Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/NcQ4ZOsUDyp8yGBQzCfoZJtArbo.roa
File: NcQ4ZOsUDyp8yGBQzCfoZJtArbo.roa (raw, json)
Hash identifier: sJCVTqceiSXAVGoHR62qdoCYKgrmThJv0VZCYG7/fHM=
Subject key identifier: 35:C4:38:64:EB:14:0F:2A:7C:C8:60:50:CC:27:E8:64:9B:40:AD:BA
Certificate issuer: /CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Certificate serial: 01941FFA9B227FDC414FA4D92E20693F81B5
Authority key identifier: 58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/NcQ4ZOsUDyp8yGBQzCfoZJtArbo.roa
Signing time: Wed 01 Jan 2025 03:48:24 +0000
ROA not before: Wed 01 Jan 2025 03:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58272
IP address blocks: 37.18.0.0/24 maxlen: 24
37.18.63.0/24 maxlen: 24
37.18.78.0/24 maxlen: 24
37.230.134.0/24 maxlen: 24
37.230.151.0/24 maxlen: 24
37.230.163.0/24 maxlen: 24
37.230.176.0/24 maxlen: 24
37.230.178.0/24 maxlen: 24
37.230.182.0/24 maxlen: 24
37.230.183.0/24 maxlen: 24
37.230.187.0/24 maxlen: 24
37.230.254.0/24 maxlen: 24
46.243.138.0/24 maxlen: 24
46.243.139.0/24 maxlen: 24
46.243.140.0/24 maxlen: 24
46.243.149.0/24 maxlen: 24
46.243.204.0/24 maxlen: 24
46.243.214.0/24 maxlen: 24
46.243.215.0/24 maxlen: 24
46.243.221.0/24 maxlen: 24
46.243.222.0/24 maxlen: 24
46.243.223.0/24 maxlen: 24
46.243.224.0/24 maxlen: 24
46.243.225.0/24 maxlen: 24
46.243.236.0/24 maxlen: 24
46.243.237.0/24 maxlen: 24
46.243.238.0/24 maxlen: 24
46.243.240.0/24 maxlen: 24
46.243.241.0/24 maxlen: 24
46.243.242.0/24 maxlen: 24
46.243.243.0/24 maxlen: 24
46.243.246.0/24 maxlen: 24
46.243.247.0/24 maxlen: 24
46.243.248.0/24 maxlen: 24
46.243.249.0/24 maxlen: 24
46.243.250.0/24 maxlen: 24
46.243.251.0/24 maxlen: 24
128.0.71.0/24 maxlen: 24
141.101.132.0/24 maxlen: 24
141.101.133.0/24 maxlen: 24
141.101.135.0/24 maxlen: 24
141.101.136.0/24 maxlen: 24
141.101.138.0/23 maxlen: 23
141.101.143.0/24 maxlen: 24
141.101.144.0/24 maxlen: 24
141.101.145.0/24 maxlen: 24
141.101.146.0/24 maxlen: 24
141.101.147.0/24 maxlen: 24
141.101.148.0/24 maxlen: 24
141.101.149.0/24 maxlen: 24
141.101.150.0/24 maxlen: 24
141.101.153.0/24 maxlen: 24
141.101.154.0/24 maxlen: 24
141.101.155.0/24 maxlen: 24
141.101.156.0/24 maxlen: 24
141.101.157.0/24 maxlen: 24
141.101.158.0/24 maxlen: 24
141.101.159.0/24 maxlen: 24
141.101.160.0/24 maxlen: 24
141.101.161.0/24 maxlen: 24
141.101.162.0/24 maxlen: 24
141.101.163.0/24 maxlen: 24
141.101.164.0/24 maxlen: 24
141.101.165.0/24 maxlen: 24
141.101.166.0/24 maxlen: 24
141.101.167.0/24 maxlen: 24
141.101.168.0/24 maxlen: 24
141.101.169.0/24 maxlen: 24
141.101.170.0/24 maxlen: 24
141.101.171.0/24 maxlen: 24
141.101.172.0/24 maxlen: 24
141.101.174.0/24 maxlen: 24
141.101.179.0/24 maxlen: 24
141.101.191.0/24 maxlen: 24
141.101.199.0/24 maxlen: 24
141.101.235.0/24 maxlen: 24
141.101.248.0/24 maxlen: 24
141.101.255.0/24 maxlen: 24
178.170.136.0/24 maxlen: 24
178.170.137.0/24 maxlen: 24
178.170.139.0/24 maxlen: 24
178.170.140.0/24 maxlen: 24
178.170.141.0/24 maxlen: 24
178.170.145.0/24 maxlen: 24
178.170.172.0/24 maxlen: 24
185.4.148.0/24 maxlen: 24
185.4.149.0/24 maxlen: 24
185.4.150.0/24 maxlen: 24
185.4.151.0/24 maxlen: 24
188.72.80.0/24 maxlen: 24
188.72.81.0/24 maxlen: 24
188.72.83.0/24 maxlen: 24
188.72.84.0/24 maxlen: 24
188.72.85.0/24 maxlen: 24
188.72.86.0/24 maxlen: 24
188.72.87.0/24 maxlen: 24
188.72.89.0/24 maxlen: 24
188.72.95.0/24 maxlen: 24
188.72.102.0/24 maxlen: 24
188.72.114.0/24 maxlen: 24
188.72.115.0/24 maxlen: 24
188.72.116.0/24 maxlen: 24
188.72.119.0/24 maxlen: 24
217.150.88.0/24 maxlen: 24
217.150.89.0/24 maxlen: 24
217.150.90.0/24 maxlen: 24
217.150.91.0/24 maxlen: 24
217.150.92.0/24 maxlen: 24
217.150.93.0/24 maxlen: 24
217.150.94.0/24 maxlen: 24
217.150.95.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 15 Jan 2025 14:12:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:9b:22:7f:dc:41:4f:a4:d9:2e:20:69:3f:81:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Validity
Not Before: Jan 1 03:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=35c43864eb140f2a7cc86050cc27e8649b40adba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:82:09:ff:c1:9c:60:28:41:bb:c1:a2:3e:0d:
8e:82:d5:35:e9:da:63:05:2f:79:65:60:8d:49:c5:
52:fa:c5:8c:2c:73:fb:c1:d5:cf:73:18:45:5f:c2:
22:0b:87:82:ef:a6:0b:7b:36:23:b8:1f:c2:09:d7:
04:79:7f:aa:e2:28:fa:e6:6b:e9:0b:47:98:eb:16:
90:f1:2e:5c:78:51:fd:9e:28:26:2c:ae:03:80:59:
64:9d:4d:76:c1:1b:b3:c1:bc:b1:5e:7c:fc:67:9a:
4e:f8:b1:05:2d:a8:db:c3:e9:d9:e4:7e:94:94:8f:
27:38:5a:83:d8:a3:48:5c:e7:5e:e0:5b:6c:59:a8:
2e:b5:61:d4:96:67:bb:42:94:ef:c2:b7:d6:27:32:
85:97:37:62:f6:10:cf:c8:44:0f:d3:f5:1f:97:1c:
47:63:aa:f2:b3:7e:36:09:3f:1f:06:dc:15:1c:c7:
c5:4b:eb:77:5f:81:1f:82:dc:82:ef:3f:1b:24:e5:
ae:39:e3:06:cd:7e:f1:3f:58:bd:9c:f0:7f:ee:11:
06:d4:ff:a5:3b:05:f9:df:77:31:99:b2:2a:ad:1a:
78:5b:d6:70:02:dd:f0:30:8f:79:79:07:80:10:6c:
5e:e2:18:9c:37:49:9e:78:49:cc:ef:d9:7f:25:99:
6a:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:C4:38:64:EB:14:0F:2A:7C:C8:60:50:CC:27:E8:64:9B:40:AD:BA
X509v3 Authority Key Identifier:
keyid:58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/NcQ4ZOsUDyp8yGBQzCfoZJtArbo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.18.0.0/24
37.18.63.0/24
37.18.78.0/24
37.230.134.0/24
37.230.151.0/24
37.230.163.0/24
37.230.176.0/24
37.230.178.0/24
37.230.182.0/23
37.230.187.0/24
37.230.254.0/24
46.243.138.0-46.243.140.255
46.243.149.0/24
46.243.204.0/24
46.243.214.0/23
46.243.221.0-46.243.225.255
46.243.236.0-46.243.238.255
46.243.240.0/22
46.243.246.0-46.243.251.255
128.0.71.0/24
141.101.132.0/23
141.101.135.0-141.101.136.255
141.101.138.0/23
141.101.143.0-141.101.150.255
141.101.153.0-141.101.172.255
141.101.174.0/24
141.101.179.0/24
141.101.191.0/24
141.101.199.0/24
141.101.235.0/24
141.101.248.0/24
141.101.255.0/24
178.170.136.0/23
178.170.139.0-178.170.141.255
178.170.145.0/24
178.170.172.0/24
185.4.148.0/22
188.72.80.0/23
188.72.83.0-188.72.87.255
188.72.89.0/24
188.72.95.0/24
188.72.102.0/24
188.72.114.0-188.72.116.255
188.72.119.0/24
217.150.88.0/21
Signature Algorithm: sha256WithRSAEncryption
c1:5d:95:78:bc:e3:15:80:52:85:59:72:8b:5c:31:27:74:49:
ec:49:cb:86:8f:a7:10:ce:7c:05:96:01:f3:aa:fe:16:07:da:
c2:76:dc:9d:fc:a4:d9:53:02:d7:44:39:51:d3:09:c6:79:b0:
08:8a:02:7c:1e:8e:5b:f6:9b:3d:e2:c7:9c:ca:3a:57:a2:36:
dd:c0:db:66:e6:0c:6d:54:73:f2:58:e3:40:b8:56:3f:67:72:
4e:f6:38:36:b3:f4:40:cf:3b:76:09:34:b2:ca:c4:6b:f5:c7:
d2:f9:0a:e4:c8:a7:82:20:87:26:e3:c5:ef:35:dd:5e:6b:52:
68:e2:6a:6c:8b:57:e5:7f:56:92:e2:f3:ff:11:6f:81:8f:1d:
f3:48:f2:ca:93:7e:87:9b:68:d1:86:69:09:da:29:cb:91:22:
63:7e:f4:d9:dc:87:69:02:a3:8e:32:35:6f:8a:b7:26:a3:7a:
87:f0:57:50:fd:12:1e:36:77:93:80:9d:60:36:40:0a:61:ca:
7c:5c:26:6f:70:8b:76:17:12:65:a8:af:0a:ce:36:50:ea:9d:
52:7a:66:c4:4b:68:69:8f:87:4c:3f:2d:49:4b:52:d4:4c:1f:
91:eb:79:e3:b2:c7:ef:26:df:39:a9:d4:e5:db:87:63:29:aa:
07:c2:1d:40
-----BEGIN CERTIFICATE-----
MIIGXzCCBUegAwIBAgISAZQf+psif9xBT6TZLiBpP4G1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ODVlODg0YzJmYzdhNzVkMTJkZDFkZWE0OWNlMjM0OWM0
NzA2N2UwHhcNMjUwMTAxMDM0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWM0Mzg2NGViMTQwZjJhN2NjODYwNTBjYzI3ZTg2NDliNDBhZGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt4IJ/8GcYChBu8GiPg2OgtU16dpj
BS95ZWCNScVS+sWMLHP7wdXPcxhFX8IiC4eC76YLezYjuB/CCdcEeX+q4ij65mvp
C0eY6xaQ8S5ceFH9nigmLK4DgFlknU12wRuzwbyxXnz8Z5pO+LEFLajbw+nZ5H6U
lI8nOFqD2KNIXOde4FtsWagutWHUlme7QpTvwrfWJzKFlzdi9hDPyEQP0/UflxxH
Y6rys342CT8fBtwVHMfFS+t3X4EfgtyC7z8bJOWuOeMGzX7xP1i9nPB/7hEG1P+l
OwX533cxmbIqrRp4W9ZwAt3wMI95eQeAEGxe4hicN0meeEnM79l/JZlqUQIDAQAB
o4IDazCCA2cwHQYDVR0OBBYEFDXEOGTrFA8qfMhgUMwn6GSbQK26MB8GA1UdIwQY
MBaAFFiF6ITC/Hp10S3R3qSc4jScRwZ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODkt
OGM5NTgxZDk2ZDhmLzEvTmNRNFpPc1VEeXA4eUdCUXpDZm9aSnRBcmJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODktOGM5NTgxZDk2ZDhm
LzEvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBfwYIKwYBBQUHAQcBAf8EggFuMIIBajCCAWYEAgABMIIB
XgMEACUSAAMEACUSPwMEACUSTgMEACXmhgMEACXmlwMEACXmowMEACXmsAMEACXm
sgMEASXmtgMEACXmuwMEACXm/jAMAwQBLvOKAwQALvOMAwQALvOVAwQALvPMAwQB
LvPWMAwDBAAu890DBAEu8+AwDAMEAi7z7AMEAC7z7gMEAi7z8DAMAwQBLvP2AwQC
LvP4AwQAgABHAwQBjWWEMAwDBACNZYcDBACNZYgDBAGNZYowDAMEAI1ljwMEAI1l
ljAMAwQAjWWZAwQAjWWsAwQAjWWuAwQAjWWzAwQAjWW/AwQAjWXHAwQAjWXrAwQA
jWX4AwQAjWX/AwQBsqqIMAwDBACyqosDBAGyqowDBACyqpEDBACyqqwDBAK5BJQD
BAG8SFAwDAMEALxIUwMEA7xIUAMEALxIWQMEALxIXwMEALxIZjAMAwQBvEhyAwQA
vEh0AwQAvEh3AwQD2ZZYMA0GCSqGSIb3DQEBCwUAA4IBAQDBXZV4vOMVgFKFWXKL
XDEndEnsScuGj6cQznwFlgHzqv4WB9rCdtyd/KTZUwLXRDlR0wnGebAIigJ8Ho5b
9ps94secyjpXojbdwNtm5gxtVHPyWONAuFY/Z3JO9jg2s/RAzzt2CTSyysRr9cfS
+QrkyKeCIIcm48XvNd1ea1Jo4mpsi1flf1aS4vP/EW+Bjx3zSPLKk36Hm2jRhmkJ
2inLkSJjfvTZ3IdpAqOOMjVvircmo3qH8FdQ/RIeNneTgJ1gNkAKYcp8XCZvcIt2
FxJlqK8KzjZQ6p1SembES2hpj4dMPy1JS1LUTB+R63njssfvJt85qdTl24djKaoH
wh1A
-----END CERTIFICATE-----
Generated at Thu Apr 17 18:29:52 2025 by rpki-client