Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/83df5b-d153-4cb6-baf3-4cd38b758d5c/1/NxJkGayNFeFkJSv9CgKQQMEJUKY.roa
File: NxJkGayNFeFkJSv9CgKQQMEJUKY.roa (raw, json)
Hash identifier: 0lXejopygNoHRt/S/yE7uJ1obB3EhKpI+RO4OoUfLw8=
Subject key identifier: 37:12:64:19:AC:8D:15:E1:64:25:2B:FD:0A:02:90:40:C1:09:50:A6
Certificate issuer: /CN=1e5aaf3d0683dc8a0d58c643826e166d3c28cca9
Certificate serial: 018E2E8E5B1A65375600EEA5F986AD343C86
Authority key identifier: 1E:5A:AF:3D:06:83:DC:8A:0D:58:C6:43:82:6E:16:6D:3C:28:CC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HlqvPQaD3IoNWMZDgm4WbTwozKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/83df5b-d153-4cb6-baf3-4cd38b758d5c/1/NxJkGayNFeFkJSv9CgKQQMEJUKY.roa
Signing time: Mon 11 Mar 2024 17:27:45 +0000
ROA not before: Mon 11 Mar 2024 17:27:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57910
IP address blocks: 37.10.72.0/21 maxlen: 24
37.152.88.0/21 maxlen: 24
45.149.228.0/22 maxlen: 24
46.18.72.0/21 maxlen: 24
91.132.116.0/22 maxlen: 24
95.214.0.0/22 maxlen: 24
109.69.48.0/21 maxlen: 24
185.11.236.0/22 maxlen: 24
185.161.12.0/22 maxlen: 24
185.226.236.0/22 maxlen: 24
193.57.36.0/22 maxlen: 24
194.56.236.0/22 maxlen: 24
194.127.158.0/23 maxlen: 24
194.127.162.0/23 maxlen: 24
2a00:b5c0::/32 maxlen: 32
2a02:2110::/32 maxlen: 32
2a0c:7a00::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 12 Mar 2024 10:11:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:2e:8e:5b:1a:65:37:56:00:ee:a5:f9:86:ad:34:3c:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e5aaf3d0683dc8a0d58c643826e166d3c28cca9
Validity
Not Before: Mar 11 17:27:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=37126419ac8d15e164252bfd0a029040c10950a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:38:00:04:71:26:d9:01:cc:66:e8:d9:3b:ff:
75:da:cb:48:47:b0:39:da:3a:96:fd:ba:05:4a:57:
5e:66:51:ea:77:3d:84:59:1b:ff:c9:26:be:c4:49:
9b:d1:74:ab:25:36:da:fe:3c:8e:4e:ff:98:9a:fc:
29:14:e3:e5:1f:d9:5c:38:7a:d1:57:68:6a:17:69:
7e:5d:63:dc:da:e3:3a:ac:b7:7c:fe:98:93:d7:61:
8c:fb:59:82:60:17:41:7f:58:d9:80:f6:6e:d9:c6:
25:f2:e6:82:0c:0c:dd:cc:7c:64:f0:98:cf:56:e4:
1a:29:9e:38:7b:06:e9:38:ea:2f:0c:2b:5d:dc:f4:
1d:64:a7:e6:d9:c8:99:ea:ed:24:70:65:b0:a2:91:
c7:8c:f7:e5:5a:dc:77:5d:d1:63:d2:56:fd:2f:4f:
ca:b6:53:15:29:06:df:0f:09:3a:b8:3d:87:af:d1:
b9:3a:6a:3b:e7:a9:1c:6c:6e:08:0c:a6:b3:56:73:
08:c5:75:10:37:30:d8:74:61:df:20:76:19:68:29:
d0:34:ae:61:b6:95:2b:05:95:92:1f:82:a6:05:0e:
23:7a:7c:15:c2:6d:ab:f4:90:5c:2a:c2:b2:77:35:
fa:40:03:b3:24:cf:7b:fc:ec:16:c3:d8:74:b3:93:
62:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:12:64:19:AC:8D:15:E1:64:25:2B:FD:0A:02:90:40:C1:09:50:A6
X509v3 Authority Key Identifier:
keyid:1E:5A:AF:3D:06:83:DC:8A:0D:58:C6:43:82:6E:16:6D:3C:28:CC:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HlqvPQaD3IoNWMZDgm4WbTwozKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/83df5b-d153-4cb6-baf3-4cd38b758d5c/1/NxJkGayNFeFkJSv9CgKQQMEJUKY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/83df5b-d153-4cb6-baf3-4cd38b758d5c/1/HlqvPQaD3IoNWMZDgm4WbTwozKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.10.72.0/21
37.152.88.0/21
45.149.228.0/22
46.18.72.0/21
91.132.116.0/22
95.214.0.0/22
109.69.48.0/21
185.11.236.0/22
185.161.12.0/22
185.226.236.0/22
193.57.36.0/22
194.56.236.0/22
194.127.158.0/23
194.127.162.0/23
IPv6:
2a00:b5c0::/32
2a02:2110::/32
2a0c:7a00::/29
Signature Algorithm: sha256WithRSAEncryption
2f:b1:f6:8f:11:9b:6f:48:3c:5c:34:8a:30:c9:e3:a7:f3:98:
b1:29:58:10:ba:e5:d5:5d:40:57:3a:22:c3:54:9d:a7:e5:cf:
56:e9:27:25:6e:fa:79:34:bc:ef:9c:bb:d4:f0:bb:6c:6e:f2:
33:6d:5f:2d:f4:0a:17:0d:70:d2:2e:ea:5f:86:37:ec:84:89:
1a:6a:8c:44:54:06:5e:c1:07:a5:a9:8a:0b:c3:a0:f3:24:82:
29:d0:b8:3c:72:22:83:ec:44:3b:eb:a8:34:b6:98:46:13:91:
33:25:c3:93:19:6f:63:79:32:82:04:4e:b8:64:a9:fa:da:be:
a2:92:b8:84:4d:7c:de:d2:f6:7d:e8:ae:4c:5d:0e:03:a5:a4:
0a:e7:18:f1:92:eb:38:5e:8c:26:78:7a:05:3c:02:1c:0f:c0:
ea:4d:55:af:b7:1b:ea:d8:53:d4:e7:14:18:a9:d3:dd:50:c5:
f2:f2:1b:f4:50:d8:fb:d9:0e:c3:72:7d:de:e5:77:23:4c:82:
fc:5b:7b:6c:2d:0a:a5:92:51:e2:11:5d:ff:bf:15:2e:57:d9:
8b:84:b4:06:3c:fc:38:9d:6e:4f:90:73:4e:f4:a3:30:70:97:
fd:a6:81:b7:a9:16:b8:0c:54:fd:3f:81:f8:02:f6:07:8f:16:
f6:cb:b1:64
-----BEGIN CERTIFICATE-----
MIIFaTCCBFGgAwIBAgISAY4ujlsaZTdWAO6l+YatNDyGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNWFhZjNkMDY4M2RjOGEwZDU4YzY0MzgyNmUxNjZkM2My
OGNjYTkwHhcNMjQwMzExMTcyNzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzEyNjQxOWFjOGQxNWUxNjQyNTJiZmQwYTAyOTA0MGMxMDk1MGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkTgABHEm2QHMZujZO/912stIR7A5
2jqW/boFSldeZlHqdz2EWRv/ySa+xEmb0XSrJTba/jyOTv+YmvwpFOPlH9lcOHrR
V2hqF2l+XWPc2uM6rLd8/piT12GM+1mCYBdBf1jZgPZu2cYl8uaCDAzdzHxk8JjP
VuQaKZ44ewbpOOovDCtd3PQdZKfm2ciZ6u0kcGWwopHHjPflWtx3XdFj0lb9L0/K
tlMVKQbfDwk6uD2Hr9G5Omo756kcbG4IDKazVnMIxXUQNzDYdGHfIHYZaCnQNK5h
tpUrBZWSH4KmBQ4jenwVwm2r9JBcKsKydzX6QAOzJM97/OwWw9h0s5NiQwIDAQAB
o4ICdTCCAnEwHQYDVR0OBBYEFDcSZBmsjRXhZCUr/QoCkEDBCVCmMB8GA1UdIwQY
MBaAFB5arz0Gg9yKDVjGQ4JuFm08KMypMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGxxdlBRYUQzSW9OV01aRGdtNFdiVHdvektrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi84M2RmNWItZDE1My00Y2I2LWJhZjMt
NGNkMzhiNzU4ZDVjLzEvTnhKa0dheU5GZUZrSlN2OUNnS1FRTUVKVUtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi84M2RmNWItZDE1My00Y2I2LWJhZjMtNGNkMzhiNzU4ZDVj
LzEvSGxxdlBRYUQzSW9OV01aRGdtNFdiVHdvektrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGKBggrBgEFBQcBBwEB/wR7MHkwWgQCAAEwVAMEAyUKSAME
AyWYWAMEAi2V5AMEAy4SSAMEAluEdAMEAl/WAAMEA21FMAMEArkL7AMEArmhDAME
Arni7AMEAsE5JAMEAsI47AMEAcJ/ngMEAcJ/ojAbBAIAAjAVAwUAKgC1wAMFACoC
IRADBQMqDHoAMA0GCSqGSIb3DQEBCwUAA4IBAQAvsfaPEZtvSDxcNIowyeOn85ix
KVgQuuXVXUBXOiLDVJ2n5c9W6Sclbvp5NLzvnLvU8LtsbvIzbV8t9AoXDXDSLupf
hjfshIkaaoxEVAZewQelqYoLw6DzJIIp0Lg8ciKD7EQ766g0tphGE5EzJcOTGW9j
eTKCBE64ZKn62r6ikriETXze0vZ96K5MXQ4DpaQK5xjxkus4XowmeHoFPAIcD8Dq
TVWvtxvq2FPU5xQYqdPdUMXy8hv0UNj72Q7Dcn3e5XcjTIL8W3tsLQqlklHiEV3/
vxUuV9mLhLQGPPw4nW5PkHNO9KMwcJf9poG3qRa4DFT9P4H4AvYHjxb2y7Fk
-----END CERTIFICATE-----
Generated at Sun Apr 20 12:53:31 2025 by rpki-client