Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/ed51ec-78e6-4ff0-ba58-076c88b8802f/1/NRWbALcjEPB4gbGDU2YHps-nRvo.roa
File: NRWbALcjEPB4gbGDU2YHps-nRvo.roa (raw, json)
Hash identifier: cFxRq0w1Nkcvjo2DzHv2G6lFWN1vQQS/pX8gMrVEu7c=
Subject key identifier: 35:15:9B:00:B7:23:10:F0:78:81:B1:83:53:66:07:A6:CF:A7:46:FA
Certificate issuer: /CN=65df379faaf210a7036dac05de6b5772dbe4dd6c
Certificate serial: 018FED1995BA171DD76E9E85E1B14A589BD8
Authority key identifier: 65:DF:37:9F:AA:F2:10:A7:03:6D:AC:05:DE:6B:57:72:DB:E4:DD:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zd83n6ryEKcDbawF3mtXctvk3Ww.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/ed51ec-78e6-4ff0-ba58-076c88b8802f/1/NRWbALcjEPB4gbGDU2YHps-nRvo.roa
Signing time: Thu 06 Jun 2024 10:30:27 +0000
ROA not before: Thu 06 Jun 2024 10:30:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201838
IP address blocks: 45.12.172.0/22 maxlen: 24
45.81.72.0/22 maxlen: 22
45.86.8.0/22 maxlen: 24
45.89.84.0/22 maxlen: 22
45.89.156.0/22 maxlen: 22
45.90.172.0/22 maxlen: 22
45.91.112.0/22 maxlen: 22
45.93.172.0/22 maxlen: 22
45.94.60.0/22 maxlen: 22
45.94.176.0/22 maxlen: 22
45.95.248.0/22 maxlen: 22
45.117.136.0/22 maxlen: 22
45.128.32.0/22 maxlen: 22
45.128.136.0/22 maxlen: 22
45.132.136.0/21 maxlen: 24
45.133.88.0/22 maxlen: 24
45.141.236.0/22 maxlen: 22
45.144.56.0/22 maxlen: 24
45.144.160.0/22 maxlen: 24
45.146.8.0/22 maxlen: 22
45.146.60.0/22 maxlen: 24
45.148.12.0/22 maxlen: 22
45.148.56.0/22 maxlen: 22
45.148.252.0/22 maxlen: 24
45.149.72.0/22 maxlen: 24
45.149.220.0/22 maxlen: 22
45.150.144.0/22 maxlen: 22
45.152.4.0/22 maxlen: 24
45.153.220.0/22 maxlen: 24
45.159.88.0/22 maxlen: 22
45.159.152.0/22 maxlen: 24
45.248.144.0/22 maxlen: 24
46.102.170.0/23 maxlen: 23
46.102.170.0/24 maxlen: 24
46.102.171.0/24 maxlen: 24
62.133.48.0/22 maxlen: 22
62.197.132.0/22 maxlen: 24
77.75.60.0/22 maxlen: 24
79.171.153.0/24 maxlen: 24
79.171.154.0/23 maxlen: 23
79.171.156.0/22 maxlen: 22
80.76.56.0/22 maxlen: 22
89.36.112.0/20 maxlen: 20
89.43.208.0/21 maxlen: 24
89.45.176.0/20 maxlen: 20
93.113.26.0/23 maxlen: 23
94.176.208.0/23 maxlen: 23
94.177.138.0/23 maxlen: 23
94.247.86.0/23 maxlen: 23
95.214.184.0/22 maxlen: 22
95.214.228.0/22 maxlen: 22
103.7.204.0/22 maxlen: 22
103.205.24.0/22 maxlen: 24
130.255.16.0/22 maxlen: 24
130.255.28.0/22 maxlen: 24
147.12.128.0/17 maxlen: 17
171.22.104.0/22 maxlen: 22
178.239.192.0/22 maxlen: 24
178.239.200.0/22 maxlen: 24
178.255.88.0/21 maxlen: 24
185.59.124.0/22 maxlen: 22
185.71.36.0/22 maxlen: 22
185.103.72.0/22 maxlen: 24
185.111.172.0/22 maxlen: 22
185.115.144.0/22 maxlen: 24
185.121.228.0/22 maxlen: 24
185.229.104.0/22 maxlen: 24
185.230.248.0/22 maxlen: 24
185.236.60.0/22 maxlen: 24
185.237.60.0/22 maxlen: 22
185.238.220.0/22 maxlen: 22
185.240.196.0/22 maxlen: 22
185.241.164.0/22 maxlen: 22
185.245.236.0/22 maxlen: 24
188.212.122.0/23 maxlen: 23
188.215.16.0/23 maxlen: 23
188.215.74.0/23 maxlen: 23
188.241.106.0/23 maxlen: 23
192.166.208.0/22 maxlen: 22
192.166.212.0/22 maxlen: 24
193.42.52.0/22 maxlen: 24
193.164.20.0/22 maxlen: 22
194.4.156.0/22 maxlen: 24
212.132.192.0/18 maxlen: 18
213.32.248.0/22 maxlen: 24
2a02:6b60::/28 maxlen: 28
2a02:6b60::/29 maxlen: 29
2a03:3820::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 04 Jul 2024 09:04:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ed:19:95:ba:17:1d:d7:6e:9e:85:e1:b1:4a:58:9b:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65df379faaf210a7036dac05de6b5772dbe4dd6c
Validity
Not Before: Jun 6 10:30:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=35159b00b72310f07881b183536607a6cfa746fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:58:a7:ea:a2:01:af:c5:3b:97:7f:4b:cf:3d:
3e:58:27:3e:47:53:a0:74:1a:82:b4:4f:6d:61:da:
a9:4e:33:7c:20:a4:01:1e:c0:ef:4c:2f:31:78:af:
a0:24:00:0a:ae:80:1c:eb:87:96:5b:a2:66:cc:06:
61:51:fe:0d:50:bb:c0:3a:d8:a8:76:ec:9c:f3:fa:
71:0d:a0:1b:50:d3:f9:7b:1f:47:b4:ea:c1:6b:30:
b8:6f:b3:96:cb:5e:41:8f:cc:e6:dc:27:8a:f3:3f:
1c:88:2f:aa:d6:ba:e8:1c:7d:7a:3e:3f:11:c4:12:
a4:70:4c:a0:07:01:fe:90:d4:31:83:a9:b6:79:9c:
0d:d3:34:8f:32:f7:07:21:ee:43:f6:ec:c6:fb:ea:
06:eb:1c:8e:df:a8:df:80:e4:ed:bd:9d:da:ef:f4:
f1:6c:2c:18:a2:66:8c:ed:9e:dc:79:c6:1c:39:8f:
8a:38:62:f0:79:a7:20:8e:cc:5a:bd:dd:f5:7a:5d:
ae:55:79:2c:f8:5c:c3:a4:2e:5a:ca:dd:30:35:3a:
f7:b4:b4:ad:be:eb:ce:f0:df:35:41:64:d1:47:46:
e9:76:26:32:5f:c9:6c:9f:aa:23:1c:28:16:43:06:
47:a8:f8:77:c6:82:9c:04:12:38:2f:3b:f0:86:91:
03:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:15:9B:00:B7:23:10:F0:78:81:B1:83:53:66:07:A6:CF:A7:46:FA
X509v3 Authority Key Identifier:
keyid:65:DF:37:9F:AA:F2:10:A7:03:6D:AC:05:DE:6B:57:72:DB:E4:DD:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zd83n6ryEKcDbawF3mtXctvk3Ww.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/ed51ec-78e6-4ff0-ba58-076c88b8802f/1/NRWbALcjEPB4gbGDU2YHps-nRvo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/ed51ec-78e6-4ff0-ba58-076c88b8802f/1/Zd83n6ryEKcDbawF3mtXctvk3Ww.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.172.0/22
45.81.72.0/22
45.86.8.0/22
45.89.84.0/22
45.89.156.0/22
45.90.172.0/22
45.91.112.0/22
45.93.172.0/22
45.94.60.0/22
45.94.176.0/22
45.95.248.0/22
45.117.136.0/22
45.128.32.0/22
45.128.136.0/22
45.132.136.0/21
45.133.88.0/22
45.141.236.0/22
45.144.56.0/22
45.144.160.0/22
45.146.8.0/22
45.146.60.0/22
45.148.12.0/22
45.148.56.0/22
45.148.252.0/22
45.149.72.0/22
45.149.220.0/22
45.150.144.0/22
45.152.4.0/22
45.153.220.0/22
45.159.88.0/22
45.159.152.0/22
45.248.144.0/22
46.102.170.0/23
62.133.48.0/22
62.197.132.0/22
77.75.60.0/22
79.171.153.0-79.171.159.255
80.76.56.0/22
89.36.112.0/20
89.43.208.0/21
89.45.176.0/20
93.113.26.0/23
94.176.208.0/23
94.177.138.0/23
94.247.86.0/23
95.214.184.0/22
95.214.228.0/22
103.7.204.0/22
103.205.24.0/22
130.255.16.0/22
130.255.28.0/22
147.12.128.0/17
171.22.104.0/22
178.239.192.0/22
178.239.200.0/22
178.255.88.0/21
185.59.124.0/22
185.71.36.0/22
185.103.72.0/22
185.111.172.0/22
185.115.144.0/22
185.121.228.0/22
185.229.104.0/22
185.230.248.0/22
185.236.60.0/22
185.237.60.0/22
185.238.220.0/22
185.240.196.0/22
185.241.164.0/22
185.245.236.0/22
188.212.122.0/23
188.215.16.0/23
188.215.74.0/23
188.241.106.0/23
192.166.208.0/21
193.42.52.0/22
193.164.20.0/22
194.4.156.0/22
212.132.192.0/18
213.32.248.0/22
IPv6:
2a02:6b60::/28
2a03:3820::/32
Signature Algorithm: sha256WithRSAEncryption
22:54:7a:e2:60:81:7d:1b:53:d0:01:76:07:a1:37:99:a6:fb:
62:cf:c3:15:68:bb:cb:03:d3:7a:bb:4f:4f:10:8a:b2:c1:a1:
e0:3a:cb:ec:36:84:2d:7e:2b:27:7e:98:25:f7:e8:77:39:18:
74:ed:7d:cc:28:64:9a:94:c6:82:01:ed:11:4f:90:4f:45:e7:
16:4a:2a:2f:98:5f:1a:f2:42:8f:ff:64:3b:e7:c0:70:21:6e:
92:b2:24:34:cf:26:27:34:f3:20:81:3c:da:cf:6f:0f:f7:7b:
0f:fa:d4:10:55:59:5d:89:d5:68:0a:5b:15:78:9c:2b:cf:0d:
e8:49:2a:5b:0e:c6:c3:9d:95:ec:df:22:59:59:20:17:7d:4c:
34:58:f1:6c:b4:52:52:65:7a:e4:2f:b5:d2:aa:02:af:06:79:
27:d2:c9:a1:0a:d3:2d:42:e9:8b:e3:44:d7:8e:82:d3:e8:ce:
71:ea:70:21:0d:8d:f6:1a:89:f3:ba:e8:2f:1f:0a:4f:bc:f8:
34:ee:ad:7f:3a:87:e1:25:8e:9e:98:fd:3c:64:90:2f:d2:ab:
8d:eb:cf:87:eb:ff:87:88:39:5d:bf:64:39:c4:0c:07:73:38:
46:fb:97:80:d7:66:94:dc:05:a3:0a:ae:c0:4b:e9:57:fb:a0:
3d:c2:e1:e8
-----BEGIN CERTIFICATE-----
MIIG/zCCBeegAwIBAgISAY/tGZW6Fx3Xbp6F4bFKWJvYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1ZGYzNzlmYWFmMjEwYTcwMzZkYWMwNWRlNmI1NzcyZGJl
NGRkNmMwHhcNMjQwNjA2MTAzMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTE1OWIwMGI3MjMxMGYwNzg4MWIxODM1MzY2MDdhNmNmYTc0NmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtVin6qIBr8U7l39Lzz0+WCc+R1Og
dBqCtE9tYdqpTjN8IKQBHsDvTC8xeK+gJAAKroAc64eWW6JmzAZhUf4NULvAOtio
duyc8/pxDaAbUNP5ex9HtOrBazC4b7OWy15Bj8zm3CeK8z8ciC+q1rroHH16Pj8R
xBKkcEygBwH+kNQxg6m2eZwN0zSPMvcHIe5D9uzG++oG6xyO36jfgOTtvZ3a7/Tx
bCwYomaM7Z7cecYcOY+KOGLweacgjsxavd31el2uVXks+FzDpC5ayt0wNTr3tLSt
vuvO8N81QWTRR0bpdiYyX8lsn6ojHCgWQwZHqPh3xoKcBBI4LzvwhpEDtQIDAQAB
o4IECzCCBAcwHQYDVR0OBBYEFDUVmwC3IxDweIGxg1NmB6bPp0b6MB8GA1UdIwQY
MBaAFGXfN5+q8hCnA22sBd5rV3Lb5N1sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmQ4M242cnlFS2NEYmF3RjNtdFhjdHZrM1d3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi9lZDUxZWMtNzhlNi00ZmYwLWJhNTgt
MDc2Yzg4Yjg4MDJmLzEvTlJXYkFMY2pFUEI0Z2JHRFUyWUhwcy1uUnZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi9lZDUxZWMtNzhlNi00ZmYwLWJhNTgtMDc2Yzg4Yjg4MDJm
LzEvWmQ4M242cnlFS2NEYmF3RjNtdFhjdHZrM1d3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICHwYIKwYBBQUHAQcBAf8EggIOMIICCjCCAfAEAgABMIIB
6AMEAi0MrAMEAi1RSAMEAi1WCAMEAi1ZVAMEAi1ZnAMEAi1arAMEAi1bcAMEAi1d
rAMEAi1ePAMEAi1esAMEAi1f+AMEAi11iAMEAi2AIAMEAi2AiAMEAy2EiAMEAi2F
WAMEAi2N7AMEAi2QOAMEAi2QoAMEAi2SCAMEAi2SPAMEAi2UDAMEAi2UOAMEAi2U
/AMEAi2VSAMEAi2V3AMEAi2WkAMEAi2YBAMEAi2Z3AMEAi2fWAMEAi2fmAMEAi34
kAMEAS5mqgMEAj6FMAMEAj7FhAMEAk1LPDAMAwQAT6uZAwQFT6uAAwQCUEw4AwQE
WSRwAwQDWSvQAwQEWS2wAwQBXXEaAwQBXrDQAwQBXrGKAwQBXvdWAwQCX9a4AwQC
X9bkAwQCZwfMAwQCZ80YAwQCgv8QAwQCgv8cAwQHkwyAAwQCqxZoAwQCsu/AAwQC
su/IAwQDsv9YAwQCuTt8AwQCuUckAwQCuWdIAwQCuW+sAwQCuXOQAwQCuXnkAwQC
ueVoAwQCueb4AwQCuew8AwQCue08AwQCue7cAwQCufDEAwQCufGkAwQCufXsAwQB
vNR6AwQBvNcQAwQBvNdKAwQBvPFqAwQDwKbQAwQCwSo0AwQCwaQUAwQCwgScAwQG
1ITAAwQC1SD4MBQEAgACMA4DBQQqAmtgAwUAKgM4IDANBgkqhkiG9w0BAQsFAAOC
AQEAIlR64mCBfRtT0AF2B6E3mab7Ys/DFWi7ywPTertPTxCKssGh4DrL7DaELX4r
J36YJffodzkYdO19zChkmpTGggHtEU+QT0XnFkoqL5hfGvJCj/9kO+fAcCFukrIk
NM8mJzTzIIE82s9vD/d7D/rUEFVZXYnVaApbFXicK88N6EkqWw7Gw52V7N8iWVkg
F31MNFjxbLRSUmV65C+10qoCrwZ5J9LJoQrTLULpi+NE146C0+jOcepwIQ2N9hqJ
87roLx8KT7z4NO6tfzqH4SWOnpj9PGSQL9KrjevPh+v/h4g5Xb9kOcQMB3M4RvuX
gNdmlNwFowquwEvpV/ugPcLh6A==
-----END CERTIFICATE-----
Generated at Thu Jul 4 10:25:22 2024 by rpki-client on console-ams.rpki-client.org