Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/f95ac5-0b8b-45d6-be9a-2db2245f2985/1/N3klCGTx5Pb4-EmM83C6nBA5ezs.roa
File: N3klCGTx5Pb4-EmM83C6nBA5ezs.roa (raw, json)
Hash identifier: s12V67nyXYO7nhG2oAR8nbQ8WvN+d4sWY1Nlyis1BFw=
Subject key identifier: 37:79:25:08:64:F1:E4:F6:F8:F8:49:8C:F3:70:BA:9C:10:39:7B:3B
Certificate issuer: /CN=c546e15819eacd05bccebf80019ca3cb7c4a38e0
Certificate serial: 01856D0ADFBDDD80451C9A1BB4564C78B46C
Authority key identifier: C5:46:E1:58:19:EA:CD:05:BC:CE:BF:80:01:9C:A3:CB:7C:4A:38:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xUbhWBnqzQW8zr-AAZyjy3xKOOA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/f95ac5-0b8b-45d6-be9a-2db2245f2985/1/N3klCGTx5Pb4-EmM83C6nBA5ezs.roa
Signing time: Sun 01 Jan 2023 11:15:07 +0000
ROA not before: Sun 01 Jan 2023 11:15:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57389
IP address blocks: 45.146.0.0/22 maxlen: 22
185.106.112.0/22 maxlen: 22
185.5.230.0/23 maxlen: 23
185.5.228.0/22 maxlen: 22
185.5.228.0/23 maxlen: 23
45.14.92.0/22 maxlen: 22
185.182.212.0/23 maxlen: 23
185.182.212.0/22 maxlen: 22
185.221.140.0/22 maxlen: 23
185.182.214.0/23 maxlen: 23
185.180.88.0/22 maxlen: 22
185.130.178.0/24 maxlen: 24
185.130.176.0/23 maxlen: 23
194.48.174.0/23 maxlen: 23
81.16.192.0/20 maxlen: 20
194.48.188.0/23 maxlen: 23
185.232.80.0/22 maxlen: 22
81.16.206.0/23 maxlen: 23
81.16.204.0/22 maxlen: 22
81.16.204.0/23 maxlen: 23
141.98.248.0/22 maxlen: 22
185.205.248.0/22 maxlen: 22
185.174.16.0/22 maxlen: 22
2a07:1100::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:0a:df:bd:dd:80:45:1c:9a:1b:b4:56:4c:78:b4:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c546e15819eacd05bccebf80019ca3cb7c4a38e0
Validity
Not Before: Jan 1 11:15:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3779250864f1e4f6f8f8498cf370ba9c10397b3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:b5:56:94:9d:ea:dd:24:9c:f0:42:79:5e:39:
b6:04:19:b8:08:eb:90:13:8c:fc:c7:cd:2d:8e:48:
41:4d:d2:75:dd:bb:ef:07:0f:6c:01:10:db:a2:0f:
60:8f:b1:17:a2:ff:20:27:38:cd:47:44:e5:80:08:
01:2c:29:98:cd:4c:07:28:6a:50:a4:9d:0f:d1:e2:
65:4d:61:53:0b:d5:e9:7f:d3:1b:62:15:85:3d:cd:
e6:72:7e:65:e6:2c:39:9a:c1:12:3f:2a:81:87:35:
ef:fa:4c:91:f8:e7:36:81:e2:d2:4e:99:24:d4:69:
36:a5:cc:f1:12:64:14:66:f7:be:00:d2:6d:9a:49:
dc:af:cc:a7:18:2b:b1:ba:9f:c9:4b:51:64:e3:22:
e9:a3:9c:f9:5e:95:0d:d4:6a:cb:b2:da:3b:3c:92:
85:e4:a1:c7:85:ac:4c:31:46:b8:40:17:33:36:06:
c7:83:00:f8:2b:63:2e:85:78:64:59:28:c8:3d:58:
58:fb:77:6f:43:b2:4c:de:a8:47:be:41:11:e6:a1:
08:b6:08:8f:a8:d2:b2:82:ac:62:0f:03:64:d8:73:
ff:12:56:eb:33:4b:0c:12:3e:bb:37:b9:de:e5:1a:
b7:9a:53:33:01:42:1e:8c:f7:4c:2e:24:39:23:1b:
fd:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:79:25:08:64:F1:E4:F6:F8:F8:49:8C:F3:70:BA:9C:10:39:7B:3B
X509v3 Authority Key Identifier:
keyid:C5:46:E1:58:19:EA:CD:05:BC:CE:BF:80:01:9C:A3:CB:7C:4A:38:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xUbhWBnqzQW8zr-AAZyjy3xKOOA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/f95ac5-0b8b-45d6-be9a-2db2245f2985/1/N3klCGTx5Pb4-EmM83C6nBA5ezs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/f95ac5-0b8b-45d6-be9a-2db2245f2985/1/xUbhWBnqzQW8zr-AAZyjy3xKOOA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.92.0/22
45.146.0.0/22
81.16.192.0/20
141.98.248.0/22
185.5.228.0/22
185.106.112.0/22
185.130.176.0-185.130.178.255
185.174.16.0/22
185.180.88.0/22
185.182.212.0/22
185.205.248.0/22
185.221.140.0/22
185.232.80.0/22
194.48.174.0/23
194.48.188.0/23
IPv6:
2a07:1100::/29
Signature Algorithm: sha256WithRSAEncryption
04:6e:a6:f7:de:5d:53:4a:fd:69:ea:94:7a:db:39:28:93:a5:
ed:8a:66:46:4f:09:8e:84:79:98:b6:73:22:d4:b6:9e:8a:e9:
1a:b9:85:f4:6c:9f:27:93:aa:52:f9:98:02:86:b6:d7:85:86:
04:9b:2e:0b:36:3c:9c:55:4c:a4:6f:19:bb:57:f7:d4:f0:9c:
be:fe:f1:4b:5d:cb:8b:82:15:bc:44:91:9e:40:9c:aa:f7:31:
87:31:a5:79:2e:20:20:fd:26:a9:2c:16:f7:15:02:a4:25:ba:
a2:a0:25:4f:2d:68:eb:81:b1:44:0b:7a:e0:14:cd:5c:fd:25:
71:7c:7a:ef:9c:f5:d2:35:18:4a:75:7a:5c:06:0c:58:a6:97:
9e:d3:8f:f8:dd:eb:07:7c:db:28:44:50:f6:96:29:ce:b3:a9:
8e:0c:19:b5:85:75:2a:ca:aa:07:8e:10:5e:b6:43:16:e3:b2:
64:ac:36:36:2f:6a:3d:f2:3e:2e:ea:c5:85:bd:dd:8a:3c:12:
ba:11:0b:31:ef:25:5d:9c:8e:a9:b7:8c:15:e5:2d:bd:3b:40:
df:85:3c:5f:15:29:e8:69:72:4f:25:9e:c2:e3:74:78:bf:1e:
06:aa:f4:d6:be:c9:a8:d1:d4:46:76:68:5e:a6:c1:a6:cf:2f:
2d:1c:7b:3b
-----BEGIN CERTIFICATE-----
MIIFaTCCBFGgAwIBAgISAYVtCt+93YBFHJobtFZMeLRsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1NDZlMTU4MTllYWNkMDViY2NlYmY4MDAxOWNhM2NiN2M0
YTM4ZTAwHhcNMjMwMTAxMTExNTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzc5MjUwODY0ZjFlNGY2ZjhmODQ5OGNmMzcwYmE5YzEwMzk3YjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA07VWlJ3q3SSc8EJ5Xjm2BBm4COuQ
E4z8x80tjkhBTdJ13bvvBw9sARDbog9gj7EXov8gJzjNR0TlgAgBLCmYzUwHKGpQ
pJ0P0eJlTWFTC9Xpf9MbYhWFPc3mcn5l5iw5msESPyqBhzXv+kyR+Oc2geLSTpkk
1Gk2pczxEmQUZve+ANJtmkncr8ynGCuxup/JS1Fk4yLpo5z5XpUN1GrLsto7PJKF
5KHHhaxMMUa4QBczNgbHgwD4K2MuhXhkWSjIPVhY+3dvQ7JM3qhHvkER5qEItgiP
qNKygqxiDwNk2HP/ElbrM0sMEj67N7ne5Rq3mlMzAUIejPdMLiQ5Ixv9vQIDAQAB
o4ICdTCCAnEwHQYDVR0OBBYEFDd5JQhk8eT2+PhJjPNwupwQOXs7MB8GA1UdIwQY
MBaAFMVG4VgZ6s0FvM6/gAGco8t8SjjgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFViaFdCbnF6UVc4enItQUFaeWp5M3hLT09BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9mOTVhYzUtMGI4Yi00NWQ2LWJlOWEt
MmRiMjI0NWYyOTg1LzEvTjNrbENHVHg1UGI0LUVtTTgzQzZuQkE1ZXpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9mOTVhYzUtMGI4Yi00NWQ2LWJlOWEtMmRiMjI0NWYyOTg1
LzEveFViaFdCbnF6UVc4enItQUFaeWp5M3hLT09BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGKBggrBgEFBQcBBwEB/wR7MHkwaAQCAAEwYgMEAi0OXAME
Ai2SAAMEBFEQwAMEAo1i+AMEArkF5AMEArlqcDAMAwQEuYKwAwQAuYKyAwQCua4Q
AwQCubRYAwQCubbUAwQCuc34AwQCud2MAwQCuehQAwQBwjCuAwQBwjC8MA0EAgAC
MAcDBQMqBxEAMA0GCSqGSIb3DQEBCwUAA4IBAQAEbqb33l1TSv1p6pR62zkok6Xt
imZGTwmOhHmYtnMi1LaeiukauYX0bJ8nk6pS+ZgChrbXhYYEmy4LNjycVUykbxm7
V/fU8Jy+/vFLXcuLghW8RJGeQJyq9zGHMaV5LiAg/SapLBb3FQKkJbqioCVPLWjr
gbFEC3rgFM1c/SVxfHrvnPXSNRhKdXpcBgxYppee04/43esHfNsoRFD2linOs6mO
DBm1hXUqyqoHjhBetkMW47JkrDY2L2o98j4u6sWFvd2KPBK6EQsx7yVdnI6pt4wV
5S29O0DfhTxfFSnoaXJPJZ7C43R4vx4GqvTWvsmo0dRGdmhepsGmzy8tHHs7
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:56:54 2024 by rpki-client on console-fra.rpki-client.org