Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/nGA2AfxZmWzCynH0lA17K6mVIYw.roa
File: nGA2AfxZmWzCynH0lA17K6mVIYw.roa (raw, json)
Hash identifier: eHkUHP1p6pV+PQJlhP3hRs6g/c51aE/jZS6uU4X/Zi0=
Subject key identifier: 9C:60:36:01:FC:59:99:6C:C2:CA:71:F4:94:0D:7B:2B:A9:95:21:8C
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 0192E01F512F867D45FB9E1CE2455153F46B
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/nGA2AfxZmWzCynH0lA17K6mVIYw.roa
Signing time: Thu 31 Oct 2024 01:10:01 +0000
ROA not before: Thu 31 Oct 2024 01:10:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25490
IP address blocks: 62.183.0.0/17 maxlen: 17
62.183.0.0/19 maxlen: 19
62.183.32.0/20 maxlen: 20
62.183.48.0/23 maxlen: 23
62.183.50.0/24 maxlen: 24
62.183.52.0/22 maxlen: 22
62.183.56.0/22 maxlen: 22
62.183.60.0/22 maxlen: 22
62.183.64.0/21 maxlen: 21
62.183.64.0/24 maxlen: 24
62.183.72.0/22 maxlen: 22
62.183.88.0/22 maxlen: 22
62.183.96.0/22 maxlen: 22
83.239.0.0/18 maxlen: 18
83.239.0.0/20 maxlen: 20
83.239.16.0/20 maxlen: 20
83.239.32.0/19 maxlen: 19
83.239.32.0/21 maxlen: 21
83.239.40.0/22 maxlen: 22
83.239.48.0/20 maxlen: 20
83.239.64.0/19 maxlen: 19
83.239.96.0/20 maxlen: 20
83.239.200.0/21 maxlen: 24
83.239.224.0/20 maxlen: 20
83.239.240.0/22 maxlen: 22
83.239.244.0/22 maxlen: 22
85.172.0.0/19 maxlen: 19
85.172.32.0/19 maxlen: 19
85.172.64.0/21 maxlen: 21
85.172.72.0/22 maxlen: 22
85.172.79.0/24 maxlen: 24
85.172.82.0/23 maxlen: 23
85.172.84.0/22 maxlen: 22
85.172.96.0/21 maxlen: 21
85.172.160.0/21 maxlen: 21
85.173.4.0/22 maxlen: 22
85.173.144.0/20 maxlen: 20
85.174.128.0/18 maxlen: 18
85.174.143.0/24 maxlen: 24
85.174.224.0/20 maxlen: 20
85.174.240.0/20 maxlen: 20
85.175.0.0/16 maxlen: 23
85.175.0.0/19 maxlen: 19
85.175.32.0/21 maxlen: 21
85.175.46.0/24 maxlen: 24
85.175.62.0/23 maxlen: 23
85.175.65.0/24 maxlen: 24
85.175.66.0/23 maxlen: 23
85.175.71.0/24 maxlen: 24
85.175.72.0/22 maxlen: 22
85.175.82.0/23 maxlen: 23
85.175.91.0/24 maxlen: 24
85.175.96.0/22 maxlen: 22
85.175.100.0/23 maxlen: 23
85.175.152.0/23 maxlen: 23
85.175.170.0/23 maxlen: 23
85.175.192.0/20 maxlen: 20
85.175.216.0/22 maxlen: 22
85.175.226.0/23 maxlen: 23
85.175.236.0/24 maxlen: 24
94.233.144.0/21 maxlen: 21
94.233.160.0/20 maxlen: 20
109.172.72.0/24 maxlen: 24
178.34.0.0/17 maxlen: 17
2a02:8040::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 07 Nov 2024 06:23:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:e0:1f:51:2f:86:7d:45:fb:9e:1c:e2:45:51:53:f4:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Oct 31 01:10:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9c603601fc59996cc2ca71f4940d7b2ba995218c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:5c:bf:d2:b9:d3:63:81:9d:4c:ff:ac:5b:df:
4c:28:d8:7e:8a:7f:9d:f1:43:70:43:f3:f2:5e:f0:
4f:bf:bd:f7:a6:94:3d:64:14:e3:22:0e:29:6a:3b:
90:d4:ca:38:97:d7:04:a7:c1:a2:25:be:37:1b:8b:
7c:96:86:6b:46:72:a7:27:89:23:98:00:e3:6c:d9:
3d:86:38:50:2a:7b:14:4b:70:c0:8d:be:07:8f:56:
95:f8:f7:11:c3:6f:19:95:8c:78:73:3a:87:5a:7b:
c4:25:cb:53:01:ef:39:ad:3c:2a:10:05:b7:ad:aa:
b7:1c:94:68:8e:ff:f8:04:7b:33:ab:b4:e8:be:0b:
1e:3e:b9:59:bf:8f:9e:f4:78:7e:e1:98:81:ca:bb:
c5:9b:e8:b4:3e:3f:33:ff:72:9e:8a:12:2f:0e:94:
80:64:6b:6e:e8:e2:26:38:25:b9:c6:69:c0:cd:be:
6f:53:09:58:ee:34:bb:db:c1:28:a2:81:e2:38:3d:
cb:a1:7b:3d:11:57:6a:de:4d:1b:59:fa:c0:b2:77:
a6:c9:63:63:c6:63:99:db:5c:ac:78:2d:1b:a4:8c:
62:b4:84:a2:ac:e9:05:4b:cc:c9:94:68:cf:49:53:
24:1b:f7:b4:3b:71:07:38:47:a3:1a:6f:42:b8:f3:
d7:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:60:36:01:FC:59:99:6C:C2:CA:71:F4:94:0D:7B:2B:A9:95:21:8C
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/nGA2AfxZmWzCynH0lA17K6mVIYw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.183.0.0/17
83.239.0.0-83.239.111.255
83.239.200.0/21
83.239.224.0-83.239.247.255
85.172.0.0-85.172.75.255
85.172.79.0/24
85.172.82.0-85.172.87.255
85.172.96.0/21
85.172.160.0/21
85.173.4.0/22
85.173.144.0/20
85.174.128.0/18
85.174.224.0-85.175.255.255
94.233.144.0/21
94.233.160.0/20
109.172.72.0/24
178.34.0.0/17
IPv6:
2a02:8040::/32
Signature Algorithm: sha256WithRSAEncryption
25:2e:a8:0e:7c:c7:07:cd:6b:a4:5c:83:90:c6:ef:fe:c7:e8:
2f:03:86:fc:3a:7e:bc:e5:80:a1:b3:c1:3f:a5:d1:c2:d0:25:
81:b8:7b:0a:62:42:b2:7d:18:67:20:f2:21:4c:ee:aa:42:e6:
d8:74:0d:06:3f:2c:d6:5d:ce:b8:42:63:ba:bf:01:82:fa:17:
e6:e6:24:b9:c5:58:8e:d6:d1:11:7e:4c:c7:bf:c1:0b:89:81:
d9:43:a0:9e:f6:a7:5c:c5:94:2f:d9:de:20:4c:a5:b0:d7:60:
7f:ab:0e:fd:66:3e:16:8c:85:37:7d:cf:67:98:56:35:67:98:
da:59:03:19:67:04:04:69:df:7c:2e:45:b6:0d:4b:76:63:08:
65:d7:60:b6:08:8a:8d:24:4c:11:2f:7e:ee:e7:60:fe:ed:c5:
7e:d0:68:aa:57:21:e7:74:c6:1d:9a:56:b0:d4:4e:19:a6:76:
9c:7c:b4:16:ee:3c:4a:f7:68:c6:0f:91:89:7f:e0:88:c8:fc:
bc:8a:71:e3:4e:d4:a2:ea:6e:15:cf:e7:1e:03:f2:ef:b0:90:
f5:b4:77:06:cd:63:d3:8b:63:df:5f:16:4e:78:c9:d1:0b:7b:
43:29:c9:ab:48:bb:6d:3c:61:e5:06:65:be:33:6a:8c:44:56:
5d:74:7a:23
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgISAZLgH1Evhn1F+54c4kVRU/RrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQxMDMxMDExMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzYwMzYwMWZjNTk5OTZjYzJjYTcxZjQ5NDBkN2IyYmE5OTUyMThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3ly/0rnTY4GdTP+sW99MKNh+in+d
8UNwQ/PyXvBPv733ppQ9ZBTjIg4pajuQ1Mo4l9cEp8GiJb43G4t8loZrRnKnJ4kj
mADjbNk9hjhQKnsUS3DAjb4Hj1aV+PcRw28ZlYx4czqHWnvEJctTAe85rTwqEAW3
raq3HJRojv/4BHszq7TovgsePrlZv4+e9Hh+4ZiByrvFm+i0Pj8z/3KeihIvDpSA
ZGtu6OImOCW5xmnAzb5vUwlY7jS728EoooHiOD3LoXs9EVdq3k0bWfrAsnemyWNj
xmOZ21yseC0bpIxitISirOkFS8zJlGjPSVMkG/e0O3EHOEejGm9CuPPXFQIDAQAB
o4ICojCCAp4wHQYDVR0OBBYEFJxgNgH8WZlswspx9JQNeyuplSGMMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvbkdBMkFmeFptV3pDeW5IMGxBMTdLNm1WSVl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG3BggrBgEFBQcBBwEB/wSBpzCBpDCBkgQCAAEwgYsDBAc+
twAwCwMDAFPvAwQEU+9gAwQDU+/IMAwDBAVT7+ADBANT7/AwCwMDAlWsAwQCVaxI
AwQAVaxPMAwDBAFVrFIDBANVrFADBANVrGADBANVrKADBAJVrQQDBARVrZADBAZV
roAwCwMEBVWu4AMDBFWgAwQDXumQAwQEXumgAwQAbaxIAwQHsiIAMA0EAgACMAcD
BQAqAoBAMA0GCSqGSIb3DQEBCwUAA4IBAQAlLqgOfMcHzWukXIOQxu/+x+gvA4b8
On685YChs8E/pdHC0CWBuHsKYkKyfRhnIPIhTO6qQubYdA0GPyzWXc64QmO6vwGC
+hfm5iS5xViO1tERfkzHv8ELiYHZQ6Ce9qdcxZQv2d4gTKWw12B/qw79Zj4WjIU3
fc9nmFY1Z5jaWQMZZwQEad98LkW2DUt2Ywhl12C2CIqNJEwRL37u52D+7cV+0Giq
VyHndMYdmlaw1E4ZpnacfLQW7jxK92jGD5GJf+CIyPy8inHjTtSi6m4Vz+ceA/Lv
sJD1tHcGzWPTi2PfXxZOeMnRC3tDKcmrSLttPGHlBmW+M2qMRFZddHoj
-----END CERTIFICATE-----
Generated at Mon May 12 19:12:51 2025 by rpki-client