Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/60e8fa-ec5c-4594-9ec4-be7a1a001ccf/1/nLWTO_7xDIYl2WnH5cOwh-H029s.roa
File: nLWTO_7xDIYl2WnH5cOwh-H029s.roa (raw, json)
Hash identifier: +E46n9BU+OFnkfseOXEWryAa5MbI2kjZ17gcXDn7D8A=
Subject key identifier: 9C:B5:93:3B:FE:F1:0C:86:25:D9:69:C7:E5:C3:B0:87:E1:F4:DB:DB
Certificate issuer: /CN=845c2379efed10056cf865d52c32e1e1eba8c140
Certificate serial: 01924EC72CBCA6061249F812D674515B4420
Authority key identifier: 84:5C:23:79:EF:ED:10:05:6C:F8:65:D5:2C:32:E1:E1:EB:A8:C1:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hFwjee_tEAVs-GXVLDLh4euowUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/60e8fa-ec5c-4594-9ec4-be7a1a001ccf/1/nLWTO_7xDIYl2WnH5cOwh-H029s.roa
Signing time: Wed 02 Oct 2024 19:48:48 +0000
ROA not before: Wed 02 Oct 2024 19:48:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1299
IP address blocks: 62.77.196.0/22 maxlen: 24
62.77.240.0/23 maxlen: 24
62.77.248.0/21 maxlen: 24
62.165.192.0/18 maxlen: 24
77.234.64.0/19 maxlen: 24
79.120.160.0/21 maxlen: 24
79.120.170.0/23 maxlen: 24
79.120.172.0/22 maxlen: 24
79.120.248.0/23 maxlen: 24
79.120.252.0/22 maxlen: 24
81.0.82.0/23 maxlen: 24
81.0.84.0/22 maxlen: 24
81.0.90.0/23 maxlen: 24
81.0.92.0/22 maxlen: 24
81.0.98.0/23 maxlen: 24
81.0.108.0/23 maxlen: 24
81.0.122.0/23 maxlen: 24
81.0.126.0/23 maxlen: 24
82.144.164.0/22 maxlen: 24
82.144.172.0/22 maxlen: 24
82.144.176.0/23 maxlen: 24
82.144.188.0/23 maxlen: 24
89.186.96.0/23 maxlen: 24
89.186.102.0/23 maxlen: 24
89.186.106.0/23 maxlen: 24
89.186.108.0/22 maxlen: 24
89.186.112.0/22 maxlen: 24
89.186.118.0/23 maxlen: 24
89.186.120.0/21 maxlen: 24
91.82.0.0/21 maxlen: 24
94.247.88.0/21 maxlen: 24
185.29.80.0/22 maxlen: 24
185.62.128.0/22 maxlen: 24
193.110.56.0/21 maxlen: 24
193.226.192.0/23 maxlen: 24
193.226.212.0/22 maxlen: 24
193.226.226.0/23 maxlen: 24
193.226.232.0/23 maxlen: 24
193.226.238.0/23 maxlen: 24
193.226.240.0/23 maxlen: 24
193.226.244.0/22 maxlen: 24
193.226.248.0/23 maxlen: 24
212.40.72.0/21 maxlen: 24
212.40.80.0/20 maxlen: 24
213.197.72.0/21 maxlen: 24
213.197.80.0/20 maxlen: 24
217.197.176.0/20 maxlen: 24
2a01:368::/29 maxlen: 48
2a01:368::/32 maxlen: 48
Validation: Failed, certificate revoked on Wed 02 Oct 2024 19:52:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:4e:c7:2c:bc:a6:06:12:49:f8:12:d6:74:51:5b:44:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=845c2379efed10056cf865d52c32e1e1eba8c140
Validity
Not Before: Oct 2 19:48:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9cb5933bfef10c8625d969c7e5c3b087e1f4dbdb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:cc:a7:47:3a:c7:e5:41:de:49:07:c0:e2:f4:
4b:34:02:de:47:1b:2f:72:cc:e5:d9:65:89:18:23:
1f:0b:0b:5f:27:c2:75:dd:5f:c9:88:f8:67:55:ce:
1e:44:51:2f:db:94:b6:48:2e:09:74:7c:bc:b9:6b:
dc:7f:d8:e6:08:b0:39:88:04:e2:ba:76:83:64:2c:
8d:d7:81:c3:cb:6b:48:ef:20:84:ad:0e:35:86:94:
a5:20:ac:3b:a4:19:29:b2:29:a3:03:52:6c:16:56:
b9:04:a4:d5:b0:17:5c:c3:2a:f0:20:0e:b7:c2:c7:
49:f3:5b:9a:6b:5e:66:fe:79:9a:36:44:8b:8c:f1:
29:6b:f0:55:b7:eb:f4:23:75:9c:95:e9:4a:59:45:
79:d7:25:aa:04:3d:19:74:25:35:30:63:49:38:cb:
d1:31:34:0b:96:8e:7f:c2:83:57:a6:f9:1c:be:83:
54:2e:2d:36:76:a0:93:84:31:0e:31:4f:5e:5f:ec:
bc:88:99:4a:64:83:9d:b0:41:a6:d4:15:68:cc:e0:
5a:6d:ea:88:d8:c8:c2:fd:52:4a:bd:6b:3e:d8:3f:
b7:28:da:bc:52:a1:61:d5:f5:11:b2:ff:97:84:76:
d9:92:9c:ab:a3:e7:66:f6:f1:16:5f:ac:e8:93:24:
2b:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:B5:93:3B:FE:F1:0C:86:25:D9:69:C7:E5:C3:B0:87:E1:F4:DB:DB
X509v3 Authority Key Identifier:
keyid:84:5C:23:79:EF:ED:10:05:6C:F8:65:D5:2C:32:E1:E1:EB:A8:C1:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hFwjee_tEAVs-GXVLDLh4euowUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/60e8fa-ec5c-4594-9ec4-be7a1a001ccf/1/nLWTO_7xDIYl2WnH5cOwh-H029s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/60e8fa-ec5c-4594-9ec4-be7a1a001ccf/1/hFwjee_tEAVs-GXVLDLh4euowUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.77.196.0/22
62.77.240.0/23
62.77.248.0/21
62.165.192.0/18
77.234.64.0/19
79.120.160.0/21
79.120.170.0-79.120.175.255
79.120.248.0/23
79.120.252.0/22
81.0.82.0-81.0.87.255
81.0.90.0-81.0.95.255
81.0.98.0/23
81.0.108.0/23
81.0.122.0/23
81.0.126.0/23
82.144.164.0/22
82.144.172.0-82.144.177.255
82.144.188.0/23
89.186.96.0/23
89.186.102.0/23
89.186.106.0-89.186.115.255
89.186.118.0-89.186.127.255
91.82.0.0/21
94.247.88.0/21
185.29.80.0/22
185.62.128.0/22
193.110.56.0/21
193.226.192.0/23
193.226.212.0/22
193.226.226.0/23
193.226.232.0/23
193.226.238.0-193.226.241.255
193.226.244.0-193.226.249.255
212.40.72.0-212.40.95.255
213.197.72.0-213.197.95.255
217.197.176.0/20
IPv6:
2a01:368::/29
Signature Algorithm: sha256WithRSAEncryption
9f:b9:57:1c:f0:5f:5a:69:b8:70:7e:79:4b:82:bd:df:c8:42:
ce:c4:93:51:6e:33:ca:11:a9:1c:57:61:a0:22:34:c2:5d:1b:
8a:d7:25:7d:f3:34:39:7d:12:d0:94:9d:dd:6b:6b:5c:48:03:
a3:ed:3a:ec:24:5f:7a:72:c8:e7:6d:e8:5e:ee:c1:f6:42:dc:
e6:21:01:b2:1e:19:58:fc:64:87:6a:6e:90:5b:68:ae:c6:ad:
27:41:88:05:05:0d:9f:1a:9b:8e:a2:0f:cc:5b:81:d8:47:e8:
32:a0:25:3e:6d:e2:c7:3e:09:fa:d4:a1:21:76:da:21:ac:3a:
d6:f8:8e:c0:5c:5d:9e:45:77:a0:ed:da:b0:fc:e7:25:82:1e:
b1:eb:2f:56:6f:2d:c4:0e:47:c1:e7:57:98:3a:2d:31:0f:b1:
d5:c3:51:8a:80:dd:58:23:38:51:48:d6:94:48:a5:b8:88:b0:
52:a5:5d:46:1a:a0:57:ca:57:6a:3a:f8:fd:da:34:2d:f1:0f:
92:1d:63:41:ff:39:3e:ab:db:c5:00:5e:43:eb:1e:cb:4e:bc:
d7:55:bc:9d:2f:da:a6:3b:4e:ea:93:69:af:31:f4:53:d0:92:
3e:50:c7:77:1b:1a:6e:d5:7e:30:7f:55:bf:8b:92:56:7c:e5:
db:9b:38:05
-----BEGIN CERTIFICATE-----
MIIGODCCBSCgAwIBAgISAZJOxyy8pgYSSfgS1nRRW0QgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NWMyMzc5ZWZlZDEwMDU2Y2Y4NjVkNTJjMzJlMWUxZWJh
OGMxNDAwHhcNMjQxMDAyMTk0ODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2I1OTMzYmZlZjEwYzg2MjVkOTY5YzdlNWMzYjA4N2UxZjRkYmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3cynRzrH5UHeSQfA4vRLNALeRxsv
cszl2WWJGCMfCwtfJ8J13V/JiPhnVc4eRFEv25S2SC4JdHy8uWvcf9jmCLA5iATi
unaDZCyN14HDy2tI7yCErQ41hpSlIKw7pBkpsimjA1JsFla5BKTVsBdcwyrwIA63
wsdJ81uaa15m/nmaNkSLjPEpa/BVt+v0I3WclelKWUV51yWqBD0ZdCU1MGNJOMvR
MTQLlo5/woNXpvkcvoNULi02dqCThDEOMU9eX+y8iJlKZIOdsEGm1BVozOBabeqI
2MjC/VJKvWs+2D+3KNq8UqFh1fURsv+XhHbZkpyro+dm9vEWX6zokyQrqQIDAQAB
o4IDRDCCA0AwHQYDVR0OBBYEFJy1kzv+8QyGJdlpx+XDsIfh9NvbMB8GA1UdIwQY
MBaAFIRcI3nv7RAFbPhl1Swy4eHrqMFAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEZ3amVlX3RFQVZzLUdYVkxETGg0ZXVvd1VBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS82MGU4ZmEtZWM1Yy00NTk0LTllYzQt
YmU3YTFhMDAxY2NmLzEvbkxXVE9fN3hESVlsMlduSDVjT3doLUgwMjlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS82MGU4ZmEtZWM1Yy00NTk0LTllYzQtYmU3YTFhMDAxY2Nm
LzEvaEZ3amVlX3RFQVZzLUdYVkxETGg0ZXVvd1VBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBWAYIKwYBBQUHAQcBAf8EggFHMIIBQzCCATAEAgABMIIB
KAMEAj5NxAMEAT5N8AMEAz5N+AMEBj6lwAMEBU3qQAMEA094oDAMAwQBT3iqAwQE
T3igAwQBT3j4AwQCT3j8MAwDBAFRAFIDBANRAFAwDAMEAVEAWgMEBVEAQAMEAVEA
YgMEAVEAbAMEAVEAegMEAVEAfgMEAlKQpDAMAwQCUpCsAwQBUpCwAwQBUpC8AwQB
WbpgAwQBWbpmMAwDBAFZumoDBAJZunAwDAMEAVm6dgMEB1m6AAMEA1tSAAMEA173
WAMEArkdUAMEArk+gAMEA8FuOAMEAcHiwAMEAsHi1AMEAcHi4gMEAcHi6DAMAwQB
weLuAwQBweLwMAwDBALB4vQDBAHB4vgwDAMEA9QoSAMEBdQoQDAMAwQD1cVIAwQF
1cVAAwQE2cWwMA0EAgACMAcDBQMqAQNoMA0GCSqGSIb3DQEBCwUAA4IBAQCfuVcc
8F9aabhwfnlLgr3fyELOxJNRbjPKEakcV2GgIjTCXRuK1yV98zQ5fRLQlJ3da2tc
SAOj7TrsJF96csjnbehe7sH2QtzmIQGyHhlY/GSHam6QW2iuxq0nQYgFBQ2fGpuO
og/MW4HYR+gyoCU+beLHPgn61KEhdtohrDrW+I7AXF2eRXeg7dqw/Oclgh6x6y9W
by3EDkfB51eYOi0xD7HVw1GKgN1YIzhRSNaUSKW4iLBSpV1GGqBXyldqOvj92jQt
8Q+SHWNB/zk+q9vFAF5D6x7LTrzXVbydL9qmO07qk2mvMfRT0JI+UMd3Gxpu1X4w
f1W/i5JWfOXbmzgF
-----END CERTIFICATE-----
Generated at Sun Jun 15 07:52:20 2025 by rpki-client