Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NlN4UwGtUjhaaYEljturnT1chzY.roa
File: NlN4UwGtUjhaaYEljturnT1chzY.roa (raw, json)
Hash identifier: u1Y3Za4zRJgJfIGR/rKPcpt4RSXzkfUht8vGl93qs7U=
Subject key identifier: 36:53:78:53:01:AD:52:38:5A:69:81:25:8E:DB:AB:9D:3D:5C:87:36
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 0192B8BDC4DBC6012A2BFFE92880FCEC95F4
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NlN4UwGtUjhaaYEljturnT1chzY.roa
Signing time: Wed 23 Oct 2024 09:38:17 +0000
ROA not before: Wed 23 Oct 2024 09:38:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 31.133.24.0/22 maxlen: 22
46.151.32.0/24 maxlen: 24
46.151.33.0/24 maxlen: 24
46.151.34.0/24 maxlen: 24
46.151.35.0/24 maxlen: 24
77.36.2.0/23 maxlen: 24
77.36.4.0/22 maxlen: 22
77.36.54.0/24 maxlen: 24
77.36.55.0/24 maxlen: 24
77.36.57.0/24 maxlen: 24
77.36.60.0/24 maxlen: 24
77.36.65.0/24 maxlen: 24
77.36.68.0/22 maxlen: 22
91.218.252.0/23 maxlen: 23
91.218.254.0/23 maxlen: 23
91.223.158.0/24 maxlen: 24
91.228.119.0/24 maxlen: 24
91.229.6.0/24 maxlen: 24
91.232.254.0/24 maxlen: 24
91.236.77.0/24 maxlen: 24
91.236.237.0/24 maxlen: 24
91.237.48.0/24 maxlen: 24
91.239.222.0/23 maxlen: 23
91.246.184.0/22 maxlen: 22
91.246.217.0/24 maxlen: 24
93.120.12.0/22 maxlen: 22
93.120.36.0/24 maxlen: 24
93.120.37.0/24 maxlen: 24
93.120.38.0/24 maxlen: 24
93.120.46.0/24 maxlen: 24
93.120.74.0/24 maxlen: 24
93.120.120.0/22 maxlen: 22
176.96.48.0/22 maxlen: 22
176.96.93.0/24 maxlen: 24
176.107.72.0/21 maxlen: 21
176.110.107.0/24 maxlen: 24
176.110.112.0/24 maxlen: 24
176.110.113.0/24 maxlen: 24
178.159.147.0/24 maxlen: 24
188.191.252.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 24 Oct 2024 17:45:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b8:bd:c4:db:c6:01:2a:2b:ff:e9:28:80:fc:ec:95:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Oct 23 09:38:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3653785301ad52385a6981258edbab9d3d5c8736
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:23:52:28:81:d8:14:f5:7c:f5:b0:ec:6e:b3:
28:8a:92:79:a1:46:a8:5d:5e:ba:9e:f6:7c:b2:88:
53:e5:d2:ab:11:2e:71:72:a0:0b:5c:1b:ac:29:90:
5b:47:d8:bc:80:0b:e7:5d:aa:96:26:2c:a1:84:5d:
90:77:92:08:51:4d:e6:4b:fd:ee:68:69:c2:e8:bb:
ce:f2:a8:1a:31:e7:b9:16:dc:8b:5c:a0:c4:f5:cd:
97:20:1c:e8:a5:e4:f0:c7:b6:ff:a6:74:9a:b8:f5:
81:24:be:3d:db:29:00:bf:14:36:89:00:5d:f4:b3:
0d:df:28:ba:99:db:dc:9f:e6:c3:1d:41:a5:10:a7:
b2:84:6d:27:05:0b:e2:6b:42:56:1b:09:0a:32:0b:
f2:1b:1e:dc:06:91:97:2a:92:3e:13:11:94:e3:17:
60:52:e9:d8:39:af:bf:69:71:6a:36:a7:5a:a3:92:
c5:b6:ef:9b:58:3c:c5:32:20:ad:34:a7:37:9f:21:
81:1b:23:ff:f1:29:57:a8:ef:93:4f:d0:54:aa:44:
2c:16:59:f9:20:1f:d3:c1:87:81:5b:1c:a3:1b:f9:
6b:49:56:40:6a:7d:71:c2:24:1e:98:54:ed:1d:8d:
58:01:88:4d:53:71:e6:f5:38:b0:04:d1:24:6f:25:
90:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:53:78:53:01:AD:52:38:5A:69:81:25:8E:DB:AB:9D:3D:5C:87:36
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NlN4UwGtUjhaaYEljturnT1chzY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.133.24.0/22
46.151.32.0/22
77.36.2.0-77.36.7.255
77.36.54.0/23
77.36.57.0/24
77.36.60.0/24
77.36.65.0/24
77.36.68.0/22
91.218.252.0/22
91.223.158.0/24
91.228.119.0/24
91.229.6.0/24
91.232.254.0/24
91.236.77.0/24
91.236.237.0/24
91.237.48.0/24
91.239.222.0/23
91.246.184.0/22
91.246.217.0/24
93.120.12.0/22
93.120.36.0-93.120.38.255
93.120.46.0/24
93.120.74.0/24
93.120.120.0/22
176.96.48.0/22
176.96.93.0/24
176.107.72.0/21
176.110.107.0/24
176.110.112.0/23
178.159.147.0/24
188.191.252.0/22
Signature Algorithm: sha256WithRSAEncryption
6f:f7:22:bc:16:ba:4e:d7:71:51:c8:96:4f:85:49:22:53:05:
86:64:c2:3d:fd:c3:d0:f2:b6:7c:17:f4:c7:fe:61:62:d9:85:
7b:03:67:d0:f5:cf:c5:48:67:a6:b7:27:b7:82:cc:64:d4:18:
9d:72:44:3c:61:3e:0b:44:13:2a:cb:17:27:a3:9a:16:d2:12:
a0:d4:0c:25:76:17:df:b0:10:91:3e:b5:70:51:37:12:b0:b6:
2b:e0:58:2e:72:68:d0:db:33:d3:95:86:81:56:e3:d0:6d:c4:
aa:f1:2a:f8:c0:a3:68:40:3b:d4:be:b9:ed:60:8c:e9:bc:b8:
9a:a9:f0:5f:2b:94:9b:66:f5:28:f8:34:02:2e:00:ea:5a:1e:
1b:4e:b2:ed:f1:2c:2e:d7:31:1e:a3:a1:2f:da:02:b4:44:33:
aa:bf:53:51:b2:82:fa:8d:f6:e4:ba:25:12:d8:31:bf:0b:7c:
30:b1:5c:12:0e:5d:fb:44:17:37:74:6e:1c:d8:9e:8b:ac:5a:
f4:98:e1:ab:c9:f7:1b:20:9a:ab:9f:35:80:9a:72:57:2e:a0:
00:c3:a6:f3:76:68:c5:26:e7:d5:0c:0c:a1:0b:94:dd:62:05:
4a:17:5d:cd:41:a7:50:3f:c3:9d:aa:e6:fe:a0:82:fe:d2:59:
c3:d9:78:b5
-----BEGIN CERTIFICATE-----
MIIFxjCCBK6gAwIBAgISAZK4vcTbxgEqK//pKID87JX0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjQxMDIzMDkzODE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjUzNzg1MzAxYWQ1MjM4NWE2OTgxMjU4ZWRiYWI5ZDNkNWM4NzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkiNSKIHYFPV89bDsbrMoipJ5oUao
XV66nvZ8sohT5dKrES5xcqALXBusKZBbR9i8gAvnXaqWJiyhhF2Qd5IIUU3mS/3u
aGnC6LvO8qgaMee5FtyLXKDE9c2XIBzopeTwx7b/pnSauPWBJL492ykAvxQ2iQBd
9LMN3yi6mdvcn+bDHUGlEKeyhG0nBQvia0JWGwkKMgvyGx7cBpGXKpI+ExGU4xdg
UunYOa+/aXFqNqdao5LFtu+bWDzFMiCtNKc3nyGBGyP/8SlXqO+TT9BUqkQsFln5
IB/TwYeBWxyjG/lrSVZAan1xwiQemFTtHY1YAYhNU3Hm9TiwBNEkbyWQRQIDAQAB
o4IC0jCCAs4wHQYDVR0OBBYEFDZTeFMBrVI4WmmBJY7bq509XIc2MB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvTmxONFV3R3RVamhhYVlFbGp0dXJuVDFjaHpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHnBggrBgEFBQcBBwEB/wSB1zCB1DCB0QQCAAEwgcoDBAIf
hRgDBAIulyAwDAMEAU0kAgMEA00kAAMEAU0kNgMEAE0kOQMEAE0kPAMEAE0kQQME
Ak0kRAMEAlva/AMEAFvfngMEAFvkdwMEAFvlBgMEAFvo/gMEAFvsTQMEAFvs7QME
AFvtMAMEAVvv3gMEAlv2uAMEAFv22QMEAl14DDAMAwQCXXgkAwQAXXgmAwQAXXgu
AwQAXXhKAwQCXXh4AwQCsGAwAwQAsGBdAwQDsGtIAwQAsG5rAwQBsG5wAwQAsp+T
AwQCvL/8MA0GCSqGSIb3DQEBCwUAA4IBAQBv9yK8FrpO13FRyJZPhUkiUwWGZMI9
/cPQ8rZ8F/TH/mFi2YV7A2fQ9c/FSGemtye3gsxk1BidckQ8YT4LRBMqyxcno5oW
0hKg1AwldhffsBCRPrVwUTcSsLYr4FgucmjQ2zPTlYaBVuPQbcSq8Sr4wKNoQDvU
vrntYIzpvLiaqfBfK5SbZvUo+DQCLgDqWh4bTrLt8Swu1zEeo6Ev2gK0RDOqv1NR
soL6jfbkuiUS2DG/C3wwsVwSDl37RBc3dG4c2J6LrFr0mOGryfcbIJqrnzWAmnJX
LqAAw6bzdmjFJufVDAyhC5TdYgVKF13NQadQP8Odqub+oIL+0lnD2Xi1
-----END CERTIFICATE-----
Generated at Thu Oct 24 19:10:33 2024 by rpki-client on console-fra.rpki-client.org