Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/2b187d-edd8-40ee-a17c-d67da3c6969b/1/NrktH7igQmBXH3GBCo-GxNy3DJM.roa
File: NrktH7igQmBXH3GBCo-GxNy3DJM.roa (raw, json)
Hash identifier: 0RvNlt4OPOfnmyDcapKqLPK4Q4HyHyfDGdgTB3S+Sf0=
Subject key identifier: 36:B9:2D:1F:B8:A0:42:60:57:1F:71:81:0A:8F:86:C4:DC:B7:0C:93
Certificate issuer: /CN=6ab449c198cb96637bac1a5b6d51cb31f258bb2c
Certificate serial: 018CC649BFD103011E2492450ADD9E046DAA
Authority key identifier: 6A:B4:49:C1:98:CB:96:63:7B:AC:1A:5B:6D:51:CB:31:F2:58:BB:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/arRJwZjLlmN7rBpbbVHLMfJYuyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/2b187d-edd8-40ee-a17c-d67da3c6969b/1/NrktH7igQmBXH3GBCo-GxNy3DJM.roa
Signing time: Mon 01 Jan 2024 18:29:31 +0000
ROA not before: Mon 01 Jan 2024 18:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31446
IP address blocks: 193.16.237.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:47:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:49:bf:d1:03:01:1e:24:92:45:0a:dd:9e:04:6d:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ab449c198cb96637bac1a5b6d51cb31f258bb2c
Validity
Not Before: Jan 1 18:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=36b92d1fb8a04260571f71810a8f86c4dcb70c93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:b7:97:9b:65:66:23:e9:54:6d:39:0d:f9:f9:
43:3e:1e:d8:78:cf:6a:4d:82:d8:e8:70:ff:0e:bc:
be:a3:38:74:d3:ae:84:bd:42:14:20:ff:0d:77:bc:
45:28:3e:b6:2f:d2:a2:8b:55:3a:eb:cb:53:2c:09:
4c:eb:84:38:e7:1c:85:82:84:3e:9a:ff:41:c4:83:
f3:f7:fa:22:a1:34:42:f0:cb:22:d1:4a:d0:96:60:
23:f9:d5:ca:0e:8b:e4:87:b4:82:25:b8:76:bf:9a:
57:2f:a9:8e:ba:c5:e3:3a:b0:9e:fb:74:2e:1a:12:
80:38:f5:dd:87:f3:9b:9f:24:7d:21:11:9a:08:a5:
e1:c9:27:fc:7d:23:ce:ba:d5:62:b6:e0:0b:63:78:
21:fd:ec:39:58:5f:3f:b9:45:2b:d4:79:58:2a:4a:
e4:9e:d7:ca:cc:31:cd:8a:31:9b:48:14:12:24:45:
a5:ef:69:5e:67:7c:eb:92:45:cf:1b:03:6a:9b:5b:
6f:bf:85:99:97:9e:ca:4b:e9:32:28:a6:8c:14:81:
eb:e8:ca:f9:ce:03:52:15:13:57:b9:66:95:ba:56:
d3:a0:35:6e:ba:f9:8d:af:6d:c4:4a:2a:63:79:11:
29:e9:1e:41:b1:68:02:7b:5b:7f:ef:86:4e:d9:cc:
1a:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:B9:2D:1F:B8:A0:42:60:57:1F:71:81:0A:8F:86:C4:DC:B7:0C:93
X509v3 Authority Key Identifier:
keyid:6A:B4:49:C1:98:CB:96:63:7B:AC:1A:5B:6D:51:CB:31:F2:58:BB:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/arRJwZjLlmN7rBpbbVHLMfJYuyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/2b187d-edd8-40ee-a17c-d67da3c6969b/1/NrktH7igQmBXH3GBCo-GxNy3DJM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/2b187d-edd8-40ee-a17c-d67da3c6969b/1/arRJwZjLlmN7rBpbbVHLMfJYuyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.16.237.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:c6:79:3e:9e:6b:88:e2:27:18:12:77:e4:71:32:5e:c3:e0:
73:4c:f4:84:67:07:d6:fe:2d:ea:88:e7:e7:87:94:20:8e:67:
23:12:47:c0:fc:68:ca:55:0d:79:31:34:00:ea:3b:5f:18:b0:
b5:1f:03:81:98:18:69:67:36:84:7c:22:8b:2c:0e:63:c2:63:
ff:ab:58:e9:ea:04:a1:6c:fd:11:20:4b:42:23:70:16:71:1b:
ee:7d:b8:bd:bf:5b:78:d8:a2:3d:51:19:95:ca:1b:5c:80:89:
53:ea:be:d9:65:c7:88:ca:c6:99:58:3c:43:af:03:c4:c0:5e:
08:31:47:7e:59:b5:dc:aa:3e:2f:63:69:ea:72:06:17:6d:43:
1b:52:41:99:d9:57:b2:ae:7c:65:c1:00:9d:5b:55:27:76:52:
63:3e:ab:03:43:1d:ff:20:a5:d8:2a:f8:22:5f:04:6c:64:8f:
43:97:44:49:fb:9c:8f:02:dd:95:ee:3c:2b:1e:52:34:ec:4b:
8c:b6:c0:93:0c:ca:09:6c:0c:9b:c1:ef:11:da:eb:6a:a2:82:
67:68:c6:eb:fe:58:ed:0e:c7:13:81:46:ac:59:b0:bd:7c:1c:
fb:13:aa:83:cc:5d:76:ca:22:e1:e8:c8:ad:87:14:30:f7:57:
bb:7a:5a:00
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSb/RAwEeJJJFCt2eBG2qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhYjQ0OWMxOThjYjk2NjM3YmFjMWE1YjZkNTFjYjMxZjI1
OGJiMmMwHhcNMjQwMTAxMTgyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmI5MmQxZmI4YTA0MjYwNTcxZjcxODEwYThmODZjNGRjYjcwYzkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjLeXm2VmI+lUbTkN+flDPh7YeM9q
TYLY6HD/Dry+ozh0066EvUIUIP8Nd7xFKD62L9Kii1U668tTLAlM64Q45xyFgoQ+
mv9BxIPz9/oioTRC8Msi0UrQlmAj+dXKDovkh7SCJbh2v5pXL6mOusXjOrCe+3Qu
GhKAOPXdh/ObnyR9IRGaCKXhySf8fSPOutVituALY3gh/ew5WF8/uUUr1HlYKkrk
ntfKzDHNijGbSBQSJEWl72leZ3zrkkXPGwNqm1tvv4WZl57KS+kyKKaMFIHr6Mr5
zgNSFRNXuWaVulbToDVuuvmNr23ESipjeREp6R5BsWgCe1t/74ZO2cwa+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDa5LR+4oEJgVx9xgQqPhsTctwyTMB8GA1UdIwQY
MBaAFGq0ScGYy5Zje6waW21RyzHyWLssMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXJSSndaakxsbU43ckJwYmJWSExNZkpZdXl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8yYjE4N2QtZWRkOC00MGVlLWExN2Mt
ZDY3ZGEzYzY5NjliLzEvTnJrdEg3aWdRbUJYSDNHQkNvLUd4TnkzREpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8yYjE4N2QtZWRkOC00MGVlLWExN2MtZDY3ZGEzYzY5Njli
LzEvYXJSSndaakxsbU43ckJwYmJWSExNZkpZdXl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwRDtMA0G
CSqGSIb3DQEBCwUAA4IBAQBuxnk+nmuI4icYEnfkcTJew+BzTPSEZwfW/i3qiOfn
h5QgjmcjEkfA/GjKVQ15MTQA6jtfGLC1HwOBmBhpZzaEfCKLLA5jwmP/q1jp6gSh
bP0RIEtCI3AWcRvufbi9v1t42KI9URmVyhtcgIlT6r7ZZceIysaZWDxDrwPEwF4I
MUd+WbXcqj4vY2nqcgYXbUMbUkGZ2VeyrnxlwQCdW1UndlJjPqsDQx3/IKXYKvgi
XwRsZI9Dl0RJ+5yPAt2V7jwrHlI07EuMtsCTDMoJbAybwe8R2utqooJnaMbr/ljt
DscTgUasWbC9fBz7E6qDzF12yiLh6MithxQw91e7eloA
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:03:50 2025 by rpki-client