Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/NSecx_BihwzE0uUs3C191Q5JIwM.roa
File: NSecx_BihwzE0uUs3C191Q5JIwM.roa (raw, json)
Hash identifier: TUuhf4FxQ8wE7ZMX9rbRM44ddMCbC2Z4aVLY7iQfbIE=
Subject key identifier: 35:27:9C:C7:F0:62:87:0C:C4:D2:E5:2C:DC:2D:7D:D5:0E:49:23:03
Certificate issuer: /CN=01c38a06a39b20b8da40009237d76acdd28e71a5
Certificate serial: 01903AB3B7A6724873FC63C96B4292AFD4FB
Authority key identifier: 01:C3:8A:06:A3:9B:20:B8:DA:40:00:92:37:D7:6A:CD:D2:8E:71:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AcOKBqObILjaQACSN9dqzdKOcaU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/NSecx_BihwzE0uUs3C191Q5JIwM.roa
Signing time: Fri 21 Jun 2024 12:09:34 +0000
ROA not before: Fri 21 Jun 2024 12:09:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16839
IP address blocks: 37.98.232.0/21 maxlen: 21
37.98.232.0/22 maxlen: 22
37.98.232.0/23 maxlen: 23
37.98.232.0/24 maxlen: 24
37.98.233.0/24 maxlen: 24
37.98.234.0/23 maxlen: 23
37.98.234.0/24 maxlen: 24
37.98.235.0/24 maxlen: 24
37.98.236.0/22 maxlen: 22
37.98.236.0/23 maxlen: 23
37.98.236.0/24 maxlen: 24
37.98.237.0/24 maxlen: 24
37.98.238.0/23 maxlen: 23
37.98.238.0/24 maxlen: 24
37.98.239.0/24 maxlen: 24
136.242.128.0/17 maxlen: 17
138.12.128.0/17 maxlen: 17
148.139.0.0/16 maxlen: 16
148.139.0.0/24 maxlen: 24
148.139.1.0/24 maxlen: 24
148.139.2.0/24 maxlen: 24
148.139.3.0/24 maxlen: 24
148.139.4.0/22 maxlen: 22
148.139.8.0/22 maxlen: 22
148.139.12.0/22 maxlen: 22
148.139.16.0/22 maxlen: 22
148.139.28.0/24 maxlen: 24
148.139.29.0/24 maxlen: 24
148.139.30.0/24 maxlen: 24
148.139.32.0/20 maxlen: 20
148.139.48.0/20 maxlen: 20
148.139.64.0/20 maxlen: 20
148.139.80.0/20 maxlen: 20
148.139.96.0/22 maxlen: 22
148.139.100.0/22 maxlen: 22
148.139.104.0/24 maxlen: 24
148.139.105.0/24 maxlen: 24
148.139.108.0/22 maxlen: 22
148.139.112.0/22 maxlen: 22
148.139.116.0/22 maxlen: 22
148.139.120.0/22 maxlen: 22
148.139.124.0/24 maxlen: 24
148.139.125.0/24 maxlen: 24
148.139.136.0/22 maxlen: 22
148.139.140.0/24 maxlen: 24
148.139.142.0/24 maxlen: 24
148.139.143.0/24 maxlen: 24
148.139.144.0/22 maxlen: 22
148.139.148.0/22 maxlen: 22
148.139.160.0/20 maxlen: 20
148.139.176.0/20 maxlen: 20
157.5.128.0/17 maxlen: 17
157.70.0.0/17 maxlen: 17
163.120.128.0/17 maxlen: 17
165.171.0.0/17 maxlen: 17
2a04:37c0::/29 maxlen: 48
2a04:37c0:3110::/48 maxlen: 48
2a04:37c0:3120::/48 maxlen: 48
2a04:37c0:3510::/48 maxlen: 48
2a04:37c0:3520::/48 maxlen: 48
2a04:37c0:3910::/48 maxlen: 48
2a04:37c0:3920::/48 maxlen: 48
2a04:37c0:4110::/48 maxlen: 48
2a04:37c0:4120::/48 maxlen: 48
2a04:37c0:4410::/48 maxlen: 48
2a04:37c0:4420::/48 maxlen: 48
2a04:37c0:4430::/48 maxlen: 48
2a04:37c0:4910::/48 maxlen: 48
2a04:37c0:4920::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 02 Aug 2024 11:49:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:3a:b3:b7:a6:72:48:73:fc:63:c9:6b:42:92:af:d4:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01c38a06a39b20b8da40009237d76acdd28e71a5
Validity
Not Before: Jun 21 12:09:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=35279cc7f062870cc4d2e52cdc2d7dd50e492303
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:c6:09:6e:91:37:ea:bc:52:96:63:18:49:66:
8b:96:0b:a6:44:fb:aa:bd:33:71:e1:78:c6:b7:47:
7f:05:14:82:e5:33:29:ff:5a:ac:7d:55:1d:5f:0c:
18:aa:df:00:bf:5a:f9:dd:b7:e6:7a:fd:e2:f3:3f:
32:a8:3f:f3:72:e1:ea:ec:bd:eb:b6:ff:4f:a9:4e:
a9:e2:f3:f2:e7:a8:29:0e:14:8e:60:e0:52:b1:c4:
5c:a6:fc:7c:8a:b9:89:e1:4f:74:d7:41:ad:bd:aa:
b7:59:f1:1d:25:be:be:46:69:2f:d0:bb:07:57:34:
66:02:8a:57:95:ad:6d:93:20:56:de:d3:a1:44:2c:
45:b8:26:49:6c:03:6c:40:61:f5:8a:4e:0e:c3:7e:
55:44:07:4a:86:54:b5:37:a1:29:2f:2c:87:c4:b3:
be:10:bd:f3:58:19:a7:a1:ed:7f:d5:b8:8a:1f:99:
61:da:c5:93:38:41:7f:38:43:1a:8c:bd:72:46:69:
3d:21:e0:49:e2:40:eb:a2:ec:74:24:15:94:df:39:
1c:38:a4:92:71:b4:f6:54:ef:a8:01:22:ea:4b:38:
ae:8d:10:65:65:66:64:57:40:9b:3b:4f:b1:52:69:
5e:b7:db:da:97:c8:b8:30:20:5b:cb:c5:43:0b:52:
e2:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:27:9C:C7:F0:62:87:0C:C4:D2:E5:2C:DC:2D:7D:D5:0E:49:23:03
X509v3 Authority Key Identifier:
keyid:01:C3:8A:06:A3:9B:20:B8:DA:40:00:92:37:D7:6A:CD:D2:8E:71:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AcOKBqObILjaQACSN9dqzdKOcaU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/NSecx_BihwzE0uUs3C191Q5JIwM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/AcOKBqObILjaQACSN9dqzdKOcaU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.98.232.0/21
136.242.128.0/17
138.12.128.0/17
148.139.0.0/16
157.5.128.0/17
157.70.0.0/17
163.120.128.0/17
165.171.0.0/17
IPv6:
2a04:37c0::/29
Signature Algorithm: sha256WithRSAEncryption
65:0a:82:83:ae:e9:f8:09:1a:33:f6:a6:ca:e5:76:d9:26:a9:
b6:1c:14:fd:c1:a6:40:91:e5:de:af:c4:9e:6f:e7:f0:de:f0:
98:28:3c:13:3f:ce:22:16:21:36:44:49:b0:21:62:4b:1c:e7:
83:94:5e:ba:1f:08:c9:16:30:f8:b8:bc:94:87:32:7d:d3:9f:
a4:6b:11:38:f6:6e:9f:86:cc:a1:b0:1f:fd:6b:eb:42:e3:da:
32:70:82:e1:55:cb:60:f9:64:5d:ca:cc:8d:d9:61:7f:22:e7:
02:4b:1f:9f:83:a8:16:e1:23:dc:86:3e:58:25:8d:11:86:0b:
b5:35:1c:a0:7c:c7:ae:39:f6:99:f2:4e:f4:8b:96:c2:7b:d0:
e2:43:01:64:74:e2:aa:87:1b:73:75:8a:32:47:c8:c5:15:67:
e9:1c:bd:36:16:e4:5c:52:a4:6c:89:fa:ca:d8:c1:d7:73:a8:
5e:1d:da:5d:12:26:10:cb:fc:6b:59:de:cc:5d:31:f7:95:7f:
fd:62:cb:c7:d1:f9:b0:00:e4:c7:06:b6:4b:1a:a2:ad:7e:37:
cb:43:6e:f0:01:b6:ff:29:4f:cc:f7:43:9b:58:28:e8:f7:b3:
9f:c3:1b:e3:c6:71:45:7d:7a:5a:fc:4d:16:95:08:61:af:03:
9b:b1:6f:b7
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAZA6s7emckhz/GPJa0KSr9T7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxYzM4YTA2YTM5YjIwYjhkYTQwMDA5MjM3ZDc2YWNkZDI4
ZTcxYTUwHhcNMjQwNjIxMTIwOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTI3OWNjN2YwNjI4NzBjYzRkMmU1MmNkYzJkN2RkNTBlNDkyMzAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj8YJbpE36rxSlmMYSWaLlgumRPuq
vTNx4XjGt0d/BRSC5TMp/1qsfVUdXwwYqt8Av1r53bfmev3i8z8yqD/zcuHq7L3r
tv9PqU6p4vPy56gpDhSOYOBSscRcpvx8irmJ4U9010Gtvaq3WfEdJb6+Rmkv0LsH
VzRmAopXla1tkyBW3tOhRCxFuCZJbANsQGH1ik4Ow35VRAdKhlS1N6EpLyyHxLO+
EL3zWBmnoe1/1biKH5lh2sWTOEF/OEMajL1yRmk9IeBJ4kDroux0JBWU3zkcOKSS
cbT2VO+oASLqSziujRBlZWZkV0CbO0+xUmlet9val8i4MCBby8VDC1LihQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFDUnnMfwYocMxNLlLNwtfdUOSSMDMB8GA1UdIwQY
MBaAFAHDigajmyC42kAAkjfXas3SjnGlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWNPS0JxT2JJTGphUUFDU045ZHF6ZEtPY2FVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS82YThlNWUtMzliNi00N2UzLWJiYjAt
YjI5ZjEwY2MwMzI4LzEvTlNlY3hfQmlod3pFMHVVczNDMTkxUTVKSXdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS82YThlNWUtMzliNi00N2UzLWJiYjAtYjI5ZjEwY2MwMzI4
LzEvQWNPS0JxT2JJTGphUUFDU045ZHF6ZEtPY2FVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjA1BAIAATAvAwQDJWLoAwQH
iPKAAwQHigyAAwMAlIsDBAedBYADBAedRgADBAejeIADBAelqwAwDQQCAAIwBwMF
AyoEN8AwDQYJKoZIhvcNAQELBQADggEBAGUKgoOu6fgJGjP2psrldtkmqbYcFP3B
pkCR5d6vxJ5v5/De8JgoPBM/ziIWITZESbAhYksc54OUXrofCMkWMPi4vJSHMn3T
n6RrETj2bp+GzKGwH/1r60Lj2jJwguFVy2D5ZF3KzI3ZYX8i5wJLH5+DqBbhI9yG
PlgljRGGC7U1HKB8x6459pnyTvSLlsJ70OJDAWR04qqHG3N1ijJHyMUVZ+kcvTYW
5FxSpGyJ+srYwddzqF4d2l0SJhDL/GtZ3sxdMfeVf/1iy8fR+bAA5McGtksaoq1+
N8tDbvABtv8pT8z3Q5tYKOj3s5/DG+PGcUV9elr8TRaVCGGvA5uxb7c=
-----END CERTIFICATE-----
Generated at Fri Aug 2 14:56:25 2024 by rpki-client on console-ams.rpki-client.org