Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/Nurxuqi06bamXd2BASljSrk-X0s.roa
File: Nurxuqi06bamXd2BASljSrk-X0s.roa (raw, json)
Hash identifier: tEo7GOSJ+9DddqD2SIJS3UaztF9mHfqZT6nO2Qb0j/k=
Subject key identifier: 36:EA:F1:BA:A8:B4:E9:B6:A6:5D:DD:81:01:29:63:4A:B9:3E:5F:4B
Certificate issuer: /CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Certificate serial: 0189E0363CC45F7A071FD4AD2596BECC9F6D
Authority key identifier: A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/Nurxuqi06bamXd2BASljSrk-X0s.roa
Signing time: Thu 10 Aug 2023 16:09:58 +0000
ROA not before: Thu 10 Aug 2023 16:09:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42473
IP address blocks: 185.228.148.0/22 maxlen: 22
37.235.4.0/24 maxlen: 24
37.235.3.0/24 maxlen: 24
37.235.5.0/24 maxlen: 24
185.2.176.0/22 maxlen: 32
144.208.192.0/18 maxlen: 32
144.208.205.0/24 maxlen: 24
144.208.206.0/24 maxlen: 24
144.208.212.0/22 maxlen: 32
144.208.207.0/24 maxlen: 24
178.255.152.0/21 maxlen: 32
94.16.125.0/24 maxlen: 24
94.16.126.0/24 maxlen: 24
193.33.114.0/23 maxlen: 32
176.123.54.0/23 maxlen: 23
213.227.160.0/19 maxlen: 32
194.1.206.0/24 maxlen: 32
185.116.97.0/24 maxlen: 24
185.116.98.0/24 maxlen: 24
185.116.96.0/24 maxlen: 24
185.116.99.0/24 maxlen: 24
188.172.230.0/23 maxlen: 23
217.146.0.0/19 maxlen: 24
188.172.249.0/24 maxlen: 24
188.172.247.0/24 maxlen: 24
188.172.254.0/24 maxlen: 24
45.132.61.0/24 maxlen: 24
45.132.62.0/23 maxlen: 24
185.81.206.0/24 maxlen: 24
188.172.192.0/18 maxlen: 32
185.81.209.0/24 maxlen: 24
188.172.208.0/24 maxlen: 24
188.65.72.0/21 maxlen: 32
37.252.226.0/24 maxlen: 24
37.252.224.0/19 maxlen: 32
37.252.228.0/24 maxlen: 32
37.252.234.0/24 maxlen: 24
37.252.243.0/24 maxlen: 24
37.252.253.0/24 maxlen: 24
37.252.251.0/24 maxlen: 24
185.50.232.0/23 maxlen: 23
185.50.235.0/24 maxlen: 24
144.208.216.0/24 maxlen: 24
144.208.219.0/24 maxlen: 24
144.208.217.0/24 maxlen: 24
144.208.226.0/24 maxlen: 24
144.208.224.0/24 maxlen: 24
144.208.225.0/24 maxlen: 24
144.208.223.0/24 maxlen: 24
144.208.221.0/24 maxlen: 24
144.208.222.0/24 maxlen: 24
144.208.229.0/24 maxlen: 24
144.208.230.0/24 maxlen: 24
144.208.228.0/24 maxlen: 24
144.208.232.0/24 maxlen: 24
144.208.235.0/24 maxlen: 24
144.208.244.0/24 maxlen: 24
2a00:11c0:66::/48 maxlen: 48
2a00:11c0:dc::/48 maxlen: 48
2a00:11c0::/32 maxlen: 128
2a01:aea0:dd1::/48 maxlen: 48
2a00:11c0:19::/48 maxlen: 48
2a00:11c0:42::/48 maxlen: 48
2a00:11c0:dd::/48 maxlen: 48
2a00:11c0:96::/48 maxlen: 48
2a00:11c0:9a::/48 maxlen: 48
2a00:11c0:1335::/48 maxlen: 48
2a00:11c0:24::/48 maxlen: 48
2a01:aea0::/40 maxlen: 40
2a01:aea0::/32 maxlen: 32
2a00:11c0:43::/48 maxlen: 48
2a00:11c0:83::/48 maxlen: 48
2a00:11c0:86::/48 maxlen: 48
2a00:11c0:97::/48 maxlen: 48
2a00:11c0:4a::/48 maxlen: 48
2a00:11c0:de::/48 maxlen: 48
2a01:aea0:df1::/48 maxlen: 48
2a00:11c0:79::/48 maxlen: 48
2a00:11c0:22::/48 maxlen: 48
2a00:11c0:98::/48 maxlen: 48
2a00:11c0:87::/48 maxlen: 48
2a00:11c0:29::/48 maxlen: 48
2a00:11c0:84::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 30 Aug 2023 06:23:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:e0:36:3c:c4:5f:7a:07:1f:d4:ad:25:96:be:cc:9f:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Validity
Not Before: Aug 10 16:09:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=36eaf1baa8b4e9b6a65ddd810129634ab93e5f4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:f3:c1:9f:a7:6f:a0:3d:d2:20:9c:a1:59:ca:
52:0c:7b:6d:78:dd:1c:7c:bd:16:9f:32:f4:b9:62:
4f:0c:b4:fc:2f:d0:f2:88:bd:ef:fa:e8:ca:dd:2e:
cf:64:64:a5:91:9e:a8:f0:12:40:7e:4e:f9:19:a6:
00:89:f6:a7:f6:1c:d6:ed:35:34:00:69:1e:a2:c9:
03:5d:be:19:93:9a:8a:68:8b:c6:56:18:d7:fa:76:
19:eb:e5:9e:bf:59:0f:12:8e:1f:06:57:1b:4b:ea:
45:8e:5e:4b:1e:da:b3:b2:ad:58:07:5a:5a:d4:cf:
6e:12:5d:b2:8e:88:14:71:d9:67:dd:54:54:b9:25:
77:99:60:04:4d:51:46:c3:c7:07:e5:4d:87:d5:2a:
ea:44:68:f9:fb:c7:f0:f4:68:05:5c:21:32:3f:0b:
4d:a1:85:25:71:66:70:a6:05:cd:9f:34:9a:5c:1a:
b0:80:19:46:c4:03:84:26:67:cf:e7:a1:ea:02:92:
16:09:d7:33:45:d2:33:49:29:48:8d:6c:a9:ad:f7:
88:2a:ca:a7:b4:95:4d:8d:62:cc:f8:09:e8:92:d4:
1d:71:8a:ff:b7:92:52:bc:04:87:e4:37:4e:7e:3d:
45:60:f5:11:7c:4c:c4:fb:4d:06:60:d1:22:6c:c0:
42:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:EA:F1:BA:A8:B4:E9:B6:A6:5D:DD:81:01:29:63:4A:B9:3E:5F:4B
X509v3 Authority Key Identifier:
keyid:A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/Nurxuqi06bamXd2BASljSrk-X0s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.3.0-37.235.5.255
37.252.224.0/19
45.132.61.0-45.132.63.255
94.16.125.0-94.16.126.255
144.208.192.0/18
176.123.54.0/23
178.255.152.0/21
185.2.176.0/22
185.50.232.0/23
185.50.235.0/24
185.81.206.0/24
185.81.209.0/24
185.116.96.0/22
185.228.148.0/22
188.65.72.0/21
188.172.192.0/18
193.33.114.0/23
194.1.206.0/24
213.227.160.0/19
217.146.0.0/19
IPv6:
2a00:11c0::/32
2a01:aea0::/32
Signature Algorithm: sha256WithRSAEncryption
c8:bf:75:07:36:30:d6:6b:80:0d:5c:90:36:85:10:8e:8c:18:
84:15:08:cf:d4:f1:c3:78:55:3f:b8:23:54:70:88:bc:9d:9a:
64:ee:dd:70:76:c6:55:dc:d8:a1:a2:f4:c0:61:3d:32:44:e2:
79:fe:7b:7e:53:69:aa:f5:e0:66:84:55:ff:0a:6c:68:4a:c2:
95:e1:03:f7:bb:a9:41:28:18:b2:41:bc:e7:ef:6d:79:8f:50:
57:06:02:ef:65:c1:ef:80:b2:3d:94:44:5e:38:58:c9:33:30:
99:1a:31:13:c3:61:d7:7b:29:2e:48:7a:12:9f:63:c7:97:5c:
16:9c:39:7c:1a:c6:77:a9:e0:9a:fb:2d:ec:d8:83:02:87:44:
e1:af:49:2f:e3:7a:9c:92:d8:53:60:1b:fb:dd:c5:42:d8:7e:
f5:2e:b9:fa:c4:39:f9:c0:26:56:0d:65:1f:ba:09:b8:e8:35:
02:dc:e9:94:17:7a:0e:9e:0d:ef:75:a0:6e:a7:dd:b8:55:0f:
7f:a9:94:f9:de:d2:92:20:44:3a:aa:26:d7:6d:a5:9e:13:d9:
f7:3d:30:81:f9:58:ec:3c:50:b4:a0:83:40:d3:c4:d9:05:d2:
c0:1d:82:a3:26:25:e2:da:e2:2e:6f:ac:d0:29:26:5b:a2:d9:
6d:5b:8f:ca
-----BEGIN CERTIFICATE-----
MIIFojCCBIqgAwIBAgISAYngNjzEX3oHH9StJZa+zJ9tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1MzlhZmViYWNlODk5YThlZTBiYjRmOGJiNDQ3NWZlMjQ3
YTE1MjgwHhcNMjMwODEwMTYwOTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmVhZjFiYWE4YjRlOWI2YTY1ZGRkODEwMTI5NjM0YWI5M2U1ZjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkPPBn6dvoD3SIJyhWcpSDHtteN0c
fL0WnzL0uWJPDLT8L9DyiL3v+ujK3S7PZGSlkZ6o8BJAfk75GaYAifan9hzW7TU0
AGkeoskDXb4Zk5qKaIvGVhjX+nYZ6+Wev1kPEo4fBlcbS+pFjl5LHtqzsq1YB1pa
1M9uEl2yjogUcdln3VRUuSV3mWAETVFGw8cH5U2H1SrqRGj5+8fw9GgFXCEyPwtN
oYUlcWZwpgXNnzSaXBqwgBlGxAOEJmfP56HqApIWCdczRdIzSSlIjWyprfeIKsqn
tJVNjWLM+AnoktQdcYr/t5JSvASH5DdOfj1FYPURfEzE+00GYNEibMBCLwIDAQAB
o4ICrjCCAqowHQYDVR0OBBYEFDbq8bqotOm2pl3dgQEpY0q5Pl9LMB8GA1UdIwQY
MBaAFKU5r+us6Jmo7gu0+LtEdf4kehUoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYt
NzQxMzk1OTEzMTJlLzEvTnVyeHVxaTA2YmFtWGQyQkFTbGpTcmstWDBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYtNzQxMzk1OTEzMTJl
LzEvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHDBggrBgEFBQcBBwEB/wSBszCBsDCBlwQCAAEwgZAwDAME
ACXrAwMEASXrBAMEBSX84DAMAwQALYQ9AwQGLYQAMAwDBABeEH0DBABeEH4DBAaQ
0MADBAGwezYDBAOy/5gDBAK5ArADBAG5MugDBAC5MusDBAC5Uc4DBAC5UdEDBAK5
dGADBAK55JQDBAO8QUgDBAa8rMADBAHBIXIDBADCAc4DBAXV46ADBAXZkgAwFAQC
AAIwDgMFACoAEcADBQAqAa6gMA0GCSqGSIb3DQEBCwUAA4IBAQDIv3UHNjDWa4AN
XJA2hRCOjBiEFQjP1PHDeFU/uCNUcIi8nZpk7t1wdsZV3NihovTAYT0yROJ5/nt+
U2mq9eBmhFX/CmxoSsKV4QP3u6lBKBiyQbzn7215j1BXBgLvZcHvgLI9lEReOFjJ
MzCZGjETw2HXeykuSHoSn2PHl1wWnDl8GsZ3qeCa+y3s2IMCh0Thr0kv43qckthT
YBv73cVC2H71Lrn6xDn5wCZWDWUfugm46DUC3OmUF3oOng3vdaBup924VQ9/qZT5
3tKSIEQ6qibXbaWeE9n3PTCB+VjsPFC0oINA08TZBdLAHYKjJiXi2uIub6zQKSZb
otltW4/K
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:50 2024 by rpki-client on console-ams.rpki-client.org