Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/6c7b28-f2ce-445f-8f90-0f5d3797a325/1/NSH2_vrU35IeM94QVnzeSmDTwBg.roa
File: NSH2_vrU35IeM94QVnzeSmDTwBg.roa (raw, json)
Hash identifier: AAhLjrOwejq02yJp3rJ2ZmE1VUSp6WaMq7FPOBTu6uY=
Subject key identifier: 35:21:F6:FE:FA:D4:DF:92:1E:33:DE:10:56:7C:DE:4A:60:D3:C0:18
Certificate issuer: /CN=96ff45e6de48bfc0397dacad83a84831db7952d1
Certificate serial: 018570FBB4147C2ADD62EAFE3066E9AE18F0
Authority key identifier: 96:FF:45:E6:DE:48:BF:C0:39:7D:AC:AD:83:A8:48:31:DB:79:52:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lv9F5t5Iv8A5faytg6hIMdt5UtE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/6c7b28-f2ce-445f-8f90-0f5d3797a325/1/NSH2_vrU35IeM94QVnzeSmDTwBg.roa
Signing time: Mon 02 Jan 2023 05:37:01 +0000
ROA not before: Mon 02 Jan 2023 05:37:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205638
IP address blocks: 45.137.112.0/23 maxlen: 23
45.137.112.0/24 maxlen: 24
45.137.113.0/24 maxlen: 24
45.137.115.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:fb:b4:14:7c:2a:dd:62:ea:fe:30:66:e9:ae:18:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96ff45e6de48bfc0397dacad83a84831db7952d1
Validity
Not Before: Jan 2 05:37:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3521f6fefad4df921e33de10567cde4a60d3c018
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:5f:8a:ac:66:75:0d:dd:01:3f:7d:e8:0b:02:
a0:8c:ef:41:09:18:ce:76:b3:08:c2:33:93:09:e9:
b1:6b:e2:26:c8:8e:2e:25:3e:ef:49:b3:4c:b4:e3:
5f:71:88:e3:0c:3d:e4:3f:6b:79:68:12:72:89:21:
47:97:b2:a1:24:87:66:ef:40:78:b4:81:a1:ed:31:
8d:94:3b:05:19:ce:07:46:66:d5:a7:49:7c:3e:d5:
18:43:13:50:05:cf:6e:78:04:4d:2a:ef:9e:c4:26:
fb:c0:72:e6:a3:8d:eb:dd:5b:82:db:09:63:8e:ac:
04:e5:e9:d2:0c:77:92:d6:41:6e:4b:c0:cf:44:b4:
e4:49:0a:d9:eb:4f:38:67:b1:a0:e5:32:e0:21:68:
44:fb:4e:ae:f2:d5:b3:95:3b:1f:69:3b:a9:ef:ac:
f5:44:95:35:f1:fd:21:e1:0e:23:9e:02:5a:04:4c:
8d:86:d4:f1:7c:ed:77:8d:5c:e1:0a:88:57:31:04:
47:3c:c2:33:9e:79:8c:2b:77:54:f8:ea:9e:df:ce:
74:53:6c:0e:ad:08:2c:36:85:4b:12:64:41:28:8e:
65:8c:79:27:7a:55:4d:a2:69:1e:31:d8:63:7d:ba:
04:a5:2e:1d:4a:0b:fd:74:a7:32:6d:61:7f:b2:b1:
a5:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:21:F6:FE:FA:D4:DF:92:1E:33:DE:10:56:7C:DE:4A:60:D3:C0:18
X509v3 Authority Key Identifier:
keyid:96:FF:45:E6:DE:48:BF:C0:39:7D:AC:AD:83:A8:48:31:DB:79:52:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lv9F5t5Iv8A5faytg6hIMdt5UtE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/6c7b28-f2ce-445f-8f90-0f5d3797a325/1/NSH2_vrU35IeM94QVnzeSmDTwBg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/6c7b28-f2ce-445f-8f90-0f5d3797a325/1/lv9F5t5Iv8A5faytg6hIMdt5UtE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.112.0/23
45.137.115.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:07:17:a5:91:b8:af:a5:60:78:61:48:b6:8c:64:03:73:b2:
7e:d4:21:fb:d7:31:7f:0f:3c:b1:e4:be:a8:60:d1:89:61:e5:
44:16:6e:f0:9c:b9:37:37:72:27:8b:3b:83:0a:5f:b4:f4:dc:
49:59:c5:0f:3d:92:8f:08:6b:40:e3:17:3b:cb:1b:5f:47:74:
e8:40:4c:db:16:00:3e:39:a1:26:b6:66:02:58:c8:c6:0f:5f:
56:14:65:5b:41:02:54:3c:ab:a3:50:d4:2e:1d:87:d0:75:9a:
b3:79:da:fa:ec:50:53:93:bf:67:f1:22:43:3d:5b:08:57:dc:
af:fe:7d:83:c2:24:8a:13:cd:3b:be:77:5a:0e:54:63:b2:be:
ec:41:67:94:fa:a7:51:c4:b1:c8:87:c2:e1:c5:35:aa:aa:01:
aa:c6:0a:5c:fb:12:53:9b:08:bb:f2:46:fe:27:41:24:9c:3f:
e0:d3:6b:d7:93:97:ff:56:ba:a8:25:99:e9:4d:83:3a:1d:b8:
e8:c0:ca:3d:34:9c:46:b2:f9:a5:82:28:72:09:e2:66:32:dd:
7c:99:bb:90:f2:39:e3:f3:be:1d:1d:15:24:23:64:6e:17:ad:
45:37:a2:06:11:cf:e8:10:ae:4c:29:77:0e:89:e3:1a:d1:81:
ff:f7:7c:74
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVw+7QUfCrdYur+MGbprhjwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2ZmY0NWU2ZGU0OGJmYzAzOTdkYWNhZDgzYTg0ODMxZGI3
OTUyZDEwHhcNMjMwMTAyMDUzNzAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTIxZjZmZWZhZDRkZjkyMWUzM2RlMTA1NjdjZGU0YTYwZDNjMDE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAql+KrGZ1Dd0BP33oCwKgjO9BCRjO
drMIwjOTCemxa+ImyI4uJT7vSbNMtONfcYjjDD3kP2t5aBJyiSFHl7KhJIdm70B4
tIGh7TGNlDsFGc4HRmbVp0l8PtUYQxNQBc9ueARNKu+exCb7wHLmo43r3VuC2wlj
jqwE5enSDHeS1kFuS8DPRLTkSQrZ6084Z7Gg5TLgIWhE+06u8tWzlTsfaTup76z1
RJU18f0h4Q4jngJaBEyNhtTxfO13jVzhCohXMQRHPMIznnmMK3dU+Oqe3850U2wO
rQgsNoVLEmRBKI5ljHknelVNomkeMdhjfboEpS4dSgv9dKcybWF/srGlZwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDUh9v761N+SHjPeEFZ83kpg08AYMB8GA1UdIwQY
MBaAFJb/RebeSL/AOX2srYOoSDHbeVLRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHY5RjV0NUl2OEE1ZmF5dGc2aElNZHQ1VXRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS82YzdiMjgtZjJjZS00NDVmLThmOTAt
MGY1ZDM3OTdhMzI1LzEvTlNIMl92clUzNUllTTk0UVZuemVTbURUd0JnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS82YzdiMjgtZjJjZS00NDVmLThmOTAtMGY1ZDM3OTdhMzI1
LzEvbHY5RjV0NUl2OEE1ZmF5dGc2aElNZHQ1VXRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLYlwAwQA
LYlzMA0GCSqGSIb3DQEBCwUAA4IBAQBdBxelkbivpWB4YUi2jGQDc7J+1CH71zF/
Dzyx5L6oYNGJYeVEFm7wnLk3N3InizuDCl+09NxJWcUPPZKPCGtA4xc7yxtfR3To
QEzbFgA+OaEmtmYCWMjGD19WFGVbQQJUPKujUNQuHYfQdZqzedr67FBTk79n8SJD
PVsIV9yv/n2DwiSKE807vndaDlRjsr7sQWeU+qdRxLHIh8LhxTWqqgGqxgpc+xJT
mwi78kb+J0EknD/g02vXk5f/VrqoJZnpTYM6HbjowMo9NJxGsvmlgihyCeJmMt18
mbuQ8jnj874dHRUkI2RuF61FN6IGEc/oEK5MKXcOieMa0YH/93x0
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:46 2024 by rpki-client on console-ams.rpki-client.org