Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/NCvuAO_27nmmKZ0NH-C51fIjpfo.roa
File: NCvuAO_27nmmKZ0NH-C51fIjpfo.roa (raw, json)
Hash identifier: AKmPoCW1xUfQ8ZlxfOOoPQeJiCn8hGBs3E+XjaeALr4=
Subject key identifier: 34:2B:EE:00:EF:F6:EE:79:A6:29:9D:0D:1F:E0:B9:D5:F2:23:A5:FA
Certificate issuer: /CN=01c38a06a39b20b8da40009237d76acdd28e71a5
Certificate serial: 0191770B6B606F526BF69A9FEA3A74876EDF
Authority key identifier: 01:C3:8A:06:A3:9B:20:B8:DA:40:00:92:37:D7:6A:CD:D2:8E:71:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AcOKBqObILjaQACSN9dqzdKOcaU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/NCvuAO_27nmmKZ0NH-C51fIjpfo.roa
Signing time: Wed 21 Aug 2024 22:25:22 +0000
ROA not before: Wed 21 Aug 2024 22:25:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16839
IP address blocks: 37.98.232.0/21 maxlen: 21
37.98.232.0/22 maxlen: 22
37.98.232.0/23 maxlen: 23
37.98.232.0/24 maxlen: 24
37.98.233.0/24 maxlen: 24
37.98.234.0/23 maxlen: 23
37.98.234.0/24 maxlen: 24
37.98.235.0/24 maxlen: 24
37.98.236.0/22 maxlen: 22
37.98.236.0/23 maxlen: 23
37.98.236.0/24 maxlen: 24
37.98.237.0/24 maxlen: 24
37.98.238.0/23 maxlen: 23
37.98.238.0/24 maxlen: 24
37.98.239.0/24 maxlen: 24
136.242.128.0/17 maxlen: 17
138.12.128.0/17 maxlen: 17
148.139.0.0/16 maxlen: 16
148.139.0.0/24 maxlen: 24
148.139.1.0/24 maxlen: 24
148.139.2.0/24 maxlen: 24
148.139.3.0/24 maxlen: 24
148.139.4.0/22 maxlen: 22
148.139.8.0/22 maxlen: 22
148.139.12.0/22 maxlen: 22
148.139.16.0/22 maxlen: 22
148.139.28.0/24 maxlen: 24
148.139.29.0/24 maxlen: 24
148.139.30.0/24 maxlen: 24
148.139.32.0/20 maxlen: 20
148.139.48.0/20 maxlen: 20
148.139.64.0/20 maxlen: 20
148.139.80.0/20 maxlen: 20
148.139.96.0/22 maxlen: 22
148.139.100.0/22 maxlen: 22
148.139.104.0/24 maxlen: 24
148.139.105.0/24 maxlen: 24
148.139.108.0/22 maxlen: 22
148.139.112.0/22 maxlen: 22
148.139.116.0/22 maxlen: 22
148.139.120.0/22 maxlen: 22
148.139.124.0/24 maxlen: 24
148.139.125.0/24 maxlen: 24
148.139.136.0/22 maxlen: 22
148.139.140.0/24 maxlen: 24
148.139.142.0/24 maxlen: 24
148.139.143.0/24 maxlen: 24
148.139.144.0/22 maxlen: 22
148.139.144.0/24 maxlen: 24
148.139.148.0/22 maxlen: 22
148.139.152.0/22 maxlen: 22
148.139.156.0/22 maxlen: 22
148.139.160.0/20 maxlen: 20
148.139.176.0/20 maxlen: 20
148.139.192.0/24 maxlen: 24
148.139.193.0/24 maxlen: 24
157.5.128.0/17 maxlen: 17
157.70.0.0/17 maxlen: 17
163.120.128.0/17 maxlen: 17
165.171.0.0/17 maxlen: 17
2a04:37c0::/29 maxlen: 48
2a04:37c0:3110::/48 maxlen: 48
2a04:37c0:3120::/48 maxlen: 48
2a04:37c0:3510::/48 maxlen: 48
2a04:37c0:3520::/48 maxlen: 48
2a04:37c0:3910::/48 maxlen: 48
2a04:37c0:3920::/48 maxlen: 48
2a04:37c0:4110::/48 maxlen: 48
2a04:37c0:4120::/48 maxlen: 48
2a04:37c0:4410::/48 maxlen: 48
2a04:37c0:4420::/48 maxlen: 48
2a04:37c0:4430::/48 maxlen: 48
2a04:37c0:4910::/48 maxlen: 48
2a04:37c0:4920::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 10 Sep 2024 17:34:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:77:0b:6b:60:6f:52:6b:f6:9a:9f:ea:3a:74:87:6e:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01c38a06a39b20b8da40009237d76acdd28e71a5
Validity
Not Before: Aug 21 22:25:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=342bee00eff6ee79a6299d0d1fe0b9d5f223a5fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:c2:6b:14:2e:22:c4:51:21:5e:0c:a1:7d:8e:
06:6e:6e:6a:33:57:5d:19:a5:ed:0b:0d:67:9d:7d:
c8:ac:01:c6:72:d5:0d:de:8b:34:ff:05:74:e9:d7:
69:04:95:be:34:a8:59:34:31:81:b8:e5:78:b1:98:
68:e1:9a:b6:e3:c6:88:4f:e5:00:72:48:33:66:17:
92:86:d3:7c:26:73:5e:20:77:80:26:23:8e:5e:9c:
05:c3:f7:c5:f0:3b:fc:55:db:0c:35:87:10:73:90:
de:20:2e:72:6f:b3:ac:24:5e:3d:23:37:88:34:73:
34:8a:2f:d7:f0:75:4b:54:f1:33:e8:69:f2:5c:78:
ec:a0:37:8c:09:35:d3:56:5f:06:11:c1:75:0b:f2:
cc:a2:f2:37:82:84:d9:2a:1f:59:2c:63:f5:ff:2b:
da:9b:33:20:e8:aa:0d:5b:ae:cf:5b:1d:cc:22:5f:
88:ba:4e:d2:5c:b4:5a:96:09:9c:06:f2:1f:34:1f:
d8:7e:53:8d:95:83:a6:8e:ab:3d:58:cb:86:e3:84:
11:06:bd:b0:aa:a2:1b:ef:09:e8:50:e8:af:44:b2:
ce:da:92:56:65:aa:1f:01:3d:21:1b:80:51:96:f6:
3f:88:b2:61:88:23:0e:06:3a:08:ff:5c:bf:9d:b3:
cb:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:2B:EE:00:EF:F6:EE:79:A6:29:9D:0D:1F:E0:B9:D5:F2:23:A5:FA
X509v3 Authority Key Identifier:
keyid:01:C3:8A:06:A3:9B:20:B8:DA:40:00:92:37:D7:6A:CD:D2:8E:71:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AcOKBqObILjaQACSN9dqzdKOcaU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/NCvuAO_27nmmKZ0NH-C51fIjpfo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/AcOKBqObILjaQACSN9dqzdKOcaU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.98.232.0/21
136.242.128.0/17
138.12.128.0/17
148.139.0.0/16
157.5.128.0/17
157.70.0.0/17
163.120.128.0/17
165.171.0.0/17
IPv6:
2a04:37c0::/29
Signature Algorithm: sha256WithRSAEncryption
50:b3:47:eb:8a:23:87:61:93:95:18:0e:8f:9b:24:a2:fb:66:
d7:cc:70:c7:c9:fb:f9:26:a0:3e:71:40:7b:7a:aa:4f:4f:a2:
79:f6:74:d9:0f:bc:36:c9:e6:cd:7d:7b:cb:f1:49:da:41:eb:
ad:c9:54:f4:1a:16:94:7d:1d:50:7f:ce:d6:5a:fc:d2:ea:ff:
7b:3b:32:52:b3:c0:0e:7c:94:43:e9:fb:ae:cb:1a:77:0c:3f:
0b:33:5b:b8:55:6b:3e:cb:3d:e3:1b:63:4e:b0:67:33:2c:d9:
26:69:02:ac:05:fb:ce:79:ba:a2:3a:d2:40:80:a6:bb:5c:6b:
75:64:66:bb:a1:d5:a7:38:98:9a:7f:c8:8a:75:7d:1b:26:d5:
90:07:6e:53:01:57:54:c2:dd:e4:fd:bc:71:2c:0f:2d:f1:6e:
d7:ba:30:8a:a9:4d:b3:fc:79:59:14:3d:30:a8:5f:ea:e4:a7:
2b:05:40:ca:c7:ab:9b:5d:47:07:d2:d5:16:ca:e6:56:ee:39:
8b:9a:86:4c:87:79:f9:62:c7:b7:3d:c4:cd:ac:e7:61:9b:44:
13:53:3b:e9:91:26:db:af:3d:fa:86:c0:ec:6c:02:ec:f7:fd:
8f:32:27:20:de:67:a3:0c:34:b0:26:57:8f:11:95:5d:d7:2d:
4b:8e:60:19
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAZF3C2tgb1Jr9pqf6jp0h27fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxYzM4YTA2YTM5YjIwYjhkYTQwMDA5MjM3ZDc2YWNkZDI4
ZTcxYTUwHhcNMjQwODIxMjIyNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDJiZWUwMGVmZjZlZTc5YTYyOTlkMGQxZmUwYjlkNWYyMjNhNWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2sJrFC4ixFEhXgyhfY4Gbm5qM1dd
GaXtCw1nnX3IrAHGctUN3os0/wV06ddpBJW+NKhZNDGBuOV4sZho4Zq248aIT+UA
ckgzZheShtN8JnNeIHeAJiOOXpwFw/fF8Dv8VdsMNYcQc5DeIC5yb7OsJF49IzeI
NHM0ii/X8HVLVPEz6GnyXHjsoDeMCTXTVl8GEcF1C/LMovI3goTZKh9ZLGP1/yva
mzMg6KoNW67PWx3MIl+Iuk7SXLRalgmcBvIfNB/YflONlYOmjqs9WMuG44QRBr2w
qqIb7wnoUOivRLLO2pJWZaofAT0hG4BRlvY/iLJhiCMOBjoI/1y/nbPL8wIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFDQr7gDv9u55pimdDR/gudXyI6X6MB8GA1UdIwQY
MBaAFAHDigajmyC42kAAkjfXas3SjnGlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWNPS0JxT2JJTGphUUFDU045ZHF6ZEtPY2FVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS82YThlNWUtMzliNi00N2UzLWJiYjAt
YjI5ZjEwY2MwMzI4LzEvTkN2dUFPXzI3bm1tS1owTkgtQzUxZklqcGZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS82YThlNWUtMzliNi00N2UzLWJiYjAtYjI5ZjEwY2MwMzI4
LzEvQWNPS0JxT2JJTGphUUFDU045ZHF6ZEtPY2FVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjA1BAIAATAvAwQDJWLoAwQH
iPKAAwQHigyAAwMAlIsDBAedBYADBAedRgADBAejeIADBAelqwAwDQQCAAIwBwMF
AyoEN8AwDQYJKoZIhvcNAQELBQADggEBAFCzR+uKI4dhk5UYDo+bJKL7ZtfMcMfJ
+/kmoD5xQHt6qk9Ponn2dNkPvDbJ5s19e8vxSdpB663JVPQaFpR9HVB/ztZa/NLq
/3s7MlKzwA58lEPp+67LGncMPwszW7hVaz7LPeMbY06wZzMs2SZpAqwF+855uqI6
0kCAprtca3VkZruh1ac4mJp/yIp1fRsm1ZAHblMBV1TC3eT9vHEsDy3xbte6MIqp
TbP8eVkUPTCoX+rkpysFQMrHq5tdRwfS1RbK5lbuOYuahkyHeflix7c9xM2s52Gb
RBNTO+mRJtuvPfqGwOxsAuz3/Y8yJyDeZ6MMNLAmV48RlV3XLUuOYBk=
-----END CERTIFICATE-----
Generated at Tue Sep 10 18:33:31 2024 by rpki-client on console-fra.rpki-client.org