Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/ncMrT0XCkmtq1KL2WYOdYZHQSvQ.roa
File: ncMrT0XCkmtq1KL2WYOdYZHQSvQ.roa (raw, json)
Hash identifier: CbTdBL46o5YJKhU+o8uW9Gzu+Oie0Z5xZ8V9pCMoqk0=
Subject key identifier: 9D:C3:2B:4F:45:C2:92:6B:6A:D4:A2:F6:59:83:9D:61:91:D0:4A:F4
Certificate issuer: /CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Certificate serial: 0194236A5389FE15895264CAF4D46810A1A3
Authority key identifier: 17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/ncMrT0XCkmtq1KL2WYOdYZHQSvQ.roa
Signing time: Wed 01 Jan 2025 19:49:18 +0000
ROA not before: Wed 01 Jan 2025 19:49:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1103
IP address blocks: 145.0.0.0/16 maxlen: 16
145.2.0.0/15 maxlen: 15
145.9.0.0/16 maxlen: 16
145.19.0.0/16 maxlen: 16
145.20.0.0/16 maxlen: 16
145.23.0.0/16 maxlen: 16
145.23.0.0/19 maxlen: 19
145.24.0.0/16 maxlen: 16
145.28.0.0/15 maxlen: 15
145.33.0.0/16 maxlen: 16
145.37.0.0/16 maxlen: 16
145.38.0.0/15 maxlen: 15
145.44.0.0/16 maxlen: 16
145.48.0.0/15 maxlen: 15
145.51.0.0/16 maxlen: 16
145.52.0.0/16 maxlen: 16
145.74.0.0/15 maxlen: 15
145.76.0.0/16 maxlen: 16
145.81.0.0/16 maxlen: 16
145.85.0.0/16 maxlen: 16
145.88.0.0/15 maxlen: 15
145.90.0.0/16 maxlen: 16
145.90.10.0/23 maxlen: 23
145.91.0.0/16 maxlen: 16
145.92.0.0/15 maxlen: 15
145.95.0.0/16 maxlen: 16
145.96.0.0/16 maxlen: 16
145.97.16.0/22 maxlen: 22
145.97.20.0/22 maxlen: 22
145.97.24.0/21 maxlen: 21
145.97.48.0/20 maxlen: 20
145.97.64.0/18 maxlen: 18
145.97.128.0/18 maxlen: 18
145.97.192.0/18 maxlen: 18
145.98.0.0/16 maxlen: 16
145.100.0.0/15 maxlen: 15
145.102.0.0/16 maxlen: 16
145.103.0.0/16 maxlen: 16
145.107.0.0/16 maxlen: 22
145.108.0.0/16 maxlen: 16
145.109.128.0/17 maxlen: 17
145.116.0.0/20 maxlen: 20
145.116.16.0/21 maxlen: 21
145.116.24.0/21 maxlen: 21
145.116.64.0/18 maxlen: 18
145.116.128.0/18 maxlen: 18
145.116.192.0/20 maxlen: 20
145.116.224.0/19 maxlen: 19
145.117.0.0/16 maxlen: 16
145.118.0.0/16 maxlen: 16
145.120.0.0/14 maxlen: 14
145.124.0.0/15 maxlen: 15
145.126.0.0/16 maxlen: 16
145.127.0.0/17 maxlen: 17
145.136.0.0/15 maxlen: 15
145.137.128.0/18 maxlen: 18
145.138.0.0/16 maxlen: 16
145.140.0.0/14 maxlen: 14
145.144.0.0/12 maxlen: 12
145.146.0.0/16 maxlen: 25
192.87.0.0/16 maxlen: 16
194.171.0.0/16 maxlen: 16
195.169.0.0/16 maxlen: 16
2001:610::/29 maxlen: 29
2001:610::/32 maxlen: 48
2001:610:130::/48 maxlen: 64
Validation: Failed, certificate revoked on Fri 17 Jan 2025 09:16:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:53:89:fe:15:89:52:64:ca:f4:d4:68:10:a1:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Validity
Not Before: Jan 1 19:49:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9dc32b4f45c2926b6ad4a2f659839d6191d04af4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:f7:69:e4:1d:93:a5:a1:bc:8c:5f:a3:25:0a:
49:50:9f:df:e9:86:86:7b:d5:b1:60:1c:af:e9:41:
20:ca:6d:28:b2:79:d2:ff:3f:53:02:ba:c0:52:87:
c4:cd:a6:83:62:bd:66:2b:29:61:81:1f:b4:77:83:
88:f7:4e:c9:92:a2:9d:7b:10:9b:e8:ed:2f:fb:3e:
03:53:11:d0:2f:4c:42:89:fd:a8:c1:2b:77:9a:09:
95:06:bf:8f:e6:88:21:90:79:a2:5c:5e:a6:43:6e:
bb:61:4e:d9:af:0d:67:77:94:48:93:fd:f8:ed:dd:
89:bc:20:19:98:7d:22:81:69:48:17:bb:2e:bc:2e:
c6:ae:b9:8c:d7:1e:eb:39:7d:5b:70:14:45:7a:4c:
40:af:49:c5:97:7e:c0:97:49:f4:04:8f:ff:1a:26:
7d:03:7c:de:df:9e:00:56:42:89:09:44:b0:96:08:
0b:ec:85:b2:98:70:fc:9f:92:ec:c6:05:b2:76:95:
41:4e:24:44:1c:85:13:5b:96:95:29:ec:06:75:73:
a6:7f:38:8b:6c:4a:d9:ea:17:5c:13:df:ae:29:da:
13:a2:e8:44:be:ec:5a:c2:26:d3:0f:81:02:d7:d3:
7a:20:11:c3:ac:10:90:dc:39:75:2a:0e:f8:f3:4c:
f3:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:C3:2B:4F:45:C2:92:6B:6A:D4:A2:F6:59:83:9D:61:91:D0:4A:F4
X509v3 Authority Key Identifier:
keyid:17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/ncMrT0XCkmtq1KL2WYOdYZHQSvQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.0.0.0/16
145.2.0.0/15
145.9.0.0/16
145.19.0.0-145.20.255.255
145.23.0.0-145.24.255.255
145.28.0.0/15
145.33.0.0/16
145.37.0.0-145.39.255.255
145.44.0.0/16
145.48.0.0/15
145.51.0.0-145.52.255.255
145.74.0.0-145.76.255.255
145.81.0.0/16
145.85.0.0/16
145.88.0.0-145.93.255.255
145.95.0.0-145.96.255.255
145.97.16.0/20
145.97.48.0-145.98.255.255
145.100.0.0/14
145.107.0.0-145.108.255.255
145.109.128.0/17
145.116.0.0/19
145.116.64.0-145.116.207.255
145.116.224.0-145.118.255.255
145.120.0.0-145.127.127.255
145.136.0.0-145.138.255.255
145.140.0.0-145.159.255.255
192.87.0.0/16
194.171.0.0/16
195.169.0.0/16
IPv6:
2001:610::/29
Signature Algorithm: sha256WithRSAEncryption
62:49:d8:50:ee:75:a0:f9:12:99:61:41:f8:c4:0f:66:ff:73:
eb:16:19:7a:1c:12:59:1c:fd:6c:35:86:62:39:8a:79:57:7c:
91:5f:16:3d:d0:76:06:35:4a:7f:57:ff:78:63:57:ab:7c:34:
59:fb:31:6a:b3:c5:1b:38:3f:7d:f9:e8:de:8e:87:07:a3:09:
46:a0:00:f4:11:ac:83:7f:40:99:d6:7c:48:a0:36:a9:18:5c:
af:3a:42:61:6c:4a:ad:78:0f:6c:94:7d:b7:c9:01:1f:75:28:
de:32:34:83:3a:76:0c:fc:5a:c3:f7:ae:e3:14:ee:3b:93:ed:
88:90:a1:43:25:36:20:94:2f:95:5d:d0:ed:1b:50:a9:37:2f:
33:9d:c4:43:d6:1f:e1:c1:b3:91:76:fa:39:40:52:88:f1:c8:
26:21:fe:e0:40:4f:32:2d:9f:ef:9d:2a:22:86:3d:93:cd:b7:
db:d7:84:e4:5e:87:6a:b2:3c:a5:2f:20:c7:7b:c7:c7:69:de:
84:16:ce:5f:6f:1d:71:ea:44:60:ed:ac:a8:13:b7:9d:2f:b6:
63:a4:f6:f3:cb:57:94:47:14:7b:c2:84:04:28:54:f1:a5:5e:
28:a8:b1:cd:a0:8c:16:a3:38:7c:6b:20:33:1f:ee:99:3a:97:
93:b0:d9:53
-----BEGIN CERTIFICATE-----
MIIGEDCCBPigAwIBAgISAZQjalOJ/hWJUmTK9NRoEKGjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NzNkYjE3Nzk1ZDJiZjFiNGI1MzQ1YzViMjkzOTBkYmFm
NDUyM2UwHhcNMjUwMTAxMTk0OTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGMzMmI0ZjQ1YzI5MjZiNmFkNGEyZjY1OTgzOWQ2MTkxZDA0YWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnvdp5B2TpaG8jF+jJQpJUJ/f6YaG
e9WxYByv6UEgym0osnnS/z9TArrAUofEzaaDYr1mKylhgR+0d4OI907JkqKdexCb
6O0v+z4DUxHQL0xCif2owSt3mgmVBr+P5oghkHmiXF6mQ267YU7Zrw1nd5RIk/34
7d2JvCAZmH0igWlIF7suvC7GrrmM1x7rOX1bcBRFekxAr0nFl37Al0n0BI//GiZ9
A3ze354AVkKJCUSwlggL7IWymHD8n5LsxgWydpVBTiREHIUTW5aVKewGdXOmfziL
bErZ6hdcE9+uKdoTouhEvuxawibTD4EC19N6IBHDrBCQ3Dl1Kg7480zz9QIDAQAB
o4IDHDCCAxgwHQYDVR0OBBYEFJ3DK09FwpJratSi9lmDnWGR0Er0MB8GA1UdIwQY
MBaAFBdz2xd5XSvxtLU0XFspOQ269FI+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYt
NTQ4NjFmMjMyNDlkLzEvbmNNclQwWENrbXRxMUtMMldZT2RZWkhRU3ZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYtNTQ4NjFmMjMyNDlk
LzEvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBMAYIKwYBBQUHAQcBAf8EggEfMIIBGzCCAQgEAgABMIIB
AAMDAJEAAwMBkQIDAwCRCTAKAwMAkRMDAwCRFDAKAwMAkRcDAwCRGAMDAZEcAwMA
kSEwCgMDAJElAwMDkSADAwCRLAMDAZEwMAoDAwCRMwMDAJE0MAoDAwGRSgMDAJFM
AwMAkVEDAwCRVTAKAwMDkVgDAwGRXDAKAwMAkV8DAwCRYAMEBJFhEDALAwQEkWEw
AwMAkWIDAwKRZDAKAwMAkWsDAwCRbAMEB5FtgAMEBZF0ADAMAwQGkXRAAwQEkXTA
MAsDBAWRdOADAwCRdjALAwMDkXgDBAeRfwAwCgMDA5GIAwMAkYowCgMDApGMAwMF
kYADAwDAVwMDAMKrAwMAw6kwDQQCAAIwBwMFAyABBhAwDQYJKoZIhvcNAQELBQAD
ggEBAGJJ2FDudaD5EplhQfjED2b/c+sWGXocElkc/Ww1hmI5inlXfJFfFj3QdgY1
Sn9X/3hjV6t8NFn7MWqzxRs4P3356N6OhwejCUagAPQRrIN/QJnWfEigNqkYXK86
QmFsSq14D2yUfbfJAR91KN4yNIM6dgz8WsP3ruMU7juT7YiQoUMlNiCUL5Vd0O0b
UKk3LzOdxEPWH+HBs5F2+jlAUojxyCYh/uBATzItn++dKiKGPZPNt9vXhOReh2qy
PKUvIMd7x8dp3oQWzl9vHXHqRGDtrKgTt50vtmOk9vPLV5RHFHvChAQoVPGlXiio
sc2gjBajOHxrIDMf7pk6l5Ow2VM=
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:12:34 2025 by rpki-client