Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/NDiLobMHYYFl75a3IQtbfzi9b-k.roa
File: NDiLobMHYYFl75a3IQtbfzi9b-k.roa (raw, json)
Hash identifier: UbH0PMZbqJ94yGHXE2au89x7q7U2SXggkiUiPj3OErE=
Subject key identifier: 34:38:8B:A1:B3:07:61:81:65:EF:96:B7:21:0B:5B:7F:38:BD:6F:E9
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0190D5555A9B16D6C6BDE4F4752B539BA8F5
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/NDiLobMHYYFl75a3IQtbfzi9b-k.roa
Signing time: Sun 21 Jul 2024 12:47:39 +0000
ROA not before: Sun 21 Jul 2024 12:47:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 81.168.122.0/24 maxlen: 24
82.152.131.0/24 maxlen: 24
82.152.176.0/23 maxlen: 23
82.153.136.0/22 maxlen: 22
82.153.243.0/24 maxlen: 24
89.213.50.0/23 maxlen: 23
89.213.56.0/22 maxlen: 22
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.167.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.197.0/24 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.228.0/22 maxlen: 22
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.204.0/22 maxlen: 24
109.176.229.0/24 maxlen: 24
109.176.230.0/24 maxlen: 24
109.176.239.0/24 maxlen: 24
109.176.248.0/24 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
212.38.88.0/23 maxlen: 24
213.218.211.0/24 maxlen: 24
213.218.224.0/24 maxlen: 24
217.145.66.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
Validation: Failed, certificate revoked on Mon 22 Jul 2024 19:29:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:d5:55:5a:9b:16:d6:c6:bd:e4:f4:75:2b:53:9b:a8:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jul 21 12:47:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=34388ba1b307618165ef96b7210b5b7f38bd6fe9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:0b:11:23:71:4a:f9:af:9c:75:69:d7:64:1c:
71:f4:3f:a0:d4:68:69:fa:40:48:48:45:a0:e3:d5:
85:cb:b1:ab:6e:ad:51:60:d4:c0:32:e6:61:1a:3b:
b2:aa:25:43:c4:08:a1:04:69:29:20:67:49:ac:6f:
7e:9c:1d:ee:f0:88:43:e8:57:3f:11:f8:a5:70:f2:
f1:59:59:d3:93:ed:5c:df:cb:ab:0a:21:3d:02:b7:
59:33:8c:a4:13:1d:4f:87:24:37:e8:ba:f1:ae:7b:
54:16:12:1c:5a:28:fc:73:17:e0:af:d5:94:84:dd:
de:4c:50:05:6e:30:de:42:e5:b1:1f:39:07:3b:56:
ca:a8:b8:a8:29:b7:fd:0c:12:61:ef:d2:53:b2:3d:
ac:02:68:6b:13:89:64:33:46:f6:cc:14:87:20:a3:
10:3f:98:dc:b9:b3:f7:6b:05:6f:e5:0d:f8:be:71:
07:2d:ea:94:b5:bf:18:3d:38:da:1a:30:d4:8f:99:
f5:5d:54:75:24:26:90:e8:4b:26:06:32:a9:0b:03:
7b:51:d1:a6:34:ac:23:c5:f6:08:18:cd:df:22:77:
61:0a:c4:63:65:6b:e4:01:f0:57:d0:97:5c:9b:10:
d7:9a:2c:93:41:d2:aa:62:a2:3e:ab:18:11:79:d5:
56:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:38:8B:A1:B3:07:61:81:65:EF:96:B7:21:0B:5B:7F:38:BD:6F:E9
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/NDiLobMHYYFl75a3IQtbfzi9b-k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.122.0/24
82.152.131.0/24
82.152.176.0/23
82.153.136.0/22
82.153.243.0/24
89.213.50.0/23
89.213.56.0/22
89.213.148.0-89.213.159.255
89.213.167.0/24
89.213.172.0/22
89.213.196.0-89.213.207.255
89.213.228.0-89.213.239.255
109.176.16.0/21
109.176.204.0/22
109.176.229.0-109.176.230.255
109.176.239.0/24
109.176.248.0/24
185.49.126.0/23
194.105.80.0/20
212.38.88.0/23
213.218.211.0/24
213.218.224.0/24
217.145.66.0/24
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
74:7a:39:d5:55:02:3b:72:45:7f:78:9b:ca:06:b1:15:1d:a2:
00:a2:af:5d:73:41:9a:d8:bc:47:f8:43:44:4d:b0:be:d7:1c:
b5:91:db:34:7c:ec:82:b9:39:43:02:03:0c:4d:e3:72:78:a9:
fd:a4:ab:a4:a6:31:c2:74:d6:9d:32:a7:49:ce:c1:55:c4:de:
52:de:63:9f:2b:1b:e8:e4:19:71:ec:97:0e:e1:aa:ba:00:9a:
42:ce:c3:f5:92:6b:c0:00:e0:9f:3e:ee:a6:9a:05:ba:54:83:
22:10:11:45:a6:88:0a:70:49:5b:28:ab:d3:5d:9e:50:f6:40:
fc:18:d9:41:d4:5f:60:21:c6:54:fb:55:34:78:0e:2a:4f:68:
4b:a2:ae:3d:71:d7:3c:27:e2:35:8d:62:8d:71:a7:1e:82:cd:
97:2b:86:c3:e8:65:e8:85:ea:e3:bd:96:d8:4e:03:b3:ba:95:
89:53:0c:ff:bf:b1:87:b6:e9:6a:9a:c4:57:67:6f:3d:52:20:
e5:1a:df:2d:10:ba:7a:ec:c2:27:94:f8:37:e4:07:20:01:e2:
c8:a5:d8:15:b9:52:b5:ac:87:40:7e:b9:c7:4a:31:51:45:cb:
08:51:0d:b6:f4:e6:d8:b1:18:d7:62:bf:20:9c:32:9a:2d:50:
6a:39:b3:f2
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgISAZDVVVqbFtbGveT0dStTm6j1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNzIxMTI0NzM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDM4OGJhMWIzMDc2MTgxNjVlZjk2YjcyMTBiNWI3ZjM4YmQ2ZmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqAsRI3FK+a+cdWnXZBxx9D+g1Ghp
+kBISEWg49WFy7Grbq1RYNTAMuZhGjuyqiVDxAihBGkpIGdJrG9+nB3u8IhD6Fc/
EfilcPLxWVnTk+1c38urCiE9ArdZM4ykEx1PhyQ36LrxrntUFhIcWij8cxfgr9WU
hN3eTFAFbjDeQuWxHzkHO1bKqLioKbf9DBJh79JTsj2sAmhrE4lkM0b2zBSHIKMQ
P5jcubP3awVv5Q34vnEHLeqUtb8YPTjaGjDUj5n1XVR1JCaQ6EsmBjKpCwN7UdGm
NKwjxfYIGM3fIndhCsRjZWvkAfBX0JdcmxDXmiyTQdKqYqI+qxgRedVW0QIDAQAB
o4ICuDCCArQwHQYDVR0OBBYEFDQ4i6GzB2GBZe+WtyELW384vW/pMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvTkRpTG9iTUhZWUZsNzVhM0lRdGJmemk5Yi1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHNBggrBgEFBQcBBwEB/wSBvTCBujCBtwQCAAEwgbADBABR
qHoDBABSmIMDBAFSmLADBAJSmYgDBABSmfMDBAFZ1TIDBAJZ1TgwDAMEAlnVlAME
BVnVgAMEAFnVpwMEAlnVrDAMAwQCWdXEAwQEWdXAMAwDBAJZ1eQDBARZ1eADBANt
sBADBAJtsMwwDAMEAG2w5QMEAG2w5gMEAG2w7wMEAG2w+AMEAbkxfgMEBMJpUAME
AdQmWAMEANXa0wMEANXa4AMEANmRQgMEA9mRSDANBgkqhkiG9w0BAQsFAAOCAQEA
dHo51VUCO3JFf3ibygaxFR2iAKKvXXNBmti8R/hDRE2wvtcctZHbNHzsgrk5QwID
DE3jcnip/aSrpKYxwnTWnTKnSc7BVcTeUt5jnysb6OQZceyXDuGqugCaQs7D9ZJr
wADgnz7uppoFulSDIhARRaaICnBJWyir012eUPZA/BjZQdRfYCHGVPtVNHgOKk9o
S6KuPXHXPCfiNY1ijXGnHoLNlyuGw+hl6IXq472W2E4Ds7qViVMM/7+xh7bpaprE
V2dvPVIg5RrfLRC6euzCJ5T4N+QHIAHiyKXYFblStayHQH65x0oxUUXLCFENtvTm
2LEY12K/IJwymi1Qajmz8g==
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:13:48 2025 by rpki-client