Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/nBIXs3O0usGntjvNwKDxnOnveQQ.roa
File: nBIXs3O0usGntjvNwKDxnOnveQQ.roa (raw, json)
Hash identifier: 0UkfOA3HAuijcpVwAA5y7TioX7x6YrUr9dV7M8dV8DM=
Subject key identifier: 9C:12:17:B3:73:B4:BA:C1:A7:B6:3B:CD:C0:A0:F1:9C:E9:EF:79:04
Certificate issuer: /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial: 0192D7FAE4E191B4D279CE4D77A42F810289
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/nBIXs3O0usGntjvNwKDxnOnveQQ.roa
Signing time: Tue 29 Oct 2024 11:13:16 +0000
ROA not before: Tue 29 Oct 2024 11:13:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50670
IP address blocks: 109.237.192.0/20 maxlen: 24
109.237.192.0/24 maxlen: 24
109.237.193.0/24 maxlen: 24
109.237.194.0/24 maxlen: 24
109.237.195.0/24 maxlen: 24
109.237.196.0/24 maxlen: 24
109.237.197.0/24 maxlen: 24
109.237.198.0/24 maxlen: 24
109.237.199.0/24 maxlen: 24
109.237.200.0/24 maxlen: 24
109.237.201.0/24 maxlen: 24
109.237.202.0/24 maxlen: 24
109.237.203.0/24 maxlen: 24
109.237.204.0/24 maxlen: 24
109.237.205.0/24 maxlen: 24
109.237.206.0/24 maxlen: 24
109.237.207.0/24 maxlen: 24
176.241.64.0/21 maxlen: 24
176.241.64.0/24 maxlen: 24
176.241.65.0/24 maxlen: 24
176.241.66.0/24 maxlen: 24
176.241.67.0/24 maxlen: 24
176.241.68.0/24 maxlen: 24
176.241.69.0/24 maxlen: 24
176.241.70.0/24 maxlen: 24
178.20.184.0/21 maxlen: 24
178.20.184.0/24 maxlen: 24
178.20.185.0/24 maxlen: 24
178.20.186.0/24 maxlen: 24
178.20.187.0/24 maxlen: 24
178.20.188.0/24 maxlen: 24
178.20.189.0/24 maxlen: 24
178.20.190.0/24 maxlen: 24
178.20.191.0/24 maxlen: 24
185.51.212.0/22 maxlen: 22
185.51.212.0/24 maxlen: 24
185.51.213.0/24 maxlen: 24
185.51.214.0/24 maxlen: 24
185.51.215.0/24 maxlen: 24
185.193.176.0/22 maxlen: 22
185.193.176.0/24 maxlen: 24
185.193.177.0/24 maxlen: 24
185.193.178.0/24 maxlen: 24
185.193.179.0/24 maxlen: 24
2a01:1d0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 29 Oct 2024 11:46:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:d7:fa:e4:e1:91:b4:d2:79:ce:4d:77:a4:2f:81:02:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
Validity
Not Before: Oct 29 11:13:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9c1217b373b4bac1a7b63bcdc0a0f19ce9ef7904
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:09:36:7c:63:d1:74:6d:26:8f:28:3a:58:88:
95:5e:25:c4:42:a3:1b:8a:ac:ee:99:2d:ca:b7:cf:
21:39:24:13:c1:82:69:6e:84:7c:04:7d:2b:b0:dc:
ad:15:b2:e5:29:8f:93:a9:7a:be:af:dc:83:af:eb:
71:ca:d1:b7:32:c4:16:3f:90:4d:5e:10:ea:ac:84:
bf:f0:6b:47:cb:73:dc:ca:26:21:27:da:61:24:93:
b7:d9:f0:56:41:dc:40:4c:10:14:fd:39:5c:b3:1c:
3f:f7:9c:e9:b7:66:b0:ba:9d:7d:41:41:43:ed:d3:
41:37:af:09:b5:26:d3:75:5f:cf:f8:90:d0:07:dc:
5b:2f:da:0d:0f:9c:81:18:99:1e:52:c2:d3:2a:69:
06:0f:f3:eb:e1:af:ae:6a:5b:d1:6a:4f:2a:d1:c0:
b8:f1:c5:49:1c:9d:84:ff:5c:4b:be:b9:d8:d7:d5:
91:aa:e5:b6:c5:f3:87:fc:61:ae:2e:75:33:43:f8:
ba:48:20:22:cf:a7:c5:2c:57:b3:29:97:fc:92:c1:
73:b0:06:9a:ac:a6:13:0a:ee:1a:06:78:a6:c4:6c:
0f:0a:82:0f:fa:d2:52:49:20:bc:a3:8d:6f:ec:42:
0f:1c:5c:70:04:a1:15:4b:ef:ac:f8:2f:31:fb:5e:
f3:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:12:17:B3:73:B4:BA:C1:A7:B6:3B:CD:C0:A0:F1:9C:E9:EF:79:04
X509v3 Authority Key Identifier:
keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/nBIXs3O0usGntjvNwKDxnOnveQQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.237.192.0/20
176.241.64.0/21
178.20.184.0/21
185.51.212.0/22
185.193.176.0/22
IPv6:
2a01:1d0::/32
Signature Algorithm: sha256WithRSAEncryption
bc:31:9c:d4:b8:b2:d4:da:dd:9f:9b:9e:f9:54:a4:ed:92:2e:
d8:b4:53:b3:1d:43:72:b9:dc:58:75:1b:f1:e8:db:30:61:52:
72:f9:a5:4d:50:8e:e1:4f:b2:c9:4a:6a:6b:4f:a5:6c:f8:45:
4f:ce:f3:ce:f3:7f:05:a7:7d:40:e7:89:84:bb:9f:d0:84:6b:
c4:e3:c2:01:8e:a8:0a:d5:04:bc:28:2a:ef:0c:ab:cf:a5:92:
d0:cb:2f:48:60:44:10:1d:5c:34:36:c5:69:6b:f4:d2:07:08:
fe:ad:37:aa:5c:54:89:77:b9:9a:0f:4d:ea:d0:2b:3a:3a:de:
11:0d:2a:ef:be:e0:44:7a:80:36:68:ae:43:54:f2:c9:6c:fa:
24:90:bb:c6:63:08:aa:b2:c7:56:6e:84:e6:b1:1a:14:0c:5f:
06:47:05:72:b5:68:d3:a2:71:60:56:5a:cc:b5:f1:f8:4d:a7:
67:f0:ec:db:c7:f7:b2:fa:ad:06:7b:b7:92:8f:b6:aa:41:4b:
b8:b5:f9:dd:8a:30:39:76:1e:45:72:01:bd:da:d3:a5:97:77:
5b:e2:ee:b7:21:26:de:31:cd:e0:ce:b4:32:06:e0:11:ad:3a:
0d:12:a3:46:55:ca:43:63:e2:5c:9c:91:e1:3c:af:c1:f2:67:
f6:2a:5f:de
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZLX+uThkbTSec5Nd6QvgQKJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjQxMDI5MTExMzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzEyMTdiMzczYjRiYWMxYTdiNjNiY2RjMGEwZjE5Y2U5ZWY3OTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuQk2fGPRdG0mjyg6WIiVXiXEQqMb
iqzumS3Kt88hOSQTwYJpboR8BH0rsNytFbLlKY+TqXq+r9yDr+txytG3MsQWP5BN
XhDqrIS/8GtHy3PcyiYhJ9phJJO32fBWQdxATBAU/Tlcsxw/95zpt2awup19QUFD
7dNBN68JtSbTdV/P+JDQB9xbL9oND5yBGJkeUsLTKmkGD/Pr4a+ualvRak8q0cC4
8cVJHJ2E/1xLvrnY19WRquW2xfOH/GGuLnUzQ/i6SCAiz6fFLFezKZf8ksFzsAaa
rKYTCu4aBnimxGwPCoIP+tJSSSC8o41v7EIPHFxwBKEVS++s+C8x+17zmQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFJwSF7NztLrBp7Y7zcCg8Zzp73kEMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvbkJJWHMzTzB1c0dudGp2TndLRHhuT252ZVFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQEbe3AAwQD
sPFAAwQDshS4AwQCuTPUAwQCucGwMA0EAgACMAcDBQAqAQHQMA0GCSqGSIb3DQEB
CwUAA4IBAQC8MZzUuLLU2t2fm575VKTtki7YtFOzHUNyudxYdRvx6NswYVJy+aVN
UI7hT7LJSmprT6Vs+EVPzvPO838Fp31A54mEu5/QhGvE48IBjqgK1QS8KCrvDKvP
pZLQyy9IYEQQHVw0NsVpa/TSBwj+rTeqXFSJd7maD03q0Cs6Ot4RDSrvvuBEeoA2
aK5DVPLJbPokkLvGYwiqssdWboTmsRoUDF8GRwVytWjTonFgVlrMtfH4Tadn8Ozb
x/ey+q0Ge7eSj7aqQUu4tfndijA5dh5FcgG92tOll3db4u63ISbeMc3gzrQyBuAR
rToNEqNGVcpDY+JcnJHhPK/B8mf2Kl/e
-----END CERTIFICATE-----
Generated at Sun May 4 02:53:31 2025 by rpki-client