Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/NnGI4Ah--Sf06-hX7QFnoAvh-ks.roa
File: NnGI4Ah--Sf06-hX7QFnoAvh-ks.roa (raw, json)
Hash identifier: 0m6AfwaQtJNtCpzi6sm1xyWCSrWHb0Wtg0jafPnbozw=
Subject key identifier: 36:71:88:E0:08:7E:F9:27:F4:EB:E8:57:ED:01:67:A0:0B:E1:FA:4B
Certificate issuer: /CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Certificate serial: 018EF0D097FBCA0703D14D04C28DD1A7B13B
Authority key identifier: 21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/NnGI4Ah--Sf06-hX7QFnoAvh-ks.roa
Signing time: Thu 18 Apr 2024 10:46:25 +0000
ROA not before: Thu 18 Apr 2024 10:46:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1680
IP address blocks: 37.26.146.0/24 maxlen: 24
37.26.148.0/24 maxlen: 24
37.26.150.0/24 maxlen: 24
46.116.0.0/16 maxlen: 16
46.117.0.0/16 maxlen: 16
46.210.0.0/16 maxlen: 24
62.0.0.0/16 maxlen: 24
62.0.87.0/24 maxlen: 24
62.0.88.0/22 maxlen: 24
62.0.92.0/23 maxlen: 24
62.0.94.0/24 maxlen: 24
62.0.114.0/23 maxlen: 24
62.0.116.0/22 maxlen: 24
62.0.120.0/21 maxlen: 24
62.0.128.0/23 maxlen: 24
62.90.0.0/16 maxlen: 24
62.90.135.0/24 maxlen: 24
80.250.144.0/20 maxlen: 24
82.166.0.0/16 maxlen: 24
82.166.100.0/22 maxlen: 24
82.166.112.0/21 maxlen: 24
82.166.201.128/25 maxlen: 25
85.64.0.0/16 maxlen: 16
85.65.0.0/16 maxlen: 16
85.250.0.0/16 maxlen: 16
89.138.0.0/16 maxlen: 16
89.139.0.0/16 maxlen: 16
93.172.0.0/16 maxlen: 16
93.173.0.0/16 maxlen: 16
95.35.0.0/16 maxlen: 24
109.186.0.0/16 maxlen: 16
109.253.0.0/16 maxlen: 24
141.226.132.0/24 maxlen: 24
141.226.134.0/24 maxlen: 24
147.161.8.0/21 maxlen: 24
147.234.17.0/24 maxlen: 24
147.234.22.0/24 maxlen: 24
147.234.26.0/24 maxlen: 24
147.234.27.0/24 maxlen: 24
147.234.27.0/25 maxlen: 25
147.234.27.128/25 maxlen: 25
147.234.28.0/24 maxlen: 24
147.234.43.0/24 maxlen: 24
147.234.83.0/24 maxlen: 24
147.234.84.0/24 maxlen: 24
147.234.86.0/24 maxlen: 24
176.12.128.0/17 maxlen: 24
176.13.0.0/16 maxlen: 24
192.118.28.0/22 maxlen: 22
192.118.28.0/23 maxlen: 23
192.118.30.0/23 maxlen: 23
194.90.0.0/16 maxlen: 24
194.90.1.0/24 maxlen: 24
194.90.229.0/24 maxlen: 24
199.203.0.0/16 maxlen: 16
199.203.1.0/24 maxlen: 24
199.203.21.0/24 maxlen: 24
199.203.191.0/24 maxlen: 24
207.232.0.0/18 maxlen: 18
212.29.192.0/18 maxlen: 18
212.29.244.0/24 maxlen: 24
212.143.0.0/16 maxlen: 24
212.143.194.0/24 maxlen: 24
212.150.0.0/16 maxlen: 24
212.235.0.0/17 maxlen: 24
217.132.0.0/16 maxlen: 16
2001:4df0::/29 maxlen: 32
2001:4df0::/32 maxlen: 32
2001:4df1::/32 maxlen: 32
2001:4df2::/32 maxlen: 32
2001:4df3::/32 maxlen: 32
2001:4df4::/32 maxlen: 32
2001:4df5::/32 maxlen: 32
2001:4df6::/32 maxlen: 32
2001:4df7::/32 maxlen: 32
2a02:148::/29 maxlen: 32
2a02:148::/32 maxlen: 32
2a02:149::/32 maxlen: 32
2a02:14a::/32 maxlen: 32
2a02:14b::/32 maxlen: 32
2a02:14c::/32 maxlen: 32
2a02:14d::/32 maxlen: 32
2a02:14e::/32 maxlen: 32
2a02:14f::/32 maxlen: 32
2a03:c5c0::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 20 May 2024 18:09:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:f0:d0:97:fb:ca:07:03:d1:4d:04:c2:8d:d1:a7:b1:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Validity
Not Before: Apr 18 10:46:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=367188e0087ef927f4ebe857ed0167a00be1fa4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:45:7a:5d:4d:4f:03:5a:ca:4b:88:1b:98:18:
c0:bf:56:d3:9a:de:13:9a:96:1c:18:4d:7f:df:34:
7c:67:e3:13:9d:86:e3:9b:ab:ed:b5:31:40:f8:1e:
0f:2f:a7:99:e6:c1:0f:eb:13:7e:51:7f:3f:b9:bd:
a1:d9:50:fd:29:f8:3d:73:e3:90:b7:7c:50:91:72:
80:dd:bb:90:92:77:46:fd:50:e8:88:2f:eb:a0:b2:
2f:e6:f3:f6:17:24:b8:f8:94:ab:0e:9d:82:5e:9f:
52:4c:63:47:3e:f7:bb:87:79:69:b6:ad:f7:a2:4b:
60:4d:c8:78:c0:a1:57:61:06:45:4f:7c:e1:9f:df:
d9:57:e0:4d:21:0f:cd:d3:2a:31:6e:c4:3a:9d:22:
7a:60:da:3a:4c:bd:86:5b:93:ae:6c:ef:14:32:b7:
52:29:55:52:d0:af:2c:fd:5b:0c:f8:10:93:11:f7:
6a:87:c3:e8:b0:ae:4e:e3:c2:43:42:27:f4:06:5a:
24:3e:95:51:64:dc:e8:34:b7:9c:17:91:4c:8a:24:
14:3e:0b:f5:fd:47:8f:35:94:31:a1:03:c4:3a:e5:
04:8d:6f:db:fd:80:47:76:5a:ba:bc:cc:e1:9b:42:
8a:b4:44:7c:ef:e8:e1:ef:22:69:cb:d0:bc:cb:a2:
d0:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:71:88:E0:08:7E:F9:27:F4:EB:E8:57:ED:01:67:A0:0B:E1:FA:4B
X509v3 Authority Key Identifier:
keyid:21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/NnGI4Ah--Sf06-hX7QFnoAvh-ks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/IbrXTn9sCUmic2pXR4SW19i0UOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.26.146.0/24
37.26.148.0/24
37.26.150.0/24
46.116.0.0/15
46.210.0.0/16
62.0.0.0/16
62.90.0.0/16
80.250.144.0/20
82.166.0.0/16
85.64.0.0/15
85.250.0.0/16
89.138.0.0/15
93.172.0.0/15
95.35.0.0/16
109.186.0.0/16
109.253.0.0/16
141.226.132.0/24
141.226.134.0/24
147.161.8.0/21
147.234.17.0/24
147.234.22.0/24
147.234.26.0-147.234.28.255
147.234.43.0/24
147.234.83.0-147.234.84.255
147.234.86.0/24
176.12.128.0-176.13.255.255
192.118.28.0/22
194.90.0.0/16
199.203.0.0/16
207.232.0.0/18
212.29.192.0/18
212.143.0.0/16
212.150.0.0/16
212.235.0.0/17
217.132.0.0/16
IPv6:
2001:4df0::/29
2a02:148::/29
2a03:c5c0::/32
Signature Algorithm: sha256WithRSAEncryption
03:03:63:40:c0:c8:a1:4a:4f:59:54:51:ca:7d:f3:e7:4d:f9:
cf:51:37:aa:66:fb:c9:dd:9a:88:65:45:32:74:9c:5d:2b:a3:
f1:c4:15:f1:5e:6f:16:77:1b:3a:db:06:41:c3:98:9a:2d:e4:
26:d3:a8:69:2e:f8:73:01:d8:42:ab:da:ad:88:83:52:c5:be:
00:2e:1d:52:a0:e9:38:07:a5:91:30:8f:3b:a9:83:04:3c:83:
90:91:4d:91:80:98:5a:f2:e6:f8:f7:e3:89:1e:76:f0:c1:4a:
08:96:4f:65:03:03:7c:79:42:3e:6b:23:4e:a8:31:e2:7b:19:
a7:14:d1:c9:90:26:51:b7:5b:27:c1:60:9b:76:b2:97:83:20:
83:1b:0f:08:e9:94:7b:b7:62:64:f1:b8:2a:5a:71:f9:5c:72:
61:be:d2:74:72:5e:58:6f:11:79:7f:29:29:c4:aa:03:61:5a:
fd:fb:91:00:f3:27:60:5e:f2:57:46:ba:f1:b1:74:bf:25:8d:
3a:47:e4:e6:b4:57:d6:0d:f6:25:7f:94:1e:a6:2e:e6:2c:b8:
9c:23:f5:f5:a8:69:24:9c:5d:32:21:8b:6f:26:3d:f9:37:82:
49:b9:3d:e1:d8:48:39:51:62:c7:58:11:fd:2a:bc:db:ad:6f:
f6:75:46:35
-----BEGIN CERTIFICATE-----
MIIF8zCCBNugAwIBAgISAY7w0Jf7ygcD0U0Ewo3Rp7E7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYmFkNzRlN2Y2YzA5NDlhMjczNmE1NzQ3ODQ5NmQ3ZDhi
NDUwZTYwHhcNMjQwNDE4MTA0NjI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjcxODhlMDA4N2VmOTI3ZjRlYmU4NTdlZDAxNjdhMDBiZTFmYTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu0V6XU1PA1rKS4gbmBjAv1bTmt4T
mpYcGE1/3zR8Z+MTnYbjm6vttTFA+B4PL6eZ5sEP6xN+UX8/ub2h2VD9Kfg9c+OQ
t3xQkXKA3buQkndG/VDoiC/roLIv5vP2FyS4+JSrDp2CXp9STGNHPve7h3lptq33
oktgTch4wKFXYQZFT3zhn9/ZV+BNIQ/N0yoxbsQ6nSJ6YNo6TL2GW5OubO8UMrdS
KVVS0K8s/VsM+BCTEfdqh8PosK5O48JDQif0BlokPpVRZNzoNLecF5FMiiQUPgv1
/UePNZQxoQPEOuUEjW/b/YBHdlq6vMzhm0KKtER87+jh7yJpy9C8y6LQYwIDAQAB
o4IC/zCCAvswHQYDVR0OBBYEFDZxiOAIfvkn9OvoV+0BZ6AL4fpLMB8GA1UdIwQY
MBaAFCG6105/bAlJonNqV0eEltfYtFDmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQt
NDQzMzIyOWE4NDczLzEvTm5HSTRBaC0tU2YwNi1oWDdRRm5vQXZoLWtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQtNDQzMzIyOWE4NDcz
LzEvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBEwYIKwYBBQUHAQcBAf8EggECMIH/MIHfBAIAATCB2AME
ACUakgMEACUalAMEACUalgMDAS50AwMALtIDAwA+AAMDAD5aAwQEUPqQAwMAUqYD
AwFVQAMDAFX6AwMBWYoDAwFdrAMDAF8jAwMAbboDAwBt/QMEAI3ihAMEAI3ihgME
A5OhCAMEAJPqEQMEAJPqFjAMAwQBk+oaAwQAk+ocAwQAk+orMAwDBACT6lMDBACT
6lQDBACT6lYwCwMEB7AMgAMDAbAMAwQCwHYcAwMAwloDAwDHywMEBs/oAAMEBtQd
wAMDANSPAwMA1JYDBAfU6wADAwDZhDAbBAIAAjAVAwUDIAFN8AMFAyoCAUgDBQAq
A8XAMA0GCSqGSIb3DQEBCwUAA4IBAQADA2NAwMihSk9ZVFHKffPnTfnPUTeqZvvJ
3ZqIZUUydJxdK6PxxBXxXm8Wdxs62wZBw5iaLeQm06hpLvhzAdhCq9qtiINSxb4A
Lh1SoOk4B6WRMI87qYMEPIOQkU2RgJha8ub49+OJHnbwwUoIlk9lAwN8eUI+ayNO
qDHiexmnFNHJkCZRt1snwWCbdrKXgyCDGw8I6ZR7t2Jk8bgqWnH5XHJhvtJ0cl5Y
bxF5fykpxKoDYVr9+5EA8ydgXvJXRrrxsXS/JY06R+TmtFfWDfYlf5Qepi7mLLic
I/X1qGkknF0yIYtvJj35N4JJuT3h2Eg5UWLHWBH9KrzbrW/2dUY1
-----END CERTIFICATE-----
Generated at Mon May 20 20:18:26 2024 by rpki-client on console-ams.rpki-client.org