Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/cccc48-5781-4d64-a2b2-1bf6c509d0c5/1/NiKOK-MSWVIR_BRtR1VSmVIclMY.roa
File: NiKOK-MSWVIR_BRtR1VSmVIclMY.roa (raw, json)
Hash identifier: 3o8J0mAYt6UDjq9pT+U4vhW80L47H4t/conP5X0DTvU=
Subject key identifier: 36:22:8E:2B:E3:12:59:52:11:FC:14:6D:47:55:52:99:52:1C:94:C6
Certificate issuer: /CN=41773e5f1d69dea0c01f31397962e7d74b43d7ba
Certificate serial: 018CC6B8DF6C7FD17340C3A944DD0BACAF08
Authority key identifier: 41:77:3E:5F:1D:69:DE:A0:C0:1F:31:39:79:62:E7:D7:4B:43:D7:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QXc-Xx1p3qDAHzE5eWLn10tD17o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/cccc48-5781-4d64-a2b2-1bf6c509d0c5/1/NiKOK-MSWVIR_BRtR1VSmVIclMY.roa
Signing time: Mon 01 Jan 2024 20:30:53 +0000
ROA not before: Mon 01 Jan 2024 20:30:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47612
IP address blocks: 195.190.3.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:50:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:df:6c:7f:d1:73:40:c3:a9:44:dd:0b:ac:af:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41773e5f1d69dea0c01f31397962e7d74b43d7ba
Validity
Not Before: Jan 1 20:30:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=36228e2be312595211fc146d47555299521c94c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:7b:ca:64:48:38:48:e8:bb:31:66:90:ec:72:
61:f6:8d:b1:e0:4c:b5:d9:1d:ee:7d:d9:5e:3c:c1:
8e:c2:9a:7d:88:1e:5f:9b:6f:a1:3e:2e:f5:3f:42:
2d:c5:8b:5c:13:c7:a0:dc:9c:13:7f:f2:71:28:1d:
23:86:1a:cb:81:15:45:6d:cf:78:28:f0:66:8e:1d:
d4:ef:ae:b5:c8:1d:fc:c8:d9:30:24:ba:3f:68:e9:
8c:df:bc:1a:b4:37:fa:f5:f5:35:e9:06:b5:b9:c9:
4b:ad:5e:3f:39:24:51:0f:32:b7:99:57:c3:47:44:
a4:8f:11:03:b5:b7:31:5b:18:a2:3c:d0:a5:ce:62:
9e:7c:cc:29:ac:e4:ca:6c:3e:b7:67:a5:b2:ea:77:
ca:11:b0:c1:ca:74:c5:0a:40:46:db:3c:90:30:eb:
82:67:c1:be:f3:1d:cf:11:fd:dd:04:01:b6:ff:2b:
0d:ee:3c:62:42:10:a4:be:86:97:57:c9:21:e2:12:
81:d5:f7:3d:0a:3f:bb:fd:a1:aa:71:9c:19:30:bc:
8a:8d:45:9b:36:49:b4:eb:51:c0:52:41:89:61:17:
ee:f2:ee:4c:8d:e7:95:29:fa:fc:92:31:c8:7a:cd:
42:8b:71:c2:14:93:ea:f8:c9:24:ce:bb:23:bb:60:
db:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:22:8E:2B:E3:12:59:52:11:FC:14:6D:47:55:52:99:52:1C:94:C6
X509v3 Authority Key Identifier:
keyid:41:77:3E:5F:1D:69:DE:A0:C0:1F:31:39:79:62:E7:D7:4B:43:D7:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QXc-Xx1p3qDAHzE5eWLn10tD17o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/cccc48-5781-4d64-a2b2-1bf6c509d0c5/1/NiKOK-MSWVIR_BRtR1VSmVIclMY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/cccc48-5781-4d64-a2b2-1bf6c509d0c5/1/QXc-Xx1p3qDAHzE5eWLn10tD17o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.190.3.0/24
Signature Algorithm: sha256WithRSAEncryption
37:f9:62:95:f1:7a:90:48:09:b6:76:39:db:ea:b3:d1:16:78:
d5:32:db:d4:7b:2e:9f:ce:7a:70:93:c9:1c:b6:a9:2b:7b:6d:
d9:c6:e7:c6:e0:4c:5f:ca:22:a4:69:fe:e5:78:5a:22:43:4f:
57:3f:71:55:7d:05:1c:bc:0f:09:bb:51:16:ca:79:1f:bb:ec:
eb:ce:d9:0d:95:67:00:86:ba:c5:ef:43:db:01:5f:c2:10:c9:
39:de:6e:a8:41:0c:6a:62:71:e3:c9:35:3b:2c:4f:f3:1f:96:
04:5f:c1:de:4b:cd:ae:31:86:79:ba:cb:cc:41:12:6f:de:83:
5c:aa:f0:5c:76:de:11:77:e1:74:f3:97:22:fa:a8:8e:cd:2b:
9d:00:12:5a:e1:95:83:3c:af:33:18:c6:8d:3b:85:43:a9:63:
1a:69:79:49:0b:4d:7c:19:4c:de:65:57:70:be:c3:df:f8:b3:
cf:28:26:ba:bd:4f:20:c7:a2:d8:79:e5:f5:e3:b8:76:71:47:
e5:da:54:31:4a:61:75:c5:3a:5e:b9:b4:2a:fe:57:8e:fd:58:
db:f6:25:2b:32:89:5f:9c:95:c9:b2:bc:37:bb:e2:8e:fd:a0:
e1:72:74:99:e1:54:ef:57:45:9d:77:77:a6:ca:8a:2a:9a:d5:
c9:f9:bc:a5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGuN9sf9FzQMOpRN0LrK8IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxNzczZTVmMWQ2OWRlYTBjMDFmMzEzOTc5NjJlN2Q3NGI0
M2Q3YmEwHhcNMjQwMTAxMjAzMDUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjIyOGUyYmUzMTI1OTUyMTFmYzE0NmQ0NzU1NTI5OTUyMWM5NGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgXvKZEg4SOi7MWaQ7HJh9o2x4Ey1
2R3ufdlePMGOwpp9iB5fm2+hPi71P0ItxYtcE8eg3JwTf/JxKB0jhhrLgRVFbc94
KPBmjh3U7661yB38yNkwJLo/aOmM37watDf69fU16Qa1uclLrV4/OSRRDzK3mVfD
R0SkjxEDtbcxWxiiPNClzmKefMwprOTKbD63Z6Wy6nfKEbDBynTFCkBG2zyQMOuC
Z8G+8x3PEf3dBAG2/ysN7jxiQhCkvoaXV8kh4hKB1fc9Cj+7/aGqcZwZMLyKjUWb
Nkm061HAUkGJYRfu8u5MjeeVKfr8kjHIes1Ci3HCFJPq+Mkkzrsju2DbrQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDYijivjEllSEfwUbUdVUplSHJTGMB8GA1UdIwQY
MBaAFEF3Pl8dad6gwB8xOXli59dLQ9e6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVhjLVh4MXAzcURBSHpFNWVXTG4xMHREMTdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9jY2NjNDgtNTc4MS00ZDY0LWEyYjIt
MWJmNmM1MDlkMGM1LzEvTmlLT0stTVNXVklSX0JSdFIxVlNtVkljbE1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9jY2NjNDgtNTc4MS00ZDY0LWEyYjItMWJmNmM1MDlkMGM1
LzEvUVhjLVh4MXAzcURBSHpFNWVXTG4xMHREMTdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw74DMA0G
CSqGSIb3DQEBCwUAA4IBAQA3+WKV8XqQSAm2djnb6rPRFnjVMtvUey6fznpwk8kc
tqkre23ZxufG4ExfyiKkaf7leFoiQ09XP3FVfQUcvA8Ju1EWynkfu+zrztkNlWcA
hrrF70PbAV/CEMk53m6oQQxqYnHjyTU7LE/zH5YEX8HeS82uMYZ5usvMQRJv3oNc
qvBcdt4Rd+F085ci+qiOzSudABJa4ZWDPK8zGMaNO4VDqWMaaXlJC018GUzeZVdw
vsPf+LPPKCa6vU8gx6LYeeX147h2cUfl2lQxSmF1xTpeubQq/leO/Vjb9iUrMolf
nJXJsrw3u+KO/aDhcnSZ4VTvV0Wdd3emyooqmtXJ+byl
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:03:37 2025 by rpki-client