Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/NejRzLuHWpUHw3jw0tO9M5isrSE.roa
File: NejRzLuHWpUHw3jw0tO9M5isrSE.roa (raw, json)
Hash identifier: Oc1iGWCAqIdRaZzFmBQVAvAax6q7v7xxYdN6dkLzwYU=
Subject key identifier: 35:E8:D1:CC:BB:87:5A:95:07:C3:78:F0:D2:D3:BD:33:98:AC:AD:21
Certificate issuer: /CN=adf491488a7cd8448a420945871c0b99672dc66e
Certificate serial: 0196295A34B8EF08809683A725EC78345588
Authority key identifier: AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/NejRzLuHWpUHw3jw0tO9M5isrSE.roa
Signing time: Sat 12 Apr 2025 09:34:59 +0000
ROA not before: Sat 12 Apr 2025 09:34:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205647
IP address blocks: 37.148.0.0/19 maxlen: 24
37.148.32.0/20 maxlen: 24
37.148.48.0/23 maxlen: 24
37.148.50.0/23 maxlen: 24
37.148.52.0/22 maxlen: 24
37.148.56.0/21 maxlen: 24
37.148.64.0/21 maxlen: 24
37.148.72.0/21 maxlen: 24
37.148.80.0/22 maxlen: 24
37.148.84.0/22 maxlen: 24
37.148.84.0/23 maxlen: 24
37.148.86.0/23 maxlen: 24
37.148.88.0/22 maxlen: 24
37.148.88.0/24 maxlen: 24
37.148.89.0/24 maxlen: 24
37.148.90.0/24 maxlen: 24
37.148.91.0/24 maxlen: 24
37.148.92.0/23 maxlen: 24
37.148.92.0/24 maxlen: 24
37.148.120.0/21 maxlen: 24
37.202.128.0/21 maxlen: 21
37.202.136.0/21 maxlen: 21
37.202.144.0/21 maxlen: 21
37.202.144.0/22 maxlen: 22
37.202.148.0/23 maxlen: 23
37.202.150.0/23 maxlen: 23
37.202.152.0/21 maxlen: 21
37.202.160.0/21 maxlen: 21
37.202.168.0/21 maxlen: 21
37.202.176.0/22 maxlen: 22
37.202.180.0/22 maxlen: 22
37.202.184.0/21 maxlen: 24
37.202.184.0/22 maxlen: 24
37.202.188.0/22 maxlen: 24
85.15.48.0/24 maxlen: 24
85.15.49.0/24 maxlen: 24
94.182.0.0/18 maxlen: 18
94.182.8.0/23 maxlen: 23
94.182.12.0/23 maxlen: 23
94.182.14.0/24 maxlen: 24
94.182.17.0/24 maxlen: 24
94.182.30.0/23 maxlen: 23
94.182.41.0/24 maxlen: 24
94.182.48.0/24 maxlen: 24
94.182.56.0/22 maxlen: 24
94.182.60.0/22 maxlen: 24
94.182.64.0/18 maxlen: 18
94.182.64.0/20 maxlen: 20
94.182.72.0/21 maxlen: 21
94.182.80.0/20 maxlen: 20
94.182.82.0/24 maxlen: 24
94.182.96.0/20 maxlen: 20
94.182.97.192/28 maxlen: 28
94.182.112.0/20 maxlen: 20
94.182.114.0/23 maxlen: 23
94.182.116.0/22 maxlen: 22
94.182.120.0/21 maxlen: 21
94.182.128.0/18 maxlen: 18
94.182.128.0/20 maxlen: 20
94.182.144.0/20 maxlen: 20
94.182.160.0/20 maxlen: 20
94.182.176.0/20 maxlen: 20
94.182.192.0/18 maxlen: 18
94.182.196.0/24 maxlen: 24
94.182.199.0/24 maxlen: 24
94.182.204.0/22 maxlen: 22
94.182.204.0/24 maxlen: 24
94.182.205.0/24 maxlen: 24
94.182.206.0/24 maxlen: 24
94.182.207.0/24 maxlen: 24
94.182.208.0/24 maxlen: 24
94.182.212.0/23 maxlen: 23
94.182.217.0/24 maxlen: 24
94.182.222.0/23 maxlen: 23
94.182.226.0/24 maxlen: 24
94.182.228.0/22 maxlen: 22
94.182.232.0/23 maxlen: 24
94.182.234.0/23 maxlen: 23
94.182.238.0/24 maxlen: 24
94.182.240.0/23 maxlen: 24
94.182.244.0/22 maxlen: 24
94.182.244.0/23 maxlen: 23
94.182.248.0/22 maxlen: 24
94.182.248.0/23 maxlen: 23
94.182.252.0/24 maxlen: 24
94.182.254.0/24 maxlen: 24
94.183.0.0/18 maxlen: 18
94.183.64.0/18 maxlen: 18
94.183.128.0/18 maxlen: 18
94.183.192.0/18 maxlen: 18
151.246.0.0/18 maxlen: 18
151.246.64.0/18 maxlen: 18
151.246.128.0/18 maxlen: 18
151.246.192.0/18 maxlen: 18
151.246.248.0/22 maxlen: 22
151.247.0.0/20 maxlen: 24
151.247.16.0/22 maxlen: 24
151.247.214.0/23 maxlen: 23
151.247.216.0/21 maxlen: 21
151.247.224.0/22 maxlen: 22
151.247.228.0/22 maxlen: 24
151.247.232.0/22 maxlen: 22
151.247.236.0/22 maxlen: 24
151.247.236.0/24 maxlen: 24
151.247.237.0/24 maxlen: 24
151.247.238.0/23 maxlen: 23
151.247.240.0/24 maxlen: 24
151.247.241.0/24 maxlen: 24
151.247.248.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 16 Apr 2025 10:51:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:29:5a:34:b8:ef:08:80:96:83:a7:25:ec:78:34:55:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adf491488a7cd8448a420945871c0b99672dc66e
Validity
Not Before: Apr 12 09:34:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=35e8d1ccbb875a9507c378f0d2d3bd3398acad21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:62:af:4e:68:fa:c4:f7:4f:e4:53:44:03:f2:
99:e8:cf:27:20:1b:1e:1c:8a:50:39:4b:9e:e7:e8:
2c:e6:67:6f:6e:7b:6d:e3:78:72:1a:51:55:77:a8:
a9:5c:68:fd:dc:e1:3f:24:87:7d:ef:66:99:b6:bf:
9b:f3:3a:e5:12:95:5d:fc:86:dd:bf:1d:e5:04:27:
9e:30:2b:cf:df:6f:7e:ca:2b:a0:d0:3b:29:67:25:
51:d7:49:02:b6:b9:a2:41:ef:7c:ff:bb:5c:da:b5:
e9:9d:fd:f4:0d:16:72:47:b6:fd:ab:f2:fe:f0:8d:
5a:be:6f:6e:01:8a:13:57:5e:6a:a7:38:12:de:25:
1a:fd:12:e6:55:cb:21:39:7e:98:6c:d4:4a:63:7c:
65:a0:0d:06:98:9d:81:3a:20:9f:e2:94:1d:bc:91:
fd:dc:76:ec:1b:41:35:2c:67:a4:05:4b:81:f8:08:
05:63:01:2b:43:e8:d8:1a:23:d7:fb:99:ac:a0:e6:
a3:4c:8f:f8:0d:ec:63:5f:ed:b4:7e:42:7d:35:be:
55:54:4f:09:af:6d:ba:5f:72:fb:c7:ab:bf:6e:7c:
b0:37:a9:3e:21:c6:cf:62:aa:99:ba:6c:bb:d9:b5:
07:bf:e0:73:a3:77:b6:cb:a5:eb:99:81:0a:16:33:
8e:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:E8:D1:CC:BB:87:5A:95:07:C3:78:F0:D2:D3:BD:33:98:AC:AD:21
X509v3 Authority Key Identifier:
keyid:AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/NejRzLuHWpUHw3jw0tO9M5isrSE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.148.0.0-37.148.93.255
37.148.120.0/21
37.202.128.0/18
85.15.48.0/23
94.182.0.0/15
151.246.0.0-151.247.19.255
151.247.214.0-151.247.241.255
151.247.248.0/22
Signature Algorithm: sha256WithRSAEncryption
67:f7:1d:4e:2c:2e:07:69:bd:f9:89:be:5d:5e:8e:fe:cd:7d:
8e:d1:0f:a6:e9:9c:5e:98:53:c0:4b:8c:3e:71:67:bc:45:b2:
b0:1e:43:9f:e6:29:fe:fd:df:e6:e7:2c:a2:2a:0e:6f:ea:14:
82:4c:6d:d2:51:20:de:4f:6d:8c:c7:9e:3f:5a:95:70:00:86:
6c:9c:fd:9d:6d:62:88:36:2d:a8:30:d3:58:8a:f8:f1:c3:87:
a0:74:62:05:f9:fd:33:b2:f5:c3:cd:89:4d:fc:93:a7:6e:02:
63:a8:35:db:22:2c:be:a8:0a:c9:9f:0e:e9:9d:f8:34:b1:ac:
52:5b:6d:4d:b2:84:d6:b2:c9:d1:08:89:81:a4:f2:2e:5c:01:
2c:41:e8:33:40:5f:20:6d:6c:af:78:98:96:bf:0a:d8:8c:98:
83:63:c1:d0:14:b0:03:c3:15:f6:8b:41:0e:ee:65:0a:7a:25:
48:cb:29:c5:90:f3:01:20:cf:00:6a:b4:d1:6f:9a:ba:12:99:
5c:3f:2f:d1:7a:7c:8c:3c:7f:ce:76:e4:ee:d9:65:f1:a8:be:
f5:e1:53:4b:21:69:c1:01:0b:1a:c5:6d:41:fa:0e:2f:88:58:
8f:29:b0:11:90:b1:83:cc:94:21:9b:b0:34:f0:66:e0:05:5e:
fb:d0:ad:59
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAZYpWjS47wiAloOnJex4NFWIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZjQ5MTQ4OGE3Y2Q4NDQ4YTQyMDk0NTg3MWMwYjk5Njcy
ZGM2NmUwHhcNMjUwNDEyMDkzNDU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWU4ZDFjY2JiODc1YTk1MDdjMzc4ZjBkMmQzYmQzMzk4YWNhZDIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw2KvTmj6xPdP5FNEA/KZ6M8nIBse
HIpQOUue5+gs5mdvbntt43hyGlFVd6ipXGj93OE/JId972aZtr+b8zrlEpVd/Ibd
vx3lBCeeMCvP329+yiug0DspZyVR10kCtrmiQe98/7tc2rXpnf30DRZyR7b9q/L+
8I1avm9uAYoTV15qpzgS3iUa/RLmVcshOX6YbNRKY3xloA0GmJ2BOiCf4pQdvJH9
3HbsG0E1LGekBUuB+AgFYwErQ+jYGiPX+5msoOajTI/4DexjX+20fkJ9Nb5VVE8J
r226X3L7x6u/bnywN6k+IcbPYqqZumy72bUHv+Bzo3e2y6XrmYEKFjOO8wIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFDXo0cy7h1qVB8N48NLTvTOYrK0hMB8GA1UdIwQY
MBaAFK30kUiKfNhEikIJRYccC5lnLcZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQt
MGJlZTA2MTI2YjFhLzEvTmVqUnpMdUhXcFVIdzNqdzB0TzlNNWlzclNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQtMGJlZTA2MTI2YjFh
LzEvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTBLBAIAATBFMAsDAwIllAME
ASWUXAMEAyWUeAMEBiXKgAMEAVUPMAMDAV62MAsDAwGX9gMEApf3EDAMAwQBl/fW
AwQBl/fwAwQCl/f4MA0GCSqGSIb3DQEBCwUAA4IBAQBn9x1OLC4Hab35ib5dXo7+
zX2O0Q+m6ZxemFPAS4w+cWe8RbKwHkOf5in+/d/m5yyiKg5v6hSCTG3SUSDeT22M
x54/WpVwAIZsnP2dbWKINi2oMNNYivjxw4egdGIF+f0zsvXDzYlN/JOnbgJjqDXb
Iiy+qArJnw7pnfg0saxSW21NsoTWssnRCImBpPIuXAEsQegzQF8gbWyveJiWvwrY
jJiDY8HQFLADwxX2i0EO7mUKeiVIyynFkPMBIM8AarTRb5q6EplcPy/RenyMPH/O
duTu2WXxqL714VNLIWnBAQsaxW1B+g4viFiPKbARkLGDzJQhm7A08GbgBV770K1Z
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:18:51 2025 by rpki-client