Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/9118e2-ae74-4c24-a775-32aa6731c291/1/NVErfvPV4dgZFryYXqJbQMoMSd4.roa
File: NVErfvPV4dgZFryYXqJbQMoMSd4.roa (raw, json)
Hash identifier: XoKN3vHaRb5vZC8oHmkuN3jE9ZDW4I2vWYPVdemEkmo=
Subject key identifier: 35:51:2B:7E:F3:D5:E1:D8:19:16:BC:98:5E:A2:5B:40:CA:0C:49:DE
Certificate issuer: /CN=3919f2ad91584baff0467447bac8fb978d1f9dd3
Certificate serial: 01906E76CFC82401DB3183CE4A8F415E165F
Authority key identifier: 39:19:F2:AD:91:58:4B:AF:F0:46:74:47:BA:C8:FB:97:8D:1F:9D:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ORnyrZFYS6_wRnRHusj7l40fndM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/9118e2-ae74-4c24-a775-32aa6731c291/1/NVErfvPV4dgZFryYXqJbQMoMSd4.roa
Signing time: Mon 01 Jul 2024 13:23:18 +0000
ROA not before: Mon 01 Jul 2024 13:23:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9021
IP address blocks: 90.158.0.0/16 maxlen: 16
90.158.0.0/18 maxlen: 18
90.158.0.0/22 maxlen: 22
90.158.0.0/23 maxlen: 23
90.158.3.0/24 maxlen: 24
90.158.8.0/24 maxlen: 24
90.158.15.0/24 maxlen: 24
90.158.16.0/24 maxlen: 24
90.158.18.0/24 maxlen: 24
90.158.19.0/24 maxlen: 24
90.158.24.0/24 maxlen: 24
90.158.26.0/24 maxlen: 24
90.158.27.0/24 maxlen: 24
90.158.28.0/24 maxlen: 24
90.158.29.0/24 maxlen: 24
90.158.30.0/24 maxlen: 24
90.158.31.0/24 maxlen: 24
90.158.32.0/24 maxlen: 24
90.158.33.0/24 maxlen: 24
90.158.36.0/24 maxlen: 24
90.158.37.0/24 maxlen: 24
90.158.39.0/24 maxlen: 24
90.158.41.0/24 maxlen: 24
90.158.43.0/24 maxlen: 24
90.158.44.0/24 maxlen: 24
90.158.45.0/24 maxlen: 24
90.158.46.0/24 maxlen: 24
90.158.47.0/24 maxlen: 24
90.158.48.0/20 maxlen: 20
90.158.48.0/24 maxlen: 24
90.158.50.0/23 maxlen: 23
90.158.51.0/24 maxlen: 24
90.158.52.0/23 maxlen: 23
90.158.52.0/24 maxlen: 24
90.158.53.0/24 maxlen: 24
90.158.54.0/23 maxlen: 23
90.158.55.0/24 maxlen: 24
90.158.56.0/24 maxlen: 24
90.158.60.0/24 maxlen: 24
90.158.62.0/24 maxlen: 24
90.158.64.0/21 maxlen: 21
90.158.64.0/24 maxlen: 24
90.158.65.0/24 maxlen: 24
90.158.66.0/24 maxlen: 24
90.158.67.0/24 maxlen: 24
90.158.68.0/24 maxlen: 24
90.158.72.0/22 maxlen: 22
90.158.72.0/24 maxlen: 24
90.158.73.0/24 maxlen: 24
90.158.74.0/24 maxlen: 24
90.158.75.0/24 maxlen: 24
90.158.96.0/22 maxlen: 22
90.158.100.0/24 maxlen: 24
90.158.101.0/24 maxlen: 24
90.158.102.0/23 maxlen: 23
90.158.104.0/24 maxlen: 24
90.158.105.0/24 maxlen: 24
90.158.109.0/24 maxlen: 24
90.158.110.0/24 maxlen: 24
90.158.111.0/24 maxlen: 24
90.158.112.0/20 maxlen: 20
90.158.114.0/24 maxlen: 24
90.158.116.0/24 maxlen: 24
90.158.117.0/24 maxlen: 24
90.158.119.0/24 maxlen: 24
90.158.120.0/24 maxlen: 24
90.158.121.0/24 maxlen: 24
90.158.122.0/24 maxlen: 24
90.158.123.0/24 maxlen: 24
90.158.126.0/24 maxlen: 24
90.158.127.0/24 maxlen: 24
90.158.128.0/17 maxlen: 17
90.158.128.0/21 maxlen: 21
90.158.136.0/21 maxlen: 21
90.158.139.0/24 maxlen: 24
90.158.160.0/24 maxlen: 24
90.158.161.0/24 maxlen: 24
90.158.200.0/23 maxlen: 23
90.158.224.0/22 maxlen: 22
90.158.240.0/21 maxlen: 21
90.158.244.0/22 maxlen: 22
90.158.248.0/21 maxlen: 21
90.158.249.0/24 maxlen: 24
90.158.251.0/24 maxlen: 24
90.159.0.0/16 maxlen: 16
90.159.0.0/22 maxlen: 22
90.159.0.0/24 maxlen: 24
90.159.1.0/24 maxlen: 24
90.159.2.0/24 maxlen: 24
90.159.3.0/24 maxlen: 24
90.159.4.0/23 maxlen: 23
90.159.10.0/24 maxlen: 24
90.159.15.0/24 maxlen: 24
90.159.20.0/24 maxlen: 24
90.159.26.0/24 maxlen: 24
90.159.27.0/24 maxlen: 24
90.159.29.0/24 maxlen: 24
90.159.31.0/24 maxlen: 24
90.159.33.0/24 maxlen: 24
90.159.34.0/24 maxlen: 24
90.159.36.0/24 maxlen: 24
90.159.37.0/24 maxlen: 24
90.159.38.0/24 maxlen: 24
90.159.44.0/22 maxlen: 22
90.159.50.0/24 maxlen: 24
90.159.51.0/24 maxlen: 24
90.159.58.0/24 maxlen: 24
90.159.59.0/24 maxlen: 24
90.159.60.0/24 maxlen: 24
90.159.61.0/24 maxlen: 24
90.159.64.0/18 maxlen: 18
90.159.64.0/24 maxlen: 24
90.159.68.0/24 maxlen: 24
90.159.128.0/20 maxlen: 20
90.159.136.0/21 maxlen: 21
90.159.136.0/24 maxlen: 24
90.159.240.0/20 maxlen: 20
90.159.246.0/24 maxlen: 24
212.98.0.0/19 maxlen: 19
212.98.0.0/20 maxlen: 20
212.98.1.0/24 maxlen: 24
212.98.2.0/24 maxlen: 24
212.98.8.0/21 maxlen: 21
212.98.9.0/24 maxlen: 24
212.98.16.0/21 maxlen: 21
212.98.16.0/24 maxlen: 24
212.98.28.0/22 maxlen: 22
213.143.224.0/20 maxlen: 20
213.143.226.0/23 maxlen: 23
213.143.226.0/24 maxlen: 24
213.143.227.0/24 maxlen: 24
213.143.228.0/24 maxlen: 24
213.143.229.0/24 maxlen: 24
213.143.230.0/24 maxlen: 24
213.143.233.0/24 maxlen: 24
213.143.234.0/24 maxlen: 24
213.143.235.0/24 maxlen: 24
213.143.236.0/22 maxlen: 22
213.143.238.0/24 maxlen: 24
213.143.239.0/24 maxlen: 24
213.143.240.0/20 maxlen: 20
213.143.240.0/22 maxlen: 22
213.143.240.0/24 maxlen: 24
213.143.241.0/24 maxlen: 24
213.143.243.0/24 maxlen: 24
213.143.244.0/22 maxlen: 22
213.143.250.0/24 maxlen: 24
213.143.251.0/24 maxlen: 24
213.143.252.0/24 maxlen: 24
213.143.253.0/24 maxlen: 24
213.143.254.0/24 maxlen: 24
213.143.255.0/24 maxlen: 24
213.161.128.0/19 maxlen: 19
213.161.128.0/21 maxlen: 21
213.161.135.0/24 maxlen: 24
213.161.136.0/21 maxlen: 21
213.161.144.0/23 maxlen: 23
213.161.144.0/24 maxlen: 24
213.161.145.0/24 maxlen: 24
213.161.146.0/24 maxlen: 24
213.161.148.0/23 maxlen: 23
213.161.148.0/24 maxlen: 24
213.161.149.0/24 maxlen: 24
213.161.150.0/24 maxlen: 24
213.161.151.0/24 maxlen: 24
213.161.152.0/21 maxlen: 21
213.161.152.0/24 maxlen: 24
2a00:1f90::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 03 Jul 2024 09:08:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:6e:76:cf:c8:24:01:db:31:83:ce:4a:8f:41:5e:16:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3919f2ad91584baff0467447bac8fb978d1f9dd3
Validity
Not Before: Jul 1 13:23:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=35512b7ef3d5e1d81916bc985ea25b40ca0c49de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:42:27:c5:95:63:2f:0a:00:cf:a3:a0:fb:26:
d1:32:22:c9:dc:46:6f:8c:30:f7:8a:6c:64:f2:3f:
29:35:15:78:07:12:3f:58:8b:95:d2:82:ba:9b:44:
35:f8:6b:af:48:89:04:c7:31:d6:ad:a1:c9:9f:5f:
b2:7f:3c:7f:4f:73:b4:6e:5d:71:d1:6a:71:82:f6:
9c:02:ad:f1:0c:ba:3a:e1:99:9c:87:db:bf:f1:9d:
d5:6d:4b:b1:fe:1e:18:e5:e9:b5:45:cd:0b:e3:c3:
56:5e:8a:2e:ee:76:a5:98:6d:c3:8f:50:a3:08:e5:
55:7c:f3:67:7f:fc:8b:36:f3:f2:88:6f:e8:35:a3:
d6:36:06:b2:4d:2d:75:0b:1a:ce:94:68:7b:61:67:
fa:53:7d:2e:23:05:00:e8:0c:55:1d:b4:ce:c5:12:
69:4c:e1:11:b6:09:22:45:4a:29:7e:cb:e3:cb:ba:
07:15:81:5a:4b:43:af:be:26:7c:b7:96:db:7c:2a:
21:af:78:11:16:2a:d8:25:19:cf:3b:e7:d5:c6:3c:
fc:44:5e:47:32:db:a5:9f:d8:b8:9d:5d:12:db:05:
72:84:cf:0e:a9:91:b9:a2:2b:8b:a2:21:3c:93:20:
4c:37:ee:a9:b4:a1:33:f7:36:ab:61:96:b3:b4:8d:
2f:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:51:2B:7E:F3:D5:E1:D8:19:16:BC:98:5E:A2:5B:40:CA:0C:49:DE
X509v3 Authority Key Identifier:
keyid:39:19:F2:AD:91:58:4B:AF:F0:46:74:47:BA:C8:FB:97:8D:1F:9D:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ORnyrZFYS6_wRnRHusj7l40fndM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/9118e2-ae74-4c24-a775-32aa6731c291/1/NVErfvPV4dgZFryYXqJbQMoMSd4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/9118e2-ae74-4c24-a775-32aa6731c291/1/ORnyrZFYS6_wRnRHusj7l40fndM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
90.158.0.0/15
212.98.0.0/19
213.143.224.0/19
213.161.128.0/19
IPv6:
2a00:1f90::/32
Signature Algorithm: sha256WithRSAEncryption
87:1b:d2:d3:b0:12:a2:b6:bb:ca:a7:8f:db:08:76:4d:76:4d:
6b:62:ba:93:f5:d7:b5:b1:fe:f3:6e:e7:03:f5:d5:d0:46:4d:
b6:73:a5:62:70:be:d0:1c:85:cd:35:81:37:3d:96:56:22:0e:
37:32:63:92:a6:a2:fb:dc:f3:3d:6c:23:5d:81:bf:15:59:e7:
7e:17:e1:cd:9a:d8:da:fb:b7:11:6c:88:05:c2:b5:70:cf:29:
d5:c9:bd:d4:5a:7a:b5:38:d4:f7:ac:af:98:bc:d7:0a:39:16:
b4:3d:fe:6c:ab:62:90:cc:98:6b:82:1c:3f:94:ea:71:8e:ed:
b2:41:0a:c3:e7:bf:1e:d2:11:7d:17:34:f5:1f:1e:cb:3a:a4:
c1:21:8c:a6:3e:69:0a:b7:e1:48:bb:03:cd:04:37:c5:44:3b:
65:a1:32:04:3e:53:07:31:81:f9:29:ac:aa:cc:0e:03:e2:9d:
90:4a:96:06:bc:6e:b0:4c:be:f5:3f:b6:76:bf:52:dc:2e:35:
8b:38:67:a5:ac:74:3c:4a:45:e3:67:eb:63:fa:70:8f:0d:b5:
d2:0e:92:78:59:be:f9:a2:37:85:87:ff:b1:ad:19:cb:4e:14:
fc:b9:69:48:77:97:79:62:b4:6c:a3:6c:4d:b3:78:60:1a:77:
04:92:e5:90
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZBuds/IJAHbMYPOSo9BXhZfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MTlmMmFkOTE1ODRiYWZmMDQ2NzQ0N2JhYzhmYjk3OGQx
ZjlkZDMwHhcNMjQwNzAxMTMyMzE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTUxMmI3ZWYzZDVlMWQ4MTkxNmJjOTg1ZWEyNWI0MGNhMGM0OWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvEInxZVjLwoAz6Og+ybRMiLJ3EZv
jDD3imxk8j8pNRV4BxI/WIuV0oK6m0Q1+GuvSIkExzHWraHJn1+yfzx/T3O0bl1x
0WpxgvacAq3xDLo64Zmch9u/8Z3VbUux/h4Y5em1Rc0L48NWXoou7nalmG3Dj1Cj
COVVfPNnf/yLNvPyiG/oNaPWNgayTS11CxrOlGh7YWf6U30uIwUA6AxVHbTOxRJp
TOERtgkiRUopfsvjy7oHFYFaS0OvviZ8t5bbfCohr3gRFirYJRnPO+fVxjz8RF5H
Mtuln9i4nV0S2wVyhM8OqZG5oiuLoiE8kyBMN+6ptKEz9zarYZaztI0vtQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFDVRK37z1eHYGRa8mF6iW0DKDEneMB8GA1UdIwQY
MBaAFDkZ8q2RWEuv8EZ0R7rI+5eNH53TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1JueXJaRllTNl93Um5SSHVzajdsNDBmbmRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS85MTE4ZTItYWU3NC00YzI0LWE3NzUt
MzJhYTY3MzFjMjkxLzEvTlZFcmZ2UFY0ZGdaRnJ5WVhxSmJRTW9NU2Q0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS85MTE4ZTItYWU3NC00YzI0LWE3NzUtMzJhYTY3MzFjMjkx
LzEvT1JueXJaRllTNl93Um5SSHVzajdsNDBmbmRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAdBAIAATAXAwMBWp4DBAXU
YgADBAXVj+ADBAXVoYAwDQQCAAIwBwMFACoAH5AwDQYJKoZIhvcNAQELBQADggEB
AIcb0tOwEqK2u8qnj9sIdk12TWtiupP117Wx/vNu5wP11dBGTbZzpWJwvtAchc01
gTc9llYiDjcyY5Kmovvc8z1sI12BvxVZ534X4c2a2Nr7txFsiAXCtXDPKdXJvdRa
erU41Pesr5i81wo5FrQ9/myrYpDMmGuCHD+U6nGO7bJBCsPnvx7SEX0XNPUfHss6
pMEhjKY+aQq34Ui7A80EN8VEO2WhMgQ+UwcxgfkprKrMDgPinZBKlga8brBMvvU/
tna/UtwuNYs4Z6WsdDxKReNn62P6cI8NtdIOknhZvvmiN4WH/7GtGctOFPy5aUh3
l3litGyjbE2zeGAadwSS5ZA=
-----END CERTIFICATE-----
Generated at Wed Jul 3 11:06:33 2024 by rpki-client on console-fra.rpki-client.org