Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/NkRiOcUvz0QwKfKPwMriv-TAvsU.roa
File: NkRiOcUvz0QwKfKPwMriv-TAvsU.roa (raw, json)
Hash identifier: fyo5F8fcLROR4btk06CbQpacCuWgLYyBmrhlXmEMAJA=
Subject key identifier: 36:44:62:39:C5:2F:CF:44:30:29:F2:8F:C0:CA:E2:BF:E4:C0:BE:C5
Certificate issuer: /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial: 019427479C48F4BAE7E10A539B892D786F59
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/NkRiOcUvz0QwKfKPwMriv-TAvsU.roa
Signing time: Thu 02 Jan 2025 13:49:51 +0000
ROA not before: Thu 02 Jan 2025 13:49:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48159
IP address blocks: 2.176.128.0/17 maxlen: 17
2.177.0.0/16 maxlen: 16
2.182.0.0/16 maxlen: 24
2.182.128.0/21 maxlen: 21
2.185.0.0/16 maxlen: 16
2.185.0.0/20 maxlen: 20
2.185.18.0/24 maxlen: 24
2.185.40.0/21 maxlen: 21
2.185.88.0/22 maxlen: 22
2.185.160.0/19 maxlen: 19
2.185.164.0/24 maxlen: 24
2.188.0.0/24 maxlen: 24
2.188.1.0/24 maxlen: 24
2.188.22.0/24 maxlen: 24
2.188.28.0/24 maxlen: 24
2.188.64.0/21 maxlen: 21
2.188.76.0/24 maxlen: 24
2.188.179.0/24 maxlen: 24
2.188.184.0/24 maxlen: 24
2.188.185.0/24 maxlen: 24
2.188.187.0/24 maxlen: 24
2.189.42.0/24 maxlen: 24
2.189.43.0/24 maxlen: 24
2.189.56.0/24 maxlen: 24
2.189.58.0/24 maxlen: 24
2.189.68.0/24 maxlen: 24
2.189.72.0/24 maxlen: 24
2.191.0.0/16 maxlen: 16
78.38.0.0/16 maxlen: 24
78.38.160.0/19 maxlen: 19
78.38.243.0/24 maxlen: 24
78.38.246.0/24 maxlen: 24
78.38.248.0/24 maxlen: 24
78.38.250.0/24 maxlen: 24
78.38.251.0/24 maxlen: 24
78.38.254.0/24 maxlen: 24
78.39.0.0/16 maxlen: 24
78.39.40.0/24 maxlen: 24
78.39.43.0/24 maxlen: 24
78.39.46.0/24 maxlen: 24
78.39.47.0/24 maxlen: 24
78.39.48.0/24 maxlen: 24
78.39.49.0/24 maxlen: 24
78.39.50.0/24 maxlen: 24
78.39.51.0/24 maxlen: 24
78.39.53.0/24 maxlen: 24
78.39.54.0/24 maxlen: 24
78.39.55.0/24 maxlen: 24
78.39.56.0/24 maxlen: 24
78.39.57.0/24 maxlen: 24
78.39.58.0/24 maxlen: 24
78.39.59.0/24 maxlen: 24
78.39.62.0/23 maxlen: 24
78.39.149.0/24 maxlen: 24
78.39.150.0/24 maxlen: 24
78.39.151.0/24 maxlen: 24
78.39.153.0/24 maxlen: 24
78.39.155.0/24 maxlen: 24
78.39.156.0/24 maxlen: 24
78.39.240.0/24 maxlen: 24
80.191.0.0/16 maxlen: 16
80.191.56.0/24 maxlen: 24
217.218.0.0/16 maxlen: 24
217.218.67.0/24 maxlen: 24
217.219.0.0/16 maxlen: 24
217.219.236.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 29 Jan 2025 09:42:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:9c:48:f4:ba:e7:e1:0a:53:9b:89:2d:78:6f:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Validity
Not Before: Jan 2 13:49:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=36446239c52fcf443029f28fc0cae2bfe4c0bec5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:0d:47:8b:a2:72:e2:98:8a:29:af:b1:84:a1:
a9:11:9b:65:ab:f6:6c:24:b0:bc:5f:8f:14:c0:0a:
3c:5d:b3:1c:0c:dc:1b:12:b0:b9:a0:59:2f:fe:f7:
52:2b:6f:1f:4c:76:27:74:34:ec:9a:b5:3c:8f:98:
0e:9f:ba:80:a4:62:92:cb:4c:5c:3d:f9:bb:51:48:
ea:d0:5d:c3:b8:75:8a:68:9f:10:58:da:aa:09:6e:
2d:74:0c:14:bb:33:59:86:8d:5b:8b:40:21:e8:a2:
92:94:62:21:35:0b:4d:33:de:e5:6a:57:18:66:ad:
1a:f4:a6:41:99:27:27:45:16:fc:3c:f9:d8:cf:af:
2c:55:da:df:87:a2:51:0a:a8:21:23:de:b2:6a:c1:
06:c9:86:96:92:1f:cc:05:73:89:72:b5:fd:5d:3f:
9f:1a:2b:92:b1:41:46:c3:5e:b2:be:8d:c1:d0:18:
93:d8:76:4a:d5:60:7a:72:f8:a2:4a:16:45:a1:18:
92:dd:dc:55:b6:3c:62:42:41:f4:a6:05:3e:59:d1:
af:ef:b1:9e:f2:d1:19:09:5e:93:e6:f0:b2:ba:7b:
21:56:86:18:08:25:b3:85:22:5d:8d:95:86:c0:3b:
44:5a:38:64:56:1f:9f:2b:a1:a3:46:80:0f:cc:18:
56:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:44:62:39:C5:2F:CF:44:30:29:F2:8F:C0:CA:E2:BF:E4:C0:BE:C5
X509v3 Authority Key Identifier:
keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/NkRiOcUvz0QwKfKPwMriv-TAvsU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.176.128.0-2.177.255.255
2.182.0.0/16
2.185.0.0/16
2.188.0.0/23
2.188.22.0/24
2.188.28.0/24
2.188.64.0/21
2.188.76.0/24
2.188.179.0/24
2.188.184.0/23
2.188.187.0/24
2.189.42.0/23
2.189.56.0/24
2.189.58.0/24
2.189.68.0/24
2.189.72.0/24
2.191.0.0/16
78.38.0.0/15
80.191.0.0/16
217.218.0.0/15
Signature Algorithm: sha256WithRSAEncryption
24:d6:b0:fb:eb:16:9f:1f:de:5e:b8:1f:6a:59:d4:f3:ed:3e:
cd:8a:93:05:cc:97:63:25:21:d3:2c:32:35:96:9e:43:47:81:
fb:75:79:a8:86:7c:1e:fa:18:e2:dd:2d:96:65:1a:a9:06:7f:
ca:41:35:f7:5b:e1:55:59:1a:10:a9:4d:03:e7:ab:0e:51:6f:
01:25:26:06:d3:31:30:23:a8:08:87:a2:09:10:6f:4e:21:ea:
24:03:28:25:f8:a0:d8:10:e5:aa:89:ed:6a:03:5e:3c:6f:90:
00:eb:eb:82:e7:49:06:51:d0:22:95:87:4e:37:0b:e7:25:04:
46:a6:1c:95:68:87:92:85:06:50:88:ef:40:df:fc:fe:49:b1:
c4:2e:d8:b1:11:d0:5f:fa:df:09:35:16:f1:ef:fc:de:2b:31:
5f:a9:3d:d3:3b:0b:60:e9:d8:5e:2b:a4:29:be:15:b2:41:d0:
02:48:9d:3c:a9:c5:08:40:99:ef:4b:b8:b3:99:64:f2:a3:8c:
a2:7a:d4:f9:19:92:9d:91:8e:23:b5:3f:60:40:e6:b0:ba:a8:
0f:bb:12:94:66:9d:67:ce:cb:f8:c1:7d:0b:22:de:39:f7:ed:
03:76:11:59:3f:b5:20:35:20:2e:e0:ca:e6:b5:95:8e:70:18:
a0:0e:19:dd
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZQnR5xI9Lrn4QpTm4kteG9ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTM5ZTQ3OTRjMzQ2MTJlN2YyMjU2OWIxYTZhODE3MTAy
NjBhZTUwHhcNMjUwMTAyMTM0OTUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjQ0NjIzOWM1MmZjZjQ0MzAyOWYyOGZjMGNhZTJiZmU0YzBiZWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAog1Hi6Jy4piKKa+xhKGpEZtlq/Zs
JLC8X48UwAo8XbMcDNwbErC5oFkv/vdSK28fTHYndDTsmrU8j5gOn7qApGKSy0xc
Pfm7UUjq0F3DuHWKaJ8QWNqqCW4tdAwUuzNZho1bi0Ah6KKSlGIhNQtNM97lalcY
Zq0a9KZBmScnRRb8PPnYz68sVdrfh6JRCqghI96yasEGyYaWkh/MBXOJcrX9XT+f
GiuSsUFGw16yvo3B0BiT2HZK1WB6cviiShZFoRiS3dxVtjxiQkH0pgU+WdGv77Ge
8tEZCV6T5vCyunshVoYYCCWzhSJdjZWGwDtEWjhkVh+fK6GjRoAPzBhWpwIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFDZEYjnFL89EMCnyj8DK4r/kwL7FMB8GA1UdIwQY
MBaAFCejnkeUw0YS5/IlabGmqBcQJgrlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMt
Zjc0ZDk1MTg1NzZjLzEvTmtSaU9jVXZ6MFF3S2ZLUHdNcml2LVRBdnNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMtZjc0ZDk1MTg1NzZj
LzEvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGUBggrBgEFBQcBBwEB/wSBhDCBgTB/BAIAATB5MAsDBAcC
sIADAwECsAMDAAK2AwMAArkDBAECvAADBAACvBYDBAACvBwDBAMCvEADBAACvEwD
BAACvLMDBAECvLgDBAACvLsDBAECvSoDBAACvTgDBAACvToDBAACvUQDBAACvUgD
AwACvwMDAU4mAwMAUL8DAwHZ2jANBgkqhkiG9w0BAQsFAAOCAQEAJNaw++sWnx/e
XrgfalnU8+0+zYqTBcyXYyUh0ywyNZaeQ0eB+3V5qIZ8HvoY4t0tlmUaqQZ/ykE1
91vhVVkaEKlNA+erDlFvASUmBtMxMCOoCIeiCRBvTiHqJAMoJfig2BDlqontagNe
PG+QAOvrgudJBlHQIpWHTjcL5yUERqYclWiHkoUGUIjvQN/8/kmxxC7YsRHQX/rf
CTUW8e/83isxX6k90zsLYOnYXiukKb4VskHQAkidPKnFCECZ70u4s5lk8qOMonrU
+RmSnZGOI7U/YEDmsLqoD7sSlGadZ87L+MF9CyLeOfftA3YRWT+1IDUgLuDK5rWV
jnAYoA4Z3Q==
-----END CERTIFICATE-----
Generated at Tue Apr 22 00:32:21 2025 by rpki-client