Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/460c00-3e95-4274-bc9c-060dacfebe0f/1/nn14E1054IQ8wr9EIJe5QpIKvOM.roa
File: nn14E1054IQ8wr9EIJe5QpIKvOM.roa (raw, json)
Hash identifier: 81YT4dKDD8jB7BOIaq853S7RHEtvx0VRFDBX6WTWULw=
Subject key identifier: 9E:7D:78:13:5D:39:E0:84:3C:C2:BF:44:20:97:B9:42:92:0A:BC:E3
Certificate issuer: /CN=05bfdbb6a4b1663369da407db97b021f73284a28
Certificate serial: 01856E1D3B62E7A4FD705F9E76AF94E44994
Authority key identifier: 05:BF:DB:B6:A4:B1:66:33:69:DA:40:7D:B9:7B:02:1F:73:28:4A:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Bb_btqSxZjNp2kB9uXsCH3MoSig.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/460c00-3e95-4274-bc9c-060dacfebe0f/1/nn14E1054IQ8wr9EIJe5QpIKvOM.roa
Signing time: Sun 01 Jan 2023 16:14:47 +0000
ROA not before: Sun 01 Jan 2023 16:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42831
IP address blocks: 185.17.24.0/22 maxlen: 22
78.157.192.0/19 maxlen: 19
78.110.160.0/20 maxlen: 20
94.229.64.0/20 maxlen: 20
77.74.192.0/21 maxlen: 21
31.132.0.0/21 maxlen: 21
185.103.96.0/22 maxlen: 22
178.159.0.0/20 maxlen: 20
37.9.56.0/21 maxlen: 21
5.101.136.0/21 maxlen: 21
5.101.144.0/21 maxlen: 21
77.75.120.0/21 maxlen: 21
5.101.168.0/21 maxlen: 21
2a01:a500::/32 maxlen: 32
2a01:a500:2566::/48 maxlen: 48
2a01:a500:1228::/48 maxlen: 48
2a01:a500:1::/48 maxlen: 48
2a01:a507::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:1d:3b:62:e7:a4:fd:70:5f:9e:76:af:94:e4:49:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05bfdbb6a4b1663369da407db97b021f73284a28
Validity
Not Before: Jan 1 16:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9e7d78135d39e0843cc2bf442097b942920abce3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:ae:40:3a:7a:f5:f4:f8:db:c8:88:ec:64:53:
c1:08:c5:76:68:62:f5:ea:9c:f9:bb:97:8b:78:38:
cb:6d:b0:2f:df:85:0a:0b:f5:7d:f4:10:29:e6:ed:
83:d0:6a:38:22:fa:61:68:b5:09:65:da:92:b7:66:
30:00:a8:82:5b:0f:de:6f:16:d3:7e:6f:ce:ef:3f:
6d:86:01:de:dc:a1:37:6c:b6:46:7e:e3:8c:81:da:
44:c9:58:90:14:03:07:ad:dc:af:ba:63:0a:c6:80:
1e:16:f1:20:8e:18:01:34:30:85:86:4e:53:ea:e9:
e3:7d:c2:7a:eb:81:17:cb:2f:49:0f:14:df:3c:38:
ba:96:67:ed:0d:26:2e:1b:e6:64:bf:a2:86:be:40:
f0:cd:35:e5:43:45:b5:6b:95:f8:02:12:6c:83:a7:
46:fb:14:30:0b:ab:35:0b:78:d4:f3:86:9b:e6:47:
61:67:64:b0:d2:d7:1c:c4:17:29:4a:53:ba:71:a0:
62:d7:72:c9:6f:14:e7:2d:64:ff:c4:5d:42:52:52:
20:e8:46:08:d2:0b:00:2e:d4:7d:58:c2:1a:70:32:
f3:81:56:36:77:ad:aa:0c:e2:cf:d5:9c:d4:f3:37:
ed:62:6a:52:50:84:a2:8b:a0:24:73:27:be:d5:22:
11:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:7D:78:13:5D:39:E0:84:3C:C2:BF:44:20:97:B9:42:92:0A:BC:E3
X509v3 Authority Key Identifier:
keyid:05:BF:DB:B6:A4:B1:66:33:69:DA:40:7D:B9:7B:02:1F:73:28:4A:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Bb_btqSxZjNp2kB9uXsCH3MoSig.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/460c00-3e95-4274-bc9c-060dacfebe0f/1/nn14E1054IQ8wr9EIJe5QpIKvOM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/460c00-3e95-4274-bc9c-060dacfebe0f/1/Bb_btqSxZjNp2kB9uXsCH3MoSig.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.101.136.0-5.101.151.255
5.101.168.0/21
31.132.0.0/21
37.9.56.0/21
77.74.192.0/21
77.75.120.0/21
78.110.160.0/20
78.157.192.0/19
94.229.64.0/20
178.159.0.0/20
185.17.24.0/22
185.103.96.0/22
IPv6:
2a01:a500::/32
2a01:a507::/32
Signature Algorithm: sha256WithRSAEncryption
06:39:f2:80:1a:61:df:76:6e:1a:03:47:20:78:66:be:9f:2d:
28:ef:fd:35:13:fa:85:59:49:5c:76:14:7f:19:d2:32:00:22:
73:96:34:53:d9:75:9c:82:8a:b5:aa:c7:43:ba:d0:d7:26:9a:
ec:0b:75:ec:91:fd:29:f1:4c:e6:3c:84:76:cc:86:36:57:d6:
55:ea:c0:c4:c8:e6:20:05:86:ab:11:77:ca:d3:36:ad:bf:cb:
89:e0:46:4f:eb:11:64:d3:34:d6:b5:39:5d:f7:35:d0:d4:dd:
da:96:f6:63:f3:94:45:ba:6f:1c:cc:e7:b2:59:c3:8a:1d:3a:
4e:37:94:7f:e3:e8:54:67:59:0a:e2:df:d4:a3:d2:e7:fb:40:
e9:9d:8a:76:78:fb:80:5f:94:50:43:c6:19:f1:ed:b4:27:d3:
66:3a:f7:60:fb:75:b3:08:b6:2c:a7:4d:0f:35:4a:94:bb:ec:
fe:17:52:aa:55:fa:a3:92:5b:bf:65:56:50:45:f4:35:9f:3d:
f0:20:04:09:39:1e:f5:f9:aa:b5:b4:f1:c4:98:56:23:b8:f0:
d1:08:be:53:29:83:97:fb:30:36:5d:8b:f6:78:59:f6:f9:e6:
87:b6:22:6f:3c:49:c5:94:cb:07:30:50:d1:90:08:6b:eb:85:
ee:b8:65:cc
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAYVuHTti56T9cF+edq+U5EmUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YmZkYmI2YTRiMTY2MzM2OWRhNDA3ZGI5N2IwMjFmNzMy
ODRhMjgwHhcNMjMwMTAxMTYxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTdkNzgxMzVkMzllMDg0M2NjMmJmNDQyMDk3Yjk0MjkyMGFiY2UzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk65AOnr19PjbyIjsZFPBCMV2aGL1
6pz5u5eLeDjLbbAv34UKC/V99BAp5u2D0Go4IvphaLUJZdqSt2YwAKiCWw/ebxbT
fm/O7z9thgHe3KE3bLZGfuOMgdpEyViQFAMHrdyvumMKxoAeFvEgjhgBNDCFhk5T
6unjfcJ664EXyy9JDxTfPDi6lmftDSYuG+Zkv6KGvkDwzTXlQ0W1a5X4AhJsg6dG
+xQwC6s1C3jU84ab5kdhZ2Sw0tccxBcpSlO6caBi13LJbxTnLWT/xF1CUlIg6EYI
0gsALtR9WMIacDLzgVY2d62qDOLP1ZzU8zftYmpSUISii6Akcye+1SIRywIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFJ59eBNdOeCEPMK/RCCXuUKSCrzjMB8GA1UdIwQY
MBaAFAW/27aksWYzadpAfbl7Ah9zKEooMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJfYnRxU3haak5wMmtCOXVYc0NIM01vU2lnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi80NjBjMDAtM2U5NS00Mjc0LWJjOWMt
MDYwZGFjZmViZTBmLzEvbm4xNEUxMDU0SVE4d3I5RUlKZTVRcElLdk9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi80NjBjMDAtM2U5NS00Mjc0LWJjOWMtMDYwZGFjZmViZTBm
LzEvQmJfYnRxU3haak5wMmtCOXVYc0NIM01vU2lnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBWBAIAATBQMAwDBAMFZYgD
BAMFZZADBAMFZagDBAMfhAADBAMlCTgDBANNSsADBANNS3gDBARObqADBAVOncAD
BARe5UADBASynwADBAK5ERgDBAK5Z2AwFAQCAAIwDgMFACoBpQADBQAqAaUHMA0G
CSqGSIb3DQEBCwUAA4IBAQAGOfKAGmHfdm4aA0cgeGa+ny0o7/01E/qFWUlcdhR/
GdIyACJzljRT2XWcgoq1qsdDutDXJprsC3Xskf0p8UzmPIR2zIY2V9ZV6sDEyOYg
BYarEXfK0zatv8uJ4EZP6xFk0zTWtTld9zXQ1N3alvZj85RFum8czOeyWcOKHTpO
N5R/4+hUZ1kK4t/Uo9Ln+0DpnYp2ePuAX5RQQ8YZ8e20J9NmOvdg+3WzCLYsp00P
NUqUu+z+F1KqVfqjklu/ZVZQRfQ1nz3wIAQJOR71+aq1tPHEmFYjuPDRCL5TKYOX
+zA2XYv2eFn2+eaHtiJvPEnFlMsHMFDRkAhr64XuuGXM
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:20:10 2024 by rpki-client on console-fra.rpki-client.org