Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/NQ0009MhgTnECIA0iky7MmkoT24.roa
File: NQ0009MhgTnECIA0iky7MmkoT24.roa (raw, json)
Hash identifier: ppt5zg1OHfFUACg4T4nN3iWcSTpsa7CxSHOdg9VHfo8=
Subject key identifier: 35:0D:34:D3:D3:21:81:39:C4:08:80:34:8A:4C:BB:32:69:28:4F:6E
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 019593E62C57B181218A511877C25D6E5867
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/NQ0009MhgTnECIA0iky7MmkoT24.roa
Signing time: Fri 14 Mar 2025 09:04:50 +0000
ROA not before: Fri 14 Mar 2025 09:04:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2119
IP address blocks: 192.36.37.0/24 maxlen: 24
192.71.5.0/24 maxlen: 24
192.71.40.0/24 maxlen: 24
192.71.97.0/24 maxlen: 24
192.71.158.0/24 maxlen: 24
192.121.21.0/24 maxlen: 24
192.121.101.0/24 maxlen: 24
192.121.172.0/24 maxlen: 24
192.121.192.0/24 maxlen: 24
192.165.65.0/24 maxlen: 24
192.165.86.0/24 maxlen: 24
192.176.161.0/24 maxlen: 24
193.180.61.0/24 maxlen: 24
193.181.0.0/24 maxlen: 24
193.181.187.0/24 maxlen: 24
193.183.3.0/24 maxlen: 24
193.183.68.0/23 maxlen: 23
193.183.79.0/24 maxlen: 24
193.183.92.0/24 maxlen: 24
193.183.93.0/24 maxlen: 24
193.183.104.0/24 maxlen: 24
193.183.118.0/24 maxlen: 24
193.234.68.0/23 maxlen: 23
193.234.220.0/23 maxlen: 23
193.234.237.0/24 maxlen: 24
193.235.142.0/23 maxlen: 24
194.14.129.0/24 maxlen: 24
194.14.212.0/24 maxlen: 24
194.68.56.0/23 maxlen: 23
194.68.99.0/24 maxlen: 24
194.68.126.0/24 maxlen: 24
194.68.194.0/23 maxlen: 23
194.71.27.0/24 maxlen: 24
194.71.83.0/24 maxlen: 24
194.71.140.0/23 maxlen: 23
194.71.168.0/24 maxlen: 24
194.103.50.0/24 maxlen: 24
194.132.108.0/23 maxlen: 23
194.132.174.0/24 maxlen: 24
194.132.175.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 03 Apr 2025 07:31:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:93:e6:2c:57:b1:81:21:8a:51:18:77:c2:5d:6e:58:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Mar 14 09:04:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=350d34d3d3218139c40880348a4cbb3269284f6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:ca:4f:ba:1b:9b:4f:56:68:3b:ce:28:1a:7f:
c9:e1:2a:81:09:25:88:24:47:af:0c:f7:61:c2:73:
1b:be:4c:81:10:02:f8:19:5b:b1:6f:ed:1c:ec:32:
51:6e:c1:77:e4:30:57:26:a7:5d:cb:71:ce:da:13:
07:93:6b:71:bc:b4:b7:ea:bc:93:d2:14:17:a4:78:
07:f4:fa:6f:10:54:d1:34:ee:19:d5:f6:ea:a9:62:
a8:a7:d2:b9:99:26:35:f9:21:bd:76:93:07:9f:43:
dd:0a:9f:30:c8:6d:b7:e3:d4:ec:8f:a0:96:32:72:
cf:63:7f:f1:77:ba:59:85:2e:c5:d1:a4:40:7c:76:
fb:f4:d4:38:71:e3:a7:e0:67:78:d6:73:3b:20:a1:
db:d5:bd:a6:88:31:59:b9:2a:17:ea:41:2b:42:13:
d1:85:bb:b7:3d:9a:64:0d:d2:d2:eb:29:2a:47:d1:
1f:e7:ef:43:1a:01:7f:07:d6:6b:31:6a:ca:e1:30:
76:1b:19:63:1e:ee:e3:cd:c1:c7:19:b9:57:a8:82:
c1:f8:f6:84:4f:55:4c:25:73:36:f7:13:a5:dc:63:
60:48:30:e1:29:68:b1:ab:04:5d:16:63:66:91:ba:
c0:af:a9:09:89:c0:be:2e:c1:45:e8:b9:e9:74:df:
63:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:0D:34:D3:D3:21:81:39:C4:08:80:34:8A:4C:BB:32:69:28:4F:6E
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/NQ0009MhgTnECIA0iky7MmkoT24.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.37.0/24
192.71.5.0/24
192.71.40.0/24
192.71.97.0/24
192.71.158.0/24
192.121.21.0/24
192.121.101.0/24
192.121.172.0/24
192.121.192.0/24
192.165.65.0/24
192.165.86.0/24
192.176.161.0/24
193.180.61.0/24
193.181.0.0/24
193.181.187.0/24
193.183.3.0/24
193.183.68.0/23
193.183.79.0/24
193.183.92.0/23
193.183.104.0/24
193.183.118.0/24
193.234.68.0/23
193.234.220.0/23
193.234.237.0/24
193.235.142.0/23
194.14.129.0/24
194.14.212.0/24
194.68.56.0/23
194.68.99.0/24
194.68.126.0/24
194.68.194.0/23
194.71.27.0/24
194.71.83.0/24
194.71.140.0/23
194.71.168.0/24
194.103.50.0/24
194.132.108.0/23
194.132.174.0/23
Signature Algorithm: sha256WithRSAEncryption
9a:9e:d3:14:71:75:58:2b:82:19:a6:85:1a:9d:94:18:19:41:
61:b2:08:94:92:0e:ea:75:3d:39:82:93:f8:c2:46:20:c5:98:
ba:d9:7a:06:ed:ca:4a:02:03:cb:41:4c:17:6b:ce:bc:cb:0f:
b4:da:b0:84:10:3f:ca:c7:ad:46:48:f2:f5:e8:a4:a9:78:12:
19:bf:cd:30:c5:6a:3f:0c:51:14:92:ec:9d:96:d2:d7:11:b5:
ad:25:b0:59:08:51:44:cb:72:95:5c:e7:5e:d5:84:94:2e:ca:
6c:a4:66:7b:eb:01:b6:92:63:36:b4:bd:84:e4:67:9e:c6:a6:
47:32:04:86:8c:40:ef:21:be:a1:e9:bf:c0:6b:a3:96:d1:2a:
38:b9:cd:1a:fc:a2:e9:71:4a:97:a3:73:7c:d6:bd:ec:bb:40:
98:2e:4b:b5:5f:1c:82:8c:c2:94:dc:a5:35:05:83:6e:2d:eb:
a7:09:67:68:ae:9f:a4:80:22:45:2e:35:af:71:83:81:67:e4:
b5:21:2f:0e:14:c5:7e:de:e0:5f:76:f6:ac:28:fa:cc:bb:c7:
11:b7:90:ce:64:b4:bb:b8:74:f4:b7:eb:90:5c:fc:c2:e1:24:
30:a4:31:ef:51:1d:39:d1:ad:e6:5f:cc:4c:b6:61:88:a8:b1:
61:05:7d:97
-----BEGIN CERTIFICATE-----
MIIF4TCCBMmgAwIBAgISAZWT5ixXsYEhilEYd8JdblhnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjUwMzE0MDkwNDUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTBkMzRkM2QzMjE4MTM5YzQwODgwMzQ4YTRjYmIzMjY5Mjg0ZjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo8pPuhubT1ZoO84oGn/J4SqBCSWI
JEevDPdhwnMbvkyBEAL4GVuxb+0c7DJRbsF35DBXJqddy3HO2hMHk2txvLS36ryT
0hQXpHgH9PpvEFTRNO4Z1fbqqWKop9K5mSY1+SG9dpMHn0PdCp8wyG2349Tsj6CW
MnLPY3/xd7pZhS7F0aRAfHb79NQ4ceOn4Gd41nM7IKHb1b2miDFZuSoX6kErQhPR
hbu3PZpkDdLS6ykqR9Ef5+9DGgF/B9ZrMWrK4TB2GxljHu7jzcHHGblXqILB+PaE
T1VMJXM29xOl3GNgSDDhKWixqwRdFmNmkbrAr6kJicC+LsFF6LnpdN9jIQIDAQAB
o4IC7TCCAukwHQYDVR0OBBYEFDUNNNPTIYE5xAiANIpMuzJpKE9uMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvTlEwMDA5TWhnVG5FQ0lBMGlreTdNbWtvVDI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAQYIKwYBBQUHAQcBAf8EgfEwge4wgesEAgABMIHkAwQA
wCQlAwQAwEcFAwQAwEcoAwQAwEdhAwQAwEeeAwQAwHkVAwQAwHllAwQAwHmsAwQA
wHnAAwQAwKVBAwQAwKVWAwQAwLChAwQAwbQ9AwQAwbUAAwQAwbW7AwQAwbcDAwQB
wbdEAwQAwbdPAwQBwbdcAwQAwbdoAwQAwbd2AwQBwepEAwQBwercAwQAwertAwQB
weuOAwQAwg6BAwQAwg7UAwQBwkQ4AwQAwkRjAwQAwkR+AwQBwkTCAwQAwkcbAwQA
wkdTAwQBwkeMAwQAwkeoAwQAwmcyAwQBwoRsAwQBwoSuMA0GCSqGSIb3DQEBCwUA
A4IBAQCantMUcXVYK4IZpoUanZQYGUFhsgiUkg7qdT05gpP4wkYgxZi62XoG7cpK
AgPLQUwXa868yw+02rCEED/Kx61GSPL16KSpeBIZv80wxWo/DFEUkuydltLXEbWt
JbBZCFFEy3KVXOde1YSULspspGZ76wG2kmM2tL2E5GeexqZHMgSGjEDvIb6h6b/A
a6OW0So4uc0a/KLpcUqXo3N81r3su0CYLku1XxyCjMKU3KU1BYNuLeunCWdorp+k
gCJFLjWvcYOBZ+S1IS8OFMV+3uBfdvasKPrMu8cRt5DOZLS7uHT0t+uQXPzC4SQw
pDHvUR050a3mX8xMtmGIqLFhBX2X
-----END CERTIFICATE-----
Generated at Mon Apr 28 20:00:47 2025 by rpki-client