Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/e01285-660d-4cd2-ad1f-625245a00abf/1/nwLlIZBGiq6Vd93oEDzjUbHPwzE.roa
File: nwLlIZBGiq6Vd93oEDzjUbHPwzE.roa (raw, json)
Hash identifier: LezFATPYuDs+Ia0AGS3YQ4NzY16CoEWwnB55Jyn96xM=
Subject key identifier: 9F:02:E5:21:90:46:8A:AE:95:77:DD:E8:10:3C:E3:51:B1:CF:C3:31
Certificate issuer: /CN=c61953c08980adc94f2fa3a3c1ba95c40d21e7d3
Certificate serial: 019420685C683541CF5A3191F18D25C4394B
Authority key identifier: C6:19:53:C0:89:80:AD:C9:4F:2F:A3:A3:C1:BA:95:C4:0D:21:E7:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhlTwImArclPL6OjwbqVxA0h59M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/e01285-660d-4cd2-ad1f-625245a00abf/1/nwLlIZBGiq6Vd93oEDzjUbHPwzE.roa
Signing time: Wed 01 Jan 2025 05:48:17 +0000
ROA not before: Wed 01 Jan 2025 05:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1820
IP address blocks: 31.172.136.0/21 maxlen: 32
31.172.142.0/24 maxlen: 32
31.223.224.0/21 maxlen: 32
80.92.224.0/20 maxlen: 32
82.117.244.0/24 maxlen: 32
85.90.211.0/24 maxlen: 32
85.90.223.0/24 maxlen: 32
91.226.1.0/24 maxlen: 32
91.231.127.0/24 maxlen: 32
92.60.176.0/20 maxlen: 32
92.119.220.0/22 maxlen: 32
128.0.168.0/21 maxlen: 32
185.16.228.0/22 maxlen: 32
185.38.208.0/23 maxlen: 32
185.39.196.0/22 maxlen: 32
185.45.244.0/22 maxlen: 32
185.170.192.0/22 maxlen: 32
193.16.47.0/24 maxlen: 32
193.104.182.0/24 maxlen: 32
193.111.0.0/23 maxlen: 32
193.111.48.0/22 maxlen: 32
195.66.93.0/24 maxlen: 32
195.177.72.0/22 maxlen: 32
212.110.129.0/24 maxlen: 32
212.110.130.0/23 maxlen: 32
212.110.132.0/23 maxlen: 32
212.110.134.0/23 maxlen: 32
212.110.136.0/22 maxlen: 32
212.110.140.0/23 maxlen: 32
212.110.142.0/23 maxlen: 32
212.110.152.0/23 maxlen: 32
212.110.154.0/23 maxlen: 32
217.20.160.0/19 maxlen: 32
217.20.164.0/22 maxlen: 32
217.20.176.0/20 maxlen: 32
217.20.184.0/22 maxlen: 32
2a01:6b0::/32 maxlen: 128
2a13:8800::/29 maxlen: 128
Validation: Failed, certificate revoked on Wed 15 Jan 2025 13:37:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:5c:68:35:41:cf:5a:31:91:f1:8d:25:c4:39:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c61953c08980adc94f2fa3a3c1ba95c40d21e7d3
Validity
Not Before: Jan 1 05:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9f02e52190468aae9577dde8103ce351b1cfc331
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:d3:a7:81:ef:5a:e3:32:48:c6:a0:c9:42:54:
b9:1b:4c:59:1b:19:2e:c3:20:a6:f2:49:1b:7e:4d:
7e:36:17:a8:1d:0e:91:40:10:19:29:bd:5b:ee:40:
f7:c9:82:4c:85:05:2f:75:54:d0:b8:59:0e:d3:ad:
8f:f3:80:65:23:3f:05:1e:e2:9a:c9:fe:af:59:8d:
65:5f:00:5b:d1:7c:b8:a7:00:7a:ee:dd:7a:0f:c7:
21:ac:a2:69:4a:60:58:b6:da:62:c0:08:6b:76:54:
8e:39:43:c1:d6:73:55:11:11:15:20:e5:5a:74:5d:
27:e8:8e:7d:7f:4f:97:3b:55:bf:2f:69:19:e9:f7:
55:48:cc:3b:6b:27:49:48:77:fe:af:2e:29:5e:fb:
8f:f4:d3:2b:d1:45:1f:b9:d2:ec:94:3c:1d:8d:2c:
1a:cb:f5:41:e0:08:8b:39:78:1f:8d:96:52:14:7b:
03:c7:ce:0b:b2:b0:78:11:4c:88:e6:1c:3e:1b:a4:
7b:f8:99:4c:20:dd:bf:a5:cd:4c:1f:3b:71:89:c7:
03:56:2b:89:f7:82:a6:80:32:d8:de:bf:6d:84:15:
51:4a:85:c5:18:27:66:82:7a:9d:7d:4f:2e:34:88:
55:99:8b:ae:63:ca:80:2c:4d:f9:9e:f9:42:e5:65:
b3:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:02:E5:21:90:46:8A:AE:95:77:DD:E8:10:3C:E3:51:B1:CF:C3:31
X509v3 Authority Key Identifier:
keyid:C6:19:53:C0:89:80:AD:C9:4F:2F:A3:A3:C1:BA:95:C4:0D:21:E7:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhlTwImArclPL6OjwbqVxA0h59M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/e01285-660d-4cd2-ad1f-625245a00abf/1/nwLlIZBGiq6Vd93oEDzjUbHPwzE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/e01285-660d-4cd2-ad1f-625245a00abf/1/xhlTwImArclPL6OjwbqVxA0h59M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.172.136.0/21
31.223.224.0/21
80.92.224.0/20
82.117.244.0/24
85.90.211.0/24
85.90.223.0/24
91.226.1.0/24
91.231.127.0/24
92.60.176.0/20
92.119.220.0/22
128.0.168.0/21
185.16.228.0/22
185.38.208.0/23
185.39.196.0/22
185.45.244.0/22
185.170.192.0/22
193.16.47.0/24
193.104.182.0/24
193.111.0.0/23
193.111.48.0/22
195.66.93.0/24
195.177.72.0/22
212.110.129.0-212.110.143.255
212.110.152.0/22
217.20.160.0/19
IPv6:
2a01:6b0::/32
2a13:8800::/29
Signature Algorithm: sha256WithRSAEncryption
b3:89:a3:4c:d8:42:be:bc:87:9e:6b:e9:85:eb:57:b0:ba:79:
33:e9:39:b0:c8:87:e0:74:6d:8c:3b:06:1e:44:2e:a1:b3:cc:
d5:53:72:d7:86:82:7d:34:c1:a4:26:3b:28:90:ae:76:46:7f:
cd:25:9c:d9:96:0b:18:0f:56:2d:7c:6f:fa:66:9a:bc:e7:78:
29:e4:ac:a9:8c:31:f8:4f:7e:32:f6:95:99:69:b1:32:6c:82:
9c:33:d5:09:94:b6:92:db:9c:ae:df:39:73:e8:d8:3b:1c:c3:
97:b4:9c:21:ef:42:b1:83:2d:f0:ba:25:ba:de:42:b5:d6:51:
d7:da:9e:61:a0:9f:4b:d5:8b:a1:86:5e:50:e0:3d:0e:38:ad:
6e:4e:93:5c:0c:15:07:0b:1b:af:d0:f2:2e:95:f8:74:13:d1:
6a:56:9f:48:ce:2f:6b:9f:6e:44:f5:2d:6d:ff:68:3c:12:51:
f4:fe:3a:09:26:32:a2:4d:dd:f6:d4:cf:44:93:f3:89:8d:9f:
6c:d9:07:87:c2:66:38:b6:9e:d2:39:ef:31:b4:82:49:ec:05:
3b:9c:89:1a:eb:f2:11:0c:03:89:71:69:6f:0b:d9:1b:8e:1b:
84:df:8e:53:71:3a:90:a8:e4:ac:92:e3:ec:ce:f7:5a:42:1d:
6b:81:80:9b
-----BEGIN CERTIFICATE-----
MIIFsDCCBJigAwIBAgISAZQgaFxoNUHPWjGR8Y0lxDlLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTk1M2MwODk4MGFkYzk0ZjJmYTNhM2MxYmE5NWM0MGQy
MWU3ZDMwHhcNMjUwMTAxMDU0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjAyZTUyMTkwNDY4YWFlOTU3N2RkZTgxMDNjZTM1MWIxY2ZjMzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs9Onge9a4zJIxqDJQlS5G0xZGxku
wyCm8kkbfk1+NheoHQ6RQBAZKb1b7kD3yYJMhQUvdVTQuFkO062P84BlIz8FHuKa
yf6vWY1lXwBb0Xy4pwB67t16D8chrKJpSmBYttpiwAhrdlSOOUPB1nNVEREVIOVa
dF0n6I59f0+XO1W/L2kZ6fdVSMw7aydJSHf+ry4pXvuP9NMr0UUfudLslDwdjSwa
y/VB4AiLOXgfjZZSFHsDx84LsrB4EUyI5hw+G6R7+JlMIN2/pc1MHztxiccDViuJ
94KmgDLY3r9thBVRSoXFGCdmgnqdfU8uNIhVmYuuY8qALE35nvlC5WWzmQIDAQAB
o4ICvDCCArgwHQYDVR0OBBYEFJ8C5SGQRoqulXfd6BA841Gxz8MxMB8GA1UdIwQY
MBaAFMYZU8CJgK3JTy+jo8G6lcQNIefTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhsVHdJbUFyY2xQTDZPandicVZ4QTBoNTlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9lMDEyODUtNjYwZC00Y2QyLWFkMWYt
NjI1MjQ1YTAwYWJmLzEvbndMbElaQkdpcTZWZDkzb0VEempVYkhQd3pFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9lMDEyODUtNjYwZC00Y2QyLWFkMWYtNjI1MjQ1YTAwYWJm
LzEveGhsVHdJbUFyY2xQTDZPandicVZ4QTBoNTlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHRBggrBgEFBQcBBwEB/wSBwTCBvjCBpQQCAAEwgZ4DBAMf
rIgDBAMf3+ADBARQXOADBABSdfQDBABVWtMDBABVWt8DBABb4gEDBABb538DBARc
PLADBAJcd9wDBAOAAKgDBAK5EOQDBAG5JtADBAK5J8QDBAK5LfQDBAK5qsADBADB
EC8DBADBaLYDBAHBbwADBALBbzADBADDQl0DBALDsUgwDAMEANRugQMEBNRugAME
AtRumAMEBdkUoDAUBAIAAjAOAwUAKgEGsAMFAyoTiAAwDQYJKoZIhvcNAQELBQAD
ggEBALOJo0zYQr68h55r6YXrV7C6eTPpObDIh+B0bYw7Bh5ELqGzzNVTcteGgn00
waQmOyiQrnZGf80lnNmWCxgPVi18b/pmmrzneCnkrKmMMfhPfjL2lZlpsTJsgpwz
1QmUtpLbnK7fOXPo2Dscw5e0nCHvQrGDLfC6JbreQrXWUdfanmGgn0vVi6GGXlDg
PQ44rW5Ok1wMFQcLG6/Q8i6V+HQT0WpWn0jOL2ufbkT1LW3/aDwSUfT+OgkmMqJN
3fbUz0ST84mNn2zZB4fCZji2ntI57zG0gknsBTuciRrr8hEMA4lxaW8L2RuOG4Tf
jlNxOpCo5KyS4+zO91pCHWuBgJs=
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:02:27 2025 by rpki-client