Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/2ddd58-6037-494b-992f-ab8e97d855cc/1/nleERHVDJaAvfYr4jdOF7T09XK8.roa
File: nleERHVDJaAvfYr4jdOF7T09XK8.roa (raw, json)
Hash identifier: IfF6m3NWW33S/xL4OTn6YTdRbXg9o+jJrvJaBsNpd10=
Subject key identifier: 9E:57:84:44:75:43:25:A0:2F:7D:8A:F8:8D:D3:85:ED:3D:3D:5C:AF
Certificate issuer: /CN=459b2fd0053bdd7e7775398db163bee8772478a5
Certificate serial: 01857102D8DD5F3532A4F2DFAF2329FB3298
Authority key identifier: 45:9B:2F:D0:05:3B:DD:7E:77:75:39:8D:B1:63:BE:E8:77:24:78:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RZsv0AU73X53dTmNsWO-6HckeKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/2ddd58-6037-494b-992f-ab8e97d855cc/1/nleERHVDJaAvfYr4jdOF7T09XK8.roa
Signing time: Mon 02 Jan 2023 05:44:50 +0000
ROA not before: Mon 02 Jan 2023 05:44:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 174
IP address blocks: 209.127.202.0/24 maxlen: 24
2a01:4ce0:50::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:02:d8:dd:5f:35:32:a4:f2:df:af:23:29:fb:32:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=459b2fd0053bdd7e7775398db163bee8772478a5
Validity
Not Before: Jan 2 05:44:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9e578444754325a02f7d8af88dd385ed3d3d5caf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:57:22:c9:fc:76:df:b4:d4:2b:c1:92:11:9d:
e8:ac:dc:4d:de:26:cd:d0:28:d2:a7:ce:af:c4:59:
81:ef:a0:3b:c7:30:df:e6:92:e6:5a:3c:d4:8c:68:
e4:05:c5:c9:dc:34:f1:3c:70:a3:d2:82:8c:e8:e5:
4e:f6:34:97:77:69:13:29:0a:53:8e:f1:9c:07:79:
18:ad:87:ab:cd:d4:35:00:20:1b:5f:9d:cb:ff:a5:
55:08:e6:09:d1:18:a8:b1:73:8a:a6:8e:23:da:da:
0a:0f:d3:28:6b:ba:df:1f:c1:ea:c9:45:3d:ca:69:
99:65:49:06:26:51:2f:97:bf:61:ca:a0:36:72:19:
57:2e:19:52:ef:28:d6:4f:1e:58:8f:f4:a0:91:81:
25:08:58:4a:b4:65:1d:af:e3:6f:14:89:d6:a9:0b:
2b:72:ca:a4:a6:81:0d:58:61:b4:05:03:d1:3a:28:
9a:27:46:e3:02:58:a9:49:18:95:c7:90:10:d1:82:
68:2d:22:74:ea:f0:63:90:e1:3b:32:60:48:49:1f:
81:15:d9:b6:df:45:a3:37:32:83:0a:ec:e9:cd:e6:
93:74:0f:90:de:54:27:e5:e2:a9:df:9e:77:fc:03:
55:69:5b:b7:1d:1d:6f:70:b5:1f:0a:f2:04:33:3f:
53:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:57:84:44:75:43:25:A0:2F:7D:8A:F8:8D:D3:85:ED:3D:3D:5C:AF
X509v3 Authority Key Identifier:
keyid:45:9B:2F:D0:05:3B:DD:7E:77:75:39:8D:B1:63:BE:E8:77:24:78:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RZsv0AU73X53dTmNsWO-6HckeKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/2ddd58-6037-494b-992f-ab8e97d855cc/1/nleERHVDJaAvfYr4jdOF7T09XK8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/2ddd58-6037-494b-992f-ab8e97d855cc/1/RZsv0AU73X53dTmNsWO-6HckeKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
209.127.202.0/24
IPv6:
2a01:4ce0:50::/48
Signature Algorithm: sha256WithRSAEncryption
6c:97:b4:91:cc:0e:b7:19:aa:18:7a:a3:9b:af:f6:79:00:86:
71:ed:0f:06:e8:36:5c:5c:8b:b2:cc:7d:7b:85:67:41:96:29:
7c:09:d6:f5:ca:62:93:1e:d8:c2:1f:45:0a:31:02:c9:5c:6c:
f3:64:6a:78:4e:ed:c1:f6:a5:c1:fd:c0:f8:3a:81:c1:e2:40:
48:15:2e:8f:af:8b:ee:08:37:22:86:5b:d6:f4:3f:05:29:59:
6c:57:28:33:b0:f3:68:ba:bd:f5:d9:2d:cd:76:11:f8:9a:6e:
ac:f6:9f:7e:28:00:08:bd:43:2c:2f:57:79:15:03:96:71:10:
8f:1f:d6:e6:5d:2a:a0:e3:78:63:e8:40:c7:94:a2:44:e3:2b:
8b:bd:6a:08:7e:40:e5:13:f6:da:04:af:54:a7:f1:8b:e4:25:
5a:85:e7:b9:06:1c:7c:04:8a:ef:1e:24:ad:34:47:14:e4:7b:
2a:3f:78:26:42:8d:71:d5:67:fe:3e:8e:5e:bb:2f:99:90:c6:
be:d5:8c:8a:9b:69:35:13:37:aa:e6:67:c6:03:7e:8b:ff:e9:
cc:09:74:af:de:cb:74:e2:73:83:5b:69:d8:38:54:cb:eb:87:
0a:cd:de:0c:17:e5:fb:7c:84:a0:5d:5f:a3:fc:98:f9:c7:e0:
30:fb:5e:38
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVxAtjdXzUypPLfryMp+zKYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1OWIyZmQwMDUzYmRkN2U3Nzc1Mzk4ZGIxNjNiZWU4Nzcy
NDc4YTUwHhcNMjMwMTAyMDU0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTU3ODQ0NDc1NDMyNWEwMmY3ZDhhZjg4ZGQzODVlZDNkM2Q1Y2FmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqFciyfx237TUK8GSEZ3orNxN3ibN
0CjSp86vxFmB76A7xzDf5pLmWjzUjGjkBcXJ3DTxPHCj0oKM6OVO9jSXd2kTKQpT
jvGcB3kYrYerzdQ1ACAbX53L/6VVCOYJ0RiosXOKpo4j2toKD9Moa7rfH8HqyUU9
ymmZZUkGJlEvl79hyqA2chlXLhlS7yjWTx5Yj/SgkYElCFhKtGUdr+NvFInWqQsr
csqkpoENWGG0BQPROiiaJ0bjAlipSRiVx5AQ0YJoLSJ06vBjkOE7MmBISR+BFdm2
30WjNzKDCuzpzeaTdA+Q3lQn5eKp3553/ANVaVu3HR1vcLUfCvIEMz9T2QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJ5XhER1QyWgL32K+I3The09PVyvMB8GA1UdIwQY
MBaAFEWbL9AFO91+d3U5jbFjvuh3JHilMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlpzdjBBVTczWDUzZFRtTnNXTy02SGNrZUtVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8yZGRkNTgtNjAzNy00OTRiLTk5MmYt
YWI4ZTk3ZDg1NWNjLzEvbmxlRVJIVkRKYUF2ZllyNGpkT0Y3VDA5WEs4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy8yZGRkNTgtNjAzNy00OTRiLTk5MmYtYWI4ZTk3ZDg1NWNj
LzEvUlpzdjBBVTczWDUzZFRtTnNXTy02SGNrZUtVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQA0X/KMA8E
AgACMAkDBwAqAUzgAFAwDQYJKoZIhvcNAQELBQADggEBAGyXtJHMDrcZqhh6o5uv
9nkAhnHtDwboNlxci7LMfXuFZ0GWKXwJ1vXKYpMe2MIfRQoxAslcbPNkanhO7cH2
pcH9wPg6gcHiQEgVLo+vi+4INyKGW9b0PwUpWWxXKDOw82i6vfXZLc12Efiabqz2
n34oAAi9QywvV3kVA5ZxEI8f1uZdKqDjeGPoQMeUokTjK4u9agh+QOUT9toEr1Sn
8YvkJVqF57kGHHwEiu8eJK00RxTkeyo/eCZCjXHVZ/4+jl67L5mQxr7VjIqbaTUT
N6rmZ8YDfov/6cwJdK/ey3Tic4Nbadg4VMvrhwrN3gwX5ft8hKBdX6P8mPnH4DD7
Xjg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:07 2024 by rpki-client on console-ams.rpki-client.org