Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/NQkhIelagHrYECp4R19nDnPK0dY.roa
File: NQkhIelagHrYECp4R19nDnPK0dY.roa (raw, json)
Hash identifier: PLKu4L8m9bfLCkDpMkZXyA+LDuJJZKEdAB9MP6yvvT0=
Subject key identifier: 35:09:21:21:E9:5A:80:7A:D8:10:2A:78:47:5F:67:0E:73:CA:D1:D6
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 01882FA2BBB0B0AD0E9B74ED0E5152876706
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/NQkhIelagHrYECp4R19nDnPK0dY.roa
Signing time: Thu 18 May 2023 16:12:53 +0000
ROA not before: Thu 18 May 2023 16:12:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 397563
IP address blocks: 45.65.115.0/24 maxlen: 24
45.65.114.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 19 Jun 2023 16:22:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:2f:a2:bb:b0:b0:ad:0e:9b:74:ed:0e:51:52:87:67:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: May 18 16:12:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=35092121e95a807ad8102a78475f670e73cad1d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:e5:d2:81:5c:96:60:01:84:cf:96:e1:65:af:
50:82:75:a2:d9:17:38:fe:bb:d1:f1:06:5c:d8:bd:
e0:af:e6:63:39:bd:09:91:b2:f3:f4:bf:e9:2f:57:
ce:47:06:79:95:be:cc:24:d6:2f:d9:40:1a:da:11:
27:b0:8c:b4:42:1e:0d:b8:9e:05:59:5e:d6:14:87:
b5:4d:c3:ce:26:98:49:c3:ae:99:3a:8b:56:63:7e:
9c:cf:82:74:1e:a3:ea:c7:26:e8:ee:d5:10:2b:f1:
c9:00:27:63:61:23:27:27:16:95:82:9e:de:51:89:
7e:c4:39:86:8f:b9:94:1f:a9:c2:df:90:8e:0a:21:
03:cb:19:ba:ef:b5:87:c0:2b:22:be:2f:93:98:b7:
a0:35:bb:76:83:ea:7f:6b:0b:ff:1d:b6:9b:bd:aa:
d9:ac:94:69:e2:37:ee:85:7f:9f:2f:8f:ae:d5:86:
93:b7:1a:56:f3:6a:10:ec:d8:d1:2a:04:ae:e5:36:
0f:60:a9:e5:99:e1:ba:7b:99:87:b0:68:af:8a:4f:
c9:79:d4:a5:bc:33:c9:ba:81:c6:35:8a:af:b2:0c:
45:c1:4e:da:7a:d3:6e:27:dd:e4:12:10:00:e6:8a:
1c:00:09:bf:d5:6d:cd:15:83:1c:df:a4:9f:30:d2:
c9:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:09:21:21:E9:5A:80:7A:D8:10:2A:78:47:5F:67:0E:73:CA:D1:D6
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/NQkhIelagHrYECp4R19nDnPK0dY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.65.114.0/23
Signature Algorithm: sha256WithRSAEncryption
62:7b:70:c2:06:66:de:73:d6:57:db:c4:f0:e6:06:bc:6f:e6:
30:54:5d:9c:2a:af:69:8a:cb:cd:7f:0f:5d:f9:cf:48:9c:26:
9e:68:db:38:9d:9c:e7:bb:46:f2:c0:d4:42:da:d6:34:7d:b2:
f1:17:f8:be:78:34:f7:fe:9c:f0:b8:98:6c:ec:97:68:bc:ae:
3c:0b:be:3f:08:8d:78:93:fc:f4:14:20:da:6b:57:6d:79:35:
0d:0a:14:f2:61:e4:95:cd:bd:ca:f5:22:49:32:a2:4b:d0:08:
c5:42:75:60:cd:cd:17:af:eb:ad:7c:ab:9e:4f:ff:e0:8c:0e:
5c:30:c0:43:df:3e:3f:8d:53:e6:ea:c7:2e:eb:32:63:59:19:
29:14:8f:29:da:4c:cd:06:db:87:4d:34:8c:54:6d:59:98:27:
7a:c0:e8:87:ec:52:dc:46:c8:3f:ec:a6:b3:79:ec:89:73:9e:
d3:41:86:7f:3c:b2:f3:aa:7f:a0:f8:32:7a:4f:d0:7e:00:2a:
70:50:09:87:5e:63:7d:65:31:c3:51:f4:c2:dc:34:65:6b:2b:
22:e9:b8:47:75:87:98:ab:6b:b7:ca:d2:77:f6:cb:df:71:dc:
6b:a8:ca:e7:48:b6:66:36:45:90:af:c8:ce:e8:d0:e4:e9:a1:
fe:f4:a6:9a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYgvoruwsK0Om3TtDlFSh2cGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjMwNTE4MTYxMjUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTA5MjEyMWU5NWE4MDdhZDgxMDJhNzg0NzVmNjcwZTczY2FkMWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0eXSgVyWYAGEz5bhZa9QgnWi2Rc4
/rvR8QZc2L3gr+ZjOb0JkbLz9L/pL1fORwZ5lb7MJNYv2UAa2hEnsIy0Qh4NuJ4F
WV7WFIe1TcPOJphJw66ZOotWY36cz4J0HqPqxybo7tUQK/HJACdjYSMnJxaVgp7e
UYl+xDmGj7mUH6nC35COCiEDyxm677WHwCsivi+TmLegNbt2g+p/awv/HbabvarZ
rJRp4jfuhX+fL4+u1YaTtxpW82oQ7NjRKgSu5TYPYKnlmeG6e5mHsGivik/JedSl
vDPJuoHGNYqvsgxFwU7aetNuJ93kEhAA5oocAAm/1W3NFYMc36SfMNLJ/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDUJISHpWoB62BAqeEdfZw5zytHWMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvTlFraEllbGFnSHJZRUNwNFIxOW5EblBLMGRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLUFyMA0G
CSqGSIb3DQEBCwUAA4IBAQBie3DCBmbec9ZX28Tw5ga8b+YwVF2cKq9pisvNfw9d
+c9InCaeaNs4nZznu0bywNRC2tY0fbLxF/i+eDT3/pzwuJhs7JdovK48C74/CI14
k/z0FCDaa1dteTUNChTyYeSVzb3K9SJJMqJL0AjFQnVgzc0Xr+utfKueT//gjA5c
MMBD3z4/jVPm6scu6zJjWRkpFI8p2kzNBtuHTTSMVG1ZmCd6wOiH7FLcRsg/7Kaz
eeyJc57TQYZ/PLLzqn+g+DJ6T9B+ACpwUAmHXmN9ZTHDUfTC3DRlaysi6bhHdYeY
q2u3ytJ39svfcdxrqMrnSLZmNkWQr8jO6NDk6aH+9Kaa
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:54 2024 by rpki-client on console-ams.rpki-client.org