Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/1eb120-687c-4993-857f-8a03a7c1fe9b/1/NkMKA_4tPfB3M2-CGV51TnjIz9s.roa
File: NkMKA_4tPfB3M2-CGV51TnjIz9s.roa (raw, json)
Hash identifier: cD/7UZvIice8GiW6PWpq6p5uB2dHJ5VR/PbbZiMCkO0=
Subject key identifier: 36:43:0A:03:FE:2D:3D:F0:77:33:6F:82:19:5E:75:4E:78:C8:CF:DB
Certificate issuer: /CN=24d9da4ffb1bb6d273de1bad5dbbf0d1ff47f0cf
Certificate serial: 01983B2740E477A2C0913051A28AA9C47253
Authority key identifier: 24:D9:DA:4F:FB:1B:B6:D2:73:DE:1B:AD:5D:BB:F0:D1:FF:47:F0:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JNnaT_sbttJz3hutXbvw0f9H8M8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/1eb120-687c-4993-857f-8a03a7c1fe9b/1/NkMKA_4tPfB3M2-CGV51TnjIz9s.roa
Signing time: Thu 24 Jul 2025 06:38:04 +0000
ROA not before: Thu 24 Jul 2025 06:38:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48065
IP address blocks: 46.213.0.0/21 maxlen: 21
46.213.8.0/21 maxlen: 21
46.213.16.0/21 maxlen: 21
46.213.24.0/21 maxlen: 21
46.213.32.0/21 maxlen: 21
46.213.40.0/21 maxlen: 21
46.213.48.0/21 maxlen: 21
46.213.56.0/21 maxlen: 21
46.213.64.0/21 maxlen: 21
46.213.72.0/21 maxlen: 21
46.213.80.0/21 maxlen: 21
46.213.88.0/21 maxlen: 21
46.213.96.0/21 maxlen: 21
46.213.104.0/21 maxlen: 21
46.213.112.0/21 maxlen: 21
46.213.120.0/21 maxlen: 21
46.213.128.0/21 maxlen: 21
46.213.136.0/21 maxlen: 21
46.213.144.0/21 maxlen: 21
46.213.152.0/21 maxlen: 21
46.213.160.0/21 maxlen: 21
46.213.168.0/21 maxlen: 21
46.213.176.0/21 maxlen: 21
46.213.184.0/21 maxlen: 21
46.213.192.0/21 maxlen: 21
46.213.200.0/21 maxlen: 21
46.213.208.0/21 maxlen: 21
46.213.216.0/21 maxlen: 21
46.213.224.0/21 maxlen: 21
46.213.232.0/21 maxlen: 21
46.213.240.0/21 maxlen: 21
46.213.248.0/21 maxlen: 21
94.252.192.0/21 maxlen: 21
94.252.200.0/21 maxlen: 21
94.252.208.0/21 maxlen: 21
94.252.216.0/21 maxlen: 21
178.52.0.0/21 maxlen: 21
Validation: Failed, certificate revoked on Thu 24 Jul 2025 07:23:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:3b:27:40:e4:77:a2:c0:91:30:51:a2:8a:a9:c4:72:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24d9da4ffb1bb6d273de1bad5dbbf0d1ff47f0cf
Validity
Not Before: Jul 24 06:38:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=36430a03fe2d3df077336f82195e754e78c8cfdb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:3a:72:aa:e7:f1:b1:af:dc:d2:07:17:59:ce:
65:08:cf:e3:54:79:04:04:a5:7f:f4:71:50:d1:76:
08:a7:58:5b:5e:9b:5f:9f:f7:ca:bd:77:86:81:84:
c7:c6:6d:2e:a2:a5:e3:a0:e0:bd:21:01:29:06:95:
2c:fe:9a:c5:62:1b:3e:90:0f:36:90:e8:c3:d9:9e:
b7:d2:78:64:69:08:5f:dc:c1:e9:7e:50:bf:61:2d:
bf:13:f6:99:05:28:13:1b:c4:15:64:f7:d8:ba:dd:
69:6a:f8:3f:b5:e5:f3:81:d3:77:64:1b:70:80:92:
d2:60:40:10:2b:7d:d1:82:dc:fb:95:16:3c:6e:d7:
6c:79:2e:77:49:54:da:c5:19:ed:15:75:b7:1c:e7:
80:ad:9d:7e:5a:3a:1f:8f:03:85:ff:c0:e0:d4:67:
05:e9:25:4f:94:f2:3c:b0:5d:ad:ab:2d:2f:f9:e4:
d8:e7:79:78:d6:15:da:5b:a7:a9:81:ba:07:18:6d:
67:c7:3a:73:8f:7c:fe:60:83:c7:ed:8c:28:5a:50:
e3:55:ba:6b:38:68:61:b9:8e:ce:de:47:51:57:f4:
27:0c:16:2d:31:83:99:c2:d4:01:ce:03:51:dc:c5:
f7:af:9b:f5:4e:b4:8f:09:34:9a:eb:e1:c8:d6:b1:
21:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:43:0A:03:FE:2D:3D:F0:77:33:6F:82:19:5E:75:4E:78:C8:CF:DB
X509v3 Authority Key Identifier:
keyid:24:D9:DA:4F:FB:1B:B6:D2:73:DE:1B:AD:5D:BB:F0:D1:FF:47:F0:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JNnaT_sbttJz3hutXbvw0f9H8M8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/1eb120-687c-4993-857f-8a03a7c1fe9b/1/NkMKA_4tPfB3M2-CGV51TnjIz9s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/1eb120-687c-4993-857f-8a03a7c1fe9b/1/JNnaT_sbttJz3hutXbvw0f9H8M8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.213.0.0/16
94.252.192.0/19
178.52.0.0/21
Signature Algorithm: sha256WithRSAEncryption
2e:6d:4c:ee:9c:f4:41:bd:e8:5f:b7:e6:7a:ff:d0:e2:27:2e:
4a:c2:69:56:75:b3:d7:b9:2e:db:9f:df:b7:3b:d5:7b:21:92:
34:a7:f8:86:aa:7a:cb:1f:7a:b8:42:07:a0:7d:be:81:70:f2:
14:b3:7e:b7:58:76:53:2b:3a:48:e2:54:10:ef:e6:ed:db:89:
6c:58:62:ad:3d:62:ea:e7:86:77:c4:1a:5e:bd:b9:a5:d7:76:
77:07:d9:63:3c:ec:44:32:4c:30:fe:2d:4f:68:ec:b9:ce:d6:
ff:97:aa:09:c2:ac:77:aa:85:d5:06:e7:97:63:9e:fd:df:09:
da:cc:f7:60:05:d9:c1:b5:3c:51:d3:d8:19:b9:b3:84:56:fd:
6c:2a:43:cc:57:5e:49:0f:cb:6b:ec:ce:46:34:2f:1c:4e:07:
ec:42:90:de:66:d8:a9:e6:3e:7d:b7:e3:12:ae:08:bf:fe:34:
c9:93:f5:1e:bf:e3:8d:ae:4f:d9:32:5e:a2:f3:8d:83:3e:d7:
fc:f4:41:a1:09:b4:16:7a:a6:57:cd:c1:b8:fb:37:3c:cf:19:
7c:34:a7:08:8c:95:03:4a:d2:bc:a7:c1:de:7e:22:fe:6e:67:
4d:1b:e0:20:e4:29:9d:f8:4e:6a:65:28:29:19:f3:3d:43:5f:
8f:c9:ff:1f
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAZg7J0Dkd6LAkTBRooqpxHJTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0ZDlkYTRmZmIxYmI2ZDI3M2RlMWJhZDVkYmJmMGQxZmY0
N2YwY2YwHhcNMjUwNzI0MDYzODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjQzMGEwM2ZlMmQzZGYwNzczMzZmODIxOTVlNzU0ZTc4YzhjZmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzpyqufxsa/c0gcXWc5lCM/jVHkE
BKV/9HFQ0XYIp1hbXptfn/fKvXeGgYTHxm0uoqXjoOC9IQEpBpUs/prFYhs+kA82
kOjD2Z630nhkaQhf3MHpflC/YS2/E/aZBSgTG8QVZPfYut1pavg/teXzgdN3ZBtw
gJLSYEAQK33Rgtz7lRY8btdseS53SVTaxRntFXW3HOeArZ1+WjofjwOF/8Dg1GcF
6SVPlPI8sF2tqy0v+eTY53l41hXaW6epgboHGG1nxzpzj3z+YIPH7YwoWlDjVbpr
OGhhuY7O3kdRV/QnDBYtMYOZwtQBzgNR3MX3r5v1TrSPCTSa6+HI1rEhQwIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFDZDCgP+LT3wdzNvghledU54yM/bMB8GA1UdIwQY
MBaAFCTZ2k/7G7bSc94brV278NH/R/DPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSk5uYVRfc2J0dEp6M2h1dFhidncwZjlIOE04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny8xZWIxMjAtNjg3Yy00OTkzLTg1N2Yt
OGEwM2E3YzFmZTliLzEvTmtNS0FfNHRQZkIzTTItQ0dWNTFUbmpJejlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny8xZWIxMjAtNjg3Yy00OTkzLTg1N2YtOGEwM2E3YzFmZTli
LzEvSk5uYVRfc2J0dEp6M2h1dFhidncwZjlIOE04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAATARAwMALtUDBAVe
/MADBAOyNAAwDQYJKoZIhvcNAQELBQADggEBAC5tTO6c9EG96F+35nr/0OInLkrC
aVZ1s9e5Ltuf37c71XshkjSn+IaqessferhCB6B9voFw8hSzfrdYdlMrOkjiVBDv
5u3biWxYYq09YurnhnfEGl69uaXXdncH2WM87EQyTDD+LU9o7LnO1v+XqgnCrHeq
hdUG55djnv3fCdrM92AF2cG1PFHT2Bm5s4RW/WwqQ8xXXkkPy2vszkY0LxxOB+xC
kN5m2KnmPn234xKuCL/+NMmT9R6/442uT9kyXqLzjYM+1/z0QaEJtBZ6plfNwbj7
NzzPGXw0pwiMlQNK0rynwd5+Iv5uZ00b4CDkKZ34TmplKCkZ8z1DX4/J/x8=
-----END CERTIFICATE-----
Generated at Sun Jul 27 08:39:47 2025 by rpki-client