Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ta_NVDcaRzorEfjebCKuM6HCoS8.roa
File: ta_NVDcaRzorEfjebCKuM6HCoS8.roa (raw, json)
Hash identifier: CeFtrZKFDRtwJrt4pviHvyHnrJYYjwqeFoeOuxNzKIc=
Subject key identifier: B5:AF:CD:54:37:1A:47:3A:2B:11:F8:DE:6C:22:AE:33:A1:C2:A1:2F
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01939B44FE84881FE18EF0CE5214981D2EA9
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ta_NVDcaRzorEfjebCKuM6HCoS8.roa
Signing time: Fri 06 Dec 2024 09:20:10 +0000
ROA not before: Fri 06 Dec 2024 09:20:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 77.93.137.0/24 maxlen: 24
77.93.149.0/24 maxlen: 24
80.240.88.0/21 maxlen: 24
81.168.122.0/24 maxlen: 24
82.152.131.0/24 maxlen: 24
82.152.174.0/23 maxlen: 23
82.153.208.0/22 maxlen: 22
82.163.19.0/24 maxlen: 24
82.163.24.0/21 maxlen: 24
89.213.58.0/24 maxlen: 24
89.213.60.0/23 maxlen: 24
89.213.108.0/23 maxlen: 24
89.213.110.0/24 maxlen: 24
89.213.122.0/24 maxlen: 24
89.213.126.0/24 maxlen: 24
89.213.143.0/24 maxlen: 24
89.213.147.0/24 maxlen: 24
89.213.181.0/24 maxlen: 24
89.213.194.0/23 maxlen: 24
89.213.198.0/23 maxlen: 24
89.213.200.0/23 maxlen: 24
89.213.202.0/23 maxlen: 24
89.213.204.0/23 maxlen: 24
89.213.228.0/24 maxlen: 24
89.213.240.0/23 maxlen: 24
89.213.249.0/24 maxlen: 24
89.213.250.0/24 maxlen: 24
109.176.230.0/24 maxlen: 24
213.210.16.0/24 maxlen: 24
213.210.18.0/24 maxlen: 24
213.210.33.0/24 maxlen: 24
213.210.51.0/24 maxlen: 24
213.218.220.0/24 maxlen: 24
217.144.151.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 31 Dec 2024 09:41:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:9b:44:fe:84:88:1f:e1:8e:f0:ce:52:14:98:1d:2e:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Dec 6 09:20:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b5afcd54371a473a2b11f8de6c22ae33a1c2a12f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:ae:49:20:65:9d:5c:5d:2b:0e:71:2b:f1:52:
d1:95:27:6f:a9:83:c2:78:52:13:92:f3:c7:5e:f5:
f1:13:12:ca:54:66:08:59:4a:93:23:40:f9:67:46:
05:e9:32:48:01:56:35:95:e5:1d:24:8d:ee:e2:1a:
f2:2b:a0:3c:cc:69:86:7c:22:6d:f8:1f:39:45:70:
c4:09:8c:bc:25:12:9a:01:30:97:e5:5a:f7:e8:30:
9d:9d:9e:8b:82:8c:1f:42:17:70:9a:0d:ff:fd:0a:
02:52:ce:62:89:8c:74:12:35:18:f8:6b:24:35:16:
d5:5e:b2:76:c7:7d:9d:06:d6:7e:a2:15:e7:f3:81:
18:04:b9:55:a3:5f:03:ce:94:bb:46:20:c7:a7:93:
82:58:f2:45:82:ad:66:9c:b3:fc:ce:ec:90:dc:4f:
df:5c:80:40:32:d9:b5:b2:b4:e1:67:cf:e2:9c:79:
0c:da:e0:b3:c2:80:01:11:d9:e1:a8:43:18:cf:00:
14:3c:13:a8:7e:0c:0c:a1:b5:64:2c:bc:48:bb:a8:
45:8a:3c:96:87:c6:bb:d0:e0:bf:9e:8a:4f:5f:ed:
cf:41:d1:d0:cb:07:66:81:6d:c4:6d:52:0b:73:18:
3d:08:6c:66:20:2b:26:34:6e:50:02:2e:58:fe:79:
65:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:AF:CD:54:37:1A:47:3A:2B:11:F8:DE:6C:22:AE:33:A1:C2:A1:2F
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ta_NVDcaRzorEfjebCKuM6HCoS8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.93.137.0/24
77.93.149.0/24
80.240.88.0/21
81.168.122.0/24
82.152.131.0/24
82.152.174.0/23
82.153.208.0/22
82.163.19.0/24
82.163.24.0/21
89.213.58.0/24
89.213.60.0/23
89.213.108.0-89.213.110.255
89.213.122.0/24
89.213.126.0/24
89.213.143.0/24
89.213.147.0/24
89.213.181.0/24
89.213.194.0/23
89.213.198.0-89.213.205.255
89.213.228.0/24
89.213.240.0/23
89.213.249.0-89.213.250.255
109.176.230.0/24
213.210.16.0/24
213.210.18.0/24
213.210.33.0/24
213.210.51.0/24
213.218.220.0/24
217.144.151.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:5f:03:86:27:18:a7:1a:0b:b0:e6:c4:db:ee:8e:d1:f8:df:
71:ca:da:b7:a3:a6:76:9b:06:c7:57:41:20:35:05:f2:80:6b:
1f:6f:2c:4a:bc:4b:2e:0c:a3:0f:c8:ee:2b:e0:74:ca:f8:8d:
64:0c:ba:5c:68:76:79:19:a1:f4:01:90:4c:f6:9f:b9:35:4a:
e6:17:43:04:78:93:f3:8f:81:9a:d4:b6:d6:48:63:f0:eb:bd:
aa:cd:c9:bc:95:db:d5:4c:91:3d:b1:f8:62:77:8b:01:29:74:
bc:81:1a:8f:5f:79:56:e0:98:ca:b2:52:14:31:90:9b:51:24:
ec:fd:c8:ed:43:d6:c1:08:96:e2:4d:b9:7f:76:32:e6:d8:aa:
e9:35:56:2e:5b:84:1f:65:03:c9:8c:5b:ce:85:c5:68:5e:ff:
31:b7:1e:eb:66:92:7d:2b:a5:42:fa:d4:0d:eb:91:ca:49:de:
b9:80:15:d1:da:04:38:6b:69:8e:c8:54:f7:ef:07:12:b3:a7:
dd:ee:ca:85:06:0a:de:6d:94:9f:fe:28:ca:ae:e6:d5:6f:f1:
dd:a6:c2:f5:8c:e5:1c:65:36:4d:cb:d8:15:77:c2:58:57:f5:
26:d8:f8:ff:ea:ed:a9:fd:4e:44:49:c0:42:61:49:b0:f9:f1:
88:55:47:68
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgISAZObRP6EiB/hjvDOUhSYHS6pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMjA2MDkyMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWFmY2Q1NDM3MWE0NzNhMmIxMWY4ZGU2YzIyYWUzM2ExYzJhMTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAza5JIGWdXF0rDnEr8VLRlSdvqYPC
eFITkvPHXvXxExLKVGYIWUqTI0D5Z0YF6TJIAVY1leUdJI3u4hryK6A8zGmGfCJt
+B85RXDECYy8JRKaATCX5Vr36DCdnZ6LgowfQhdwmg3//QoCUs5iiYx0EjUY+Gsk
NRbVXrJ2x32dBtZ+ohXn84EYBLlVo18DzpS7RiDHp5OCWPJFgq1mnLP8zuyQ3E/f
XIBAMtm1srThZ8/inHkM2uCzwoABEdnhqEMYzwAUPBOofgwMobVkLLxIu6hFijyW
h8a70OC/nopPX+3PQdHQywdmgW3EbVILcxg9CGxmICsmNG5QAi5Y/nllPwIDAQAB
o4ICzjCCAsowHQYDVR0OBBYEFLWvzVQ3Gkc6KxH43mwirjOhwqEvMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdGFfTlZEY2FSem9yRWZqZWJDS3VNNkhDb1M4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHjBggrBgEFBQcBBwEB/wSB0zCB0DCBzQQCAAEwgcYDBABN
XYkDBABNXZUDBANQ8FgDBABRqHoDBABSmIMDBAFSmK4DBAJSmdADBABSoxMDBANS
oxgDBABZ1ToDBAFZ1TwwDAMEAlnVbAMEAFnVbgMEAFnVegMEAFnVfgMEAFnVjwME
AFnVkwMEAFnVtQMEAVnVwjAMAwQBWdXGAwQBWdXMAwQAWdXkAwQBWdXwMAwDBABZ
1fkDBABZ1foDBABtsOYDBADV0hADBADV0hIDBADV0iEDBADV0jMDBADV2twDBADZ
kJcwDQYJKoZIhvcNAQELBQADggEBAGtfA4YnGKcaC7DmxNvujtH433HK2rejpnab
BsdXQSA1BfKAax9vLEq8Sy4Mow/I7ivgdMr4jWQMulxodnkZofQBkEz2n7k1SuYX
QwR4k/OPgZrUttZIY/DrvarNybyV29VMkT2x+GJ3iwEpdLyBGo9feVbgmMqyUhQx
kJtRJOz9yO1D1sEIluJNuX92MubYquk1Vi5bhB9lA8mMW86FxWhe/zG3Hutmkn0r
pUL61A3rkcpJ3rmAFdHaBDhraY7IVPfvBxKzp93uyoUGCt5tlJ/+KMqu5tVv8d2m
wvWM5RxlNk3L2BV3wlhX9SbY+P/q7an9TkRJwEJhSbD58YhVR2g=
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:25:51 2025 by rpki-client