Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/2727b5-5ecb-485f-b7d9-a2fd28840a03/1/NJa9JFsbPBrBGb8PnvEPO75owgU.roa
File: NJa9JFsbPBrBGb8PnvEPO75owgU.roa (raw, json)
Hash identifier: vYI2/v85432AoEqLb4CsW0uiNtr+hQO4hS4LK6K5yqQ=
Subject key identifier: 34:96:BD:24:5B:1B:3C:1A:C1:19:BF:0F:9E:F1:0F:3B:BE:68:C2:05
Certificate issuer: /CN=acfeacea5d812f3030c557e48c53758753fb6c6b
Certificate serial: 018572DEFE641FEA0934599B7BB81E07416D
Authority key identifier: AC:FE:AC:EA:5D:81:2F:30:30:C5:57:E4:8C:53:75:87:53:FB:6C:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rP6s6l2BLzAwxVfkjFN1h1P7bGs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/2727b5-5ecb-485f-b7d9-a2fd28840a03/1/NJa9JFsbPBrBGb8PnvEPO75owgU.roa
Signing time: Mon 02 Jan 2023 14:24:54 +0000
ROA not before: Mon 02 Jan 2023 14:24:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9158
IP address blocks: 94.144.0.0/13 maxlen: 13
212.242.0.0/16 maxlen: 16
213.237.0.0/17 maxlen: 17
85.80.0.0/14 maxlen: 14
213.83.128.0/17 maxlen: 17
5.33.0.0/16 maxlen: 16
62.79.0.0/16 maxlen: 16
77.212.0.0/14 maxlen: 14
130.227.0.0/16 maxlen: 16
83.72.0.0/14 maxlen: 14
192.38.128.0/17 maxlen: 17
195.82.192.0/19 maxlen: 19
195.47.128.0/18 maxlen: 18
212.54.64.0/19 maxlen: 19
62.66.0.0/16 maxlen: 16
62.121.160.0/19 maxlen: 19
217.157.0.0/16 maxlen: 16
37.96.0.0/16 maxlen: 16
80.91.0.0/20 maxlen: 20
2.128.0.0/14 maxlen: 14
130.228.0.0/16 maxlen: 16
212.88.64.0/19 maxlen: 19
185.116.184.0/22 maxlen: 22
129.142.0.0/16 maxlen: 16
2001:1580::/32 maxlen: 32
2a02:2a30::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:de:fe:64:1f:ea:09:34:59:9b:7b:b8:1e:07:41:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=acfeacea5d812f3030c557e48c53758753fb6c6b
Validity
Not Before: Jan 2 14:24:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3496bd245b1b3c1ac119bf0f9ef10f3bbe68c205
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:07:4b:f3:1a:81:8e:13:e4:68:ff:af:2e:d9:
cb:8f:5f:3c:b7:22:ca:72:76:66:e8:14:c2:f0:ec:
2d:73:1d:c8:37:8b:5f:2a:c9:bc:48:d5:7a:ab:f3:
15:c4:b1:01:f7:fe:4c:c5:b7:2f:3d:78:36:99:15:
66:c9:2a:c8:70:38:e2:4a:d8:34:fe:3a:7a:5d:ae:
4c:ec:aa:4d:b1:9b:52:21:b1:95:e1:13:89:8e:a9:
b5:6d:37:90:e6:3a:1b:26:b1:05:16:0e:6f:61:f6:
1d:52:cd:94:6c:50:75:f6:0a:90:5c:c6:4a:cd:a0:
37:e8:3b:62:71:f3:43:14:94:28:b2:70:20:cf:d4:
ab:2d:c0:64:ff:ac:24:51:f8:85:f1:06:aa:13:d3:
b9:04:fd:a0:25:97:bf:cd:24:8f:e3:6b:e3:2e:12:
0a:5c:20:ae:9e:d1:71:7c:3e:fe:a7:37:b7:4a:a7:
2e:61:e2:96:73:ef:24:55:2e:1a:22:66:9e:09:d4:
45:01:a5:75:0f:59:17:5f:d5:6e:dc:55:4f:ea:1b:
80:81:6b:db:be:50:71:54:a1:1b:98:6f:84:e7:85:
2a:dd:16:04:3e:45:a7:78:45:7c:d0:40:11:38:c1:
c0:73:51:2e:12:bf:2a:34:1c:c0:3a:f5:80:09:63:
b6:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:96:BD:24:5B:1B:3C:1A:C1:19:BF:0F:9E:F1:0F:3B:BE:68:C2:05
X509v3 Authority Key Identifier:
keyid:AC:FE:AC:EA:5D:81:2F:30:30:C5:57:E4:8C:53:75:87:53:FB:6C:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rP6s6l2BLzAwxVfkjFN1h1P7bGs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/2727b5-5ecb-485f-b7d9-a2fd28840a03/1/NJa9JFsbPBrBGb8PnvEPO75owgU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/2727b5-5ecb-485f-b7d9-a2fd28840a03/1/rP6s6l2BLzAwxVfkjFN1h1P7bGs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.128.0.0/14
5.33.0.0/16
37.96.0.0/16
62.66.0.0/16
62.79.0.0/16
62.121.160.0/19
77.212.0.0/14
80.91.0.0/20
83.72.0.0/14
85.80.0.0/14
94.144.0.0/13
129.142.0.0/16
130.227.0.0-130.228.255.255
185.116.184.0/22
192.38.128.0/17
195.47.128.0/18
195.82.192.0/19
212.54.64.0/19
212.88.64.0/19
212.242.0.0/16
213.83.128.0/17
213.237.0.0/17
217.157.0.0/16
IPv6:
2001:1580::/32
2a02:2a30::/29
Signature Algorithm: sha256WithRSAEncryption
dc:72:31:e5:65:c1:97:68:f4:20:ff:46:3f:81:c9:10:1b:5d:
9d:3f:11:16:38:22:c2:06:44:ed:8b:14:e6:69:63:e3:35:c7:
9f:b0:37:c9:78:5f:4b:0a:c7:ac:69:de:85:c0:6e:0a:e5:3b:
6b:ab:7f:4a:54:42:14:de:27:fb:ea:b6:2b:8b:7b:9e:0e:59:
e1:d3:4f:27:65:84:d3:50:10:da:d6:47:58:82:7d:ce:3f:6b:
9e:e4:b4:a4:11:49:16:e9:16:fd:69:83:28:dd:6a:c6:cd:82:
70:a4:36:29:32:35:3e:f1:20:70:cf:24:01:bb:56:70:1b:12:
b6:38:3c:64:9b:bc:c0:62:a9:ac:ca:26:a7:46:34:df:11:01:
da:e0:5c:81:2b:88:23:37:d8:cb:ff:5e:bf:73:34:68:5f:65:
7e:65:05:62:40:19:93:bb:2c:27:07:41:00:e0:ab:3b:ee:d5:
6e:2e:f9:f8:8a:53:5d:43:13:23:68:05:2b:71:63:63:9f:19:
f9:0c:eb:17:4b:63:40:b3:d0:ae:33:39:9e:15:63:23:c7:4d:
45:cb:d8:af:14:c2:8c:48:7b:a4:ef:19:7b:30:37:0f:a7:fb:
93:3f:a0:df:85:5f:f9:24:80:6d:5c:65:70:96:ef:12:f8:bf:
17:c3:93:37
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgISAYVy3v5kH+oJNFmbe7geB0FtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjZmVhY2VhNWQ4MTJmMzAzMGM1NTdlNDhjNTM3NTg3NTNm
YjZjNmIwHhcNMjMwMTAyMTQyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDk2YmQyNDViMWIzYzFhYzExOWJmMGY5ZWYxMGYzYmJlNjhjMjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAigdL8xqBjhPkaP+vLtnLj188tyLK
cnZm6BTC8Owtcx3IN4tfKsm8SNV6q/MVxLEB9/5MxbcvPXg2mRVmySrIcDjiStg0
/jp6Xa5M7KpNsZtSIbGV4ROJjqm1bTeQ5jobJrEFFg5vYfYdUs2UbFB19gqQXMZK
zaA36DticfNDFJQosnAgz9SrLcBk/6wkUfiF8QaqE9O5BP2gJZe/zSSP42vjLhIK
XCCuntFxfD7+pze3SqcuYeKWc+8kVS4aImaeCdRFAaV1D1kXX9Vu3FVP6huAgWvb
vlBxVKEbmG+E54Uq3RYEPkWneEV80EAROMHAc1EuEr8qNBzAOvWACWO2gQIDAQAB
o4ICojCCAp4wHQYDVR0OBBYEFDSWvSRbGzwawRm/D57xDzu+aMIFMB8GA1UdIwQY
MBaAFKz+rOpdgS8wMMVX5IxTdYdT+2xrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclA2czZsMkJMekF3eFZma2pGTjFoMVA3YkdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My8yNzI3YjUtNWVjYi00ODVmLWI3ZDkt
YTJmZDI4ODQwYTAzLzEvTkphOUpGc2JQQnJCR2I4UG52RVBPNzVvd2dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My8yNzI3YjUtNWVjYi00ODVmLWI3ZDktYTJmZDI4ODQwYTAz
LzEvclA2czZsMkJMekF3eFZma2pGTjFoMVA3YkdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG3BggrBgEFBQcBBwEB/wSBpzCBpDCBiwQCAAEwgYQDAwIC
gAMDAAUhAwMAJWADAwA+QgMDAD5PAwQFPnmgAwMCTdQDBARQWwADAwJTSAMDAlVQ
AwMDXpADAwCBjjAKAwMAguMDAwCC5AMEArl0uAMEB8AmgAMEBsMvgAMEBcNSwAME
BdQ2QAMEBdRYQAMDANTyAwQH1VOAAwQH1e0AAwMA2Z0wFAQCAAIwDgMFACABFYAD
BQMqAiowMA0GCSqGSIb3DQEBCwUAA4IBAQDccjHlZcGXaPQg/0Y/gckQG12dPxEW
OCLCBkTtixTmaWPjNcefsDfJeF9LCsesad6FwG4K5Ttrq39KVEIU3if76rYri3ue
Dlnh008nZYTTUBDa1kdYgn3OP2ue5LSkEUkW6Rb9aYMo3WrGzYJwpDYpMjU+8SBw
zyQBu1ZwGxK2ODxkm7zAYqmsyianRjTfEQHa4FyBK4gjN9jL/16/czRoX2V+ZQVi
QBmTuywnB0EA4Ks77tVuLvn4ilNdQxMjaAUrcWNjnxn5DOsXS2NAs9CuMzmeFWMj
x01Fy9ivFMKMSHuk7xl7MDcPp/uTP6DfhV/5JIBtXGVwlu8S+L8Xw5M3
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:36:59 2024 by rpki-client on console-fra.rpki-client.org