92:48:F2:CF
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 0188A68C4CDB6A7F6C62748DC6AAAE995DF8
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/N4qQymJ9QOjwcXAnb1v4NZJI8s8.roa
Signing time: Sat 10 Jun 2023 18:23:12 +0000
ROA not before: Sat 10 Jun 2023 18:23:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35346
IP address blocks: 194.114.144.0/24 maxlen: 25
194.114.144.128/27 maxlen: 27
45.67.116.0/24 maxlen: 24
91.242.103.0/24 maxlen: 24
91.242.108.0/22 maxlen: 22
91.242.112.0/20 maxlen: 24
185.195.4.0/22 maxlen: 22
178.175.176.0/22 maxlen: 24
91.242.70.0/23 maxlen: 24
91.242.64.0/18 maxlen: 24
91.242.72.0/23 maxlen: 24
91.242.74.0/24 maxlen: 24
91.242.75.0/24 maxlen: 24
2a07:5540::/29 maxlen: 29
2a09:4440::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:a6:8c:4c:db:6a:7f:6c:62:74:8d:c6:aa:ae:99:5d:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jun 10 18:23:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=378a90ca627d40e8f07170276f5bf8359248f2cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:7f:a5:98:bd:1f:83:20:38:31:f0:f7:7d:25:
5d:96:32:0a:d4:35:3b:92:a6:7a:db:f7:a8:67:f5:
1d:8d:4f:3e:98:d0:ce:6f:f0:c8:36:fe:50:0a:7e:
df:b1:1e:d4:a3:95:0b:aa:a5:08:39:46:93:24:0e:
90:bc:fc:28:f5:18:05:78:05:45:cd:fb:6a:20:de:
35:e7:39:f0:fe:d2:be:91:f3:e6:d0:8e:6e:2b:53:
e3:c3:ba:a4:a9:e1:a2:07:10:de:4e:3b:21:00:b5:
05:93:40:61:36:52:63:d8:a8:2e:43:b0:9e:82:a3:
f9:2c:f4:3f:74:3e:6d:30:ef:a0:4c:53:6e:67:7b:
a7:78:02:80:aa:f2:d5:72:94:24:9f:e2:69:df:4a:
55:80:31:6e:a5:ac:01:d2:83:a2:49:29:3a:a5:fd:
28:58:49:5f:57:f6:a1:2d:4a:a3:12:c1:7e:cf:7f:
b6:63:88:6d:4e:91:38:65:7f:f6:e9:6e:2b:23:1b:
e3:f8:69:e1:56:ef:ef:c5:e2:05:34:50:47:a8:9d:
b9:f5:5f:71:c2:87:e4:5a:1c:1f:22:6f:28:7b:37:
22:70:90:4b:54:73:dd:a1:10:61:12:95:9b:f5:73:
d6:ac:eb:de:ca:d9:c9:f0:c5:bc:08:df:e3:59:16:
a2:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:8A:90:CA:62:7D:40:E8:F0:71:70:27:6F:5B:F8:35:92:48:F2:CF
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/N4qQymJ9QOjwcXAnb1v4NZJI8s8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.116.0/24
91.242.64.0/18
178.175.176.0/22
185.195.4.0/22
194.114.144.0/24
IPv6:
2a07:5540::/29
2a09:4440::/29
Signature Algorithm: sha256WithRSAEncryption
60:18:e0:95:e4:5c:d0:68:ad:8c:98:f0:07:6a:15:38:7d:c3:
f1:ae:4b:16:d1:6e:5c:e0:82:4c:09:b6:42:4a:db:2e:c7:58:
37:ee:4b:65:1c:95:37:43:2d:9f:26:94:c4:b2:bd:55:b0:5b:
50:ef:77:06:69:09:c1:74:19:bd:98:0a:fd:d1:a7:0b:98:a5:
ea:89:1e:9d:c3:1c:cd:59:e4:92:78:d5:73:c8:70:fb:d2:b2:
2b:55:45:4b:ec:0a:8d:c4:dc:70:f9:02:52:5b:66:e0:25:4b:
ce:59:3d:2d:ae:af:89:8d:a3:b2:ed:98:06:5e:d4:5c:01:3d:
a6:8f:af:cf:db:82:4e:e0:05:99:1e:5c:9b:c6:86:ac:bb:e7:
0d:42:c7:f7:24:5c:64:9e:93:82:ba:16:b1:06:8b:24:a1:23:
0a:51:ee:0c:dc:26:43:64:ce:f0:1f:0f:18:ad:8c:a9:37:ac:
18:fd:aa:31:6c:ac:39:36:b0:a1:37:c7:7e:13:1f:c6:b7:81:
65:bf:ee:02:6d:cf:66:0f:96:56:f3:27:45:ec:c7:7c:16:51:
0c:47:6c:55:ac:b3:7c:98:4d:05:2d:d3:fd:72:70:b9:91:36:
a9:b1:1b:f6:3c:b2:cf:34:3b:6e:ad:e4:dc:a2:7b:dc:52:d2:
d8:71:5b:68
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYimjEzban9sYnSNxqqumV34MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMwNjEwMTgyMzEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzhhOTBjYTYyN2Q0MGU4ZjA3MTcwMjc2ZjViZjgzNTkyNDhmMmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl3+lmL0fgyA4MfD3fSVdljIK1DU7
kqZ62/eoZ/UdjU8+mNDOb/DINv5QCn7fsR7Uo5ULqqUIOUaTJA6QvPwo9RgFeAVF
zftqIN415znw/tK+kfPm0I5uK1Pjw7qkqeGiBxDeTjshALUFk0BhNlJj2KguQ7Ce
gqP5LPQ/dD5tMO+gTFNuZ3uneAKAqvLVcpQkn+Jp30pVgDFupawB0oOiSSk6pf0o
WElfV/ahLUqjEsF+z3+2Y4htTpE4ZX/26W4rIxvj+GnhVu/vxeIFNFBHqJ259V9x
wofkWhwfIm8oezcicJBLVHPdoRBhEpWb9XPWrOveytnJ8MW8CN/jWRai/QIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFDeKkMpifUDo8HFwJ29b+DWSSPLPMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvTjRxUXltSjlRT2p3Y1hBbmIxdjROWkpJOHM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQALUN0AwQG
W/JAAwQCsq+wAwQCucMEAwQAwnKQMBQEAgACMA4DBQMqB1VAAwUDKglEQDANBgkq
hkiG9w0BAQsFAAOCAQEAYBjgleRc0GitjJjwB2oVOH3D8a5LFtFuXOCCTAm2Qkrb
LsdYN+5LZRyVN0MtnyaUxLK9VbBbUO93BmkJwXQZvZgK/dGnC5il6okencMczVnk
knjVc8hw+9KyK1VFS+wKjcTccPkCUltm4CVLzlk9La6viY2jsu2YBl7UXAE9po+v
z9uCTuAFmR5cm8aGrLvnDULH9yRcZJ6TgroWsQaLJKEjClHuDNwmQ2TO8B8PGK2M
qTesGP2qMWysOTawoTfHfhMfxreBZb/uAm3PZg+WVvMnRezHfBZRDEdsVayzfJhN
BS3T/XJwuZE2qbEb9jyyzzQ7bq3k3KJ73FLS2HFbaA==
-----END CERTIFICATE-----
Generated at Thu Nov 16 08:43:49 2023 by rpki-client on console-fra.rpki-client.org