Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/NcUlI9BT4Q5zzp7TjU3HKov5a30.roa
File: NcUlI9BT4Q5zzp7TjU3HKov5a30.roa (raw, json)
Hash identifier: IScD2DMWkUYv8GTSks1lqlkiIFx8iPyHbW0k2Igs1HQ=
Subject key identifier: 35:C5:25:23:D0:53:E1:0E:73:CE:9E:D3:8D:4D:C7:2A:8B:F9:6B:7D
Certificate issuer: /CN=3d8a553e05f0319bf452fa206c14ccda87304654
Certificate serial: 019388B1BE219C8423E3BD51490C92B67559
Authority key identifier: 3D:8A:55:3E:05:F0:31:9B:F4:52:FA:20:6C:14:CC:DA:87:30:46:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PYpVPgXwMZv0UvogbBTM2ocwRlQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/NcUlI9BT4Q5zzp7TjU3HKov5a30.roa
Signing time: Mon 02 Dec 2024 18:46:10 +0000
ROA not before: Mon 02 Dec 2024 18:46:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8368
IP address blocks: 46.243.24.0/21 maxlen: 24
78.41.64.0/21 maxlen: 24
82.146.96.0/19 maxlen: 24
85.158.208.0/21 maxlen: 24
87.237.8.0/21 maxlen: 24
88.82.32.0/19 maxlen: 24
89.35.16.0/21 maxlen: 24
89.250.176.0/20 maxlen: 24
94.140.160.0/19 maxlen: 24
94.158.248.0/24 maxlen: 24
178.132.8.0/21 maxlen: 24
185.47.0.0/22 maxlen: 24
185.78.180.0/22 maxlen: 24
188.64.72.0/21 maxlen: 24
188.118.0.0/18 maxlen: 24
2001:4c40::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 03 Dec 2024 13:32:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:88:b1:be:21:9c:84:23:e3:bd:51:49:0c:92:b6:75:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d8a553e05f0319bf452fa206c14ccda87304654
Validity
Not Before: Dec 2 18:46:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=35c52523d053e10e73ce9ed38d4dc72a8bf96b7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:75:ca:b5:1a:c5:a0:b3:7a:a4:29:24:59:e1:
39:9e:b1:7a:db:7a:d2:8f:0a:41:36:59:cf:c5:16:
76:99:72:1f:dc:33:61:fa:17:84:6a:38:be:4a:b0:
3f:5b:aa:e4:d7:b8:7c:79:6a:3b:f7:2a:99:4b:0f:
4e:1c:68:89:23:2f:52:b6:b3:78:67:c0:af:15:16:
42:9e:77:62:d7:de:e7:19:8f:5b:dc:fd:d2:20:52:
52:8e:bc:21:db:af:3c:76:1f:d7:59:73:45:3a:c3:
29:83:8f:74:b1:73:e4:4e:82:78:f4:d6:be:c4:cc:
6a:c1:81:48:38:ec:40:e7:f8:af:ce:45:e6:7d:d7:
7e:66:62:c4:7b:98:26:6c:1f:e8:5e:52:83:33:11:
0d:d1:94:38:96:1c:3f:e0:74:14:d2:c4:ad:e4:8e:
ee:6c:38:5f:d6:43:93:80:d4:02:62:6b:c5:d9:c7:
1c:a5:cb:06:7f:91:47:80:79:57:32:85:a2:48:63:
17:6b:b2:62:9b:f2:93:e2:70:56:2a:13:a3:54:b0:
aa:bf:62:de:cc:75:34:59:35:e3:ac:80:0c:67:e3:
97:72:ca:f0:cb:7f:e0:59:48:dd:72:a1:1f:aa:21:
1b:67:9b:41:d7:69:69:cd:83:ca:c4:7f:db:cc:24:
2b:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:C5:25:23:D0:53:E1:0E:73:CE:9E:D3:8D:4D:C7:2A:8B:F9:6B:7D
X509v3 Authority Key Identifier:
keyid:3D:8A:55:3E:05:F0:31:9B:F4:52:FA:20:6C:14:CC:DA:87:30:46:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PYpVPgXwMZv0UvogbBTM2ocwRlQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/NcUlI9BT4Q5zzp7TjU3HKov5a30.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/PYpVPgXwMZv0UvogbBTM2ocwRlQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.243.24.0/21
78.41.64.0/21
82.146.96.0/19
85.158.208.0/21
87.237.8.0/21
88.82.32.0/19
89.35.16.0/21
89.250.176.0/20
94.140.160.0/19
94.158.248.0/24
178.132.8.0/21
185.47.0.0/22
185.78.180.0/22
188.64.72.0/21
188.118.0.0/18
IPv6:
2001:4c40::/32
Signature Algorithm: sha256WithRSAEncryption
99:23:ea:33:0d:a0:e6:47:f8:87:e0:3b:b5:8e:73:22:b3:f1:
e3:6a:45:c3:53:94:d4:36:fe:d0:76:a1:56:33:41:72:4d:f9:
be:36:cd:47:6c:8f:37:57:8a:6c:1d:2e:3d:6c:de:09:ba:ab:
53:d7:9c:fa:b8:1c:7c:0a:7b:c1:9a:5d:7f:d0:6e:fc:7f:e4:
3b:ab:64:0d:a1:ad:0f:c9:63:87:e6:10:e6:17:a9:2d:4e:5b:
cf:68:7f:e0:b5:ae:ec:22:cb:01:3f:90:a6:e8:d9:96:7b:57:
23:41:fe:10:ec:82:e9:90:1a:d5:a9:ca:dc:e7:b6:f4:59:0e:
02:2f:7b:54:14:73:bc:be:3f:62:a3:7f:05:85:37:9c:60:dd:
11:1c:5f:2a:1f:83:fd:9a:fb:76:22:25:11:ad:25:72:7a:27:
c1:cc:22:f1:53:72:e0:14:3f:1b:28:d9:c1:4b:fd:aa:f3:0d:
d8:68:aa:0e:88:bb:af:e9:06:25:81:51:07:8e:e8:de:96:4a:
34:1f:16:b6:fc:08:b6:f3:36:57:89:e7:ab:f0:3b:5b:37:aa:
35:0e:fd:bc:55:fe:e3:54:d0:7f:da:db:6b:91:66:75:27:14:
8f:50:3e:8a:d2:56:77:35:0c:16:a0:82:e5:81:7c:8e:f6:e1:
ca:1b:47:63
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgISAZOIsb4hnIQj471RSQyStnVZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkOGE1NTNlMDVmMDMxOWJmNDUyZmEyMDZjMTRjY2RhODcz
MDQ2NTQwHhcNMjQxMjAyMTg0NjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWM1MjUyM2QwNTNlMTBlNzNjZTllZDM4ZDRkYzcyYThiZjk2YjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv3XKtRrFoLN6pCkkWeE5nrF623rS
jwpBNlnPxRZ2mXIf3DNh+heEaji+SrA/W6rk17h8eWo79yqZSw9OHGiJIy9StrN4
Z8CvFRZCnndi197nGY9b3P3SIFJSjrwh2688dh/XWXNFOsMpg490sXPkToJ49Na+
xMxqwYFIOOxA5/ivzkXmfdd+ZmLEe5gmbB/oXlKDMxEN0ZQ4lhw/4HQU0sSt5I7u
bDhf1kOTgNQCYmvF2cccpcsGf5FHgHlXMoWiSGMXa7Jim/KT4nBWKhOjVLCqv2Le
zHU0WTXjrIAMZ+OXcsrwy3/gWUjdcqEfqiEbZ5tB12lpzYPKxH/bzCQrtwIDAQAB
o4ICbTCCAmkwHQYDVR0OBBYEFDXFJSPQU+EOc86e041NxyqL+Wt9MB8GA1UdIwQY
MBaAFD2KVT4F8DGb9FL6IGwUzNqHMEZUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFlwVlBnWHdNWnYwVXZvZ2JCVE0yb2N3UmxRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy81MmNlNTQtZTQ5Yy00MTFjLTg1Mjct
MGZiNDgyM2Y1Yjg3LzEvTmNVbEk5QlQ0UTV6enA3VGpVM0hLb3Y1YTMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy81MmNlNTQtZTQ5Yy00MTFjLTg1MjctMGZiNDgyM2Y1Yjg3
LzEvUFlwVlBnWHdNWnYwVXZvZ2JCVE0yb2N3UmxRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGCBggrBgEFBQcBBwEB/wRzMHEwYAQCAAEwWgMEAy7zGAME
A04pQAMEBVKSYAMEA1We0AMEA1ftCAMEBVhSIAMEA1kjEAMEBFn6sAMEBV6MoAME
AF6e+AMEA7KECAMEArkvAAMEArlOtAMEA7xASAMEBrx2ADANBAIAAjAHAwUAIAFM
QDANBgkqhkiG9w0BAQsFAAOCAQEAmSPqMw2g5kf4h+A7tY5zIrPx42pFw1OU1Db+
0HahVjNBck35vjbNR2yPN1eKbB0uPWzeCbqrU9ec+rgcfAp7wZpdf9Bu/H/kO6tk
DaGtD8ljh+YQ5hepLU5bz2h/4LWu7CLLAT+QpujZlntXI0H+EOyC6ZAa1anK3Oe2
9FkOAi97VBRzvL4/YqN/BYU3nGDdERxfKh+D/Zr7diIlEa0lcnonwcwi8VNy4BQ/
GyjZwUv9qvMN2GiqDoi7r+kGJYFRB47o3pZKNB8WtvwItvM2V4nnq/A7WzeqNQ79
vFX+41TQf9rba5FmdScUj1A+itJWdzUMFqCC5YF8jvbhyhtHYw==
-----END CERTIFICATE-----
Generated at Sun Jun 8 01:25:57 2025 by rpki-client