Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/nTV18ak4vqoRfirwoAcdC2xnDqU.roa
File: nTV18ak4vqoRfirwoAcdC2xnDqU.roa (raw, json)
Hash identifier: 3niVF7nLpHokXKDKvNy7l+EQJiSHUbUVpqBNYI+wyX0=
Subject key identifier: 9D:35:75:F1:A9:38:BE:AA:11:7E:2A:F0:A0:07:1D:0B:6C:67:0E:A5
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0192B550B029DF441E3C034443273A9C0A11
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/nTV18ak4vqoRfirwoAcdC2xnDqU.roa
Signing time: Tue 22 Oct 2024 17:40:17 +0000
ROA not before: Tue 22 Oct 2024 17:40:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12586
IP address blocks: 5.83.128.0/19 maxlen: 32
5.83.128.0/20 maxlen: 32
5.83.134.0/24 maxlen: 24
5.83.151.0/24 maxlen: 32
5.83.156.0/24 maxlen: 24
5.175.128.0/17 maxlen: 32
5.175.135.0/24 maxlen: 24
5.175.136.0/24 maxlen: 24
5.175.139.0/24 maxlen: 24
5.175.255.0/24 maxlen: 32
5.230.0.0/15 maxlen: 32
5.230.6.0/24 maxlen: 32
5.230.11.0/24 maxlen: 32
5.230.102.0/24 maxlen: 32
5.230.224.0/24 maxlen: 32
5.231.24.0/24 maxlen: 24
5.231.25.0/24 maxlen: 24
5.231.26.0/24 maxlen: 24
5.231.233.0/24 maxlen: 32
77.90.0.0/18 maxlen: 32
77.90.45.0/24 maxlen: 24
77.90.52.0/24 maxlen: 24
83.243.80.0/21 maxlen: 32
85.93.0.0/19 maxlen: 32
85.93.20.0/24 maxlen: 32
85.118.160.0/21 maxlen: 32
87.239.128.0/21 maxlen: 32
89.106.64.0/19 maxlen: 32
89.144.0.0/18 maxlen: 32
94.103.160.0/20 maxlen: 32
94.249.128.0/17 maxlen: 32
95.215.32.0/22 maxlen: 32
178.18.144.0/20 maxlen: 32
178.18.151.0/24 maxlen: 32
185.13.156.0/22 maxlen: 32
185.47.140.0/24 maxlen: 32
185.47.141.0/24 maxlen: 32
185.121.71.0/24 maxlen: 32
193.28.251.0/24 maxlen: 32
195.110.14.0/23 maxlen: 32
217.69.160.0/20 maxlen: 32
2a00:12d8::/29 maxlen: 128
2a00:19d0::/29 maxlen: 128
2a00:cdc0::/32 maxlen: 128
2a01:bd40::/29 maxlen: 128
2a02:7a0::/29 maxlen: 128
2a02:2fc0::/29 maxlen: 128
Validation: Failed, certificate revoked on Thu 24 Oct 2024 04:11:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b5:50:b0:29:df:44:1e:3c:03:44:43:27:3a:9c:0a:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Oct 22 17:40:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9d3575f1a938beaa117e2af0a0071d0b6c670ea5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:8c:c5:16:ee:19:e3:17:40:4b:41:b0:48:85:
f2:21:95:c1:ed:69:68:09:e7:29:c3:35:55:23:af:
1a:3f:b7:f8:fe:fa:99:83:0e:19:1b:a7:a2:a7:f1:
01:80:9c:8b:90:55:82:e1:01:76:b8:54:c3:61:c0:
2e:f7:a3:3e:ce:f4:6d:0f:9f:d4:31:7f:5b:ba:98:
39:36:06:f0:d7:3d:d5:74:97:42:76:cb:a7:f8:e8:
f6:6b:0b:9b:d5:16:51:8c:8b:1e:01:45:a3:4f:14:
99:db:66:d3:c8:ac:74:1c:03:ba:76:e2:b3:95:e5:
58:88:1d:11:b2:33:57:55:5d:4d:7d:12:cc:49:90:
9b:10:d2:30:15:60:fd:cb:13:61:f7:c8:a3:d1:f3:
7c:51:23:8f:ff:3f:3a:4b:21:e7:0a:7a:d1:53:f7:
3f:7c:0f:b1:c4:75:5a:2c:87:ad:a3:f3:a8:df:55:
1c:ba:bb:21:ab:4a:38:f5:c7:c0:6e:33:fb:88:7a:
2a:a8:cb:02:74:41:f9:aa:59:30:23:d8:d4:3e:84:
58:bd:cd:96:55:35:56:25:62:ec:d0:96:73:79:48:
83:22:db:35:12:74:24:e8:d4:5f:50:15:0c:27:ad:
cb:e4:36:8b:e5:4d:e0:c7:62:72:e0:2b:1e:18:df:
fb:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:35:75:F1:A9:38:BE:AA:11:7E:2A:F0:A0:07:1D:0B:6C:67:0E:A5
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/nTV18ak4vqoRfirwoAcdC2xnDqU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.128.0/19
5.175.128.0/17
5.230.0.0/15
77.90.0.0/18
83.243.80.0/21
85.93.0.0/19
85.118.160.0/21
87.239.128.0/21
89.106.64.0/19
89.144.0.0/18
94.103.160.0/20
94.249.128.0/17
95.215.32.0/22
178.18.144.0/20
185.13.156.0/22
185.47.140.0/23
185.121.71.0/24
193.28.251.0/24
195.110.14.0/23
217.69.160.0/20
IPv6:
2a00:12d8::/29
2a00:19d0::/29
2a00:cdc0::/32
2a01:bd40::/29
2a02:7a0::/29
2a02:2fc0::/29
Signature Algorithm: sha256WithRSAEncryption
1b:3e:45:b4:4c:bc:1f:e8:e0:56:ff:37:06:31:9b:a5:ab:99:
10:4f:b4:c5:c2:a4:20:c1:55:8c:f3:10:cb:67:75:04:12:c3:
92:6e:c7:c8:62:8d:bf:59:61:ee:06:c1:68:54:40:55:4a:2e:
2d:15:7b:ac:48:66:23:5a:50:7a:cf:ac:1c:7b:e7:92:ef:12:
df:46:06:52:56:54:e9:ca:0c:77:bd:f9:97:23:52:f6:1f:55:
2f:bd:da:e1:a6:bd:0f:96:c4:55:4a:82:22:24:a5:96:b4:36:
f9:91:93:a1:53:9f:ee:62:07:d0:0e:dc:46:79:a4:12:fe:e8:
9b:1c:c6:4c:67:65:06:7a:2b:2c:e4:7d:53:99:df:7c:7e:6b:
72:12:42:1c:62:47:39:44:40:d6:84:d4:d4:29:a0:16:d9:ae:
e4:bd:b0:9e:b4:72:90:17:6a:e3:ac:1b:e5:c9:af:04:ba:c6:
fd:46:9e:8e:0b:24:df:35:77:e3:81:62:1e:d5:e2:0e:bd:a5:
40:3b:7d:59:21:59:dd:30:7b:af:4a:7b:00:bd:db:8f:d4:33:
ac:94:01:b5:6b:a6:41:40:29:3f:13:09:0a:2f:c2:74:04:87:
0a:b9:6e:d0:67:da:a3:f2:38:06:1b:c4:9e:95:0d:d3:fa:c5:
84:66:86:c6
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZK1ULAp30QePANEQyc6nAoRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjQxMDIyMTc0MDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDM1NzVmMWE5MzhiZWFhMTE3ZTJhZjBhMDA3MWQwYjZjNjcwZWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuozFFu4Z4xdAS0GwSIXyIZXB7Wlo
CecpwzVVI68aP7f4/vqZgw4ZG6eip/EBgJyLkFWC4QF2uFTDYcAu96M+zvRtD5/U
MX9bupg5Ngbw1z3VdJdCdsun+Oj2awub1RZRjIseAUWjTxSZ22bTyKx0HAO6duKz
leVYiB0RsjNXVV1NfRLMSZCbENIwFWD9yxNh98ij0fN8USOP/z86SyHnCnrRU/c/
fA+xxHVaLIeto/Oo31Ucurshq0o49cfAbjP7iHoqqMsCdEH5qlkwI9jUPoRYvc2W
VTVWJWLs0JZzeUiDIts1EnQk6NRfUBUMJ63L5DaL5U3gx2Jy4CseGN/7QwIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFJ01dfGpOL6qEX4q8KAHHQtsZw6lMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvblRWMThhazR2cW9SZmlyd29BY2RDMnhuRHFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHEBggrBgEFBQcBBwEB/wSBtDCBsTB9BAIAATB3AwQFBVOA
AwQHBa+AAwMBBeYDBAZNWgADBANT81ADBAVVXQADBANVdqADBANX74ADBAVZakAD
BAZZkAADBAReZ6ADBAde+YADBAJf1yADBASyEpADBAK5DZwDBAG5L4wDBAC5eUcD
BADBHPsDBAHDbg4DBATZRaAwMAQCAAIwKgMFAyoAEtgDBQMqABnQAwUAKgDNwAMF
AyoBvUADBQMqAgegAwUDKgIvwDANBgkqhkiG9w0BAQsFAAOCAQEAGz5FtEy8H+jg
Vv83BjGbpauZEE+0xcKkIMFVjPMQy2d1BBLDkm7HyGKNv1lh7gbBaFRAVUouLRV7
rEhmI1pQes+sHHvnku8S30YGUlZU6coMd735lyNS9h9VL73a4aa9D5bEVUqCIiSl
lrQ2+ZGToVOf7mIH0A7cRnmkEv7omxzGTGdlBnorLOR9U5nffH5rchJCHGJHOURA
1oTU1CmgFtmu5L2wnrRykBdq46wb5cmvBLrG/Uaejgsk3zV344FiHtXiDr2lQDt9
WSFZ3TB7r0p7AL3bj9QzrJQBtWumQUApPxMJCi/CdASHCrlu0Gfao/I4BhvEnpUN
0/rFhGaGxg==
-----END CERTIFICATE-----
Generated at Thu Oct 24 05:43:34 2024 by rpki-client on console-fra.rpki-client.org