Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/NiQCaeG4TWamuz2Vd0vdAmedNOc.roa
File: NiQCaeG4TWamuz2Vd0vdAmedNOc.roa (raw, json)
Hash identifier: 8fRF7dp+C0W4UNtRz/obI4HQUBfedsZujx+12wtPeD0=
Subject key identifier: 36:24:02:69:E1:B8:4D:66:A6:BB:3D:95:77:4B:DD:02:67:9D:34:E7
Certificate issuer: /CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Certificate serial: 0192807F3089D0887A691F3EB50E0A8A4924
Authority key identifier: 9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/NiQCaeG4TWamuz2Vd0vdAmedNOc.roa
Signing time: Sat 12 Oct 2024 11:31:11 +0000
ROA not before: Sat 12 Oct 2024 11:31:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49100
IP address blocks: 5.202.0.0/16 maxlen: 24
5.202.16.0/23 maxlen: 23
5.202.22.0/23 maxlen: 23
5.202.76.0/24 maxlen: 24
5.202.82.0/24 maxlen: 24
5.202.100.0/24 maxlen: 24
5.202.110.0/24 maxlen: 24
5.202.166.0/23 maxlen: 23
5.202.240.0/21 maxlen: 21
77.237.160.0/19 maxlen: 19
85.9.64.0/18 maxlen: 18
85.9.68.0/24 maxlen: 24
85.9.76.0/24 maxlen: 24
91.209.242.0/24 maxlen: 24
95.215.160.0/22 maxlen: 22
109.125.160.0/19 maxlen: 19
109.125.160.0/23 maxlen: 23
109.125.162.0/23 maxlen: 23
109.125.164.0/23 maxlen: 23
109.125.168.0/21 maxlen: 21
109.125.176.0/22 maxlen: 22
109.125.182.0/23 maxlen: 23
109.125.184.0/22 maxlen: 22
109.125.187.0/24 maxlen: 24
109.125.188.0/24 maxlen: 24
109.125.189.0/24 maxlen: 24
109.125.190.0/24 maxlen: 24
109.125.191.0/24 maxlen: 24
109.232.5.0/24 maxlen: 24
109.232.6.0/24 maxlen: 24
109.232.7.0/24 maxlen: 24
185.72.24.0/22 maxlen: 22
185.72.27.0/24 maxlen: 24
185.83.88.0/24 maxlen: 24
185.83.89.0/24 maxlen: 24
185.83.90.0/23 maxlen: 23
185.103.128.0/22 maxlen: 22
185.125.244.0/22 maxlen: 22
185.125.248.0/21 maxlen: 21
185.125.255.0/24 maxlen: 24
185.126.0.0/20 maxlen: 20
185.126.16.0/22 maxlen: 22
185.126.16.0/23 maxlen: 23
185.126.40.0/22 maxlen: 22
185.131.28.0/22 maxlen: 22
185.131.30.0/23 maxlen: 23
185.155.8.0/21 maxlen: 21
185.169.20.0/22 maxlen: 22
185.169.36.0/22 maxlen: 22
185.169.37.0/24 maxlen: 24
185.177.232.0/22 maxlen: 22
185.180.52.0/22 maxlen: 22
188.253.32.0/19 maxlen: 24
188.253.64.0/19 maxlen: 24
193.32.80.0/23 maxlen: 23
194.33.122.0/23 maxlen: 23
2001:4c88::/32 maxlen: 32
2a02:cd80::/29 maxlen: 29
2a07:8f00::/29 maxlen: 29
2a07:8f40::/29 maxlen: 29
2a0a:4e00::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 12 Oct 2024 12:30:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:80:7f:30:89:d0:88:7a:69:1f:3e:b5:0e:0a:8a:49:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Validity
Not Before: Oct 12 11:31:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=36240269e1b84d66a6bb3d95774bdd02679d34e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:b9:26:ad:4c:40:3c:9f:2c:b6:19:85:4e:9b:
af:e0:eb:6c:56:10:31:3b:98:d9:58:cd:91:e0:1f:
89:87:c0:a3:9e:c9:0d:fb:7d:05:2a:98:79:6f:10:
95:09:d3:71:ea:aa:0b:b2:2e:ae:9f:42:06:22:6b:
7c:51:a0:57:62:1c:09:94:aa:a4:a0:3e:9a:62:ac:
d0:44:b6:93:e9:60:19:70:fb:16:f3:a7:6a:00:04:
04:c6:29:8d:52:93:42:df:fa:61:79:ee:9d:8c:6c:
75:cb:40:65:65:e6:8f:5a:a7:19:5b:a5:50:9f:d9:
9f:d6:0f:7c:c9:ea:b3:bf:6d:13:e2:91:4e:8b:a3:
11:4e:b9:9a:43:e9:6c:fa:3b:d7:4a:98:d9:32:18:
e5:68:a8:3b:0f:c4:fe:ff:0b:d2:14:af:07:5c:38:
e6:5e:2f:c4:fc:96:87:fb:2c:6c:c3:24:6a:28:14:
7a:ef:59:7c:b0:01:f1:89:d4:a4:9f:c0:42:14:b1:
bc:4c:c9:5b:a0:e5:90:a2:21:46:3a:53:a9:c5:7d:
8c:35:bc:dd:03:be:91:44:40:ef:e1:3c:45:cc:9c:
57:83:45:21:45:23:1d:68:7b:33:60:74:19:b7:aa:
2f:40:5e:a0:39:1e:43:92:72:bb:d0:4a:5c:f4:91:
fd:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:24:02:69:E1:B8:4D:66:A6:BB:3D:95:77:4B:DD:02:67:9D:34:E7
X509v3 Authority Key Identifier:
keyid:9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/NiQCaeG4TWamuz2Vd0vdAmedNOc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.202.0.0/16
77.237.160.0/19
85.9.64.0/18
91.209.242.0/24
95.215.160.0/22
109.125.160.0/19
109.232.5.0-109.232.7.255
185.72.24.0/22
185.83.88.0/22
185.103.128.0/22
185.125.244.0-185.126.19.255
185.126.40.0/22
185.131.28.0/22
185.155.8.0/21
185.169.20.0/22
185.169.36.0/22
185.177.232.0/22
185.180.52.0/22
188.253.32.0-188.253.95.255
193.32.80.0/23
194.33.122.0/23
IPv6:
2001:4c88::/32
2a02:cd80::/29
2a07:8f00::/29
2a07:8f40::/29
2a0a:4e00::/29
Signature Algorithm: sha256WithRSAEncryption
0a:75:e0:6b:08:8b:26:f1:51:72:70:90:08:f5:46:b3:57:90:
60:24:64:1b:5b:51:94:f2:a6:d1:cf:6e:f7:b5:bd:a4:7e:4a:
ab:f1:ec:7b:d4:6d:33:82:8f:d5:29:e0:22:21:39:91:ac:b7:
d6:ce:fc:73:ad:a5:09:d2:25:67:84:60:d4:4f:d9:80:1e:2c:
90:4d:17:7c:81:5a:d2:ee:f3:b3:11:c6:c8:03:a6:70:50:f6:
e4:51:37:81:32:6b:4d:26:d2:c3:7a:17:cd:d5:fa:d4:9a:68:
3b:98:a6:0b:a7:5d:03:22:66:d8:fc:0c:2b:ca:d0:85:21:fb:
3a:dd:e5:96:27:51:ed:4b:4d:8e:68:a4:11:48:04:59:f5:50:
65:c5:4b:1c:95:ab:fa:df:e6:8d:ac:dd:89:74:b1:38:af:35:
93:d3:2e:16:9e:94:6d:ab:5b:d4:6b:28:a6:42:d8:6a:03:82:
88:fe:0d:e6:df:98:8f:5e:2b:74:e0:28:e3:7d:f1:43:10:bd:
4d:99:0f:53:c1:91:a2:d4:d0:53:2c:3e:0a:a0:8a:4e:2c:4b:
f8:0e:35:47:be:2f:ec:6b:ce:98:7f:88:1c:df:e3:4b:71:3d:
41:5e:26:16:89:da:3c:06:69:01:30:4a:70:82:80:a0:69:3b:
c4:ac:a0:55
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgISAZKAfzCJ0Ih6aR8+tQ4KikkkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMWU2OTM2OGFiZDM0NTM4ZmU3N2RkYWFiY2RjODM1YWY1
OTVlYmEwHhcNMjQxMDEyMTEzMTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjI0MDI2OWUxYjg0ZDY2YTZiYjNkOTU3NzRiZGQwMjY3OWQzNGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA67kmrUxAPJ8sthmFTpuv4OtsVhAx
O5jZWM2R4B+Jh8CjnskN+30FKph5bxCVCdNx6qoLsi6un0IGImt8UaBXYhwJlKqk
oD6aYqzQRLaT6WAZcPsW86dqAAQEximNUpNC3/phee6djGx1y0BlZeaPWqcZW6VQ
n9mf1g98yeqzv20T4pFOi6MRTrmaQ+ls+jvXSpjZMhjlaKg7D8T+/wvSFK8HXDjm
Xi/E/JaH+yxswyRqKBR671l8sAHxidSkn8BCFLG8TMlboOWQoiFGOlOpxX2MNbzd
A76RREDv4TxFzJxXg0UhRSMdaHszYHQZt6ovQF6gOR5DknK70Epc9JH97QIDAQAB
o4ICyDCCAsQwHQYDVR0OBBYEFDYkAmnhuE1mprs9lXdL3QJnnTTnMB8GA1UdIwQY
MBaAFJoeaTaKvTRTj+d92qvNyDWvWV66MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjIt
MTA5ODJlMDQwZDUzLzEvTmlRQ2FlRzRUV2FtdXoyVmQwdmRBbWVkTk9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjItMTA5ODJlMDQwZDUz
LzEvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHdBggrBgEFBQcBBwEB/wSBzTCByjCBnAQCAAEwgZUDAwAF
ygMEBU3toAMEBlUJQAMEAFvR8gMEAl/XoAMEBW19oDAMAwQAbegFAwQDbegAAwQC
uUgYAwQCuVNYAwQCuWeAMAwDBAK5ffQDBAK5fhADBAK5figDBAK5gxwDBAO5mwgD
BAK5qRQDBAK5qSQDBAK5segDBAK5tDQwDAMEBbz9IAMEBbz9QAMEAcEgUAMEAcIh
ejApBAIAAjAjAwUAIAFMiAMFAyoCzYADBQMqB48AAwUDKgePQAMFAyoKTgAwDQYJ
KoZIhvcNAQELBQADggEBAAp14GsIiybxUXJwkAj1RrNXkGAkZBtbUZTyptHPbve1
vaR+Sqvx7HvUbTOCj9Up4CIhOZGst9bO/HOtpQnSJWeEYNRP2YAeLJBNF3yBWtLu
87MRxsgDpnBQ9uRRN4Eya00m0sN6F83V+tSaaDuYpgunXQMiZtj8DCvK0IUh+zrd
5ZYnUe1LTY5opBFIBFn1UGXFSxyVq/rf5o2s3Yl0sTivNZPTLhaelG2rW9RrKKZC
2GoDgoj+DebfmI9eK3TgKON98UMQvU2ZD1PBkaLU0FMsPgqgik4sS/gONUe+L+xr
zph/iBzf40txPUFeJhaJ2jwGaQEwSnCCgKBpO8SsoFU=
-----END CERTIFICATE-----
Generated at Thu Apr 17 01:28:34 2025 by rpki-client