Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/3d3c3b-1a95-4b50-8974-c1d0acb7819a/1/NnHmQZ6c7prNBguRlD_FmtJm3D0.roa
File: NnHmQZ6c7prNBguRlD_FmtJm3D0.roa (raw, json)
Hash identifier: 4oM7p1I+zzz4qarHKMhsXYpQWr66FnsF92zzQVCCIB0=
Subject key identifier: 36:71:E6:41:9E:9C:EE:9A:CD:06:0B:91:94:3F:C5:9A:D2:66:DC:3D
Certificate issuer: /CN=8f90f6b75e913f2782ed549eb72172c59cc47af1
Certificate serial: 0188D43775333312715C251F3E0A8D9FA9B8
Authority key identifier: 8F:90:F6:B7:5E:91:3F:27:82:ED:54:9E:B7:21:72:C5:9C:C4:7A:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j5D2t16RPyeC7VSetyFyxZzEevE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/3d3c3b-1a95-4b50-8974-c1d0acb7819a/1/NnHmQZ6c7prNBguRlD_FmtJm3D0.roa
Signing time: Mon 19 Jun 2023 15:13:04 +0000
ROA not before: Mon 19 Jun 2023 15:13:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203924
IP address blocks: 185.216.120.0/24 maxlen: 24
185.216.120.0/22 maxlen: 22
185.216.121.0/24 maxlen: 24
185.216.122.0/23 maxlen: 23
85.117.252.0/23 maxlen: 23
85.117.252.0/22 maxlen: 22
85.117.254.0/23 maxlen: 23
185.113.144.0/24 maxlen: 24
185.113.144.0/22 maxlen: 22
185.113.145.0/24 maxlen: 24
185.113.147.0/24 maxlen: 24
185.146.36.0/24 maxlen: 24
185.146.36.0/22 maxlen: 22
185.146.37.0/24 maxlen: 24
185.146.38.0/23 maxlen: 23
193.105.0.0/24 maxlen: 24
2a0b:b644::/30 maxlen: 30
2a0b:b640::/30 maxlen: 30
2a0b:b640::/29 maxlen: 29
2a07:4d00::/30 maxlen: 30
2a07:4d00::/29 maxlen: 29
2a06:6a40::/29 maxlen: 29
2a07:4d04::/30 maxlen: 30
Validation: Failed, certificate revoked on Wed 28 Jun 2023 23:23:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:d4:37:75:33:33:12:71:5c:25:1f:3e:0a:8d:9f:a9:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f90f6b75e913f2782ed549eb72172c59cc47af1
Validity
Not Before: Jun 19 15:13:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3671e6419e9cee9acd060b91943fc59ad266dc3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:86:57:66:d6:f8:95:bf:65:3c:fe:49:14:d1:
0a:d2:c1:d6:69:43:b1:72:24:3a:61:96:47:ed:d1:
88:2a:e9:c3:b7:54:f8:37:9d:73:58:14:71:f5:b0:
21:03:5d:84:6a:3d:fc:a1:24:68:a4:1b:5e:a7:fe:
52:60:f8:3f:4e:ba:b0:0e:27:ec:17:16:5b:98:06:
77:10:ef:c3:2c:77:ec:cb:fd:7e:a7:48:14:3d:19:
c9:fb:2d:2c:72:21:1b:30:7c:b5:46:c9:84:99:a7:
50:d8:6b:e0:3d:9b:51:32:d2:be:e8:b2:37:12:57:
0c:d3:28:2b:2b:49:9a:58:29:ba:a3:38:87:79:ea:
18:c0:f2:cd:36:79:77:c2:0e:96:29:33:52:50:c4:
29:1a:1a:6c:24:64:e6:fe:d2:27:d1:d5:79:66:62:
fc:45:80:24:e4:63:f9:76:69:81:0d:da:35:75:25:
5f:b5:58:0f:4c:a6:02:db:60:9a:39:81:ac:b1:78:
ee:7c:1b:df:cc:fe:fb:05:e3:f6:e4:3b:6a:f8:48:
83:88:ce:c1:31:b0:12:52:62:3b:40:40:69:fe:bb:
c5:c8:b1:b8:68:e9:19:c8:29:e8:3c:86:c0:60:49:
ab:f7:f6:a0:14:28:d8:7c:9b:a8:c6:39:16:16:39:
a5:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:71:E6:41:9E:9C:EE:9A:CD:06:0B:91:94:3F:C5:9A:D2:66:DC:3D
X509v3 Authority Key Identifier:
keyid:8F:90:F6:B7:5E:91:3F:27:82:ED:54:9E:B7:21:72:C5:9C:C4:7A:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j5D2t16RPyeC7VSetyFyxZzEevE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/3d3c3b-1a95-4b50-8974-c1d0acb7819a/1/NnHmQZ6c7prNBguRlD_FmtJm3D0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/3d3c3b-1a95-4b50-8974-c1d0acb7819a/1/j5D2t16RPyeC7VSetyFyxZzEevE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.117.252.0/22
185.113.144.0/22
185.146.36.0/22
185.216.120.0/22
193.105.0.0/24
IPv6:
2a06:6a40::/29
2a07:4d00::/29
2a0b:b640::/29
Signature Algorithm: sha256WithRSAEncryption
1e:9e:68:1c:3f:18:cb:95:67:7c:7b:9c:3b:e3:d3:a8:1a:44:
ac:08:ad:8f:6e:69:f7:8b:66:6f:b2:a8:30:6c:f5:3f:ae:03:
01:cc:6b:71:29:f7:28:df:ae:3f:f3:3e:90:8b:b2:cc:35:c1:
b0:97:d5:5f:ef:73:fc:30:5c:24:c4:62:1b:7d:c6:f0:c8:66:
5c:c1:99:8e:79:29:29:e0:91:0a:02:b0:fe:3b:a5:b5:fc:28:
fc:d8:e7:d9:3c:9d:71:43:ff:90:e5:2f:d9:c8:d3:d5:73:7b:
75:dd:19:c5:02:77:0a:a5:29:72:80:17:27:af:75:6e:a1:79:
17:03:c9:6c:f4:ae:a2:2a:63:2e:a9:80:22:1b:dc:60:a1:96:
17:0e:62:4a:4e:e8:03:4a:92:4d:17:6c:c0:cd:d5:ac:ee:e8:
f5:64:cb:8c:c2:bd:2b:94:fb:8f:36:e3:ab:78:1c:94:5a:11:
27:f4:d2:b5:04:82:8e:a1:28:64:24:1a:98:a7:b1:b3:de:ac:
a2:e7:bc:81:7e:bd:a5:af:dc:ee:80:52:34:ea:a9:86:42:07:
55:a5:96:92:7f:f9:a2:9a:1d:fb:a1:c4:e8:8b:be:38:27:e2:
89:4e:21:38:03:be:6d:a8:05:73:ff:0d:41:02:0d:a5:19:60:
5a:01:e1:6c
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAYjUN3UzMxJxXCUfPgqNn6m4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmOTBmNmI3NWU5MTNmMjc4MmVkNTQ5ZWI3MjE3MmM1OWNj
NDdhZjEwHhcNMjMwNjE5MTUxMzA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjcxZTY0MTllOWNlZTlhY2QwNjBiOTE5NDNmYzU5YWQyNjZkYzNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhYZXZtb4lb9lPP5JFNEK0sHWaUOx
ciQ6YZZH7dGIKunDt1T4N51zWBRx9bAhA12Eaj38oSRopBtep/5SYPg/TrqwDifs
FxZbmAZ3EO/DLHfsy/1+p0gUPRnJ+y0sciEbMHy1RsmEmadQ2GvgPZtRMtK+6LI3
ElcM0ygrK0maWCm6oziHeeoYwPLNNnl3wg6WKTNSUMQpGhpsJGTm/tIn0dV5ZmL8
RYAk5GP5dmmBDdo1dSVftVgPTKYC22CaOYGssXjufBvfzP77BeP25Dtq+EiDiM7B
MbASUmI7QEBp/rvFyLG4aOkZyCnoPIbAYEmr9/agFCjYfJuoxjkWFjml1QIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFDZx5kGenO6azQYLkZQ/xZrSZtw9MB8GA1UdIwQY
MBaAFI+Q9rdekT8ngu1UnrchcsWcxHrxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajVEMnQxNlJQeWVDN1ZTZXR5Rnl4WnpFZXZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8zZDNjM2ItMWE5NS00YjUwLTg5NzQt
YzFkMGFjYjc4MTlhLzEvTm5IbVFaNmM3cHJOQmd1UmxEX0ZtdEptM0QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8zZDNjM2ItMWE5NS00YjUwLTg5NzQtYzFkMGFjYjc4MTlh
LzEvajVEMnQxNlJQeWVDN1ZTZXR5Rnl4WnpFZXZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAkBAIAATAeAwQCVXX8AwQC
uXGQAwQCuZIkAwQCudh4AwQAwWkAMBsEAgACMBUDBQMqBmpAAwUDKgdNAAMFAyoL
tkAwDQYJKoZIhvcNAQELBQADggEBAB6eaBw/GMuVZ3x7nDvj06gaRKwIrY9uafeL
Zm+yqDBs9T+uAwHMa3Ep9yjfrj/zPpCLssw1wbCX1V/vc/wwXCTEYht9xvDIZlzB
mY55KSngkQoCsP47pbX8KPzY59k8nXFD/5DlL9nI09Vze3XdGcUCdwqlKXKAFyev
dW6heRcDyWz0rqIqYy6pgCIb3GChlhcOYkpO6ANKkk0XbMDN1azu6PVky4zCvSuU
+48246t4HJRaESf00rUEgo6hKGQkGpinsbPerKLnvIF+vaWv3O6AUjTqqYZCB1Wl
lpJ/+aKaHfuhxOiLvjgn4olOITgDvm2oBXP/DUECDaUZYFoB4Ww=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:00 2024 by rpki-client on console-ams.rpki-client.org