Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/nVUJz-Gl4qJRAdPFHKezqyIPEx4.roa
File: nVUJz-Gl4qJRAdPFHKezqyIPEx4.roa (raw, json)
Hash identifier: DvE8ofQ5//H94JgxvEgJD6RlT0f6fB2UzNWGcNePtGU=
Subject key identifier: 9D:55:09:CF:E1:A5:E2:A2:51:01:D3:C5:1C:A7:B3:AB:22:0F:13:1E
Certificate issuer: /CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Certificate serial: 018CC9BB2C20D06B3A8B87B7FEDA0A45C06D
Authority key identifier: F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/nVUJz-Gl4qJRAdPFHKezqyIPEx4.roa
Signing time: Tue 02 Jan 2024 10:32:16 +0000
ROA not before: Tue 02 Jan 2024 10:32:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49685
IP address blocks: 185.110.172.0/22 maxlen: 24
93.191.128.0/21 maxlen: 24
185.110.173.0/24 maxlen: 24
83.96.216.0/22 maxlen: 24
83.96.224.0/19 maxlen: 24
83.96.236.0/22 maxlen: 24
83.96.240.0/22 maxlen: 24
83.96.244.0/22 maxlen: 24
83.96.252.0/22 maxlen: 24
213.187.240.0/21 maxlen: 24
193.93.172.0/22 maxlen: 24
171.33.128.0/21 maxlen: 24
81.30.32.0/20 maxlen: 24
171.33.128.0/24 maxlen: 24
193.242.119.0/24 maxlen: 24
80.255.240.0/20 maxlen: 24
185.110.200.0/22 maxlen: 24
91.205.32.0/22 maxlen: 24
141.255.176.0/22 maxlen: 24
79.170.88.0/21 maxlen: 24
217.21.240.0/20 maxlen: 24
83.96.204.0/22 maxlen: 24
83.96.200.0/22 maxlen: 24
83.96.212.0/22 maxlen: 24
185.15.248.0/22 maxlen: 24
83.96.128.0/17 maxlen: 24
83.96.157.0/24 maxlen: 24
89.31.96.0/21 maxlen: 24
81.4.112.0/22 maxlen: 24
91.216.162.0/24 maxlen: 24
81.4.112.0/21 maxlen: 24
80.246.192.0/20 maxlen: 24
81.4.64.0/19 maxlen: 24
80.246.207.0/24 maxlen: 24
185.95.68.0/22 maxlen: 24
81.4.84.0/22 maxlen: 24
37.17.208.0/20 maxlen: 24
81.4.96.0/22 maxlen: 24
178.18.80.0/20 maxlen: 24
91.142.240.0/20 maxlen: 24
185.21.188.0/22 maxlen: 24
217.149.128.0/20 maxlen: 24
31.223.160.0/20 maxlen: 24
81.21.136.0/21 maxlen: 24
37.230.96.0/21 maxlen: 24
31.3.96.0/21 maxlen: 24
194.60.207.0/24 maxlen: 24
141.138.192.0/20 maxlen: 24
80.84.224.0/20 maxlen: 24
80.84.224.0/19 maxlen: 24
85.158.248.0/21 maxlen: 24
193.138.204.0/22 maxlen: 24
78.108.128.0/20 maxlen: 24
80.84.240.0/20 maxlen: 24
176.74.224.0/19 maxlen: 24
185.3.208.0/22 maxlen: 24
37.34.48.0/21 maxlen: 24
85.10.160.0/19 maxlen: 24
85.222.224.0/21 maxlen: 24
85.10.176.0/22 maxlen: 24
2001:4cb8::/29 maxlen: 48
2001:4cb8:40b::/48 maxlen: 48
2001:4cb8:e::/48 maxlen: 48
2a02:348::/32 maxlen: 48
2a02:348:28::/48 maxlen: 48
2a02:348:29::/48 maxlen: 48
2001:828::/32 maxlen: 48
2a02:348:7d::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 26 Jan 2024 12:35:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:2c:20:d0:6b:3a:8b:87:b7:fe:da:0a:45:c0:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Validity
Not Before: Jan 2 10:32:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9d5509cfe1a5e2a25101d3c51ca7b3ab220f131e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:a4:33:ec:c5:21:7a:08:eb:e6:b7:71:fd:47:
a9:a9:1d:bd:1a:83:a4:79:bf:66:8a:74:cc:9f:d4:
1f:c2:64:32:93:7f:df:5f:0f:08:9a:c0:32:eb:19:
13:26:59:dc:cd:8c:25:85:bc:00:4b:f3:40:9b:3f:
b2:15:23:cb:ec:aa:7f:90:c1:c2:1e:a9:48:f7:47:
ba:5b:98:fd:aa:3f:e6:15:82:92:d7:6c:f6:c5:6e:
1e:ef:14:0e:34:67:94:8f:42:72:05:c3:00:41:96:
30:98:db:4a:7e:67:27:e0:eb:30:5d:d0:65:8d:9e:
11:db:ef:de:e0:30:67:21:05:8c:1d:fa:23:eb:bc:
e6:26:56:dd:bf:e2:5a:1a:4d:a2:a0:54:16:47:80:
c8:59:52:0d:f5:c1:bd:1b:8e:d9:c7:f8:fa:2a:d5:
40:27:16:05:18:6b:6f:cf:51:c1:14:6c:55:ad:19:
48:d1:0b:79:c4:a5:b1:e9:42:31:0d:36:7e:9d:9b:
eb:e0:de:3c:2f:e0:8a:16:fc:88:c1:5f:d7:13:3c:
99:e8:f1:96:4c:83:ea:d9:db:89:db:72:8d:61:34:
a4:9e:8b:f4:e8:a9:52:1f:e7:73:61:87:23:3a:8d:
d2:b3:2a:f2:24:8b:6d:6b:89:f8:34:23:a2:ae:f8:
9a:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:55:09:CF:E1:A5:E2:A2:51:01:D3:C5:1C:A7:B3:AB:22:0F:13:1E
X509v3 Authority Key Identifier:
keyid:F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/nVUJz-Gl4qJRAdPFHKezqyIPEx4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9RNpzL-GsehOGutG5tM20591Kuc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.3.96.0/21
31.223.160.0/20
37.17.208.0/20
37.34.48.0/21
37.230.96.0/21
78.108.128.0/20
79.170.88.0/21
80.84.224.0/19
80.246.192.0/20
80.255.240.0/20
81.4.64.0-81.4.99.255
81.4.112.0/21
81.21.136.0/21
81.30.32.0/20
83.96.128.0/17
85.10.160.0/19
85.158.248.0/21
85.222.224.0/21
89.31.96.0/21
91.142.240.0/20
91.205.32.0/22
91.216.162.0/24
93.191.128.0/21
141.138.192.0/20
141.255.176.0/22
171.33.128.0/21
176.74.224.0/19
178.18.80.0/20
185.3.208.0/22
185.15.248.0/22
185.21.188.0/22
185.95.68.0/22
185.110.172.0/22
185.110.200.0/22
193.93.172.0/22
193.138.204.0/22
193.242.119.0/24
194.60.207.0/24
213.187.240.0/21
217.21.240.0/20
217.149.128.0/20
IPv6:
2001:828::/32
2001:4cb8::/29
2a02:348::/32
Signature Algorithm: sha256WithRSAEncryption
4c:81:66:60:2c:9c:72:dd:f4:26:20:77:a9:eb:ea:ce:15:c9:
b3:67:05:47:60:ba:12:91:fd:e2:7a:b0:82:d9:78:e6:ba:72:
5e:5a:50:ee:2a:e9:49:4a:ed:f2:b8:a7:d8:6d:c2:af:13:6f:
3c:85:96:8d:b9:43:fe:fb:2a:14:b4:2b:93:49:29:2b:ef:e1:
c6:5c:96:87:78:66:6e:34:5d:01:09:76:06:df:6a:b4:64:3c:
bf:74:f0:f8:cf:30:07:fd:e4:fc:fd:f9:2f:b8:97:a0:f4:e3:
35:a2:d5:3a:c5:f8:50:a1:6f:a1:06:30:39:4c:22:9e:92:b2:
05:ee:d7:0c:fb:89:ae:a8:9a:6c:62:af:f6:8b:99:14:f8:3b:
41:6d:57:50:f6:2e:04:a6:08:57:15:f8:d6:65:bb:73:c3:16:
07:6f:a6:96:47:51:10:30:9d:f6:50:23:52:52:76:2d:da:52:
b5:06:1e:0c:e9:41:76:a5:fc:d5:f9:d6:84:67:4c:33:69:eb:
34:1a:6a:df:57:e5:3c:e9:50:22:59:48:17:23:56:f8:7a:7c:
a4:c9:a8:76:de:88:17:a1:62:80:d4:09:d2:77:cf:7f:37:34:
fb:f1:cd:b7:cc:f2:01:60:f3:cd:8a:64:a5:b2:a8:db:78:91:
20:40:32:c8
-----BEGIN CERTIFICATE-----
MIIGGzCCBQOgAwIBAgISAYzJuywg0Gs6i4e3/toKRcBtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1MTM2OWNjYmY4NmIxZTg0ZTFhZWI0NmU2ZDMzNmQzOWY3
NTJhZTcwHhcNMjQwMTAyMTAzMjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDU1MDljZmUxYTVlMmEyNTEwMWQzYzUxY2E3YjNhYjIyMGYxMzFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmKQz7MUhegjr5rdx/UepqR29GoOk
eb9minTMn9QfwmQyk3/fXw8ImsAy6xkTJlnczYwlhbwAS/NAmz+yFSPL7Kp/kMHC
HqlI90e6W5j9qj/mFYKS12z2xW4e7xQONGeUj0JyBcMAQZYwmNtKfmcn4OswXdBl
jZ4R2+/e4DBnIQWMHfoj67zmJlbdv+JaGk2ioFQWR4DIWVIN9cG9G47Zx/j6KtVA
JxYFGGtvz1HBFGxVrRlI0Qt5xKWx6UIxDTZ+nZvr4N48L+CKFvyIwV/XEzyZ6PGW
TIPq2duJ23KNYTSknov06KlSH+dzYYcjOo3SsyryJItta4n4NCOirviakwIDAQAB
o4IDJzCCAyMwHQYDVR0OBBYEFJ1VCc/hpeKiUQHTxRyns6siDxMeMB8GA1UdIwQY
MBaAFPUTacy/hrHoThrrRubTNtOfdSrnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUt
MmI5MjBiZGUzOTkwLzEvblZVSnotR2w0cUpSQWRQRkhLZXpxeUlQRXg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUtMmI5MjBiZGUzOTkw
LzEvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBOwYIKwYBBQUHAQcBAf8EggEqMIIBJjCCAQUEAgABMIH+
AwQDHwNgAwQEH9+gAwQEJRHQAwQDJSIwAwQDJeZgAwQETmyAAwQDT6pYAwQFUFTg
AwQEUPbAAwQEUP/wMAwDBAZRBEADBAJRBGADBANRBHADBANRFYgDBARRHiADBAdT
YIADBAVVCqADBANVnvgDBANV3uADBANZH2ADBARbjvADBAJbzSADBABb2KIDBANd
v4ADBASNisADBAKN/7ADBAOrIYADBAWwSuADBASyElADBAK5A9ADBAK5D/gDBAK5
FbwDBAK5X0QDBAK5bqwDBAK5bsgDBALBXawDBALBiswDBADB8ncDBADCPM8DBAPV
u/ADBATZFfADBATZlYAwGwQCAAIwFQMFACABCCgDBQMgAUy4AwUAKgIDSDANBgkq
hkiG9w0BAQsFAAOCAQEATIFmYCycct30JiB3qevqzhXJs2cFR2C6EpH94nqwgtl4
5rpyXlpQ7irpSUrt8rin2G3CrxNvPIWWjblD/vsqFLQrk0kpK+/hxlyWh3hmbjRd
AQl2Bt9qtGQ8v3Tw+M8wB/3k/P35L7iXoPTjNaLVOsX4UKFvoQYwOUwinpKyBe7X
DPuJrqiabGKv9ouZFPg7QW1XUPYuBKYIVxX41mW7c8MWB2+mlkdREDCd9lAjUlJ2
LdpStQYeDOlBdqX81fnWhGdMM2nrNBpq31flPOlQIllIFyNW+Hp8pMmodt6IF6Fi
gNQJ0nfPfzc0+/HNt8zyAWDzzYpkpbKo23iRIEAyyA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:01 2024 by rpki-client on console-fra.rpki-client.org