Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/4c66cc-fa9a-4f58-ad21-7da183eff115/1/1-NHXjtqrvVrRCtlhC4QnYQDdZPQ.roa
File: 1-NHXjtqrvVrRCtlhC4QnYQDdZPQ.roa (raw, json)
Hash identifier: 5tQ4LpDD9EcQQczJTsl4dpwzoP4ak/HQs6biLiGOV3E=
Subject key identifier: F8:D1:D7:8E:DA:AB:BD:5A:D1:0A:D9:61:0B:84:27:61:00:DD:64:F4
Certificate issuer: /CN=586936266e980dd203b2cbeb1c9c4570604b911b
Certificate serial: 0194A6838C1C62DF3B21C0693499F2E5B093
Authority key identifier: 58:69:36:26:6E:98:0D:D2:03:B2:CB:EB:1C:9C:45:70:60:4B:91:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WGk2Jm6YDdIDssvrHJxFcGBLkRs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/4c66cc-fa9a-4f58-ad21-7da183eff115/1/1-NHXjtqrvVrRCtlhC4QnYQDdZPQ.roa
Signing time: Mon 27 Jan 2025 06:47:06 +0000
ROA not before: Mon 27 Jan 2025 06:47:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49628
IP address blocks: 5.187.8.0/21 maxlen: 21
5.187.8.0/24 maxlen: 24
5.187.9.0/24 maxlen: 24
5.187.10.0/24 maxlen: 24
5.187.11.0/24 maxlen: 24
5.187.12.0/24 maxlen: 24
37.75.128.0/21 maxlen: 21
78.40.104.0/22 maxlen: 22
78.40.104.0/24 maxlen: 24
78.40.105.0/24 maxlen: 24
78.40.106.0/24 maxlen: 24
78.40.107.0/24 maxlen: 24
185.46.176.0/22 maxlen: 22
185.81.92.0/22 maxlen: 22
185.81.92.0/24 maxlen: 24
185.81.93.0/24 maxlen: 24
185.81.94.0/24 maxlen: 24
185.81.95.0/24 maxlen: 24
185.168.224.0/22 maxlen: 22
185.168.224.0/24 maxlen: 24
185.168.225.0/24 maxlen: 24
185.168.226.0/24 maxlen: 24
185.168.227.0/24 maxlen: 24
188.227.192.0/22 maxlen: 22
188.227.192.0/24 maxlen: 24
188.227.193.0/24 maxlen: 24
188.227.194.0/24 maxlen: 24
188.227.195.0/24 maxlen: 24
193.176.212.0/22 maxlen: 22
193.176.212.0/24 maxlen: 24
193.176.213.0/24 maxlen: 24
193.176.214.0/24 maxlen: 24
193.176.215.0/24 maxlen: 24
2a0a:2900::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 25 Apr 2025 07:12:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:a6:83:8c:1c:62:df:3b:21:c0:69:34:99:f2:e5:b0:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=586936266e980dd203b2cbeb1c9c4570604b911b
Validity
Not Before: Jan 27 06:47:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f8d1d78edaabbd5ad10ad9610b84276100dd64f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:5a:75:de:68:e4:62:42:94:df:f6:3c:23:c2:
92:cc:e6:47:ce:75:9d:4a:8e:e6:37:7e:1f:6c:5d:
e5:bd:92:39:62:0c:b6:d1:6b:8a:91:62:e3:6f:e6:
e0:c9:ea:9a:3b:7e:88:b5:3c:3b:ab:f7:98:ab:13:
49:71:c3:be:d8:41:27:4d:20:37:38:32:bd:61:d8:
4e:3f:17:b4:92:30:32:1b:0e:c9:46:99:43:2e:b2:
c6:10:ce:70:8e:d1:e8:27:bf:85:63:98:7c:c4:37:
0e:24:24:19:3f:45:34:5c:c7:dd:5f:50:24:05:78:
f1:35:dd:36:80:11:73:67:83:07:26:93:4b:6b:48:
e1:e6:f7:2f:e1:f5:d5:8b:4f:e8:66:5c:98:7d:b6:
e7:02:64:eb:81:84:16:4f:7c:e7:92:96:7c:c9:a6:
84:c7:35:6f:12:d1:c7:70:32:3b:15:6e:4f:43:cc:
da:68:9c:74:70:8f:10:5c:94:c7:3d:39:bb:8e:d2:
c4:63:fc:9b:60:78:cb:01:bd:e5:22:42:12:29:9b:
76:69:c1:4f:ad:2b:b4:d0:24:be:9e:f0:97:cd:f3:
30:ca:5b:96:fe:69:a2:47:39:74:22:df:ef:d7:6f:
69:7d:65:b5:fd:47:15:84:bc:44:04:90:6b:2d:6d:
02:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:D1:D7:8E:DA:AB:BD:5A:D1:0A:D9:61:0B:84:27:61:00:DD:64:F4
X509v3 Authority Key Identifier:
keyid:58:69:36:26:6E:98:0D:D2:03:B2:CB:EB:1C:9C:45:70:60:4B:91:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WGk2Jm6YDdIDssvrHJxFcGBLkRs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/4c66cc-fa9a-4f58-ad21-7da183eff115/1/1-NHXjtqrvVrRCtlhC4QnYQDdZPQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/4c66cc-fa9a-4f58-ad21-7da183eff115/1/WGk2Jm6YDdIDssvrHJxFcGBLkRs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.187.8.0/21
37.75.128.0/21
78.40.104.0/22
185.46.176.0/22
185.81.92.0/22
185.168.224.0/22
188.227.192.0/22
193.176.212.0/22
IPv6:
2a0a:2900::/29
Signature Algorithm: sha256WithRSAEncryption
ef:60:cc:b4:7e:2b:b4:69:f7:1c:02:a8:1b:7f:cb:c4:9a:a6:
40:57:0d:e3:7a:be:c0:53:f3:34:1c:bd:65:2c:30:7b:cf:4b:
35:14:bf:c2:f0:60:19:9f:d5:04:e5:c9:62:19:25:d8:dc:9b:
f8:13:6f:ec:ea:dd:44:1e:58:e5:07:13:20:8c:4d:82:a4:87:
05:f5:12:a4:66:05:ff:7d:ec:b9:d1:2f:e6:63:b1:83:36:97:
3b:99:7b:8e:6a:0b:bc:3e:1b:3a:d8:da:fe:fa:34:ea:23:f4:
9e:d9:f5:8a:5c:88:27:a4:0d:93:2e:51:e9:e6:24:9b:1f:43:
5e:43:d3:fd:0f:71:9e:47:0e:3b:89:cd:e4:a3:7e:a9:46:19:
07:59:6f:d5:74:4b:5c:43:57:e6:1a:74:ae:fe:a5:ef:d7:0e:
0f:49:a8:df:7d:1b:df:b7:35:a8:12:a4:48:30:9f:92:07:16:
6d:ab:b6:58:1f:48:0d:a3:6d:fb:22:db:71:c9:b1:0f:f7:91:
e9:b4:e7:9c:ae:4f:7e:19:c8:ae:74:ab:5d:5a:61:d5:4c:c5:
7c:14:9f:32:c5:30:62:0f:15:e0:36:79:0a:b2:94:cf:55:f7:
26:ef:3d:f4:b8:8f:20:1a:7f:14:63:fb:2a:b8:9e:67:b6:87:
72:7a:3e:54
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAZSmg4wcYt87IcBpNJny5bCTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4NjkzNjI2NmU5ODBkZDIwM2IyY2JlYjFjOWM0NTcwNjA0
YjkxMWIwHhcNMjUwMTI3MDY0NzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGQxZDc4ZWRhYWJiZDVhZDEwYWQ5NjEwYjg0Mjc2MTAwZGQ2NGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAulp13mjkYkKU3/Y8I8KSzOZHznWd
So7mN34fbF3lvZI5Ygy20WuKkWLjb+bgyeqaO36ItTw7q/eYqxNJccO+2EEnTSA3
ODK9YdhOPxe0kjAyGw7JRplDLrLGEM5wjtHoJ7+FY5h8xDcOJCQZP0U0XMfdX1Ak
BXjxNd02gBFzZ4MHJpNLa0jh5vcv4fXVi0/oZlyYfbbnAmTrgYQWT3znkpZ8yaaE
xzVvEtHHcDI7FW5PQ8zaaJx0cI8QXJTHPTm7jtLEY/ybYHjLAb3lIkISKZt2acFP
rSu00CS+nvCXzfMwyluW/mmiRzl0It/v129pfWW1/UcVhLxEBJBrLW0C/wIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFPjR147aq71a0QrZYQuEJ2EA3WT0MB8GA1UdIwQY
MBaAFFhpNiZumA3SA7LL6xycRXBgS5EbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0drMkptNllEZElEc3N2ckhKeEZjR0JMa1JzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS80YzY2Y2MtZmE5YS00ZjU4LWFkMjEt
N2RhMTgzZWZmMTE1LzEvMS1OSFhqdHFydlZyUkN0bGhDNFFuWVFEZFpQUS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGEvNGM2NmNjLWZhOWEtNGY1OC1hZDIxLTdkYTE4M2VmZjEx
NS8xL1dHazJKbTZZRGRJRHNzdnJISnhGY0dCTGtScy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBYBggrBgEFBQcBBwEB/wRJMEcwNgQCAAEwMAMEAwW7CAME
AyVLgAMEAk4oaAMEArkusAMEArlRXAMEArmo4AMEArzjwAMEAsGw1DANBAIAAjAH
AwUDKgopADANBgkqhkiG9w0BAQsFAAOCAQEA72DMtH4rtGn3HAKoG3/LxJqmQFcN
43q+wFPzNBy9ZSwwe89LNRS/wvBgGZ/VBOXJYhkl2Nyb+BNv7OrdRB5Y5QcTIIxN
gqSHBfUSpGYF/33sudEv5mOxgzaXO5l7jmoLvD4bOtja/vo06iP0ntn1ilyIJ6QN
ky5R6eYkmx9DXkPT/Q9xnkcOO4nN5KN+qUYZB1lv1XRLXENX5hp0rv6l79cOD0mo
330b37c1qBKkSDCfkgcWbau2WB9IDaNt+yLbccmxD/eR6bTnnK5PfhnIrnSrXVph
1UzFfBSfMsUwYg8V4DZ5CrKUz1X3Ju899LiPIBp/FGP7KrieZ7aHcno+VA==
-----END CERTIFICATE-----
Generated at Mon May 12 18:44:23 2025 by rpki-client