Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/e1fb52-979d-4436-be51-8584bef0b7d5/1/N6tJW_qh7wi1FbjqodjyE5DQZMc.roa
File: N6tJW_qh7wi1FbjqodjyE5DQZMc.roa (raw, json)
Hash identifier: Wt3OiPtra0pWpMU3NfpeRi2hZsV3Oc6O7AycJYUgusU=
Subject key identifier: 37:AB:49:5B:FA:A1:EF:08:B5:15:B8:EA:A1:D8:F2:13:90:D0:64:C7
Certificate issuer: /CN=a0b6a5b1a14c86d4cfb46c4e86ecd4066804cc90
Certificate serial: 018C853B03E54CE26A14FF27A29669DD90DB
Authority key identifier: A0:B6:A5:B1:A1:4C:86:D4:CF:B4:6C:4E:86:EC:D4:06:68:04:CC:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oLalsaFMhtTPtGxOhuzUBmgEzJA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/e1fb52-979d-4436-be51-8584bef0b7d5/1/N6tJW_qh7wi1FbjqodjyE5DQZMc.roa
Signing time: Wed 20 Dec 2023 03:18:06 +0000
ROA not before: Wed 20 Dec 2023 03:18:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39812
IP address blocks: 5.44.0.0/20 maxlen: 20
78.139.64.0/19 maxlen: 19
185.12.252.0/22 maxlen: 22
185.137.160.0/23 maxlen: 23
185.137.162.0/23 maxlen: 23
109.202.32.0/19 maxlen: 19
185.106.56.0/22 maxlen: 22
130.255.32.0/19 maxlen: 19
78.139.96.0/21 maxlen: 21
78.139.104.0/21 maxlen: 21
89.107.112.0/21 maxlen: 21
78.139.112.0/21 maxlen: 21
78.139.120.0/21 maxlen: 21
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:85:3b:03:e5:4c:e2:6a:14:ff:27:a2:96:69:dd:90:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0b6a5b1a14c86d4cfb46c4e86ecd4066804cc90
Validity
Not Before: Dec 20 03:18:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=37ab495bfaa1ef08b515b8eaa1d8f21390d064c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:2a:df:10:9d:fd:6e:1e:60:f7:7d:8f:3e:e5:
9f:db:da:7c:51:cf:25:d4:be:1c:e7:18:17:d1:e5:
90:c0:53:ce:b1:d4:96:b5:37:63:5f:d0:3e:a7:ad:
ba:9f:88:50:55:9e:1f:89:04:47:db:de:ec:cf:51:
02:95:a2:55:94:22:df:92:9f:7f:fe:c9:2a:3b:29:
d4:2f:a1:a9:76:01:38:6c:c9:d4:df:a7:ce:e3:fd:
2d:c6:63:2d:da:0c:64:77:64:77:c2:2d:3a:aa:5b:
8b:f3:a0:80:80:f3:76:6f:c7:79:29:a2:a6:d7:10:
89:4b:db:ef:d0:2b:66:99:9e:27:76:af:70:1f:96:
1c:4d:35:c4:10:3a:a4:96:a8:ba:dc:30:93:0b:c3:
87:c4:f3:be:3e:c0:79:cc:df:4d:c9:af:ec:cc:42:
6f:b2:10:09:49:41:3d:68:08:7b:26:0a:23:b0:cf:
b4:10:a1:d5:c0:0f:4a:97:ae:fe:0e:22:fa:c9:84:
e3:bf:59:2d:9e:6a:7a:79:bd:c8:ac:55:2a:8f:d4:
9e:68:cb:d4:56:85:e3:e2:ce:2c:57:65:98:e7:0e:
26:20:fa:1d:7c:16:db:41:e7:27:18:4f:59:6c:38:
9e:a8:71:a7:b5:ad:f5:ea:59:1b:99:79:1f:3c:c5:
4b:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:AB:49:5B:FA:A1:EF:08:B5:15:B8:EA:A1:D8:F2:13:90:D0:64:C7
X509v3 Authority Key Identifier:
keyid:A0:B6:A5:B1:A1:4C:86:D4:CF:B4:6C:4E:86:EC:D4:06:68:04:CC:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oLalsaFMhtTPtGxOhuzUBmgEzJA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/e1fb52-979d-4436-be51-8584bef0b7d5/1/N6tJW_qh7wi1FbjqodjyE5DQZMc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/e1fb52-979d-4436-be51-8584bef0b7d5/1/oLalsaFMhtTPtGxOhuzUBmgEzJA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.0.0/20
78.139.64.0/18
89.107.112.0/21
109.202.32.0/19
130.255.32.0/19
185.12.252.0/22
185.106.56.0/22
185.137.160.0/22
Signature Algorithm: sha256WithRSAEncryption
b5:48:f4:0b:68:4b:b6:19:de:5a:38:ae:d0:12:02:3b:d4:51:
fe:4b:3c:39:3e:f1:4f:5a:82:52:9c:40:70:99:c6:25:6d:b7:
d1:de:64:f8:65:90:23:1e:c0:c9:e4:ae:10:d2:c0:68:55:cd:
18:65:0e:09:89:3c:0a:5d:27:d6:e7:9f:f0:64:3f:4c:be:73:
9f:9f:2d:d7:79:b5:d2:c7:db:f2:b2:5b:53:c9:d9:01:4e:9b:
83:35:05:11:56:c3:4c:a1:19:ce:20:e1:88:9e:06:41:3b:21:
75:9c:0b:bc:ae:96:2c:d4:a9:c1:23:d7:7a:fa:ce:33:44:bc:
35:ba:a7:63:3e:a6:8e:24:d1:94:95:60:76:8c:38:dd:98:2f:
4d:13:0a:4f:12:2b:21:0e:fe:5a:2e:4f:42:0b:50:ef:70:8b:
55:cf:ea:98:26:a9:af:97:e4:20:2c:59:8b:5e:c0:bb:3e:1d:
88:c2:32:dc:0d:25:83:8a:6d:5f:31:07:00:39:30:f1:89:e1:
4e:07:ba:f5:f7:bd:b1:c1:aa:00:85:bb:7e:69:b0:e5:1f:0d:
90:06:e5:78:b9:31:4c:14:b0:31:19:95:b5:18:d9:97:60:28:
fd:8c:d2:04:b5:ec:9e:e3:ac:23:02:bc:f6:df:80:fb:50:30:
c3:4e:2a:d8
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYyFOwPlTOJqFP8nopZp3ZDbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwYjZhNWIxYTE0Yzg2ZDRjZmI0NmM0ZTg2ZWNkNDA2Njgw
NGNjOTAwHhcNMjMxMjIwMDMxODA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2FiNDk1YmZhYTFlZjA4YjUxNWI4ZWFhMWQ4ZjIxMzkwZDA2NGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiSrfEJ39bh5g932PPuWf29p8Uc8l
1L4c5xgX0eWQwFPOsdSWtTdjX9A+p626n4hQVZ4fiQRH297sz1EClaJVlCLfkp9/
/skqOynUL6GpdgE4bMnU36fO4/0txmMt2gxkd2R3wi06qluL86CAgPN2b8d5KaKm
1xCJS9vv0CtmmZ4ndq9wH5YcTTXEEDqklqi63DCTC8OHxPO+PsB5zN9Nya/szEJv
shAJSUE9aAh7JgojsM+0EKHVwA9Kl67+DiL6yYTjv1ktnmp6eb3IrFUqj9SeaMvU
VoXj4s4sV2WY5w4mIPodfBbbQecnGE9ZbDieqHGnta316lkbmXkfPMVLDwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFDerSVv6oe8ItRW46qHY8hOQ0GTHMB8GA1UdIwQY
MBaAFKC2pbGhTIbUz7RsTobs1AZoBMyQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0xhbHNhRk1odFRQdEd4T2h1elVCbWdFekpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9lMWZiNTItOTc5ZC00NDM2LWJlNTEt
ODU4NGJlZjBiN2Q1LzEvTjZ0SldfcWg3d2kxRmJqcW9kanlFNURRWk1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9lMWZiNTItOTc5ZC00NDM2LWJlNTEtODU4NGJlZjBiN2Q1
LzEvb0xhbHNhRk1odFRQdEd4T2h1elVCbWdFekpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQEBSwAAwQG
TotAAwQDWWtwAwQFbcogAwQFgv8gAwQCuQz8AwQCuWo4AwQCuYmgMA0GCSqGSIb3
DQEBCwUAA4IBAQC1SPQLaEu2Gd5aOK7QEgI71FH+Szw5PvFPWoJSnEBwmcYlbbfR
3mT4ZZAjHsDJ5K4Q0sBoVc0YZQ4JiTwKXSfW55/wZD9MvnOfny3XebXSx9vysltT
ydkBTpuDNQURVsNMoRnOIOGIngZBOyF1nAu8rpYs1KnBI9d6+s4zRLw1uqdjPqaO
JNGUlWB2jDjdmC9NEwpPEishDv5aLk9CC1DvcItVz+qYJqmvl+QgLFmLXsC7Ph2I
wjLcDSWDim1fMQcAOTDxieFOB7r1972xwaoAhbt+abDlHw2QBuV4uTFMFLAxGZW1
GNmXYCj9jNIEteye46wjArz234D7UDDDTirY
-----END CERTIFICATE-----
Generated at Mon Jan 1 02:54:08 2024 by rpki-client on console-ams.rpki-client.org