Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/d42abb-3342-4887-af40-9cd68f221e21/1/NtRdPNv_aBhto3cq_t4E8bC8Cw4.roa
File: NtRdPNv_aBhto3cq_t4E8bC8Cw4.roa (raw, json)
Hash identifier: zl4ZkEUAcl1asDqt39w7k/9LV1ypjgsTwMffjk4xCqM=
Subject key identifier: 36:D4:5D:3C:DB:FF:68:18:6D:A3:77:2A:FE:DE:04:F1:B0:BC:0B:0E
Certificate issuer: /CN=099a1f2dbf7b7a84ae57b8d67426b7e4e420fab5
Certificate serial: 018A643A1C105C35F427BEEB794E8FDFEB9A
Authority key identifier: 09:9A:1F:2D:BF:7B:7A:84:AE:57:B8:D6:74:26:B7:E4:E4:20:FA:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CZofLb97eoSuV7jWdCa35OQg-rU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/d42abb-3342-4887-af40-9cd68f221e21/1/NtRdPNv_aBhto3cq_t4E8bC8Cw4.roa
Signing time: Tue 05 Sep 2023 07:24:04 +0000
ROA not before: Tue 05 Sep 2023 07:24:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202053
IP address blocks: 94.237.4.0/22 maxlen: 22
94.237.1.0/24 maxlen: 24
94.237.0.0/24 maxlen: 24
94.237.2.0/23 maxlen: 23
94.237.8.0/21 maxlen: 21
5.22.208.0/21 maxlen: 21
185.26.48.0/22 maxlen: 22
5.22.216.0/22 maxlen: 22
5.22.220.0/22 maxlen: 22
94.237.80.0/20 maxlen: 20
94.237.96.0/21 maxlen: 21
94.237.104.0/22 maxlen: 22
94.237.108.0/22 maxlen: 22
94.237.112.0/21 maxlen: 21
94.237.16.0/21 maxlen: 21
94.237.24.0/21 maxlen: 21
94.237.32.0/21 maxlen: 21
94.237.40.0/21 maxlen: 21
94.237.48.0/20 maxlen: 20
94.237.64.0/20 maxlen: 20
185.20.136.0/22 maxlen: 22
94.237.120.0/22 maxlen: 22
94.237.124.0/23 maxlen: 23
185.70.196.0/22 maxlen: 22
94.237.126.0/24 maxlen: 24
194.62.96.0/22 maxlen: 22
95.111.208.0/22 maxlen: 22
95.111.216.0/21 maxlen: 21
83.136.248.0/21 maxlen: 21
95.111.192.0/20 maxlen: 20
80.69.172.0/22 maxlen: 22
2a04:3546::/32 maxlen: 32
2a04:3545::/32 maxlen: 32
2a04:3542::/32 maxlen: 32
2a04:3542:8000::/34 maxlen: 34
2a04:3543::/32 maxlen: 32
2a04:3541:8000::/34 maxlen: 34
2a04:3541::/32 maxlen: 32
2a04:3544:8000::/34 maxlen: 34
2a04:3544::/32 maxlen: 32
2a04:3540::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:64:3a:1c:10:5c:35:f4:27:be:eb:79:4e:8f:df:eb:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=099a1f2dbf7b7a84ae57b8d67426b7e4e420fab5
Validity
Not Before: Sep 5 07:24:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=36d45d3cdbff68186da3772afede04f1b0bc0b0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:aa:e8:1a:a9:03:8f:7b:ae:b6:64:55:57:e0:
88:a9:bd:69:b7:06:66:14:31:00:18:01:a4:bf:21:
74:2c:2e:92:95:b8:c2:3f:4a:e2:73:0e:31:0d:ae:
8e:b7:08:06:49:99:a7:37:1b:a8:72:1e:b8:46:48:
60:32:03:ac:ea:0b:22:30:aa:71:87:92:1f:83:e1:
b6:fd:76:29:28:e1:b2:45:9f:f8:a6:1a:ce:9e:19:
e6:e3:b7:2c:a8:93:bb:0f:46:7d:e3:f6:6d:8a:40:
72:ee:a5:e5:80:1a:22:12:21:a6:ad:0f:0f:a7:0c:
8a:f8:90:d5:c6:c7:84:93:1f:6a:6b:c8:92:c1:95:
aa:d8:9a:a8:9c:4b:ba:c1:96:70:61:52:71:16:f7:
8c:e3:59:ef:fb:38:09:b6:17:5e:97:b0:de:5b:6a:
c0:3b:9d:e6:af:78:1b:1a:49:34:5b:e7:19:b5:f3:
b3:58:7c:95:03:ba:4f:a7:3e:75:79:4d:ff:9e:7e:
d6:e9:ed:3c:f5:35:82:4c:c0:87:9d:c2:28:21:6e:
13:6e:f2:cd:19:ae:92:d8:72:52:83:f4:0b:32:33:
0f:a8:c7:ab:e4:be:7d:d5:cb:87:37:35:17:80:d7:
80:1d:28:16:35:55:eb:59:dd:03:75:d0:0d:e2:34:
e9:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:D4:5D:3C:DB:FF:68:18:6D:A3:77:2A:FE:DE:04:F1:B0:BC:0B:0E
X509v3 Authority Key Identifier:
keyid:09:9A:1F:2D:BF:7B:7A:84:AE:57:B8:D6:74:26:B7:E4:E4:20:FA:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CZofLb97eoSuV7jWdCa35OQg-rU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/d42abb-3342-4887-af40-9cd68f221e21/1/NtRdPNv_aBhto3cq_t4E8bC8Cw4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/d42abb-3342-4887-af40-9cd68f221e21/1/CZofLb97eoSuV7jWdCa35OQg-rU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.22.208.0/20
80.69.172.0/22
83.136.248.0/21
94.237.0.0-94.237.126.255
95.111.192.0-95.111.211.255
95.111.216.0/21
185.20.136.0/22
185.26.48.0/22
185.70.196.0/22
194.62.96.0/22
IPv6:
2a04:3540::-2a04:3546:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
51:55:dc:e5:ec:73:b8:ab:f5:c8:06:70:73:5a:f6:fa:e9:02:
5a:33:42:03:71:3e:db:34:1e:04:fd:0b:67:63:3f:de:a9:5b:
2b:12:81:5d:fd:9c:26:bc:dc:44:5c:f0:24:ae:13:96:c8:b7:
8f:2d:c4:3d:d5:c8:c2:46:b8:62:2d:28:1d:dd:88:d7:8c:8d:
43:a7:c0:a6:f1:ef:63:99:92:1b:1d:21:3e:47:cf:09:f4:42:
14:d9:89:a5:14:49:73:75:c5:30:f0:72:60:a3:54:91:2c:49:
e1:90:a3:db:00:3c:56:b3:58:e8:e6:06:6d:71:0a:68:2f:8c:
f3:f9:9d:65:09:6b:e0:d1:18:73:df:8a:25:69:22:b3:a0:2d:
02:70:1e:97:1d:93:59:b0:04:8d:73:d6:d5:91:b8:34:0d:f8:
77:ec:e7:4d:4d:de:47:66:54:96:df:90:68:b9:57:0c:fa:38:
df:ee:d3:f9:c8:ca:11:5a:b5:15:20:a6:f9:4d:8a:54:04:8b:
41:a2:d9:cc:75:8c:14:03:73:04:0f:a2:88:d7:14:76:36:02:
ff:f4:cd:b6:45:9c:6c:34:63:1d:c8:2d:0c:82:69:c0:93:bd:
2d:f9:7b:c6:e9:23:0a:33:ec:f6:cb:c2:90:c3:62:50:e3:c8:
ef:41:8f:0e
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgISAYpkOhwQXDX0J77reU6P3+uaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5OWExZjJkYmY3YjdhODRhZTU3YjhkNjc0MjZiN2U0ZTQy
MGZhYjUwHhcNMjMwOTA1MDcyNDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmQ0NWQzY2RiZmY2ODE4NmRhMzc3MmFmZWRlMDRmMWIwYmMwYjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoKroGqkDj3uutmRVV+CIqb1ptwZm
FDEAGAGkvyF0LC6SlbjCP0ricw4xDa6OtwgGSZmnNxuoch64RkhgMgOs6gsiMKpx
h5Ifg+G2/XYpKOGyRZ/4phrOnhnm47csqJO7D0Z94/ZtikBy7qXlgBoiEiGmrQ8P
pwyK+JDVxseEkx9qa8iSwZWq2JqonEu6wZZwYVJxFveM41nv+zgJthdel7DeW2rA
O53mr3gbGkk0W+cZtfOzWHyVA7pPpz51eU3/nn7W6e089TWCTMCHncIoIW4TbvLN
Ga6S2HJSg/QLMjMPqMer5L591cuHNzUXgNeAHSgWNVXrWd0DddAN4jTpbwIDAQAB
o4ICZjCCAmIwHQYDVR0OBBYEFDbUXTzb/2gYbaN3Kv7eBPGwvAsOMB8GA1UdIwQY
MBaAFAmaHy2/e3qErle41nQmt+TkIPq1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1pvZkxiOTdlb1N1VjdqV2RDYTM1T1FnLXJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9kNDJhYmItMzM0Mi00ODg3LWFmNDAt
OWNkNjhmMjIxZTIxLzEvTnRSZFBOdl9hQmh0bzNjcV90NEU4YkM4Q3c0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9kNDJhYmItMzM0Mi00ODg3LWFmNDAtOWNkNjhmMjIxZTIx
LzEvQ1pvZkxiOTdlb1N1VjdqV2RDYTM1T1FnLXJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHwGCCsGAQUFBwEHAQH/BG0wazBRBAIAATBLAwQEBRbQAwQC
UEWsAwQDU4j4MAsDAwBe7QMEAF7tfjAMAwQGX2/AAwQCX2/QAwQDX2/YAwQCuRSI
AwQCuRowAwQCuUbEAwQCwj5gMBYEAgACMBAwDgMFBioENUADBQAqBDVGMA0GCSqG
SIb3DQEBCwUAA4IBAQBRVdzl7HO4q/XIBnBzWvb66QJaM0IDcT7bNB4E/QtnYz/e
qVsrEoFd/ZwmvNxEXPAkrhOWyLePLcQ91cjCRrhiLSgd3YjXjI1Dp8Cm8e9jmZIb
HSE+R88J9EIU2YmlFElzdcUw8HJgo1SRLEnhkKPbADxWs1jo5gZtcQpoL4zz+Z1l
CWvg0Rhz34olaSKzoC0CcB6XHZNZsASNc9bVkbg0Dfh37OdNTd5HZlSW35BouVcM
+jjf7tP5yMoRWrUVIKb5TYpUBItBotnMdYwUA3MED6KI1xR2NgL/9M22RZxsNGMd
yC0MgmnAk70t+XvG6SMKM+z2y8KQw2JQ48jvQY8O
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:51 2024 by rpki-client on console-ams.rpki-client.org