Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/ba88f2-215f-4f89-a3af-138b787de3e3/1/N24SGR4JvAtL5CxM1XV2DpgtGkI.roa
File: N24SGR4JvAtL5CxM1XV2DpgtGkI.roa (raw, json)
Hash identifier: W8Wl+8qeUlGUazTqurub0lsYsKMF+FZBIFxcO1iaQIw=
Subject key identifier: 37:6E:12:19:1E:09:BC:0B:4B:E4:2C:4C:D5:75:76:0E:98:2D:1A:42
Certificate issuer: /CN=999df7dc0ed518f1ec69974cf98cecaada1a8680
Certificate serial: 018E37E95FE7474CF9EE1AE14CF1981FE1DA
Authority key identifier: 99:9D:F7:DC:0E:D5:18:F1:EC:69:97:4C:F9:8C:EC:AA:DA:1A:86:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mZ333A7VGPHsaZdM-YzsqtoahoA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/ba88f2-215f-4f89-a3af-138b787de3e3/1/N24SGR4JvAtL5CxM1XV2DpgtGkI.roa
Signing time: Wed 13 Mar 2024 13:03:45 +0000
ROA not before: Wed 13 Mar 2024 13:03:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6848
IP address blocks: 5.23.128.0/17 maxlen: 17
46.253.160.0/20 maxlen: 20
62.205.64.0/18 maxlen: 18
78.20.0.0/14 maxlen: 14
78.29.192.0/18 maxlen: 18
81.82.0.0/15 maxlen: 15
81.164.0.0/15 maxlen: 15
82.143.64.0/18 maxlen: 18
82.210.64.0/19 maxlen: 19
83.217.128.0/19 maxlen: 19
84.192.0.0/13 maxlen: 13
85.28.64.0/18 maxlen: 18
94.72.64.0/19 maxlen: 19
94.224.0.0/14 maxlen: 14
141.134.0.0/15 maxlen: 15
157.173.128.0/18 maxlen: 18
178.116.0.0/14 maxlen: 14
185.23.244.0/22 maxlen: 22
185.30.52.0/22 maxlen: 22
185.248.40.0/22 maxlen: 22
185.248.41.0/24 maxlen: 24
188.44.64.0/19 maxlen: 19
188.95.146.0/23 maxlen: 23
188.188.0.0/15 maxlen: 15
195.16.0.0/19 maxlen: 19
195.130.128.0/19 maxlen: 19
195.162.192.0/19 maxlen: 19
212.76.224.0/19 maxlen: 19
212.88.224.0/19 maxlen: 19
212.123.0.0/19 maxlen: 19
213.118.0.0/15 maxlen: 15
213.132.128.0/19 maxlen: 19
213.214.32.0/19 maxlen: 19
213.224.0.0/16 maxlen: 16
213.251.64.0/18 maxlen: 18
217.72.224.0/20 maxlen: 20
217.168.120.0/21 maxlen: 21
2a00:1cf8::/32 maxlen: 32
2a02:1800::/24 maxlen: 24
2a02:1800:101::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 28 May 2024 08:52:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:37:e9:5f:e7:47:4c:f9:ee:1a:e1:4c:f1:98:1f:e1:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=999df7dc0ed518f1ec69974cf98cecaada1a8680
Validity
Not Before: Mar 13 13:03:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=376e12191e09bc0b4be42c4cd575760e982d1a42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:5d:79:3f:58:e3:55:a0:2e:94:ab:d2:01:ff:
8b:23:db:bc:a1:74:c7:5d:70:e1:3d:04:74:4a:0f:
da:3d:06:56:ae:bc:0f:c4:6e:e0:39:de:ea:dd:b7:
6b:4c:f0:ca:89:7b:18:f1:42:bc:c4:4d:6e:81:51:
d6:68:d0:32:76:89:bc:da:77:f5:b6:37:66:05:23:
ac:4a:1f:e0:0b:f3:81:54:22:ad:72:90:7f:6e:14:
fb:39:8e:cb:65:1c:f2:eb:12:08:3a:4f:12:d3:06:
01:d6:b2:e0:ae:00:5b:16:e2:74:2a:b6:b1:2b:69:
65:8f:28:f2:f2:ac:52:3c:f4:8b:11:81:24:d9:3a:
e0:38:ed:6c:a7:10:b5:05:4a:5f:21:1b:bc:c8:67:
43:13:84:0b:de:f1:5b:97:45:0f:0f:a2:f6:04:24:
ee:58:67:8e:c6:a2:0b:94:ba:dc:af:6a:90:6a:9a:
a4:62:72:4b:67:d0:d3:ca:f2:a3:82:32:00:4a:67:
79:f0:d7:2e:2a:72:73:f9:1a:f0:e7:a6:14:19:0d:
06:99:99:9a:b0:9e:94:7e:04:d2:e7:a9:05:b6:25:
5b:6b:bb:32:09:f1:ee:2b:d3:f0:ff:89:23:f4:df:
85:51:18:89:f0:f3:f0:af:9d:52:d1:d4:6a:71:5e:
62:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:6E:12:19:1E:09:BC:0B:4B:E4:2C:4C:D5:75:76:0E:98:2D:1A:42
X509v3 Authority Key Identifier:
keyid:99:9D:F7:DC:0E:D5:18:F1:EC:69:97:4C:F9:8C:EC:AA:DA:1A:86:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mZ333A7VGPHsaZdM-YzsqtoahoA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/ba88f2-215f-4f89-a3af-138b787de3e3/1/N24SGR4JvAtL5CxM1XV2DpgtGkI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/ba88f2-215f-4f89-a3af-138b787de3e3/1/mZ333A7VGPHsaZdM-YzsqtoahoA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.23.128.0/17
46.253.160.0/20
62.205.64.0/18
78.20.0.0/14
78.29.192.0/18
81.82.0.0/15
81.164.0.0/15
82.143.64.0/18
82.210.64.0/19
83.217.128.0/19
84.192.0.0/13
85.28.64.0/18
94.72.64.0/19
94.224.0.0/14
141.134.0.0/15
157.173.128.0/18
178.116.0.0/14
185.23.244.0/22
185.30.52.0/22
185.248.40.0/22
188.44.64.0/19
188.95.146.0/23
188.188.0.0/15
195.16.0.0/19
195.130.128.0/19
195.162.192.0/19
212.76.224.0/19
212.88.224.0/19
212.123.0.0/19
213.118.0.0/15
213.132.128.0/19
213.214.32.0/19
213.224.0.0/16
213.251.64.0/18
217.72.224.0/20
217.168.120.0/21
IPv6:
2a00:1cf8::/32
2a02:1800::/24
Signature Algorithm: sha256WithRSAEncryption
6b:94:c3:c3:6c:46:b3:ba:cd:68:fa:1a:bd:a9:5e:d3:cf:ca:
ca:e4:c2:f7:eb:37:e0:89:f6:fb:9d:a9:8d:21:a9:b8:52:ce:
7c:18:c2:20:44:41:62:f5:d7:18:dc:03:ed:38:d0:e3:d4:73:
e6:55:b6:fc:f0:2d:ee:1e:c6:cb:23:09:ed:58:d5:f6:aa:8d:
a5:5d:7e:9b:33:bc:fa:7a:5b:a7:1c:06:72:a2:0a:94:9c:52:
2a:1b:90:54:99:a1:c7:db:f6:d9:8e:c8:41:d1:36:5c:09:e6:
b1:05:83:95:a5:48:68:23:fb:dd:f7:3e:4f:c1:d4:d0:f1:86:
b9:d6:b7:ca:6c:5a:d6:f7:9d:59:07:29:45:07:a0:5d:44:72:
3e:da:79:a2:b7:17:da:83:3c:c9:c3:61:6f:48:7b:58:4b:ee:
2a:cf:96:38:01:de:d3:8f:dd:0e:67:a4:d0:1c:32:6a:d6:23:
06:0f:1e:bb:49:4a:22:ff:09:65:e5:b8:f2:a9:c3:e1:8c:e0:
25:e0:bf:8a:fb:99:0e:77:10:26:0a:1f:0e:e2:43:aa:1a:c7:
68:b5:9a:9a:be:f4:7c:f9:ae:c5:e4:d1:cc:c8:91:83:ac:a6:
70:f4:e1:44:92:ad:24:87:f7:90:90:51:02:b9:5f:64:0c:3a:
a8:b5:81:e5
-----BEGIN CERTIFICATE-----
MIIF4DCCBMigAwIBAgISAY436V/nR0z57hrhTPGYH+HaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5OWRmN2RjMGVkNTE4ZjFlYzY5OTc0Y2Y5OGNlY2FhZGEx
YTg2ODAwHhcNMjQwMzEzMTMwMzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzZlMTIxOTFlMDliYzBiNGJlNDJjNGNkNTc1NzYwZTk4MmQxYTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo115P1jjVaAulKvSAf+LI9u8oXTH
XXDhPQR0Sg/aPQZWrrwPxG7gOd7q3bdrTPDKiXsY8UK8xE1ugVHWaNAydom82nf1
tjdmBSOsSh/gC/OBVCKtcpB/bhT7OY7LZRzy6xIIOk8S0wYB1rLgrgBbFuJ0Krax
K2lljyjy8qxSPPSLEYEk2TrgOO1spxC1BUpfIRu8yGdDE4QL3vFbl0UPD6L2BCTu
WGeOxqILlLrcr2qQapqkYnJLZ9DTyvKjgjIASmd58NcuKnJz+Rrw56YUGQ0GmZma
sJ6UfgTS56kFtiVba7syCfHuK9Pw/4kj9N+FURiJ8PPwr51S0dRqcV5iaQIDAQAB
o4IC7DCCAugwHQYDVR0OBBYEFDduEhkeCbwLS+QsTNV1dg6YLRpCMB8GA1UdIwQY
MBaAFJmd99wO1Rjx7GmXTPmM7KraGoaAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVozMzNBN1ZHUEhzYVpkTS1ZenNxdG9haG9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9iYTg4ZjItMjE1Zi00Zjg5LWEzYWYt
MTM4Yjc4N2RlM2UzLzEvTjI0U0dSNEp2QXRMNUN4TTFYVjJEcGd0R2tJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9iYTg4ZjItMjE1Zi00Zjg5LWEzYWYtMTM4Yjc4N2RlM2Uz
LzEvbVozMzNBN1ZHUEhzYVpkTS1ZenNxdG9haG9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAAYIKwYBBQUHAQcBAf8EgfAwge0wgdUEAgABMIHOAwQH
BReAAwQELv2gAwQGPs1AAwMCThQDBAZOHcADAwFRUgMDAVGkAwQGUo9AAwQFUtJA
AwQFU9mAAwMDVMADBAZVHEADBAVeSEADAwJe4AMDAY2GAwQGna2AAwMCsnQDBAK5
F/QDBAK5HjQDBAK5+CgDBAW8LEADBAG8X5IDAwG8vAMEBcMQAAMEBcOCgAMEBcOi
wAMEBdRM4AMEBdRY4AMEBdR7AAMDAdV2AwQF1YSAAwQF1dYgAwMA1eADBAbV+0AD
BATZSOADBAPZqHgwEwQCAAIwDQMFACoAHPgDBAAqAhgwDQYJKoZIhvcNAQELBQAD
ggEBAGuUw8NsRrO6zWj6Gr2pXtPPysrkwvfrN+CJ9vudqY0hqbhSznwYwiBEQWL1
1xjcA+040OPUc+ZVtvzwLe4exssjCe1Y1faqjaVdfpszvPp6W6ccBnKiCpScUiob
kFSZocfb9tmOyEHRNlwJ5rEFg5WlSGgj+933Pk/B1NDxhrnWt8psWtb3nVkHKUUH
oF1Ecj7aeaK3F9qDPMnDYW9Ie1hL7irPljgB3tOP3Q5npNAcMmrWIwYPHrtJSiL/
CWXluPKpw+GM4CXgv4r7mQ53ECYKHw7iQ6oax2i1mpq+9Hz5rsXk0czIkYOspnD0
4USSrSSH95CQUQK5X2QMOqi1geU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:30 2024 by rpki-client on console-ams.rpki-client.org