Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/8d55c0-9aa0-4be7-82a8-dab6b83cf7ec/1/v_NSgZ0ewb7PCpD76LYMh1JSi_s.roa
File: v_NSgZ0ewb7PCpD76LYMh1JSi_s.roa (raw, json)
Hash identifier: fjC8YL2OC8wBiK+Cod5NiAQq/VoqBbINu8gnnQ2+5sI=
Subject key identifier: BF:F3:52:81:9D:1E:C1:BE:CF:0A:90:FB:E8:B6:0C:87:52:52:8B:FB
Certificate issuer: /CN=4c7844abef711c232c84f83c807a420af3804728
Certificate serial: 0194236A0050C5918AD0F27928C5D5173359
Authority key identifier: 4C:78:44:AB:EF:71:1C:23:2C:84:F8:3C:80:7A:42:0A:F3:80:47:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/THhEq-9xHCMshPg8gHpCCvOARyg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/8d55c0-9aa0-4be7-82a8-dab6b83cf7ec/1/v_NSgZ0ewb7PCpD76LYMh1JSi_s.roa
Signing time: Wed 01 Jan 2025 19:48:56 +0000
ROA not before: Wed 01 Jan 2025 19:48:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51747
IP address blocks: 5.133.192.0/19 maxlen: 20
45.142.64.0/22 maxlen: 24
45.146.48.0/22 maxlen: 24
45.150.72.0/22 maxlen: 24
80.248.224.0/20 maxlen: 20
95.215.168.0/22 maxlen: 24
151.248.0.0/21 maxlen: 21
151.252.24.0/21 maxlen: 21
176.74.192.0/21 maxlen: 21
185.12.148.0/22 maxlen: 22
185.12.248.0/22 maxlen: 22
185.159.184.0/22 maxlen: 24
185.159.192.0/22 maxlen: 24
185.236.40.0/22 maxlen: 24
193.19.80.0/23 maxlen: 24
193.247.74.0/23 maxlen: 24
193.247.126.0/23 maxlen: 24
195.88.110.0/23 maxlen: 24
195.95.184.0/24 maxlen: 24
195.189.112.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 10:12:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:00:50:c5:91:8a:d0:f2:79:28:c5:d5:17:33:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c7844abef711c232c84f83c807a420af3804728
Validity
Not Before: Jan 1 19:48:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bff352819d1ec1becf0a90fbe8b60c8752528bfb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:80:3a:3d:a9:bd:3b:d4:00:30:7f:81:1e:32:
c6:79:ac:66:03:0f:06:1f:da:fa:09:fc:89:4f:bd:
72:a2:6e:bc:c6:1e:2a:41:75:ef:e2:4f:f1:74:6f:
f5:77:8c:6b:74:53:c7:e3:3b:85:71:94:c3:cb:c1:
7e:0b:cf:99:37:f2:20:ad:8c:16:94:b2:c8:8a:f1:
21:b9:09:3d:1e:90:47:c2:07:b0:f5:c1:b3:d6:01:
c8:8c:61:12:ed:94:b4:8e:a9:ad:59:a1:47:c7:f5:
a5:e7:98:e6:72:05:43:67:9b:2b:38:c4:2e:c4:e8:
30:56:d0:12:2e:01:85:41:82:a7:45:49:02:65:0c:
60:64:89:6e:b1:72:b1:18:8e:da:bf:a1:90:c3:4b:
29:27:bf:b2:ac:4d:8c:0b:42:9e:47:8f:d0:0e:6e:
eb:92:5a:d5:d3:de:5d:2f:41:cd:80:1a:52:5a:42:
47:30:5e:a2:54:98:cf:20:3e:30:ef:cb:95:55:97:
8d:65:2e:fb:39:6e:b4:3a:0b:52:78:b5:3f:20:15:
f6:79:e6:07:15:7c:55:63:6a:73:0e:80:13:14:f9:
1b:f6:f8:f1:fd:64:b6:a6:5d:10:17:bd:06:ce:83:
f9:4d:63:e3:7d:c4:d5:df:13:28:51:e6:b7:e8:0a:
6b:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:F3:52:81:9D:1E:C1:BE:CF:0A:90:FB:E8:B6:0C:87:52:52:8B:FB
X509v3 Authority Key Identifier:
keyid:4C:78:44:AB:EF:71:1C:23:2C:84:F8:3C:80:7A:42:0A:F3:80:47:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/THhEq-9xHCMshPg8gHpCCvOARyg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/8d55c0-9aa0-4be7-82a8-dab6b83cf7ec/1/v_NSgZ0ewb7PCpD76LYMh1JSi_s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/8d55c0-9aa0-4be7-82a8-dab6b83cf7ec/1/THhEq-9xHCMshPg8gHpCCvOARyg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.192.0/19
45.142.64.0/22
45.146.48.0/22
45.150.72.0/22
80.248.224.0/20
95.215.168.0/22
151.248.0.0/21
151.252.24.0/21
176.74.192.0/21
185.12.148.0/22
185.12.248.0/22
185.159.184.0/22
185.159.192.0/22
185.236.40.0/22
193.19.80.0/23
193.247.74.0/23
193.247.126.0/23
195.88.110.0/23
195.95.184.0/24
195.189.112.0/22
Signature Algorithm: sha256WithRSAEncryption
07:2c:12:9d:f1:1e:62:c3:70:e8:6c:c1:d6:f9:af:07:26:2e:
21:4f:4d:43:5f:b7:de:db:4f:8c:ce:1d:e5:24:e6:67:75:55:
01:12:77:21:bc:51:00:73:da:3c:3f:6c:df:93:bb:12:7a:1b:
aa:80:1c:82:a0:e1:73:6e:8f:b1:a0:43:f0:35:f5:5e:ce:86:
92:bf:23:a7:71:6b:3e:8c:39:98:4d:9b:b1:eb:a0:f7:ef:64:
95:06:98:1b:44:9a:40:55:f0:84:e5:c6:5a:c4:de:ab:19:c9:
22:0a:95:70:d2:90:aa:7c:dd:de:bf:29:a9:30:ef:49:75:09:
21:4e:59:78:ec:fd:51:f2:71:fa:4c:f4:37:98:32:0b:43:8e:
af:fe:a6:6f:a0:db:76:a3:9a:da:0d:0c:97:fe:3d:3f:38:e7:
a1:53:8a:95:27:51:e8:26:97:d1:59:f7:28:38:27:3a:e4:04:
c8:e5:7c:4c:71:1e:19:03:1b:d8:67:f5:a2:f1:03:49:85:25:
38:41:7b:8d:8c:4f:09:df:8e:95:18:f2:df:b2:4a:83:38:8d:
a9:e4:33:e3:08:ce:60:50:64:d8:6d:0d:91:85:8c:1c:24:64:
ef:50:a3:cd:bb:7f:84:36:20:d1:28:43:06:dc:17:e5:5f:c6:
85:aa:dd:8d
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAZQjagBQxZGK0PJ5KMXVFzNZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjNzg0NGFiZWY3MTFjMjMyYzg0ZjgzYzgwN2E0MjBhZjM4
MDQ3MjgwHhcNMjUwMTAxMTk0ODU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmYzNTI4MTlkMWVjMWJlY2YwYTkwZmJlOGI2MGM4NzUyNTI4YmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsoA6Pam9O9QAMH+BHjLGeaxmAw8G
H9r6CfyJT71yom68xh4qQXXv4k/xdG/1d4xrdFPH4zuFcZTDy8F+C8+ZN/IgrYwW
lLLIivEhuQk9HpBHwgew9cGz1gHIjGES7ZS0jqmtWaFHx/Wl55jmcgVDZ5srOMQu
xOgwVtASLgGFQYKnRUkCZQxgZIlusXKxGI7av6GQw0spJ7+yrE2MC0KeR4/QDm7r
klrV095dL0HNgBpSWkJHMF6iVJjPID4w78uVVZeNZS77OW60OgtSeLU/IBX2eeYH
FXxVY2pzDoATFPkb9vjx/WS2pl0QF70GzoP5TWPjfcTV3xMoUea36Apr2wIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFL/zUoGdHsG+zwqQ++i2DIdSUov7MB8GA1UdIwQY
MBaAFEx4RKvvcRwjLIT4PIB6QgrzgEcoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEhoRXEtOXhIQ01zaFBnOGdIcENDdk9BUnlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi84ZDU1YzAtOWFhMC00YmU3LTgyYTgt
ZGFiNmI4M2NmN2VjLzEvdl9OU2daMGV3YjdQQ3BENzZMWU1oMUpTaV9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi84ZDU1YzAtOWFhMC00YmU3LTgyYTgtZGFiNmI4M2NmN2Vj
LzEvVEhoRXEtOXhIQ01zaFBnOGdIcENDdk9BUnlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDB+BAIAATB4AwQFBYXA
AwQCLY5AAwQCLZIwAwQCLZZIAwQEUPjgAwQCX9eoAwQDl/gAAwQDl/wYAwQDsErA
AwQCuQyUAwQCuQz4AwQCuZ+4AwQCuZ/AAwQCuewoAwQBwRNQAwQBwfdKAwQBwfd+
AwQBw1huAwQAw1+4AwQCw71wMA0GCSqGSIb3DQEBCwUAA4IBAQAHLBKd8R5iw3Do
bMHW+a8HJi4hT01DX7fe20+Mzh3lJOZndVUBEnchvFEAc9o8P2zfk7sSehuqgByC
oOFzbo+xoEPwNfVezoaSvyOncWs+jDmYTZux66D372SVBpgbRJpAVfCE5cZaxN6r
GckiCpVw0pCqfN3evympMO9JdQkhTll47P1R8nH6TPQ3mDILQ46v/qZvoNt2o5ra
DQyX/j0/OOehU4qVJ1HoJpfRWfcoOCc65ATI5XxMcR4ZAxvYZ/Wi8QNJhSU4QXuN
jE8J346VGPLfskqDOI2p5DPjCM5gUGTYbQ2RhYwcJGTvUKPNu3+ENiDRKEMG3Bfl
X8aFqt2N
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:52:08 2025 by rpki-client