Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/NR3Jw7JAMBhBMJSsfpfELrAXKEs.roa
File: NR3Jw7JAMBhBMJSsfpfELrAXKEs.roa (raw, json)
Hash identifier: dztoimalIgDe3po1e+UIlktETodN0xJbZbnYyAj1fSY=
Subject key identifier: 35:1D:C9:C3:B2:40:30:18:41:30:94:AC:7E:97:C4:2E:B0:17:28:4B
Certificate issuer: /CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Certificate serial: 0192FCE4BAEADFFCEB72B6A826BD2917C2C5
Authority key identifier: 58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/NR3Jw7JAMBhBMJSsfpfELrAXKEs.roa
Signing time: Tue 05 Nov 2024 15:15:01 +0000
ROA not before: Tue 05 Nov 2024 15:15:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58272
IP address blocks: 37.18.0.0/24 maxlen: 24
37.18.63.0/24 maxlen: 24
37.18.78.0/24 maxlen: 24
37.230.134.0/24 maxlen: 24
37.230.151.0/24 maxlen: 24
37.230.163.0/24 maxlen: 24
37.230.176.0/24 maxlen: 24
37.230.178.0/24 maxlen: 24
37.230.182.0/24 maxlen: 24
37.230.183.0/24 maxlen: 24
37.230.187.0/24 maxlen: 24
37.230.254.0/24 maxlen: 24
46.243.138.0/24 maxlen: 24
46.243.139.0/24 maxlen: 24
46.243.140.0/24 maxlen: 24
46.243.149.0/24 maxlen: 24
46.243.204.0/24 maxlen: 24
46.243.214.0/24 maxlen: 24
46.243.215.0/24 maxlen: 24
46.243.221.0/24 maxlen: 24
46.243.222.0/24 maxlen: 24
46.243.223.0/24 maxlen: 24
46.243.224.0/24 maxlen: 24
46.243.225.0/24 maxlen: 24
46.243.236.0/24 maxlen: 24
46.243.237.0/24 maxlen: 24
46.243.238.0/24 maxlen: 24
46.243.240.0/24 maxlen: 24
46.243.241.0/24 maxlen: 24
46.243.242.0/24 maxlen: 24
46.243.243.0/24 maxlen: 24
46.243.246.0/24 maxlen: 24
46.243.247.0/24 maxlen: 24
46.243.248.0/24 maxlen: 24
46.243.249.0/24 maxlen: 24
46.243.250.0/24 maxlen: 24
46.243.251.0/24 maxlen: 24
128.0.71.0/24 maxlen: 24
141.101.132.0/24 maxlen: 24
141.101.133.0/24 maxlen: 24
141.101.135.0/24 maxlen: 24
141.101.136.0/24 maxlen: 24
141.101.138.0/23 maxlen: 23
141.101.143.0/24 maxlen: 24
141.101.144.0/24 maxlen: 24
141.101.145.0/24 maxlen: 24
141.101.146.0/24 maxlen: 24
141.101.147.0/24 maxlen: 24
141.101.148.0/24 maxlen: 24
141.101.149.0/24 maxlen: 24
141.101.150.0/24 maxlen: 24
141.101.153.0/24 maxlen: 24
141.101.154.0/24 maxlen: 24
141.101.155.0/24 maxlen: 24
141.101.156.0/24 maxlen: 24
141.101.157.0/24 maxlen: 24
141.101.158.0/24 maxlen: 24
141.101.159.0/24 maxlen: 24
141.101.160.0/24 maxlen: 24
141.101.161.0/24 maxlen: 24
141.101.162.0/24 maxlen: 24
141.101.163.0/24 maxlen: 24
141.101.164.0/24 maxlen: 24
141.101.165.0/24 maxlen: 24
141.101.166.0/24 maxlen: 24
141.101.167.0/24 maxlen: 24
141.101.168.0/24 maxlen: 24
141.101.169.0/24 maxlen: 24
141.101.170.0/24 maxlen: 24
141.101.171.0/24 maxlen: 24
141.101.172.0/24 maxlen: 24
141.101.174.0/24 maxlen: 24
141.101.179.0/24 maxlen: 24
141.101.191.0/24 maxlen: 24
141.101.199.0/24 maxlen: 24
141.101.235.0/24 maxlen: 24
141.101.248.0/24 maxlen: 24
141.101.255.0/24 maxlen: 24
178.170.136.0/24 maxlen: 24
178.170.137.0/24 maxlen: 24
178.170.139.0/24 maxlen: 24
178.170.140.0/24 maxlen: 24
178.170.141.0/24 maxlen: 24
178.170.145.0/24 maxlen: 24
178.170.172.0/24 maxlen: 24
185.4.148.0/24 maxlen: 24
185.4.149.0/24 maxlen: 24
185.4.150.0/24 maxlen: 24
185.4.151.0/24 maxlen: 24
188.72.72.0/24 maxlen: 24
188.72.80.0/24 maxlen: 24
188.72.81.0/24 maxlen: 24
188.72.83.0/24 maxlen: 24
188.72.84.0/24 maxlen: 24
188.72.85.0/24 maxlen: 24
188.72.86.0/24 maxlen: 24
188.72.87.0/24 maxlen: 24
188.72.89.0/24 maxlen: 24
188.72.95.0/24 maxlen: 24
188.72.102.0/24 maxlen: 24
188.72.114.0/24 maxlen: 24
188.72.115.0/24 maxlen: 24
188.72.116.0/24 maxlen: 24
188.72.119.0/24 maxlen: 24
217.150.88.0/24 maxlen: 24
217.150.89.0/24 maxlen: 24
217.150.90.0/24 maxlen: 24
217.150.91.0/24 maxlen: 24
217.150.92.0/24 maxlen: 24
217.150.93.0/24 maxlen: 24
217.150.94.0/24 maxlen: 24
217.150.95.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 22 Nov 2024 09:26:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:fc:e4:ba:ea:df:fc:eb:72:b6:a8:26:bd:29:17:c2:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Validity
Not Before: Nov 5 15:15:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=351dc9c3b2403018413094ac7e97c42eb017284b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:97:90:e7:1c:3e:78:b4:aa:68:e6:9d:f2:bd:
51:f6:8c:67:27:a9:60:e3:fe:32:53:37:b9:b6:d4:
d6:3f:19:d6:48:7c:5f:91:fc:71:4b:0b:1b:12:dc:
3e:64:3f:45:b7:85:cd:8a:68:39:e7:f8:ba:cb:5c:
e2:54:a2:43:7d:3d:54:8e:c0:8a:e4:65:d6:48:8c:
ee:e9:63:f1:6a:75:cd:8a:89:e9:88:cf:22:09:a8:
55:d0:f2:c4:57:d3:ad:1d:32:4e:2a:99:ef:31:32:
9c:ff:f3:e6:9b:52:0c:6b:2e:cb:04:7f:6f:1b:f1:
51:b8:77:48:d8:1a:10:fa:87:2d:1e:53:a3:c9:8d:
d5:9c:ef:d2:ef:da:16:a3:1a:35:87:85:ba:89:20:
fb:85:7f:4d:73:e8:51:37:7a:2a:cd:ec:f8:0a:aa:
19:6f:c8:1e:b7:42:e4:09:a0:12:ee:84:5f:f4:21:
20:eb:de:84:0c:fa:70:8b:5e:11:01:cb:9d:ab:3d:
f4:c6:35:24:5d:73:28:d0:f3:4f:a3:a4:f5:eb:4b:
e2:82:8c:64:7c:b1:12:30:fc:66:da:9e:fa:f3:0f:
2a:d6:75:dd:3c:f3:c2:05:9e:02:f7:a4:4b:05:cf:
48:51:f7:3d:98:ba:08:d8:d2:54:ba:45:a8:f0:5f:
2a:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:1D:C9:C3:B2:40:30:18:41:30:94:AC:7E:97:C4:2E:B0:17:28:4B
X509v3 Authority Key Identifier:
keyid:58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/NR3Jw7JAMBhBMJSsfpfELrAXKEs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.18.0.0/24
37.18.63.0/24
37.18.78.0/24
37.230.134.0/24
37.230.151.0/24
37.230.163.0/24
37.230.176.0/24
37.230.178.0/24
37.230.182.0/23
37.230.187.0/24
37.230.254.0/24
46.243.138.0-46.243.140.255
46.243.149.0/24
46.243.204.0/24
46.243.214.0/23
46.243.221.0-46.243.225.255
46.243.236.0-46.243.238.255
46.243.240.0/22
46.243.246.0-46.243.251.255
128.0.71.0/24
141.101.132.0/23
141.101.135.0-141.101.136.255
141.101.138.0/23
141.101.143.0-141.101.150.255
141.101.153.0-141.101.172.255
141.101.174.0/24
141.101.179.0/24
141.101.191.0/24
141.101.199.0/24
141.101.235.0/24
141.101.248.0/24
141.101.255.0/24
178.170.136.0/23
178.170.139.0-178.170.141.255
178.170.145.0/24
178.170.172.0/24
185.4.148.0/22
188.72.72.0/24
188.72.80.0/23
188.72.83.0-188.72.87.255
188.72.89.0/24
188.72.95.0/24
188.72.102.0/24
188.72.114.0-188.72.116.255
188.72.119.0/24
217.150.88.0/21
Signature Algorithm: sha256WithRSAEncryption
4c:ef:5a:2d:ba:77:fc:5b:c4:94:79:2b:ff:1a:aa:cc:56:fe:
34:25:05:e1:10:0e:49:89:84:b4:7c:b1:e2:f9:ee:ab:5b:a0:
2f:f1:e4:14:f5:d4:12:ff:3a:5a:51:8f:c3:3d:71:ff:df:6f:
99:1a:e9:9c:38:a0:34:d5:0a:d7:c2:75:f2:99:9a:92:61:b6:
0c:f5:73:eb:8f:ba:45:c3:58:be:ca:ad:06:0c:08:13:61:e0:
f5:a5:84:2d:a7:ee:d6:6a:e6:b7:f9:00:22:ef:a3:af:a8:06:
19:0e:44:2e:9f:5d:90:46:48:7d:77:59:ec:f3:c3:88:c3:91:
de:4d:54:54:ec:f3:59:02:77:1e:6b:d8:90:15:cc:20:b2:3c:
3c:be:1f:07:b6:74:da:09:d3:9c:76:7f:d5:83:69:4f:78:d2:
36:07:6e:a1:4f:82:52:b1:43:66:f0:be:ac:51:86:f6:a1:35:
78:d4:37:5b:d9:33:6e:b8:6e:92:fa:c0:c1:82:0a:31:ec:8b:
24:c3:4d:8a:db:ce:b7:78:8c:1d:fe:93:06:c9:44:79:47:f1:
04:b0:b1:14:26:73:9f:9a:d7:ab:7f:7c:56:3f:b2:5d:76:32:
65:9e:b2:87:f5:52:c1:32:cf:53:c5:94:c5:0d:74:16:20:3a:
c1:33:e6:68
-----BEGIN CERTIFICATE-----
MIIGZTCCBU2gAwIBAgISAZL85Lrq3/zrcraoJr0pF8LFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ODVlODg0YzJmYzdhNzVkMTJkZDFkZWE0OWNlMjM0OWM0
NzA2N2UwHhcNMjQxMTA1MTUxNTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTFkYzljM2IyNDAzMDE4NDEzMDk0YWM3ZTk3YzQyZWIwMTcyODRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAupeQ5xw+eLSqaOad8r1R9oxnJ6lg
4/4yUze5ttTWPxnWSHxfkfxxSwsbEtw+ZD9Ft4XNimg55/i6y1ziVKJDfT1UjsCK
5GXWSIzu6WPxanXNionpiM8iCahV0PLEV9OtHTJOKpnvMTKc//Pmm1IMay7LBH9v
G/FRuHdI2BoQ+octHlOjyY3VnO/S79oWoxo1h4W6iSD7hX9Nc+hRN3oqzez4CqoZ
b8get0LkCaAS7oRf9CEg696EDPpwi14RAcudqz30xjUkXXMo0PNPo6T160vigoxk
fLESMPxm2p768w8q1nXdPPPCBZ4C96RLBc9IUfc9mLoI2NJUukWo8F8q2QIDAQAB
o4IDcTCCA20wHQYDVR0OBBYEFDUdycOyQDAYQTCUrH6XxC6wFyhLMB8GA1UdIwQY
MBaAFFiF6ITC/Hp10S3R3qSc4jScRwZ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODkt
OGM5NTgxZDk2ZDhmLzEvTlIzSnc3SkFNQmhCTUpTc2ZwZkVMckFYS0VzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODktOGM5NTgxZDk2ZDhm
LzEvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBhQYIKwYBBQUHAQcBAf8EggF0MIIBcDCCAWwEAgABMIIB
ZAMEACUSAAMEACUSPwMEACUSTgMEACXmhgMEACXmlwMEACXmowMEACXmsAMEACXm
sgMEASXmtgMEACXmuwMEACXm/jAMAwQBLvOKAwQALvOMAwQALvOVAwQALvPMAwQB
LvPWMAwDBAAu890DBAEu8+AwDAMEAi7z7AMEAC7z7gMEAi7z8DAMAwQBLvP2AwQC
LvP4AwQAgABHAwQBjWWEMAwDBACNZYcDBACNZYgDBAGNZYowDAMEAI1ljwMEAI1l
ljAMAwQAjWWZAwQAjWWsAwQAjWWuAwQAjWWzAwQAjWW/AwQAjWXHAwQAjWXrAwQA
jWX4AwQAjWX/AwQBsqqIMAwDBACyqosDBAGyqowDBACyqpEDBACyqqwDBAK5BJQD
BAC8SEgDBAG8SFAwDAMEALxIUwMEA7xIUAMEALxIWQMEALxIXwMEALxIZjAMAwQB
vEhyAwQAvEh0AwQAvEh3AwQD2ZZYMA0GCSqGSIb3DQEBCwUAA4IBAQBM71otunf8
W8SUeSv/GqrMVv40JQXhEA5JiYS0fLHi+e6rW6Av8eQU9dQS/zpaUY/DPXH/32+Z
GumcOKA01QrXwnXymZqSYbYM9XPrj7pFw1i+yq0GDAgTYeD1pYQtp+7Waua3+QAi
76OvqAYZDkQun12QRkh9d1ns88OIw5HeTVRU7PNZAncea9iQFcwgsjw8vh8HtnTa
CdOcdn/Vg2lPeNI2B26hT4JSsUNm8L6sUYb2oTV41Ddb2TNuuG6S+sDBggox7Isk
w02K2863eIwd/pMGyUR5R/EEsLEUJnOfmterf3xWP7JddjJlnrKH9VLBMs9TxZTF
DXQWIDrBM+Zo
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:52:49 2024 by rpki-client on console-ams.rpki-client.org