Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/NSjwpRMKgR1hYuhAJJitJ7M-9AA.roa
File: NSjwpRMKgR1hYuhAJJitJ7M-9AA.roa (raw, json)
Hash identifier: kiv442pqXHvOwWio5SuAcXW4Czz1CDBx64rkrc4zRK4=
Subject key identifier: 35:28:F0:A5:13:0A:81:1D:61:62:E8:40:24:98:AD:27:B3:3E:F4:00
Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial: 01963D7CCA108F856D7CA8513D0D2A359C58
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/NSjwpRMKgR1hYuhAJJitJ7M-9AA.roa
Signing time: Wed 16 Apr 2025 07:25:10 +0000
ROA not before: Wed 16 Apr 2025 07:25:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 62.171.230.0/24 maxlen: 24
62.171.240.0/22 maxlen: 24
194.238.78.0/24 maxlen: 24
194.238.79.0/24 maxlen: 24
213.18.220.0/22 maxlen: 24
213.18.224.0/20 maxlen: 24
213.18.245.0/24 maxlen: 24
217.177.0.0/21 maxlen: 24
217.177.32.0/24 maxlen: 24
217.179.56.0/22 maxlen: 24
217.179.72.0/22 maxlen: 24
217.179.124.0/22 maxlen: 24
217.179.220.0/22 maxlen: 24
217.180.12.0/24 maxlen: 24
217.180.13.0/24 maxlen: 24
217.180.14.0/24 maxlen: 24
217.180.20.0/24 maxlen: 24
217.180.22.0/23 maxlen: 24
217.180.38.0/24 maxlen: 24
217.180.45.0/24 maxlen: 24
217.180.46.0/24 maxlen: 24
217.180.59.0/24 maxlen: 24
217.181.80.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 22 Apr 2025 15:02:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:3d:7c:ca:10:8f:85:6d:7c:a8:51:3d:0d:2a:35:9c:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Validity
Not Before: Apr 16 07:25:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3528f0a5130a811d6162e8402498ad27b33ef400
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:a2:a8:e8:52:5c:9a:05:69:4a:5d:a0:06:f9:
28:6e:8f:ac:1a:ed:86:20:7f:3e:c4:4f:61:4b:22:
0a:73:d4:99:56:ca:d8:55:67:e5:ec:59:21:84:a0:
59:1e:9e:73:0a:8d:11:fd:61:8a:46:71:80:61:73:
93:08:df:88:db:43:30:0c:6a:2f:5b:f1:77:ca:a0:
ba:db:e5:81:f0:7d:35:e9:2e:b1:ec:8e:aa:c8:0a:
25:92:d1:6b:ce:a4:9c:89:df:35:89:ad:24:74:6e:
d8:01:d7:c4:ce:42:a5:ba:a0:db:f3:19:50:77:3f:
03:70:8c:10:05:08:62:3a:63:84:f8:58:b8:71:48:
9d:50:c3:1d:c9:cc:01:69:bc:71:f6:5e:71:c1:87:
e0:12:e4:4f:d5:32:32:c2:4b:fd:8a:73:a4:98:8e:
77:5e:fa:bc:37:fd:86:5b:07:9a:0b:32:24:c1:8d:
c4:d8:db:a8:48:8f:e2:89:28:7d:cf:f4:13:49:aa:
01:7b:8c:ba:29:73:ed:fb:07:17:d5:5e:aa:31:fb:
20:41:43:d9:5a:ed:47:59:bb:b1:83:f2:3c:19:71:
bf:ff:bf:9f:1f:3d:03:f9:5f:6f:72:66:ed:e5:63:
5a:ac:21:1c:b9:70:54:90:70:b8:30:bd:a3:8f:3d:
49:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:28:F0:A5:13:0A:81:1D:61:62:E8:40:24:98:AD:27:B3:3E:F4:00
X509v3 Authority Key Identifier:
keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/NSjwpRMKgR1hYuhAJJitJ7M-9AA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.171.230.0/24
62.171.240.0/22
194.238.78.0/23
213.18.220.0-213.18.239.255
213.18.245.0/24
217.177.0.0/21
217.177.32.0/24
217.179.56.0/22
217.179.72.0/22
217.179.124.0/22
217.179.220.0/22
217.180.12.0-217.180.14.255
217.180.20.0/24
217.180.22.0/23
217.180.38.0/24
217.180.45.0-217.180.46.255
217.180.59.0/24
217.181.80.0/22
Signature Algorithm: sha256WithRSAEncryption
7b:ff:1b:5c:7e:ee:e5:15:df:29:59:35:ac:0b:57:6d:cd:ee:
f9:13:c2:85:e1:ff:df:06:93:8a:e4:3c:da:79:21:3c:96:73:
71:02:f6:5c:91:dc:e9:88:76:00:90:2c:e7:28:50:e0:0b:c8:
b7:73:d6:38:e4:4b:a5:a1:47:8d:38:a1:03:b1:60:2c:03:d4:
d3:6b:ba:35:cb:8b:f4:29:3a:aa:39:58:49:9a:b0:3b:f0:45:
56:e7:4e:0c:bd:66:dd:e8:8b:f6:f6:26:50:5a:ee:a6:77:6b:
1e:85:4d:bc:7f:54:2f:1b:12:10:db:4b:f9:84:7e:27:40:09:
81:2e:92:ed:ab:20:07:2b:1e:e0:ff:fb:c6:80:4f:84:bd:f4:
de:46:2d:81:c2:46:e2:e0:f6:57:fe:89:87:ea:78:16:33:9d:
d1:5c:d0:32:a0:9a:cb:88:17:47:b3:7a:c7:58:76:6c:55:e1:
13:d2:e9:aa:57:4c:a4:bc:4d:d0:7e:f8:a0:cc:77:37:57:ed:
51:16:32:40:56:26:ac:26:be:17:49:3f:ad:9d:c4:39:39:7f:
e2:d3:97:ea:79:78:e8:1c:8d:62:e8:89:83:90:6c:9e:09:fe:
93:a5:ee:49:7b:97:99:be:bd:0e:31:9b:23:fd:76:a7:d7:40:
d1:1b:4b:05
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAZY9fMoQj4VtfKhRPQ0qNZxYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjUwNDE2MDcyNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTI4ZjBhNTEzMGE4MTFkNjE2MmU4NDAyNDk4YWQyN2IzM2VmNDAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0KKo6FJcmgVpSl2gBvkobo+sGu2G
IH8+xE9hSyIKc9SZVsrYVWfl7FkhhKBZHp5zCo0R/WGKRnGAYXOTCN+I20MwDGov
W/F3yqC62+WB8H016S6x7I6qyAolktFrzqScid81ia0kdG7YAdfEzkKluqDb8xlQ
dz8DcIwQBQhiOmOE+Fi4cUidUMMdycwBabxx9l5xwYfgEuRP1TIywkv9inOkmI53
Xvq8N/2GWweaCzIkwY3E2NuoSI/iiSh9z/QTSaoBe4y6KXPt+wcX1V6qMfsgQUPZ
Wu1HWbuxg/I8GXG//7+fHz0D+V9vcmbt5WNarCEcuXBUkHC4ML2jjz1JLwIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFDUo8KUTCoEdYWLoQCSYrSezPvQAMB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEvTlNqd3BSTUtnUjFoWXVoQUpKaXRKN00tOUFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjCBiwQCAAEwgYQDBAA+
q+YDBAI+q/ADBAHC7k4wDAMEAtUS3AMEBNUS4AMEANUS9QMEA9mxAAMEANmxIAME
AtmzOAMEAtmzSAMEAtmzfAMEAtmz3DAMAwQC2bQMAwQA2bQOAwQA2bQUAwQB2bQW
AwQA2bQmMAwDBADZtC0DBADZtC4DBADZtDsDBALZtVAwDQYJKoZIhvcNAQELBQAD
ggEBAHv/G1x+7uUV3ylZNawLV23N7vkTwoXh/98Gk4rkPNp5ITyWc3EC9lyR3OmI
dgCQLOcoUOALyLdz1jjkS6WhR404oQOxYCwD1NNrujXLi/QpOqo5WEmasDvwRVbn
Tgy9Zt3oi/b2JlBa7qZ3ax6FTbx/VC8bEhDbS/mEfidACYEuku2rIAcrHuD/+8aA
T4S99N5GLYHCRuLg9lf+iYfqeBYzndFc0DKgmsuIF0ezesdYdmxV4RPS6apXTKS8
TdB++KDMdzdX7VEWMkBWJqwmvhdJP62dxDk5f+LTl+p5eOgcjWLoiYOQbJ4J/pOl
7kl7l5m+vQ4xmyP9dqfXQNEbSwU=
-----END CERTIFICATE-----
Generated at Mon Apr 28 10:40:35 2025 by rpki-client