Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/NlPai8sAHMTqlz__j9VL4twayW4.roa
File: NlPai8sAHMTqlz__j9VL4twayW4.roa (raw, json)
Hash identifier: 7VvT1/IqnSjdy8uyEgxJUPfMpp0DOok+31PtwVGLMM0=
Subject key identifier: 36:53:DA:8B:CB:00:1C:C4:EA:97:3F:FF:8F:D5:4B:E2:DC:1A:C9:6E
Certificate issuer: /CN=e3be07cb1fd4f1e3c922303b670a881b82e61491
Certificate serial: 018C1F5260FCF4D155C4DB2FB8E3AF3CB7A6
Authority key identifier: E3:BE:07:CB:1F:D4:F1:E3:C9:22:30:3B:67:0A:88:1B:82:E6:14:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/474Hyx_U8ePJIjA7ZwqIG4LmFJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/NlPai8sAHMTqlz__j9VL4twayW4.roa
Signing time: Thu 30 Nov 2023 08:22:21 +0000
ROA not before: Thu 30 Nov 2023 08:22:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12578
IP address blocks: 185.38.56.0/22 maxlen: 22
46.109.0.0/16 maxlen: 16
195.122.28.0/24 maxlen: 24
195.122.29.0/24 maxlen: 24
195.122.26.0/23 maxlen: 23
81.198.0.0/16 maxlen: 16
78.84.0.0/16 maxlen: 16
195.114.32.0/19 maxlen: 19
81.198.95.0/24 maxlen: 24
194.8.16.0/21 maxlen: 21
194.8.24.0/22 maxlen: 22
195.13.201.0/24 maxlen: 24
195.13.200.0/24 maxlen: 24
80.232.150.13/32 maxlen: 32
80.232.195.0/24 maxlen: 24
195.13.215.0/24 maxlen: 24
84.237.128.0/17 maxlen: 17
195.13.128.0/17 maxlen: 17
80.232.128.0/17 maxlen: 17
80.232.150.0/24 maxlen: 24
80.232.147.0/24 maxlen: 24
95.68.0.0/17 maxlen: 17
87.246.144.0/20 maxlen: 20
195.2.96.0/19 maxlen: 19
195.122.0.0/19 maxlen: 24
87.246.160.0/19 maxlen: 19
62.85.0.0/17 maxlen: 17
195.13.228.0/24 maxlen: 24
195.13.237.0/24 maxlen: 24
195.13.245.0/24 maxlen: 24
195.13.253.0/24 maxlen: 24
195.13.251.0/24 maxlen: 24
195.13.249.0/24 maxlen: 24
87.110.0.0/16 maxlen: 16
91.105.0.0/17 maxlen: 17
2a02:2330::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 30 Nov 2023 08:26:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:1f:52:60:fc:f4:d1:55:c4:db:2f:b8:e3:af:3c:b7:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e3be07cb1fd4f1e3c922303b670a881b82e61491
Validity
Not Before: Nov 30 08:22:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3653da8bcb001cc4ea973fff8fd54be2dc1ac96e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:dc:67:45:dd:4d:37:61:7e:41:90:0a:cd:01:
36:46:96:e4:2f:00:8c:dc:7c:b1:6c:bc:ec:7e:62:
b8:b5:20:16:ff:3a:f3:d8:f8:a3:24:8d:e7:61:99:
8b:ce:64:4f:92:47:31:09:f5:a1:97:95:3d:46:b4:
bb:b0:c3:eb:0b:ce:54:b8:0d:85:ae:3f:1a:b8:d4:
0b:13:0f:9a:29:c0:b7:b1:19:2a:7c:c2:59:2d:f2:
4a:af:4c:8c:37:ab:32:31:28:7c:3b:51:8a:da:c5:
87:c2:53:1f:1a:f3:5b:f8:70:04:da:d0:13:14:55:
eb:e5:04:5b:0d:28:92:bf:ff:1f:33:c8:1c:05:0b:
b2:4e:d0:6f:f0:99:44:4a:cd:7b:7b:3d:56:4d:8e:
dc:94:e3:b9:ef:35:46:29:b0:5c:65:20:a3:4f:0f:
8a:83:07:db:87:0c:72:68:1c:1a:09:e2:ad:ab:10:
0d:cd:b8:f1:f1:8e:90:2c:62:8e:55:4d:09:eb:51:
91:45:4c:a4:8f:9a:dc:78:8e:cd:8e:39:35:d8:94:
7c:48:a9:dc:7e:10:8d:57:ff:3c:ef:67:c8:3a:79:
d9:3f:78:8e:8e:c8:d2:ba:e1:28:3d:a9:70:be:bd:
9e:8d:9b:0d:c7:e1:4c:52:5d:be:b6:fe:65:f5:91:
50:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:53:DA:8B:CB:00:1C:C4:EA:97:3F:FF:8F:D5:4B:E2:DC:1A:C9:6E
X509v3 Authority Key Identifier:
keyid:E3:BE:07:CB:1F:D4:F1:E3:C9:22:30:3B:67:0A:88:1B:82:E6:14:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/474Hyx_U8ePJIjA7ZwqIG4LmFJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/NlPai8sAHMTqlz__j9VL4twayW4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/474Hyx_U8ePJIjA7ZwqIG4LmFJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.109.0.0/16
62.85.0.0/17
78.84.0.0/16
80.232.128.0/17
81.198.0.0/16
84.237.128.0/17
87.110.0.0/16
87.246.144.0-87.246.191.255
91.105.0.0/17
95.68.0.0/17
185.38.56.0/22
194.8.16.0-194.8.27.255
195.2.96.0/19
195.13.128.0/17
195.114.32.0/19
195.122.0.0/19
IPv6:
2a02:2330::/29
Signature Algorithm: sha256WithRSAEncryption
6c:15:b7:4c:f7:0b:f3:c3:27:90:7f:c7:92:30:93:fb:22:05:
5a:e2:b0:74:f5:5a:1c:56:1a:36:e2:a0:c6:96:49:6f:71:1e:
88:b4:3b:eb:34:49:9a:7f:cd:e0:4c:26:16:6c:1d:31:e3:9f:
bb:f2:34:91:e6:9f:99:65:0a:24:17:4b:48:5a:25:19:46:0a:
81:05:f4:cb:58:bc:d8:7d:16:b2:7f:3e:29:05:5c:bd:8a:7d:
a0:c6:8c:0e:04:2b:21:9a:38:19:9d:1e:d8:59:64:67:df:00:
71:b4:64:48:97:02:7d:e9:41:cb:12:71:e1:53:e3:9c:33:ce:
66:e8:12:03:ce:81:ec:64:80:fb:64:7a:ba:c6:d1:d1:a7:6c:
80:0f:49:bb:fe:29:9f:a6:19:0c:c8:6e:f6:e3:e7:f6:70:24:
72:8f:65:82:cf:f6:76:57:9f:75:38:1a:d9:ec:d2:2c:dc:41:
5c:8e:3f:99:76:2c:5d:8c:66:f4:7e:8d:17:a4:22:f3:f1:c4:
fe:cf:97:5e:ef:71:d5:83:00:51:ca:9d:39:f6:4e:d8:60:61:
f4:24:0f:fa:e1:5f:c8:68:ae:6a:ac:5c:7e:42:88:18:7c:71:
da:f1:1c:72:09:4c:01:11:3b:f2:f9:a6:45:f7:70:ed:ed:81:
57:47:d6:65
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAYwfUmD89NFVxNsvuOOvPLemMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzYmUwN2NiMWZkNGYxZTNjOTIyMzAzYjY3MGE4ODFiODJl
NjE0OTEwHhcNMjMxMTMwMDgyMjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjUzZGE4YmNiMDAxY2M0ZWE5NzNmZmY4ZmQ1NGJlMmRjMWFjOTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnNxnRd1NN2F+QZAKzQE2RpbkLwCM
3HyxbLzsfmK4tSAW/zrz2PijJI3nYZmLzmRPkkcxCfWhl5U9RrS7sMPrC85UuA2F
rj8auNQLEw+aKcC3sRkqfMJZLfJKr0yMN6syMSh8O1GK2sWHwlMfGvNb+HAE2tAT
FFXr5QRbDSiSv/8fM8gcBQuyTtBv8JlESs17ez1WTY7clOO57zVGKbBcZSCjTw+K
gwfbhwxyaBwaCeKtqxANzbjx8Y6QLGKOVU0J61GRRUykj5rceI7Njjk12JR8SKnc
fhCNV/8872fIOnnZP3iOjsjSuuEoPalwvr2ejZsNx+FMUl2+tv5l9ZFQnQIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFDZT2ovLABzE6pc//4/VS+LcGsluMB8GA1UdIwQY
MBaAFOO+B8sf1PHjySIwO2cKiBuC5hSRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDc0SHl4X1U4ZVBKSWpBN1p3cUlHNExtRkpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS84ZjVmYWUtZGE5MC00MzE0LWJmZmMt
ZDRlZTFkMzg5ZTBkLzEvTmxQYWk4c0FITVRxbHpfX2o5Vkw0dHdheVc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS84ZjVmYWUtZGE5MC00MzE0LWJmZmMtZDRlZTFkMzg5ZTBk
LzEvNDc0SHl4X1U4ZVBKSWpBN1p3cUlHNExtRkpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzByBAIAATBsAwMALm0D
BAc+VQADAwBOVAMEB1DogAMDAFHGAwQHVO2AAwMAV24wDAMEBFf2kAMEBlf2gAME
B1tpAAMEB19EAAMEArkmODAMAwQEwggQAwQCwggYAwQFwwJgAwQHww2AAwQFw3Ig
AwQFw3oAMA0EAgACMAcDBQMqAiMwMA0GCSqGSIb3DQEBCwUAA4IBAQBsFbdM9wvz
wyeQf8eSMJP7IgVa4rB09VocVho24qDGlklvcR6ItDvrNEmaf83gTCYWbB0x45+7
8jSR5p+ZZQokF0tIWiUZRgqBBfTLWLzYfRayfz4pBVy9in2gxowOBCshmjgZnR7Y
WWRn3wBxtGRIlwJ96UHLEnHhU+OcM85m6BIDzoHsZID7ZHq6xtHRp2yAD0m7/imf
phkMyG724+f2cCRyj2WCz/Z2V591OBrZ7NIs3EFcjj+ZdixdjGb0fo0XpCLz8cT+
z5de73HVgwBRyp059k7YYGH0JA/64V/IaK5qrFx+QogYfHHa8RxyCUwBETvy+aZF
93Dt7YFXR9Zl
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:29 2024 by rpki-client on console-fra.rpki-client.org