Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/NGTT-yORuWdALUr6gwODXPxMogQ.roa
File: NGTT-yORuWdALUr6gwODXPxMogQ.roa (raw, json)
Hash identifier: 9PH3//C3O2ZpfgcNXCG4is6uiFK9SfmEbJEvjv9Lp5E=
Subject key identifier: 34:64:D3:FB:23:91:B9:67:40:2D:4A:FA:83:03:83:5C:FC:4C:A2:04
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018B81064F346A4AF0E7F8013C9167278E65
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/NGTT-yORuWdALUr6gwODXPxMogQ.roa
Signing time: Mon 30 Oct 2023 14:39:16 +0000
ROA not before: Mon 30 Oct 2023 14:39:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62206
IP address blocks: 5.181.87.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
194.242.96.0/22 maxlen: 22
194.242.97.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
45.144.212.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.132.181.0/24 maxlen: 24
45.94.168.0/22 maxlen: 22
45.94.170.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
77.83.39.0/24 maxlen: 24
85.209.120.0/22 maxlen: 24
85.209.120.0/23 maxlen: 24
85.209.123.0/24 maxlen: 24
85.209.122.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
45.81.112.0/24 maxlen: 24
77.83.37.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
2a10:dfc0::/29 maxlen: 29
2a07:9200::/29 maxlen: 29
2a11:580::/29 maxlen: 29
2a0c:a580::/29 maxlen: 29
2a01:7120::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:81:06:4f:34:6a:4a:f0:e7:f8:01:3c:91:67:27:8e:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Oct 30 14:39:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3464d3fb2391b967402d4afa8303835cfc4ca204
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:78:e6:9a:5c:ed:8e:ea:e7:09:37:47:63:c7:
20:03:31:81:5f:f4:b2:c6:3a:e0:d6:69:9f:46:cd:
76:23:9f:b9:e0:24:a2:ae:03:67:29:18:12:86:da:
f1:68:a5:59:8a:99:63:4b:86:ac:1c:b7:70:a9:7a:
cd:d9:5a:14:99:a9:f8:e2:0c:a5:71:c5:b3:1b:04:
de:27:3b:57:70:f4:19:21:d5:5c:4c:62:95:43:e4:
2e:a2:00:5e:3a:2f:10:65:cc:19:3a:af:1e:8b:85:
43:17:3d:64:b0:83:c0:bd:05:a4:ac:b6:21:a8:4f:
e8:89:90:0b:4a:59:49:c0:55:24:09:bc:c8:9e:9b:
22:32:db:a2:6d:c9:1c:e3:e3:09:22:99:03:51:ef:
33:c5:18:ca:4c:ba:3e:da:af:4d:33:6f:76:dd:42:
7d:7d:01:69:a0:0f:77:22:91:17:f1:45:0f:bc:74:
cc:35:dd:63:93:99:4e:1a:27:e7:33:14:11:a0:91:
bf:ea:9d:8e:e7:e5:c6:ba:73:15:30:21:14:00:c8:
94:22:12:a9:d5:0c:e0:82:a2:d9:bb:7a:53:f4:60:
22:30:03:a7:93:ad:10:27:44:57:75:57:17:58:8e:
90:90:d6:16:0f:ff:49:35:0e:7d:bb:65:10:8b:88:
66:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:64:D3:FB:23:91:B9:67:40:2D:4A:FA:83:03:83:5C:FC:4C:A2:04
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/NGTT-yORuWdALUr6gwODXPxMogQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.87.0/24
45.9.29.0/24
45.81.112.0/24
45.88.136.0/24
45.88.138.0/24
45.94.168.0/22
45.132.181.0-45.132.183.255
45.144.212.0/24
77.83.37.0/24
77.83.39.0/24
85.209.120.0/22
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/24
193.30.242.0/23
193.57.43.0/24
194.242.96.0/22
195.177.92.0-195.177.94.255
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
aa:85:57:bc:53:bb:3a:78:13:13:a4:2c:24:9e:bc:2d:a8:a5:
86:d0:90:ad:4b:11:f0:ea:81:18:7f:20:80:ef:bf:6e:66:be:
28:f9:70:00:33:80:de:0b:45:ea:8b:bb:88:b3:50:2a:f4:49:
4f:fc:20:60:56:90:d2:fd:3e:cc:33:66:aa:af:af:3e:fa:e1:
a9:b8:18:96:b5:6c:79:62:ec:44:65:61:6a:ab:84:fc:a3:3f:
82:e7:3e:37:14:f4:3f:d5:73:ae:1b:2a:70:ca:b8:7e:06:3d:
f0:22:75:6a:a3:f9:06:41:a4:a5:cb:dd:6c:32:d2:39:df:2b:
7e:0b:f0:ec:a2:bd:59:f9:93:16:37:ab:93:90:e7:64:d9:5a:
c0:b5:d4:8a:6e:c4:3d:30:cf:99:cd:81:b4:8d:35:25:f5:c9:
4f:db:6d:e1:3e:6d:43:b2:9d:fc:49:1f:3b:86:94:6d:23:57:
e4:0e:c6:5e:a9:72:92:d4:38:71:ac:5d:ad:f8:d7:7d:9f:72:
6c:7a:b7:66:a5:8a:aa:7c:1b:27:28:fb:dd:94:f5:9c:80:4d:
a2:1e:31:5d:79:88:12:50:03:2d:6b:17:10:ec:9f:00:8c:08:
5a:20:65:4c:ba:ba:1a:61:43:ce:47:a2:23:5a:1c:0d:b0:51:
01:cf:82:49
-----BEGIN CERTIFICATE-----
MIIFrzCCBJegAwIBAgISAYuBBk80akrw5/gBPJFnJ45lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMxMDMwMTQzOTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDY0ZDNmYjIzOTFiOTY3NDAyZDRhZmE4MzAzODM1Y2ZjNGNhMjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiXjmmlztjurnCTdHY8cgAzGBX/Sy
xjrg1mmfRs12I5+54CSirgNnKRgShtrxaKVZipljS4asHLdwqXrN2VoUman44gyl
ccWzGwTeJztXcPQZIdVcTGKVQ+QuogBeOi8QZcwZOq8ei4VDFz1ksIPAvQWkrLYh
qE/oiZALSllJwFUkCbzInpsiMtuibckc4+MJIpkDUe8zxRjKTLo+2q9NM2923UJ9
fQFpoA93IpEX8UUPvHTMNd1jk5lOGifnMxQRoJG/6p2O5+XGunMVMCEUAMiUIhKp
1QzggqLZu3pT9GAiMAOnk60QJ0RXdVcXWI6QkNYWD/9JNQ59u2UQi4hmVQIDAQAB
o4ICuzCCArcwHQYDVR0OBBYEFDRk0/sjkblnQC1K+oMDg1z8TKIEMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvTkdUVC15T1J1V2RBTFVyNmd3T0RYUHhNb2dRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHQBggrBgEFBQcBBwEB/wSBwDCBvTCBjwQCAAEwgYgDBAAF
tVcDBAAtCR0DBAAtUXADBAAtWIgDBAAtWIoDBAItXqgwDAMEAC2EtQMEAy2EsAME
AC2Q1AMEAE1TJQMEAE1TJwMEAlXReAMEAbkr+AMEALkr+wMEAbnIPgMEAMEe8AME
AcEe8gMEAME5KwMEAsLyYDAMAwQCw7FcAwQAw7FeAwQCw9O8MCkEAgACMCMDBQAq
AXEgAwUDKgeSAAMFAyoMpYADBQMqEN/AAwUDKhEFgDANBgkqhkiG9w0BAQsFAAOC
AQEAqoVXvFO7OngTE6QsJJ68LailhtCQrUsR8OqBGH8ggO+/bma+KPlwADOA3gtF
6ou7iLNQKvRJT/wgYFaQ0v0+zDNmqq+vPvrhqbgYlrVseWLsRGVhaquE/KM/guc+
NxT0P9VzrhsqcMq4fgY98CJ1aqP5BkGkpcvdbDLSOd8rfgvw7KK9WfmTFjerk5Dn
ZNlawLXUim7EPTDPmc2BtI01JfXJT9tt4T5tQ7Kd/EkfO4aUbSNX5A7GXqlyktQ4
caxdrfjXfZ9ybHq3ZqWKqnwbJyj73ZT1nIBNoh4xXXmIElADLWsXEOyfAIwIWiBl
TLq6GmFDzkeiI1ocDbBRAc+CSQ==
-----END CERTIFICATE-----
Generated at Mon Oct 30 18:43:28 2023 by rpki-client on console-ams.rpki-client.org