Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/NMX-_MKkKNd6NeOS1gzZpSeJE8M.roa
File: NMX-_MKkKNd6NeOS1gzZpSeJE8M.roa (raw, json)
Hash identifier: zk5Gq9rSqeauP7YXLNRGPkkPB85CmLg8jwtrElGP7lE=
Subject key identifier: 34:C5:FE:FC:C2:A4:28:D7:7A:35:E3:92:D6:0C:D9:A5:27:89:13:C3
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018BD4309B5FBEC9D02CEBCC1424F1A5ECB4
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/NMX-_MKkKNd6NeOS1gzZpSeJE8M.roa
Signing time: Wed 15 Nov 2023 18:13:57 +0000
ROA not before: Wed 15 Nov 2023 18:13:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207177
IP address blocks: 91.242.81.0/24 maxlen: 24
171.22.52.0/22 maxlen: 22
45.67.117.0/24 maxlen: 24
45.86.16.0/22 maxlen: 22
45.86.17.0/24 maxlen: 24
45.86.16.0/24 maxlen: 24
45.86.18.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d4:30:9b:5f:be:c9:d0:2c:eb:cc:14:24:f1:a5:ec:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Nov 15 18:13:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=34c5fefcc2a428d77a35e392d60cd9a5278913c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:11:cc:b4:fe:e7:da:76:0c:cf:40:4a:ce:97:
9d:4b:05:3a:c7:75:c5:32:54:6f:1d:d4:81:0e:92:
45:60:30:29:da:ac:c4:e2:e4:2d:af:60:0f:e0:93:
23:c2:aa:46:68:45:23:5a:04:8b:ac:00:f1:12:ac:
73:1b:5a:ce:32:04:b6:cd:59:42:67:5e:57:98:f3:
b9:94:3e:8f:88:7d:a1:1a:15:61:39:10:6b:e5:76:
b9:e0:b6:00:e7:93:0a:8b:40:39:63:d1:44:b4:36:
cc:c6:fc:a1:5f:fe:de:d3:a9:75:7c:cd:90:bf:92:
3b:d3:c4:59:99:c0:47:df:ec:fc:ac:c6:e2:10:67:
2b:13:b8:f5:60:bb:b2:40:21:e6:0e:6b:b4:36:25:
b5:0a:e9:e3:8d:e5:89:56:c6:50:9e:dc:97:f1:8e:
bc:c6:97:2a:bc:63:60:d9:8f:35:09:cf:2c:c8:a2:
ec:f4:56:8c:17:04:fc:77:ad:1d:39:f3:fc:5c:c5:
94:0e:bd:97:75:4d:0a:23:0e:34:a8:ec:1c:78:39:
df:2c:47:ab:43:20:9c:98:dc:46:1e:0e:6c:e5:a7:
ce:2d:4f:6d:cf:92:3d:1e:ca:48:5e:80:89:33:0a:
7d:70:66:56:b4:a0:44:fe:d6:36:68:f0:86:4b:6e:
f6:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:C5:FE:FC:C2:A4:28:D7:7A:35:E3:92:D6:0C:D9:A5:27:89:13:C3
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/NMX-_MKkKNd6NeOS1gzZpSeJE8M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.117.0/24
45.86.16.0/22
91.242.81.0/24
171.22.52.0/22
Signature Algorithm: sha256WithRSAEncryption
a2:14:ca:90:42:e4:69:ec:76:88:72:f8:1f:5b:12:4c:61:47:
3c:33:11:d8:08:0f:9b:9e:fd:82:4d:59:bc:da:a6:2e:e7:e6:
13:4d:b2:cc:90:56:32:d2:83:d5:7f:5f:2b:86:6c:dd:7f:e5:
3e:fc:eb:a4:78:0b:61:c8:fb:cf:da:5f:48:42:da:74:fc:c1:
fe:40:ee:71:7d:1d:db:34:1d:6e:d9:4f:b9:0f:a1:02:fc:a0:
7c:e0:e8:3f:a9:d8:27:5c:8d:18:78:37:4d:bf:17:27:34:b4:
bc:96:78:a4:43:42:2b:70:b6:28:e1:6d:84:f5:d9:9c:54:e3:
f3:01:e4:df:54:70:37:5d:b2:2a:45:33:60:50:af:7f:17:73:
aa:be:59:e3:d9:fb:1a:0a:b1:ea:70:5f:95:6a:7d:2c:61:33:
32:24:0b:a6:a1:50:5a:18:91:14:48:7b:4a:47:1f:f6:be:55:
ee:20:85:25:48:de:10:4a:2f:5d:81:a9:bb:1d:7a:d3:26:53:
04:58:ab:eb:c0:ff:38:ef:7e:6b:dd:cc:b7:9d:b3:57:0e:a5:
6d:cc:15:cb:cb:aa:25:89:88:0c:6e:12:b6:2e:aa:97:a1:28:
93:7d:2b:60:61:9f:02:39:e1:1a:05:7f:4d:a8:93:92:9c:49:
82:04:3e:b4
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYvUMJtfvsnQLOvMFCTxpey0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMxMTE1MTgxMzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGM1ZmVmY2MyYTQyOGQ3N2EzNWUzOTJkNjBjZDlhNTI3ODkxM2MzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjhHMtP7n2nYMz0BKzpedSwU6x3XF
MlRvHdSBDpJFYDAp2qzE4uQtr2AP4JMjwqpGaEUjWgSLrADxEqxzG1rOMgS2zVlC
Z15XmPO5lD6PiH2hGhVhORBr5Xa54LYA55MKi0A5Y9FEtDbMxvyhX/7e06l1fM2Q
v5I708RZmcBH3+z8rMbiEGcrE7j1YLuyQCHmDmu0NiW1CunjjeWJVsZQntyX8Y68
xpcqvGNg2Y81Cc8syKLs9FaMFwT8d60dOfP8XMWUDr2XdU0KIw40qOwceDnfLEer
QyCcmNxGHg5s5afOLU9tz5I9HspIXoCJMwp9cGZWtKBE/tY2aPCGS272NwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDTF/vzCpCjXejXjktYM2aUniRPDMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvTk1YLV9NS2tLTmQ2TmVPUzFnelpwU2VKRThNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALUN1AwQC
LVYQAwQAW/JRAwQCqxY0MA0GCSqGSIb3DQEBCwUAA4IBAQCiFMqQQuRp7HaIcvgf
WxJMYUc8MxHYCA+bnv2CTVm82qYu5+YTTbLMkFYy0oPVf18rhmzdf+U+/OukeAth
yPvP2l9IQtp0/MH+QO5xfR3bNB1u2U+5D6EC/KB84Og/qdgnXI0YeDdNvxcnNLS8
lnikQ0IrcLYo4W2E9dmcVOPzAeTfVHA3XbIqRTNgUK9/F3Oqvlnj2fsaCrHqcF+V
an0sYTMyJAumoVBaGJEUSHtKRx/2vlXuIIUlSN4QSi9dgam7HXrTJlMEWKvrwP84
735r3cy3nbNXDqVtzBXLy6oliYgMbhK2LqqXoSiTfStgYZ8COeEaBX9NqJOSnEmC
BD60
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:56:21 2024 by rpki-client on console-fra.rpki-client.org