Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/714f54-fa75-4091-8c0b-9c15fbd5ee5e/1/NT95oTTIYbX6QsClh3Q-J56knJY.roa
File: NT95oTTIYbX6QsClh3Q-J56knJY.roa (raw, json)
Hash identifier: JEv2kjiyxslEk0+hhy5vkH2RQgFJLR6LBg+3VJk13XQ=
Subject key identifier: 35:3F:79:A1:34:C8:61:B5:FA:42:C0:A5:87:74:3E:27:9E:A4:9C:96
Certificate issuer: /CN=3a5dc2ba5942e04fdd8ba99516a1b93b1e4f9624
Certificate serial: 01916ECEF5B0138A275C0FAA70BC4305AE8B
Authority key identifier: 3A:5D:C2:BA:59:42:E0:4F:DD:8B:A9:95:16:A1:B9:3B:1E:4F:96:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ol3CullC4E_di6mVFqG5Ox5PliQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/714f54-fa75-4091-8c0b-9c15fbd5ee5e/1/NT95oTTIYbX6QsClh3Q-J56knJY.roa
Signing time: Tue 20 Aug 2024 08:02:22 +0000
ROA not before: Tue 20 Aug 2024 08:02:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48503
IP address blocks: 31.10.3.0/24 maxlen: 24
62.122.0.0/22 maxlen: 22
62.122.4.0/22 maxlen: 22
62.122.104.0/23 maxlen: 23
62.122.106.0/23 maxlen: 23
62.122.108.0/24 maxlen: 24
62.122.109.0/24 maxlen: 24
79.133.184.0/22 maxlen: 22
79.133.188.0/22 maxlen: 22
79.137.170.0/24 maxlen: 24
79.137.171.0/24 maxlen: 24
79.137.176.0/23 maxlen: 23
79.137.178.0/23 maxlen: 23
81.91.180.0/22 maxlen: 22
81.91.184.0/22 maxlen: 22
81.211.130.0/24 maxlen: 24
81.211.133.0/24 maxlen: 24
81.211.150.0/24 maxlen: 24
81.211.172.0/24 maxlen: 24
81.211.193.0/24 maxlen: 24
81.211.194.0/24 maxlen: 24
81.211.195.0/24 maxlen: 24
81.211.196.0/24 maxlen: 24
81.211.197.0/24 maxlen: 24
81.211.198.0/24 maxlen: 24
81.211.199.0/24 maxlen: 24
81.211.201.0/24 maxlen: 24
81.211.202.0/24 maxlen: 24
81.211.203.0/24 maxlen: 24
81.211.204.0/24 maxlen: 24
81.211.206.0/24 maxlen: 24
81.211.207.0/24 maxlen: 24
81.211.208.0/24 maxlen: 24
81.211.211.0/24 maxlen: 24
81.211.250.0/24 maxlen: 24
81.211.251.0/24 maxlen: 24
81.211.253.0/24 maxlen: 24
85.193.96.0/21 maxlen: 21
85.193.104.0/21 maxlen: 21
85.193.112.0/21 maxlen: 21
85.193.120.0/21 maxlen: 21
89.208.123.0/24 maxlen: 24
89.223.112.0/22 maxlen: 22
89.223.116.0/22 maxlen: 22
91.103.104.0/24 maxlen: 24
91.103.105.0/24 maxlen: 24
91.234.208.0/24 maxlen: 24
91.234.209.0/24 maxlen: 24
93.157.176.0/23 maxlen: 23
93.157.178.0/23 maxlen: 23
93.157.180.0/24 maxlen: 24
93.157.181.0/24 maxlen: 24
93.157.182.0/24 maxlen: 24
93.157.183.0/24 maxlen: 24
95.163.145.0/24 maxlen: 24
176.64.0.0/21 maxlen: 21
176.64.8.0/21 maxlen: 21
176.64.16.0/21 maxlen: 21
176.64.24.0/21 maxlen: 21
176.64.32.0/24 maxlen: 24
176.64.33.0/24 maxlen: 24
176.64.34.0/24 maxlen: 24
176.64.35.0/24 maxlen: 24
185.44.84.0/23 maxlen: 23
185.44.86.0/23 maxlen: 23
185.212.244.0/24 maxlen: 24
185.212.245.0/24 maxlen: 24
185.212.246.0/24 maxlen: 24
185.212.247.0/24 maxlen: 24
185.223.188.0/22 maxlen: 22
185.229.84.0/22 maxlen: 22
185.229.120.0/24 maxlen: 24
185.229.121.0/24 maxlen: 24
185.234.24.0/22 maxlen: 22
185.234.24.0/23 maxlen: 23
185.234.26.0/23 maxlen: 23
185.234.60.0/22 maxlen: 22
185.234.60.0/23 maxlen: 23
185.234.62.0/23 maxlen: 23
185.250.28.0/23 maxlen: 23
185.250.30.0/23 maxlen: 23
188.124.232.0/22 maxlen: 22
188.124.236.0/22 maxlen: 22
188.124.244.0/23 maxlen: 23
188.124.246.0/23 maxlen: 23
193.41.130.0/24 maxlen: 24
193.41.131.0/24 maxlen: 24
194.0.188.0/24 maxlen: 24
194.0.189.0/24 maxlen: 24
194.0.244.0/24 maxlen: 24
194.0.245.0/24 maxlen: 24
195.189.48.0/23 maxlen: 23
195.189.48.0/24 maxlen: 24
195.189.49.0/24 maxlen: 24
195.189.50.0/24 maxlen: 24
195.189.51.0/24 maxlen: 24
212.96.64.0/24 maxlen: 24
212.96.65.0/24 maxlen: 24
212.96.66.0/24 maxlen: 24
212.96.67.0/24 maxlen: 24
212.96.68.0/24 maxlen: 24
212.96.69.0/24 maxlen: 24
212.96.70.0/23 maxlen: 23
212.96.72.0/23 maxlen: 23
212.96.74.0/23 maxlen: 23
212.96.76.0/24 maxlen: 24
212.96.77.0/24 maxlen: 24
212.96.78.0/24 maxlen: 24
212.96.79.0/24 maxlen: 24
212.96.80.0/23 maxlen: 23
212.96.82.0/24 maxlen: 24
212.96.83.0/24 maxlen: 24
212.96.84.0/24 maxlen: 24
212.96.85.0/24 maxlen: 24
212.96.86.0/23 maxlen: 23
212.96.88.0/24 maxlen: 24
212.96.90.0/24 maxlen: 24
212.96.91.0/24 maxlen: 24
212.96.92.0/24 maxlen: 24
212.96.93.0/24 maxlen: 24
212.96.94.0/24 maxlen: 24
212.96.95.0/24 maxlen: 24
217.171.144.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 29 Aug 2024 10:32:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:6e:ce:f5:b0:13:8a:27:5c:0f:aa:70:bc:43:05:ae:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a5dc2ba5942e04fdd8ba99516a1b93b1e4f9624
Validity
Not Before: Aug 20 08:02:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=353f79a134c861b5fa42c0a587743e279ea49c96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:a7:40:14:c2:67:29:4e:fb:8a:6e:82:c9:56:
2d:4c:38:6e:94:90:f9:23:f1:4e:ad:9d:c7:d8:d6:
9e:55:d4:c5:4d:c1:78:bb:79:a0:52:eb:88:78:29:
11:87:81:4a:20:b7:d2:72:03:7b:1f:a8:44:d7:92:
15:09:dc:18:25:f8:dd:d1:59:9e:04:bb:2c:44:57:
23:5b:c2:bd:db:99:a0:d6:f1:b5:f5:34:25:fa:97:
dc:68:67:d5:75:dd:25:17:77:1f:67:86:5d:cc:fc:
b3:3f:6d:a7:60:28:f7:7c:64:0d:41:8c:2d:fb:31:
0b:e3:73:5a:24:35:29:7f:97:25:06:13:0e:b9:7c:
c7:3a:32:99:10:d8:45:a8:a5:f3:ea:e2:b6:b4:55:
4f:2e:34:e7:f5:60:6f:03:6b:01:23:57:ee:e4:ae:
5f:35:e8:34:38:70:2d:48:fa:f2:1b:a0:45:64:0c:
16:47:a9:30:76:1e:0a:dc:e4:7d:b0:a8:f4:50:88:
dc:2a:90:26:3d:49:ff:23:56:1a:f2:ba:9a:d3:34:
3b:ca:90:25:7a:2a:4c:a2:cf:5c:70:f8:e0:a2:52:
f5:63:15:66:b2:16:09:79:e3:46:2e:fc:15:d8:c2:
31:c0:ce:f0:96:6f:ce:b2:00:f1:55:0d:2a:48:61:
be:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:3F:79:A1:34:C8:61:B5:FA:42:C0:A5:87:74:3E:27:9E:A4:9C:96
X509v3 Authority Key Identifier:
keyid:3A:5D:C2:BA:59:42:E0:4F:DD:8B:A9:95:16:A1:B9:3B:1E:4F:96:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ol3CullC4E_di6mVFqG5Ox5PliQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/714f54-fa75-4091-8c0b-9c15fbd5ee5e/1/NT95oTTIYbX6QsClh3Q-J56knJY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/714f54-fa75-4091-8c0b-9c15fbd5ee5e/1/Ol3CullC4E_di6mVFqG5Ox5PliQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.10.3.0/24
62.122.0.0/21
62.122.104.0-62.122.109.255
79.133.184.0/21
79.137.170.0/23
79.137.176.0/22
81.91.180.0-81.91.187.255
81.211.130.0/24
81.211.133.0/24
81.211.150.0/24
81.211.172.0/24
81.211.193.0-81.211.199.255
81.211.201.0-81.211.204.255
81.211.206.0-81.211.208.255
81.211.211.0/24
81.211.250.0/23
81.211.253.0/24
85.193.96.0/19
89.208.123.0/24
89.223.112.0/21
91.103.104.0/23
91.234.208.0/23
93.157.176.0/21
95.163.145.0/24
176.64.0.0-176.64.35.255
185.44.84.0/22
185.212.244.0/22
185.223.188.0/22
185.229.84.0/22
185.229.120.0/23
185.234.24.0/22
185.234.60.0/22
185.250.28.0/22
188.124.232.0/21
188.124.244.0/22
193.41.130.0/23
194.0.188.0/23
194.0.244.0/23
195.189.48.0/22
212.96.64.0-212.96.88.255
212.96.90.0-212.96.95.255
217.171.144.0/24
Signature Algorithm: sha256WithRSAEncryption
13:79:50:a1:6c:9d:cd:0a:a0:d8:cd:68:fc:1b:df:39:fb:c3:
5c:f8:1e:54:1a:44:3a:98:ff:d0:48:b6:7e:fd:1a:2f:b7:b7:
41:78:04:11:d1:b2:d7:a7:52:16:2b:b7:a4:39:f1:c0:6c:83:
f6:1a:d7:cc:70:8a:b3:4e:a5:91:5e:4c:a6:68:a9:5d:60:dd:
5f:67:fb:66:ba:2c:1f:bf:fd:ae:3a:02:f1:81:1a:6d:d8:6a:
48:b6:e6:25:7d:1c:04:62:f3:d3:d0:55:69:5b:89:88:49:bd:
97:a8:c8:64:6b:aa:6a:f3:d4:49:b8:5c:35:36:fc:c3:44:f0:
c5:11:9c:98:24:e4:9e:4e:c4:47:76:fa:52:56:fd:50:52:00:
9b:1d:0f:52:73:f1:b4:4a:55:3a:5d:df:e5:fe:05:ae:bf:e3:
e1:03:44:f7:ca:d5:8b:f0:91:1c:e3:5e:9a:2f:63:72:d4:31:
ee:c9:aa:9d:80:41:90:e0:88:54:88:6e:4d:9a:52:27:14:6a:
1a:2e:ae:27:12:6a:32:21:55:5a:06:63:41:d5:11:9f:56:7a:
f7:28:a8:b2:f0:2d:79:09:3c:41:64:73:66:57:85:9a:ee:5d:
41:28:4a:87:46:07:35:f8:73:64:5c:0e:75:d5:83:74:53:1d:
30:16:d3:00
-----BEGIN CERTIFICATE-----
MIIGPDCCBSSgAwIBAgISAZFuzvWwE4onXA+qcLxDBa6LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNWRjMmJhNTk0MmUwNGZkZDhiYTk5NTE2YTFiOTNiMWU0
Zjk2MjQwHhcNMjQwODIwMDgwMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTNmNzlhMTM0Yzg2MWI1ZmE0MmMwYTU4Nzc0M2UyNzllYTQ5Yzk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt6dAFMJnKU77im6CyVYtTDhulJD5
I/FOrZ3H2NaeVdTFTcF4u3mgUuuIeCkRh4FKILfScgN7H6hE15IVCdwYJfjd0Vme
BLssRFcjW8K925mg1vG19TQl+pfcaGfVdd0lF3cfZ4ZdzPyzP22nYCj3fGQNQYwt
+zEL43NaJDUpf5clBhMOuXzHOjKZENhFqKXz6uK2tFVPLjTn9WBvA2sBI1fu5K5f
Neg0OHAtSPryG6BFZAwWR6kwdh4K3OR9sKj0UIjcKpAmPUn/I1Ya8rqa0zQ7ypAl
eipMos9ccPjgolL1YxVmshYJeeNGLvwV2MIxwM7wlm/OsgDxVQ0qSGG+TwIDAQAB
o4IDSDCCA0QwHQYDVR0OBBYEFDU/eaE0yGG1+kLApYd0PieepJyWMB8GA1UdIwQY
MBaAFDpdwrpZQuBP3YuplRahuTseT5YkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2wzQ3VsbEM0RV9kaTZtVkZxRzVPeDVQbGlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC83MTRmNTQtZmE3NS00MDkxLThjMGIt
OWMxNWZiZDVlZTVlLzEvTlQ5NW9UVElZYlg2UXNDbGgzUS1KNTZrbkpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC83MTRmNTQtZmE3NS00MDkxLThjMGItOWMxNWZiZDVlZTVl
LzEvT2wzQ3VsbEM0RV9kaTZtVkZxRzVPeDVQbGlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBXAYIKwYBBQUHAQcBAf8EggFLMIIBRzCCAUMEAgABMIIB
OwMEAB8KAwMEAz56ADAMAwQDPnpoAwQBPnpsAwQDT4W4AwQBT4mqAwQCT4mwMAwD
BAJRW7QDBAJRW7gDBABR04IDBABR04UDBABR05YDBABR06wwDAMEAFHTwQMEA1HT
wDAMAwQAUdPJAwQAUdPMMAwDBAFR084DBABR09ADBABR09MDBAFR0/oDBABR0/0D
BAVVwWADBABZ0HsDBANZ33ADBAFbZ2gDBAFb6tADBANdnbADBABfo5EwCwMDBrBA
AwQCsEAgAwQCuSxUAwQCudT0AwQCud+8AwQCueVUAwQBueV4AwQCueoYAwQCueo8
AwQCufocAwQDvHzoAwQCvHz0AwQBwSmCAwQBwgC8AwQBwgD0AwQCw70wMAwDBAbU
YEADBADUYFgwDAMEAdRgWgMEBdRgQAMEANmrkDANBgkqhkiG9w0BAQsFAAOCAQEA
E3lQoWydzQqg2M1o/BvfOfvDXPgeVBpEOpj/0Ei2fv0aL7e3QXgEEdGy16dSFiu3
pDnxwGyD9hrXzHCKs06lkV5MpmipXWDdX2f7ZrosH7/9rjoC8YEabdhqSLbmJX0c
BGLz09BVaVuJiEm9l6jIZGuqavPUSbhcNTb8w0TwxRGcmCTknk7ER3b6Ulb9UFIA
mx0PUnPxtEpVOl3f5f4Frr/j4QNE98rVi/CRHONemi9jctQx7smqnYBBkOCIVIhu
TZpSJxRqGi6uJxJqMiFVWgZjQdURn1Z69yiosvAteQk8QWRzZleFmu5dQShKh0YH
NfhzZFwOddWDdFMdMBbTAA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:29:36 2025 by rpki-client