Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/NkBMqppnFtdjHL9RzaDcGvvuWEg.roa
File: NkBMqppnFtdjHL9RzaDcGvvuWEg.roa (raw, json)
Hash identifier: QCMGSCScRBLe6IId7wOY5vrSnL1PC/PYFMDoiG7RleE=
Subject key identifier: 36:40:4C:AA:9A:67:16:D7:63:1C:BF:51:CD:A0:DC:1A:FB:EE:58:48
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 018A28542C686768A0058F0F91B8120DC8AA
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/NkBMqppnFtdjHL9RzaDcGvvuWEg.roa
Signing time: Thu 24 Aug 2023 16:15:19 +0000
ROA not before: Thu 24 Aug 2023 16:15:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47813
IP address blocks: 45.152.163.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:28:54:2c:68:67:68:a0:05:8f:0f:91:b8:12:0d:c8:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Aug 24 16:15:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=36404caa9a6716d7631cbf51cda0dc1afbee5848
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:c8:8b:69:cb:80:20:c1:7b:b5:44:d1:ec:87:
82:fc:b6:46:99:4b:7b:07:d7:c9:0d:86:7b:ed:d2:
d2:ca:ff:68:2e:1f:8c:b2:b2:42:cc:1e:0b:c6:85:
bd:92:0b:6d:6d:1a:2a:df:20:a5:34:eb:fb:e4:c8:
bb:f9:45:4c:1d:ad:b3:9a:41:63:d8:80:2d:60:26:
b7:d0:c7:56:b4:20:2a:5f:52:2f:8a:9b:4e:b1:c0:
61:5b:f9:69:08:f2:ae:b9:2c:c0:e9:97:65:90:00:
bb:dc:7b:94:7e:5f:07:69:27:c2:25:81:4e:e3:09:
65:cf:d8:1a:8c:83:8c:81:52:ac:5a:42:e3:29:82:
5b:64:89:fa:a4:d8:92:4c:ff:87:f9:66:7f:43:c7:
97:65:bf:4e:cb:6c:69:49:08:bd:e9:34:6d:59:5d:
fd:cb:d9:74:45:dc:67:12:92:03:b9:54:bd:54:0f:
c7:1d:67:48:31:1a:a9:05:e8:86:5c:58:b2:fc:96:
78:ce:25:31:ce:fa:e9:68:a7:68:89:b5:e6:16:95:
82:44:f2:0e:63:34:ec:c1:2d:d3:ad:ed:32:2e:a4:
ab:79:3e:74:dd:ad:05:80:65:42:99:0e:8c:69:08:
0d:64:9b:82:5e:9c:3b:31:f6:97:e5:7b:f3:2c:16:
ed:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:40:4C:AA:9A:67:16:D7:63:1C:BF:51:CD:A0:DC:1A:FB:EE:58:48
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/NkBMqppnFtdjHL9RzaDcGvvuWEg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.163.0/24
Signature Algorithm: sha256WithRSAEncryption
77:6b:d1:3c:78:d1:37:4a:03:d6:e7:c3:f6:fd:39:5e:f2:9f:
9d:e4:a9:e4:f0:f7:48:f6:29:d5:aa:ee:97:34:f2:37:82:fc:
b9:1d:1b:c6:2d:69:92:98:59:ec:ca:1e:11:93:8d:26:77:ce:
ca:64:05:e0:ea:e8:43:f9:53:bb:02:7b:03:7f:75:22:09:79:
bc:97:9c:e6:bd:5b:af:cc:e6:f4:e1:69:a7:d3:2f:b9:93:c9:
e2:3d:64:32:e6:ae:4b:77:99:a5:69:83:84:69:2a:0c:c7:42:
3b:50:5b:bf:77:1f:79:91:82:0f:f0:85:27:b5:dc:2d:00:db:
97:13:38:2c:1b:b3:19:4d:8e:d2:07:d8:92:8a:12:86:ae:4d:
d4:09:88:5f:cb:c7:ab:61:2d:f4:2b:1e:42:17:20:f6:b0:8f:
9c:6e:1e:75:98:d3:fe:04:fe:2a:f2:64:7f:52:cd:c8:ab:a5:
8e:66:87:98:ce:89:43:90:48:6f:16:c9:51:7a:96:4b:e4:55:
df:26:9d:16:43:e3:60:f7:7b:2b:11:6c:bc:b6:78:53:ef:94:
e0:40:86:cd:c4:ae:2a:19:cd:4f:39:49:2d:84:93:49:69:f0:
d6:c6:60:55:77:f8:ad:73:53:6e:6f:ff:bb:41:e4:37:17:35:
54:5d:0c:01
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYooVCxoZ2igBY8PkbgSDciqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjMwODI0MTYxNTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjQwNGNhYTlhNjcxNmQ3NjMxY2JmNTFjZGEwZGMxYWZiZWU1ODQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApMiLacuAIMF7tUTR7IeC/LZGmUt7
B9fJDYZ77dLSyv9oLh+MsrJCzB4LxoW9kgttbRoq3yClNOv75Mi7+UVMHa2zmkFj
2IAtYCa30MdWtCAqX1IviptOscBhW/lpCPKuuSzA6ZdlkAC73HuUfl8HaSfCJYFO
4wllz9gajIOMgVKsWkLjKYJbZIn6pNiSTP+H+WZ/Q8eXZb9Oy2xpSQi96TRtWV39
y9l0RdxnEpIDuVS9VA/HHWdIMRqpBeiGXFiy/JZ4ziUxzvrpaKdoibXmFpWCRPIO
YzTswS3Tre0yLqSreT503a0FgGVCmQ6MaQgNZJuCXpw7MfaX5XvzLBbtYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDZATKqaZxbXYxy/Uc2g3Br77lhIMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvTmtCTXFwcG5GdGRqSEw5UnphRGNHdnZ1V0VnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZijMA0G
CSqGSIb3DQEBCwUAA4IBAQB3a9E8eNE3SgPW58P2/Tle8p+d5Knk8PdI9inVqu6X
NPI3gvy5HRvGLWmSmFnsyh4Rk40md87KZAXg6uhD+VO7AnsDf3UiCXm8l5zmvVuv
zOb04Wmn0y+5k8niPWQy5q5Ld5mlaYOEaSoMx0I7UFu/dx95kYIP8IUntdwtANuX
EzgsG7MZTY7SB9iSihKGrk3UCYhfy8erYS30Kx5CFyD2sI+cbh51mNP+BP4q8mR/
Us3Iq6WOZoeYzolDkEhvFslRepZL5FXfJp0WQ+Ng93srEWy8tnhT75TgQIbNxK4q
Gc1POUkthJNJafDWxmBVd/itc1Nub/+7QeQ3FzVUXQwB
-----END CERTIFICATE-----
Generated at Tue Oct 17 09:08:26 2023 by rpki-client on console-ams.rpki-client.org