Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/2d5bc8-5d93-4b0a-a8b6-f8d65c983744/1/mT_NWYN_KRaaOAxPTlfMtMcZEzM.roa
File: mT_NWYN_KRaaOAxPTlfMtMcZEzM.roa (raw, json)
Hash identifier: HfXXiKRCSio6eF+seTCHaVJrrKvOrrp5OoK4f642Df8=
Subject key identifier: 99:3F:CD:59:83:7F:29:16:9A:38:0C:4F:4E:57:CC:B4:C7:19:13:33
Certificate issuer: /CN=de2e917315f0a878b21fc139d49a821aaddc3c97
Certificate serial: 0191B2F7FF8085AAB2A9DB1E29AAB5CDB657
Authority key identifier: DE:2E:91:73:15:F0:A8:78:B2:1F:C1:39:D4:9A:82:1A:AD:DC:3C:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3i6RcxXwqHiyH8E51JqCGq3cPJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/2d5bc8-5d93-4b0a-a8b6-f8d65c983744/1/mT_NWYN_KRaaOAxPTlfMtMcZEzM.roa
Signing time: Mon 02 Sep 2024 13:41:22 +0000
ROA not before: Mon 02 Sep 2024 13:41:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39351
IP address blocks: 45.83.220.0/24 maxlen: 24
45.83.221.0/24 maxlen: 24
45.83.222.0/23 maxlen: 24
45.129.56.0/24 maxlen: 24
45.129.59.0/24 maxlen: 24
141.98.252.0/24 maxlen: 24
141.98.254.0/24 maxlen: 24
141.98.255.0/24 maxlen: 24
185.65.132.0/24 maxlen: 24
185.65.133.0/24 maxlen: 24
185.65.134.0/24 maxlen: 24
185.65.135.0/24 maxlen: 24
185.195.232.0/24 maxlen: 24
185.195.233.0/24 maxlen: 24
185.209.196.0/24 maxlen: 24
185.209.197.0/24 maxlen: 24
185.209.198.0/24 maxlen: 24
185.209.199.0/24 maxlen: 24
185.213.152.0/24 maxlen: 24
185.213.153.0/24 maxlen: 24
185.213.154.0/24 maxlen: 24
185.213.155.0/24 maxlen: 24
193.32.126.0/24 maxlen: 24
193.32.127.0/24 maxlen: 24
193.32.248.0/24 maxlen: 24
193.32.249.0/24 maxlen: 24
193.138.216.0/22 maxlen: 22
2a03:1b20:1::/48 maxlen: 48
2a03:1b20:2::/48 maxlen: 48
2a03:1b20:3::/48 maxlen: 48
2a03:1b20:4::/48 maxlen: 48
2a03:1b20:5::/48 maxlen: 48
2a03:1b20:6::/48 maxlen: 48
2a03:1b20:7::/48 maxlen: 48
2a03:1b20:8::/48 maxlen: 48
2a03:1b20:9::/48 maxlen: 48
2a03:1b20:a::/48 maxlen: 48
2a03:1b20:b::/48 maxlen: 48
2a03:1b20:901::/48 maxlen: 48
2a03:1b20:bef1::/48 maxlen: 48
2a03:1b20:bef2::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:47:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b2:f7:ff:80:85:aa:b2:a9:db:1e:29:aa:b5:cd:b6:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de2e917315f0a878b21fc139d49a821aaddc3c97
Validity
Not Before: Sep 2 13:41:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=993fcd59837f29169a380c4f4e57ccb4c7191333
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:d3:1e:40:6e:43:53:52:f7:87:3a:2a:5b:f7:
8a:b8:79:63:0c:84:ea:b4:95:27:4d:84:9a:64:22:
cc:01:9e:34:98:35:8e:fa:18:fb:18:e9:f8:fb:65:
e0:f8:ee:d7:08:53:0b:76:07:00:72:d0:60:d8:59:
c3:6f:c4:fe:cf:51:d8:70:c9:cf:95:0b:7d:d1:6c:
e1:7f:92:0b:f7:b5:6a:50:d6:6f:b6:ae:7f:db:03:
bc:ba:a4:ae:2c:29:d2:f2:0e:d0:ff:28:bb:4f:cf:
93:cd:6a:1e:eb:2a:30:d5:3a:fe:3e:73:ce:0e:bd:
79:68:20:c6:27:7e:12:b5:d4:70:72:9c:7f:4b:b6:
fa:ad:df:37:17:e7:b0:5d:19:58:e1:e9:84:a7:2f:
32:76:b6:7d:68:4c:6a:fc:c1:38:ca:4e:23:56:52:
72:f1:df:2a:24:8e:6e:f0:62:2f:cd:5c:0d:e2:6f:
7c:af:ee:6f:9e:b8:ed:fa:a8:3a:19:c3:f5:6e:22:
70:45:28:5b:45:b0:f6:8a:40:e0:8f:d0:d9:79:a6:
19:24:f0:e5:3c:ac:73:a6:b6:df:ba:f9:60:bc:6a:
6c:b3:28:09:09:7d:db:c2:3c:50:83:02:f0:0c:33:
04:e9:5b:38:19:83:f7:2c:bc:63:08:90:97:39:8b:
05:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:3F:CD:59:83:7F:29:16:9A:38:0C:4F:4E:57:CC:B4:C7:19:13:33
X509v3 Authority Key Identifier:
keyid:DE:2E:91:73:15:F0:A8:78:B2:1F:C1:39:D4:9A:82:1A:AD:DC:3C:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3i6RcxXwqHiyH8E51JqCGq3cPJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/2d5bc8-5d93-4b0a-a8b6-f8d65c983744/1/mT_NWYN_KRaaOAxPTlfMtMcZEzM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/2d5bc8-5d93-4b0a-a8b6-f8d65c983744/1/3i6RcxXwqHiyH8E51JqCGq3cPJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.83.220.0/22
45.129.56.0/24
45.129.59.0/24
141.98.252.0/24
141.98.254.0/23
185.65.132.0/22
185.195.232.0/23
185.209.196.0/22
185.213.152.0/22
193.32.126.0/23
193.32.248.0/23
193.138.216.0/22
IPv6:
2a03:1b20:1::-2a03:1b20:b:ffff:ffff:ffff:ffff:ffff
2a03:1b20:901::/48
2a03:1b20:bef1::-2a03:1b20:bef2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
1f:f1:e2:92:c7:1e:f9:25:01:ea:8f:95:00:90:15:e6:c8:94:
98:c2:cd:8d:b4:eb:16:5a:29:6e:d9:da:d8:d6:54:5c:b0:d0:
46:01:ce:fc:a3:5b:bf:02:75:8d:dd:85:80:46:e8:ef:51:82:
04:ae:b0:0a:0e:77:f1:a0:d2:3e:e2:f7:2d:c5:6e:a4:9f:2b:
25:a7:82:34:99:f1:15:9b:8a:52:15:9d:32:10:3b:e2:3f:46:
c1:3c:0c:93:14:16:38:6d:72:5b:0c:d4:c6:6f:cd:69:55:7b:
3f:64:91:51:9d:47:24:2a:db:07:f9:e0:b0:ba:48:a2:f3:f9:
c6:28:83:75:6e:a7:5c:90:04:5f:05:57:67:14:08:ca:fe:3a:
4f:2e:61:6e:1c:0a:ae:f8:5f:87:6e:5d:17:6a:c8:6b:ce:0c:
f8:a0:b9:0f:c9:3c:01:5a:6f:14:6e:b6:c8:be:42:f2:cc:58:
cf:50:6f:55:78:fa:58:18:f7:d9:53:eb:70:16:7c:93:28:f4:
47:ad:70:0c:67:a6:a1:21:eb:67:da:ef:84:3f:b5:39:ea:b1:
fa:2b:cf:83:c0:a3:88:67:41:6c:44:3f:15:a9:28:21:c5:a6:
6f:ff:68:fe:de:09:6c:fa:18:96:cb:5c:7b:be:29:b5:70:22:
ed:1d:85:d7
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgISAZGy9/+AhaqyqdseKaq1zbZXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMmU5MTczMTVmMGE4NzhiMjFmYzEzOWQ0OWE4MjFhYWRk
YzNjOTcwHhcNMjQwOTAyMTM0MTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTNmY2Q1OTgzN2YyOTE2OWEzODBjNGY0ZTU3Y2NiNGM3MTkxMzMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwNMeQG5DU1L3hzoqW/eKuHljDITq
tJUnTYSaZCLMAZ40mDWO+hj7GOn4+2Xg+O7XCFMLdgcActBg2FnDb8T+z1HYcMnP
lQt90Wzhf5IL97VqUNZvtq5/2wO8uqSuLCnS8g7Q/yi7T8+TzWoe6yow1Tr+PnPO
Dr15aCDGJ34StdRwcpx/S7b6rd83F+ewXRlY4emEpy8ydrZ9aExq/ME4yk4jVlJy
8d8qJI5u8GIvzVwN4m98r+5vnrjt+qg6GcP1biJwRShbRbD2ikDgj9DZeaYZJPDl
PKxzprbfuvlgvGpssygJCX3bwjxQgwLwDDME6Vs4GYP3LLxjCJCXOYsFawIDAQAB
o4IChzCCAoMwHQYDVR0OBBYEFJk/zVmDfykWmjgMT05XzLTHGRMzMB8GA1UdIwQY
MBaAFN4ukXMV8Kh4sh/BOdSaghqt3DyXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2k2UmN4WHdxSGl5SDhFNTFKcUNHcTNjUEpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy8yZDViYzgtNWQ5My00YjBhLWE4YjYt
ZjhkNjVjOTgzNzQ0LzEvbVRfTldZTl9LUmFhT0F4UFRsZk10TWNaRXpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy8yZDViYzgtNWQ5My00YjBhLWE4YjYtZjhkNjVjOTgzNzQ0
LzEvM2k2UmN4WHdxSGl5SDhFNTFKcUNHcTNjUEpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGcBggrBgEFBQcBBwEB/wSBjDCBiTBOBAIAATBIAwQCLVPc
AwQALYE4AwQALYE7AwQAjWL8AwQBjWL+AwQCuUGEAwQBucPoAwQCudHEAwQCudWY
AwQBwSB+AwQBwSD4AwQCwYrYMDcEAgACMDEwEgMHACoDGyAAAQMHAioDGyAACAMH
ACoDGyAJATASAwcAKgMbIL7xAwcAKgMbIL7yMA0GCSqGSIb3DQEBCwUAA4IBAQAf
8eKSxx75JQHqj5UAkBXmyJSYws2NtOsWWilu2drY1lRcsNBGAc78o1u/AnWN3YWA
RujvUYIErrAKDnfxoNI+4vctxW6knyslp4I0mfEVm4pSFZ0yEDviP0bBPAyTFBY4
bXJbDNTGb81pVXs/ZJFRnUckKtsH+eCwukii8/nGKIN1bqdckARfBVdnFAjK/jpP
LmFuHAqu+F+Hbl0Xashrzgz4oLkPyTwBWm8UbrbIvkLyzFjPUG9VePpYGPfZU+tw
FnyTKPRHrXAMZ6ahIetn2u+EP7U56rH6K8+DwKOIZ0FsRD8VqSghxaZv/2j+3gls
+hiWy1x7vim1cCLtHYXX
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:09:20 2025 by rpki-client