Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/NkPdd29S5q4I-ckoi75hj5HB4NU.roa
File: NkPdd29S5q4I-ckoi75hj5HB4NU.roa (raw, json)
Hash identifier: LB/9ySNTUX81X6J+GUAE4g0J28Sp30wp51kcUVEupOQ=
Subject key identifier: 36:43:DD:77:6F:52:E6:AE:08:F9:C9:28:8B:BE:61:8F:91:C1:E0:D5
Certificate issuer: /CN=0b556acb5f3b961b5cc24a2995f34ee91f79dc16
Certificate serial: 019392038BDE148ED24E903452A24392789A
Authority key identifier: 0B:55:6A:CB:5F:3B:96:1B:5C:C2:4A:29:95:F3:4E:E9:1F:79:DC:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C1Vqy187lhtcwkoplfNO6R953BY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/NkPdd29S5q4I-ckoi75hj5HB4NU.roa
Signing time: Wed 04 Dec 2024 14:12:06 +0000
ROA not before: Wed 04 Dec 2024 14:12:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8708
IP address blocks: 5.2.128.0/17 maxlen: 24
5.12.0.0/14 maxlen: 24
31.14.224.0/22 maxlen: 24
62.231.64.0/18 maxlen: 24
62.231.120.0/24 maxlen: 24
79.114.0.0/15 maxlen: 24
79.118.0.0/15 maxlen: 24
79.118.155.0/24 maxlen: 24
81.18.64.0/19 maxlen: 24
81.196.0.0/16 maxlen: 24
82.76.0.0/14 maxlen: 24
82.79.10.0/24 maxlen: 24
82.137.0.0/18 maxlen: 24
82.137.0.0/21 maxlen: 24
82.137.16.0/20 maxlen: 24
82.137.32.0/19 maxlen: 24
84.232.128.0/17 maxlen: 24
84.232.149.0/24 maxlen: 24
86.120.0.0/13 maxlen: 24
86.121.222.0/24 maxlen: 24
86.127.54.0/24 maxlen: 24
86.127.59.0/24 maxlen: 24
89.43.180.0/23 maxlen: 24
89.46.12.0/22 maxlen: 24
93.113.40.0/22 maxlen: 24
185.129.36.0/22 maxlen: 22
188.24.0.0/15 maxlen: 24
188.26.0.0/17 maxlen: 24
188.26.128.0/18 maxlen: 24
188.26.224.0/19 maxlen: 24
188.27.0.0/16 maxlen: 24
188.27.120.0/24 maxlen: 24
193.111.232.0/24 maxlen: 24
194.102.80.0/24 maxlen: 24
194.102.81.0/24 maxlen: 24
212.54.96.0/19 maxlen: 24
212.54.120.0/24 maxlen: 24
212.54.122.0/24 maxlen: 24
212.54.123.0/24 maxlen: 24
212.93.128.0/19 maxlen: 24
212.93.143.0/24 maxlen: 24
213.154.100.0/24 maxlen: 24
213.157.160.0/19 maxlen: 24
213.157.189.0/24 maxlen: 24
2a02:2f00::/28 maxlen: 48
2a02:2f01:100::/48 maxlen: 48
2a02:2f09:3100::/48 maxlen: 48
2a02:2f0c:8002::/48 maxlen: 48
2a03:9c20::/32 maxlen: 32
2a03:9c20:1000::/48 maxlen: 48
2a03:9c20:f000::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:49:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:92:03:8b:de:14:8e:d2:4e:90:34:52:a2:43:92:78:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b556acb5f3b961b5cc24a2995f34ee91f79dc16
Validity
Not Before: Dec 4 14:12:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3643dd776f52e6ae08f9c9288bbe618f91c1e0d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:a2:53:df:e5:95:1e:47:6e:42:b1:7c:4b:a2:
d6:30:28:5b:71:9b:1e:c2:b8:41:10:67:1d:85:7b:
8a:5f:cb:98:fc:78:05:3b:24:66:58:59:75:70:93:
88:91:dc:6d:e1:2f:92:9e:0c:70:f6:a6:03:08:77:
83:c1:d0:1a:5d:86:89:ab:2e:bb:2d:27:53:d6:96:
84:f3:8e:a4:92:7e:c9:15:ec:b4:42:11:e6:34:a6:
9e:49:9a:83:45:d4:ad:71:0c:54:12:f2:c8:ab:b1:
0e:c8:3a:89:4b:c7:66:d3:9b:2c:ee:23:8e:5f:18:
5d:df:97:15:58:1e:76:ee:e7:9e:37:2a:cb:d9:6b:
da:83:ff:b0:8a:41:7b:e2:fc:d7:95:59:95:ff:2b:
ec:06:7f:0e:ab:7a:4f:a8:53:70:1a:f8:83:cf:6c:
97:24:5f:ef:89:f5:30:de:a6:5b:af:4b:9d:c7:ca:
ca:88:a6:8b:c8:fd:b1:b2:5a:ba:f2:ab:84:0e:26:
57:c4:32:a1:82:ab:09:97:23:d2:c2:10:d5:bc:6d:
d1:42:81:4b:0b:fc:d0:24:7b:71:97:24:22:89:b6:
56:0d:d2:a2:14:ca:fe:bd:3b:d3:72:c6:a5:59:6b:
43:dc:cf:85:6f:c5:1a:68:af:ac:da:37:bf:b5:45:
88:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:43:DD:77:6F:52:E6:AE:08:F9:C9:28:8B:BE:61:8F:91:C1:E0:D5
X509v3 Authority Key Identifier:
keyid:0B:55:6A:CB:5F:3B:96:1B:5C:C2:4A:29:95:F3:4E:E9:1F:79:DC:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C1Vqy187lhtcwkoplfNO6R953BY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/NkPdd29S5q4I-ckoi75hj5HB4NU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/C1Vqy187lhtcwkoplfNO6R953BY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.2.128.0/17
5.12.0.0/14
31.14.224.0/22
62.231.64.0/18
79.114.0.0/15
79.118.0.0/15
81.18.64.0/19
81.196.0.0/16
82.76.0.0/14
82.137.0.0/18
84.232.128.0/17
86.120.0.0/13
89.43.180.0/23
89.46.12.0/22
93.113.40.0/22
185.129.36.0/22
188.24.0.0-188.26.191.255
188.26.224.0-188.27.255.255
193.111.232.0/24
194.102.80.0/23
212.54.96.0/19
212.93.128.0/19
213.154.100.0/24
213.157.160.0/19
IPv6:
2a02:2f00::/28
2a03:9c20::/32
Signature Algorithm: sha256WithRSAEncryption
01:e4:0a:10:e8:22:a1:dd:d6:3a:84:78:1a:6b:28:09:73:d4:
53:5c:3f:a5:ce:e6:7a:62:10:8a:3c:0b:63:74:b9:5d:0b:15:
34:36:b6:89:ed:40:d2:ac:13:d4:e2:c5:e3:90:05:b1:ae:6c:
0d:48:fe:67:21:56:61:9b:62:eb:f6:83:13:7c:8f:41:15:35:
75:e4:13:da:13:88:79:28:5d:47:05:3f:fb:49:24:02:e4:02:
bd:5a:ca:b8:16:54:ed:00:8c:87:a7:ab:8b:3e:da:6e:0c:9a:
5f:77:cc:a2:de:4d:26:ae:01:75:69:5c:2a:bc:ce:e9:39:f1:
cf:dd:a4:df:76:9f:35:c5:75:9a:69:b6:b9:65:5b:c7:51:f3:
47:cb:8d:63:6f:7c:6c:8e:8e:95:40:c3:ac:38:38:5f:fd:62:
7c:31:b4:f8:35:a5:b8:8b:80:f7:cf:fd:8b:a2:85:b1:7d:e9:
b5:56:3c:0b:7b:49:d1:d8:55:92:a0:77:8d:c7:2c:3a:79:7e:
43:4d:73:a9:ba:46:e9:3c:3e:fc:22:25:0e:c1:57:00:73:4d:
69:ae:2d:b9:ea:5e:9f:64:a3:fc:83:8b:70:55:d4:ad:8d:2d:
25:16:b1:ba:38:80:3a:75:9d:89:dd:51:5c:53:23:8c:1c:d7:
14:14:f9:da
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgISAZOSA4veFI7STpA0UqJDkniaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNTU2YWNiNWYzYjk2MWI1Y2MyNGEyOTk1ZjM0ZWU5MWY3
OWRjMTYwHhcNMjQxMjA0MTQxMjA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjQzZGQ3NzZmNTJlNmFlMDhmOWM5Mjg4YmJlNjE4ZjkxYzFlMGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy6JT3+WVHkduQrF8S6LWMChbcZse
wrhBEGcdhXuKX8uY/HgFOyRmWFl1cJOIkdxt4S+Sngxw9qYDCHeDwdAaXYaJqy67
LSdT1paE846kkn7JFey0QhHmNKaeSZqDRdStcQxUEvLIq7EOyDqJS8dm05ss7iOO
Xxhd35cVWB527ueeNyrL2Wvag/+wikF74vzXlVmV/yvsBn8Oq3pPqFNwGviDz2yX
JF/vifUw3qZbr0udx8rKiKaLyP2xslq68quEDiZXxDKhgqsJlyPSwhDVvG3RQoFL
C/zQJHtxlyQiibZWDdKiFMr+vTvTcsalWWtD3M+Fb8UaaK+s2je/tUWIhQIDAQAB
o4ICtjCCArIwHQYDVR0OBBYEFDZD3XdvUuauCPnJKIu+YY+RweDVMB8GA1UdIwQY
MBaAFAtVastfO5YbXMJKKZXzTukfedwWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzFWcXkxODdsaHRjd2tvcGxmTk82Ujk1M0JZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS84MjlmZGYtYmE2My00YzIzLTkxZDEt
ZDJiYmYzN2RhYmI0LzEvTmtQZGQyOVM1cTRJLWNrb2k3NWhqNUhCNE5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS84MjlmZGYtYmE2My00YzIzLTkxZDEtZDJiYmYzN2RhYmI0
LzEvQzFWcXkxODdsaHRjd2tvcGxmTk82Ujk1M0JZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHLBggrBgEFBQcBBwEB/wSBuzCBuDCBnwQCAAEwgZgDBAcF
AoADAwIFDAMEAh8O4AMEBj7nQAMDAU9yAwMBT3YDBAVREkADAwBRxAMDAlJMAwQG
UokAAwQHVOiAAwMDVngDBAFZK7QDBAJZLgwDBAJdcSgDBAK5gSQwCwMDA7wYAwQG
vBqAMAsDBAW8GuADAwK8GAMEAMFv6AMEAcJmUAMEBdQ2YAMEBdRdgAMEANWaZAME
BdWdoDAUBAIAAjAOAwUEKgIvAAMFACoDnCAwDQYJKoZIhvcNAQELBQADggEBAAHk
ChDoIqHd1jqEeBprKAlz1FNcP6XO5npiEIo8C2N0uV0LFTQ2tontQNKsE9TixeOQ
BbGubA1I/mchVmGbYuv2gxN8j0EVNXXkE9oTiHkoXUcFP/tJJALkAr1ayrgWVO0A
jIenq4s+2m4Mml93zKLeTSauAXVpXCq8zuk58c/dpN92nzXFdZpptrllW8dR80fL
jWNvfGyOjpVAw6w4OF/9YnwxtPg1pbiLgPfP/YuihbF96bVWPAt7SdHYVZKgd43H
LDp5fkNNc6m6Ruk8PvwiJQ7BVwBzTWmuLbnqXp9ko/yDi3BV1K2NLSUWsbo4gDp1
nYndUVxTI4wc1xQU+do=
-----END CERTIFICATE-----
Generated at Fri Apr 18 03:12:05 2025 by rpki-client