Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/nTPsYv1QsX83XYSHXO6BxEW96Ng.roa
File: nTPsYv1QsX83XYSHXO6BxEW96Ng.roa (raw, json)
Hash identifier: f57ri5l1xCpeGHieoSY01tPM86NTGk4WVJ0LqidxZh8=
Subject key identifier: 9D:33:EC:62:FD:50:B1:7F:37:5D:84:87:5C:EE:81:C4:45:BD:E8:D8
Certificate issuer: /CN=5b698c4b612afee2cbb1cdd509e4f0246fbb80e1
Certificate serial: 018C34995C31B6CA70ED45E98122D9C6229D
Authority key identifier: 5B:69:8C:4B:61:2A:FE:E2:CB:B1:CD:D5:09:E4:F0:24:6F:BB:80:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/nTPsYv1QsX83XYSHXO6BxEW96Ng.roa
Signing time: Mon 04 Dec 2023 11:31:54 +0000
ROA not before: Mon 04 Dec 2023 11:31:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48309
IP address blocks: 37.191.92.0/22 maxlen: 24
37.191.64.0/22 maxlen: 22
37.191.68.0/22 maxlen: 22
37.191.74.0/24 maxlen: 24
37.191.72.0/22 maxlen: 22
37.191.76.0/22 maxlen: 22
37.191.80.0/21 maxlen: 24
37.191.88.0/22 maxlen: 22
188.136.161.0/24 maxlen: 24
188.136.163.0/24 maxlen: 24
188.136.165.0/24 maxlen: 24
188.136.160.0/24 maxlen: 24
188.136.162.0/24 maxlen: 24
188.136.164.0/24 maxlen: 24
188.136.166.0/24 maxlen: 24
188.136.167.0/24 maxlen: 24
188.136.169.0/24 maxlen: 24
188.136.171.0/24 maxlen: 24
188.136.168.0/24 maxlen: 24
188.136.170.0/24 maxlen: 24
188.136.172.0/24 maxlen: 24
188.136.173.0/24 maxlen: 24
188.136.175.0/24 maxlen: 24
188.136.176.0/21 maxlen: 21
188.136.174.0/24 maxlen: 24
188.136.185.0/24 maxlen: 24
188.136.184.0/24 maxlen: 24
188.136.186.0/24 maxlen: 24
188.136.192.0/23 maxlen: 23
188.136.187.0/24 maxlen: 24
188.136.188.0/24 maxlen: 24
188.136.190.0/24 maxlen: 24
188.136.189.0/24 maxlen: 24
188.136.191.0/24 maxlen: 24
188.136.194.0/24 maxlen: 24
188.136.196.0/24 maxlen: 24
188.136.196.0/22 maxlen: 22
188.136.195.0/24 maxlen: 24
188.136.200.0/24 maxlen: 24
188.136.202.0/24 maxlen: 24
188.136.204.0/24 maxlen: 24
188.136.206.0/24 maxlen: 24
188.136.201.0/24 maxlen: 24
188.136.203.0/24 maxlen: 24
188.136.205.0/24 maxlen: 24
188.136.208.0/24 maxlen: 24
188.136.210.0/24 maxlen: 24
188.136.212.0/24 maxlen: 24
188.136.207.0/24 maxlen: 24
188.136.209.0/24 maxlen: 24
188.136.211.0/24 maxlen: 24
188.136.213.0/24 maxlen: 24
188.136.129.0/24 maxlen: 24
188.136.131.0/24 maxlen: 24
188.136.128.0/24 maxlen: 24
188.136.130.0/24 maxlen: 24
188.136.132.0/24 maxlen: 24
188.136.133.0/24 maxlen: 24
188.136.135.0/24 maxlen: 24
188.136.134.0/24 maxlen: 24
188.136.141.0/24 maxlen: 24
188.136.143.0/24 maxlen: 24
188.136.145.0/24 maxlen: 24
188.136.140.0/22 maxlen: 24
188.136.144.0/22 maxlen: 22
188.136.142.0/24 maxlen: 24
188.136.144.0/24 maxlen: 24
31.25.104.0/22 maxlen: 22
188.136.149.0/24 maxlen: 24
188.136.147.0/24 maxlen: 24
188.136.151.0/24 maxlen: 24
31.25.108.0/24 maxlen: 24
31.25.110.0/23 maxlen: 23
188.136.146.0/24 maxlen: 24
188.136.150.0/24 maxlen: 24
188.136.152.0/24 maxlen: 24
31.25.109.0/24 maxlen: 24
188.136.153.0/24 maxlen: 24
188.136.155.0/24 maxlen: 24
188.136.157.0/24 maxlen: 24
188.136.159.0/24 maxlen: 24
188.136.154.0/24 maxlen: 24
188.136.156.0/24 maxlen: 24
188.136.158.0/24 maxlen: 24
188.136.214.0/24 maxlen: 24
188.136.216.0/22 maxlen: 22
188.136.215.0/24 maxlen: 24
188.136.222.0/24 maxlen: 24
188.136.223.0/24 maxlen: 24
185.85.68.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:34:99:5c:31:b6:ca:70:ed:45:e9:81:22:d9:c6:22:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b698c4b612afee2cbb1cdd509e4f0246fbb80e1
Validity
Not Before: Dec 4 11:31:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9d33ec62fd50b17f375d84875cee81c445bde8d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:b2:b1:32:a5:c7:05:46:2a:a1:b9:06:e1:53:
a7:54:9b:0d:c4:27:26:3b:f5:4a:9c:4c:22:b2:e9:
cb:d2:9d:1a:84:8b:cc:bf:55:bf:fe:41:c8:8b:7e:
14:d7:2d:6c:15:10:c0:92:a9:12:94:16:ca:3d:9f:
9c:88:46:10:74:63:f6:1d:c3:d8:8d:75:6f:6b:31:
07:e4:c5:e5:b6:b2:73:52:28:a9:13:db:c7:f4:6e:
0d:5d:64:0c:28:2f:0f:41:4b:ff:0c:72:38:e9:18:
4a:c9:13:91:67:c7:16:10:27:20:89:f0:1c:09:f5:
b0:8e:81:9e:1c:3e:c7:cd:28:b3:71:ed:c9:6b:12:
ad:5f:8e:5c:d3:87:8e:df:d9:4e:db:9b:fa:11:c2:
bb:9a:98:26:74:19:9d:a2:5b:3f:5a:31:3e:26:af:
86:d2:7d:98:48:48:c9:88:21:d8:40:00:e2:9c:bf:
88:d7:3f:e6:7f:95:6b:73:fa:cd:aa:a0:40:d1:19:
c3:a2:08:b5:8c:c5:5e:c4:e3:e6:45:ba:b7:a9:53:
24:37:9e:85:e4:0b:e6:5a:c2:c7:29:1f:7a:40:9c:
76:86:a9:07:b6:cc:ed:d7:01:4d:be:b6:ed:00:f6:
a4:22:b5:04:93:ab:e2:b1:b1:d7:83:a9:e7:5a:a1:
85:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:33:EC:62:FD:50:B1:7F:37:5D:84:87:5C:EE:81:C4:45:BD:E8:D8
X509v3 Authority Key Identifier:
keyid:5B:69:8C:4B:61:2A:FE:E2:CB:B1:CD:D5:09:E4:F0:24:6F:BB:80:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/nTPsYv1QsX83XYSHXO6BxEW96Ng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.104.0/21
37.191.64.0/19
185.85.68.0/22
188.136.128.0/21
188.136.140.0-188.136.147.255
188.136.149.0-188.136.219.255
188.136.222.0/23
Signature Algorithm: sha256WithRSAEncryption
60:e8:33:be:5b:11:45:de:9d:0b:66:11:5c:43:c0:1d:7e:ae:
f0:e9:1d:70:90:7e:ed:35:8a:99:1e:7a:7d:6d:70:f2:56:4c:
10:45:15:51:17:08:52:29:4a:2b:b0:59:5f:d6:9d:5a:a6:21:
61:dd:ec:9a:40:95:1d:b0:4d:74:21:33:8e:b0:2c:a2:64:7b:
85:67:6d:71:a4:c9:92:49:a5:dd:99:7b:a0:28:ab:f9:b4:4f:
40:b6:f5:2f:75:49:97:e3:61:3a:2c:45:1b:39:e8:cb:b0:8b:
40:cd:be:c1:3e:82:01:71:e7:8e:89:82:1f:13:c6:e8:3c:dd:
ba:59:0d:34:02:96:5b:b9:26:1b:5b:29:93:dc:49:a4:5b:8e:
74:fb:d8:f9:69:39:e5:d9:08:93:99:c3:5a:82:cc:dc:ed:3c:
12:49:ea:ab:6a:d6:9b:07:6d:09:20:33:2d:f7:f0:c0:5e:dd:
8d:ac:6a:8e:b9:42:b5:7f:5f:00:76:8d:1a:26:7b:b8:25:f3:
e3:cd:b6:9d:f7:5e:93:a9:a0:d8:7b:78:99:97:a0:03:0f:fe:
5f:f2:cd:97:b2:3b:f4:c5:17:39:d5:f7:92:a4:3c:77:ea:8f:
ae:d5:54:9d:0a:68:da:eb:ac:9d:36:86:ac:c5:63:4f:43:50:
09:00:46:84
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYw0mVwxtspw7UXpgSLZxiKdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViNjk4YzRiNjEyYWZlZTJjYmIxY2RkNTA5ZTRmMDI0NmZi
YjgwZTEwHhcNMjMxMjA0MTEzMTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDMzZWM2MmZkNTBiMTdmMzc1ZDg0ODc1Y2VlODFjNDQ1YmRlOGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq7KxMqXHBUYqobkG4VOnVJsNxCcm
O/VKnEwisunL0p0ahIvMv1W//kHIi34U1y1sFRDAkqkSlBbKPZ+ciEYQdGP2HcPY
jXVvazEH5MXltrJzUiipE9vH9G4NXWQMKC8PQUv/DHI46RhKyRORZ8cWECcgifAc
CfWwjoGeHD7HzSizce3JaxKtX45c04eO39lO25v6EcK7mpgmdBmdols/WjE+Jq+G
0n2YSEjJiCHYQADinL+I1z/mf5Vrc/rNqqBA0RnDogi1jMVexOPmRbq3qVMkN56F
5AvmWsLHKR96QJx2hqkHtszt1wFNvrbtAPakIrUEk6visbHXg6nnWqGFwQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFJ0z7GL9ULF/N12Eh1zugcRFvejYMB8GA1UdIwQY
MBaAFFtpjEthKv7iy7HN1Qnk8CRvu4DhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzJtTVMyRXFfdUxMc2MzVkNlVHdKRy03Z09FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9jMTZmNTUtYjQ0ZC00MGMzLTlkYWMt
Y2MyZmFmZTNhOGI0LzEvblRQc1l2MVFzWDgzWFlTSFhPNkJ4RVc5Nk5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9jMTZmNTUtYjQ0ZC00MGMzLTlkYWMtY2MyZmFmZTNhOGI0
LzEvVzJtTVMyRXFfdUxMc2MzVkNlVHdKRy03Z09FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAATA6AwQDHxloAwQF
Jb9AAwQCuVVEAwQDvIiAMAwDBAK8iIwDBAK8iJAwDAMEALyIlQMEAryI2AMEAbyI
3jANBgkqhkiG9w0BAQsFAAOCAQEAYOgzvlsRRd6dC2YRXEPAHX6u8OkdcJB+7TWK
mR56fW1w8lZMEEUVURcIUilKK7BZX9adWqYhYd3smkCVHbBNdCEzjrAsomR7hWdt
caTJkkml3Zl7oCir+bRPQLb1L3VJl+NhOixFGznoy7CLQM2+wT6CAXHnjomCHxPG
6DzdulkNNAKWW7kmG1spk9xJpFuOdPvY+Wk55dkIk5nDWoLM3O08Eknqq2rWmwdt
CSAzLffwwF7djaxqjrlCtX9fAHaNGiZ7uCXz4822nfdek6mg2Ht4mZegAw/+X/LN
l7I79MUXOdX3kqQ8d+qPrtVUnQpo2uusnTaGrMVjT0NQCQBGhA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:06 2024 by rpki-client on console-ams.rpki-client.org