Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/3638d7-3ec3-4595-a631-110c878dcd29/1/24NLFEG8QBJ8IzG7EzGKFYyZmos.roa
File: 24NLFEG8QBJ8IzG7EzGKFYyZmos.roa (raw, json)
Hash identifier: UEFRvk3PAP1M02QwT8Qui7mF8KZuKDcXGgVXquuztAg=
Subject key identifier: DB:83:4B:14:41:BC:40:12:7C:23:31:BB:13:31:8A:15:8C:99:9A:8B
Certificate issuer: /CN=e8a851ddae5a64cc38825395be9a507da95ab7cf
Certificate serial: 0192AF532EE8B7DB6B1BD9F2D422D05F7A9E
Authority key identifier: E8:A8:51:DD:AE:5A:64:CC:38:82:53:95:BE:9A:50:7D:A9:5A:B7:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6KhR3a5aZMw4glOVvppQfalat88.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/3638d7-3ec3-4595-a631-110c878dcd29/1/24NLFEG8QBJ8IzG7EzGKFYyZmos.roa
Signing time: Mon 21 Oct 2024 13:45:17 +0000
ROA not before: Mon 21 Oct 2024 13:45:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202940
IP address blocks: 89.208.0.0/21 maxlen: 21
89.208.4.0/22 maxlen: 24
89.208.56.0/21 maxlen: 21
89.208.128.0/21 maxlen: 21
89.208.134.0/23 maxlen: 24
141.226.120.0/22 maxlen: 24
147.234.23.0/24 maxlen: 24
147.236.104.0/21 maxlen: 23
147.236.116.0/23 maxlen: 24
147.236.120.0/21 maxlen: 21
147.236.125.0/24 maxlen: 24
147.236.144.0/20 maxlen: 24
147.236.176.0/20 maxlen: 20
147.236.183.0/24 maxlen: 24
185.108.80.0/22 maxlen: 24
185.149.252.0/22 maxlen: 24
185.167.108.0/22 maxlen: 24
185.175.32.0/22 maxlen: 23
185.180.100.0/22 maxlen: 24
185.180.100.0/24 maxlen: 24
185.180.102.0/24 maxlen: 24
185.180.103.0/24 maxlen: 24
185.182.76.0/22 maxlen: 24
185.184.244.0/22 maxlen: 23
188.191.224.0/21 maxlen: 21
188.191.224.0/22 maxlen: 22
188.191.224.0/24 maxlen: 24
188.191.228.0/22 maxlen: 22
217.175.80.0/20 maxlen: 20
217.175.84.0/22 maxlen: 22
217.175.88.0/21 maxlen: 23
2a00:7c40::/32 maxlen: 48
Validation: Failed, certificate revoked on Wed 04 Dec 2024 11:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:af:53:2e:e8:b7:db:6b:1b:d9:f2:d4:22:d0:5f:7a:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8a851ddae5a64cc38825395be9a507da95ab7cf
Validity
Not Before: Oct 21 13:45:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=db834b1441bc40127c2331bb13318a158c999a8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:53:6f:6f:f3:e0:e7:38:6a:6f:a5:70:fb:4a:
6a:ec:0c:0d:4e:b9:da:fc:8a:38:44:42:22:f1:8a:
c8:3d:17:29:52:8c:00:22:bc:ec:b4:56:17:6b:af:
5e:14:a4:6e:2b:b5:b4:0c:00:1e:2c:95:a7:5a:ba:
2f:91:9d:40:f3:4f:7b:4b:e9:46:3f:80:72:15:0f:
cc:23:f2:6f:d9:f7:3c:6e:f6:52:ab:1c:e2:ab:9f:
37:db:93:a2:15:d1:7b:3d:89:bb:b9:30:84:fc:86:
07:32:02:da:44:f2:11:96:86:5b:9e:cd:f4:28:77:
34:39:38:6a:66:7a:42:27:95:43:e8:77:44:72:5e:
c8:76:b3:47:b4:e5:09:36:26:e8:14:86:10:d3:77:
c5:4d:d0:34:d7:95:29:55:9a:66:23:37:db:a8:2a:
75:ce:4b:1c:5e:16:f6:25:71:c1:56:1f:b0:81:63:
73:f6:f5:db:84:ea:1c:c9:b0:c4:b4:3c:85:6a:56:
a6:92:26:3c:07:2b:90:27:17:4d:45:85:05:7b:fb:
02:de:b9:f4:21:a1:c7:c6:6b:3e:fb:f8:1d:65:d9:
b9:a6:5e:e4:a1:00:0c:4c:ab:bb:f3:11:d4:ec:10:
13:4e:a8:43:b5:20:5b:b9:c4:22:12:7f:d2:a1:23:
3b:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:83:4B:14:41:BC:40:12:7C:23:31:BB:13:31:8A:15:8C:99:9A:8B
X509v3 Authority Key Identifier:
keyid:E8:A8:51:DD:AE:5A:64:CC:38:82:53:95:BE:9A:50:7D:A9:5A:B7:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6KhR3a5aZMw4glOVvppQfalat88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/3638d7-3ec3-4595-a631-110c878dcd29/1/24NLFEG8QBJ8IzG7EzGKFYyZmos.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/3638d7-3ec3-4595-a631-110c878dcd29/1/6KhR3a5aZMw4glOVvppQfalat88.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.208.0.0/21
89.208.56.0/21
89.208.128.0/21
141.226.120.0/22
147.234.23.0/24
147.236.104.0/21
147.236.116.0/23
147.236.120.0/21
147.236.144.0/20
147.236.176.0/20
185.108.80.0/22
185.149.252.0/22
185.167.108.0/22
185.175.32.0/22
185.180.100.0/22
185.182.76.0/22
185.184.244.0/22
188.191.224.0/21
217.175.80.0/20
IPv6:
2a00:7c40::/32
Signature Algorithm: sha256WithRSAEncryption
44:7f:23:16:84:ae:70:52:98:7d:9a:eb:d0:32:2f:85:3a:51:
b9:7d:39:54:2a:8e:d7:fe:68:8a:ab:a0:1f:b8:88:2d:e0:e6:
b8:93:0a:30:31:7f:ce:71:39:00:a5:0b:6f:99:f3:2e:4a:a4:
0c:c7:4c:72:5c:00:1f:70:12:31:a2:a7:a5:af:3c:c6:ab:3c:
4e:a3:ca:48:c3:fc:0c:30:41:43:2d:cd:d5:df:66:7b:a2:cd:
fd:21:68:71:1c:3f:de:18:82:66:fb:25:4b:fa:d6:b1:7b:e4:
8c:58:6c:6f:94:39:dd:9a:e0:91:92:0e:bb:fc:92:fd:6e:e1:
ed:ee:ba:e1:b7:84:f9:d9:39:a8:51:74:c6:5e:d5:4a:bf:c7:
3c:15:2c:d3:2b:d2:2e:94:0e:df:6a:68:18:6b:5b:35:71:37:
00:79:22:37:ec:6e:1a:e3:a8:b4:b1:ea:9d:84:eb:37:db:9c:
e8:09:b2:6a:fb:b7:3e:79:88:40:68:1c:5e:bd:f6:28:a1:7f:
7d:14:af:24:70:32:a6:0f:60:c2:e9:00:38:59:c1:8f:46:0e:
aa:57:02:f1:ac:8e:65:7a:31:d0:46:da:81:f5:d5:52:76:15:
28:7b:6a:bf:20:f9:a9:44:af:30:e0:0d:7e:fd:dc:93:ad:6f:
83:f7:73:25
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgISAZKvUy7ot9trG9ny1CLQX3qeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4YTg1MWRkYWU1YTY0Y2MzODgyNTM5NWJlOWE1MDdkYTk1
YWI3Y2YwHhcNMjQxMDIxMTM0NTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjgzNGIxNDQxYmM0MDEyN2MyMzMxYmIxMzMxOGExNThjOTk5YThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1FNvb/Pg5zhqb6Vw+0pq7AwNTrna
/Io4REIi8YrIPRcpUowAIrzstFYXa69eFKRuK7W0DAAeLJWnWrovkZ1A8097S+lG
P4ByFQ/MI/Jv2fc8bvZSqxziq58325OiFdF7PYm7uTCE/IYHMgLaRPIRloZbns30
KHc0OThqZnpCJ5VD6HdEcl7IdrNHtOUJNiboFIYQ03fFTdA015UpVZpmIzfbqCp1
zkscXhb2JXHBVh+wgWNz9vXbhOocybDEtDyFalamkiY8ByuQJxdNRYUFe/sC3rn0
IaHHxms++/gdZdm5pl7koQAMTKu78xHU7BATTqhDtSBbucQiEn/SoSM7XQIDAQAB
o4IChzCCAoMwHQYDVR0OBBYEFNuDSxRBvEASfCMxuxMxihWMmZqLMB8GA1UdIwQY
MBaAFOioUd2uWmTMOIJTlb6aUH2pWrfPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNktoUjNhNWFaTXc0Z2xPVnZwcFFmYWxhdDg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC8zNjM4ZDctM2VjMy00NTk1LWE2MzEt
MTEwYzg3OGRjZDI5LzEvMjROTEZFRzhRQko4SXpHN0V6R0tGWXlabW9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC8zNjM4ZDctM2VjMy00NTk1LWE2MzEtMTEwYzg3OGRjZDI5
LzEvNktoUjNhNWFaTXc0Z2xPVnZwcFFmYWxhdDg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGcBggrBgEFBQcBBwEB/wSBjDCBiTB4BAIAATByAwQDWdAA
AwQDWdA4AwQDWdCAAwQCjeJ4AwQAk+oXAwQDk+xoAwQBk+x0AwQDk+x4AwQEk+yQ
AwQEk+ywAwQCuWxQAwQCuZX8AwQCuadsAwQCua8gAwQCubRkAwQCubZMAwQCubj0
AwQDvL/gAwQE2a9QMA0EAgACMAcDBQAqAHxAMA0GCSqGSIb3DQEBCwUAA4IBAQBE
fyMWhK5wUph9muvQMi+FOlG5fTlUKo7X/miKq6AfuIgt4Oa4kwowMX/OcTkApQtv
mfMuSqQMx0xyXAAfcBIxoqelrzzGqzxOo8pIw/wMMEFDLc3V32Z7os39IWhxHD/e
GIJm+yVL+taxe+SMWGxvlDndmuCRkg67/JL9buHt7rrht4T52TmoUXTGXtVKv8c8
FSzTK9IulA7famgYa1s1cTcAeSI37G4a46i0seqdhOs325zoCbJq+7c+eYhAaBxe
vfYooX99FK8kcDKmD2DC6QA4WcGPRg6qVwLxrI5lejHQRtqB9dVSdhUoe2q/IPmp
RK8w4A1+/dyTrW+D93Ml
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:49:54 2025 by rpki-client