Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/nloDU-gfhNhGyp0XudQ7mdo2hMs.roa
File: nloDU-gfhNhGyp0XudQ7mdo2hMs.roa (raw, json)
Hash identifier: cxESXNAC3D3HMO0NXnezGc/YbDIn1aDkw4/7tZrXznk=
Subject key identifier: 9E:5A:03:53:E8:1F:84:D8:46:CA:9D:17:B9:D4:3B:99:DA:36:84:CB
Certificate issuer: /CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Certificate serial: 018CE9AB35562E1E9F70BA7754096040DAFC
Authority key identifier: 17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/nloDU-gfhNhGyp0XudQ7mdo2hMs.roa
Signing time: Mon 08 Jan 2024 15:22:40 +0000
ROA not before: Mon 08 Jan 2024 15:22:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197730
IP address blocks: 185.235.164.0/24 maxlen: 24
45.135.238.0/24 maxlen: 24
2a0b:1f00::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 23 Feb 2024 12:56:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:e9:ab:35:56:2e:1e:9f:70:ba:77:54:09:60:40:da:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Validity
Not Before: Jan 8 15:22:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9e5a0353e81f84d846ca9d17b9d43b99da3684cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:d1:24:77:d4:1e:c4:49:69:c0:97:ab:0f:8c:
eb:ca:2f:a7:f7:20:f5:94:e0:c7:3f:9b:83:e8:f5:
d1:aa:28:d5:82:89:d5:57:4c:6b:9e:ef:64:9e:ca:
d1:e5:b9:e3:b2:c5:45:5c:08:c8:a2:83:f1:a6:87:
e7:94:2f:0a:34:e1:d2:04:45:7f:76:61:37:02:8d:
1d:18:b5:db:34:3c:21:ed:cd:30:39:80:ae:b6:96:
4c:3e:be:33:27:5f:81:54:7b:d6:3f:13:cb:0e:e5:
c2:9e:23:7f:42:68:79:4a:40:c2:a8:21:79:58:fc:
2e:02:56:f4:af:df:5b:d6:ba:b5:5a:05:1b:07:9b:
40:0b:5b:90:5c:b5:85:e6:64:fd:9a:49:77:69:af:
3e:22:3b:75:d8:26:af:01:2f:56:ea:f0:13:13:69:
bf:bb:b7:ac:0c:44:f4:73:20:79:8b:20:45:5b:1c:
c1:92:b3:18:8f:31:b1:a7:69:99:64:03:9a:0c:af:
88:09:75:46:84:c5:03:59:e3:d6:a1:f0:e3:60:13:
44:b9:e7:77:55:e2:0f:e5:dc:a6:26:9b:6e:36:ad:
8c:93:d4:07:e6:6f:ef:57:90:8a:18:a7:b5:5c:9d:
c2:a2:8b:37:0f:2b:2c:47:7a:a1:dc:5f:18:e0:ed:
42:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:5A:03:53:E8:1F:84:D8:46:CA:9D:17:B9:D4:3B:99:DA:36:84:CB
X509v3 Authority Key Identifier:
keyid:17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/nloDU-gfhNhGyp0XudQ7mdo2hMs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.238.0/24
185.235.164.0/24
IPv6:
2a0b:1f00::/32
Signature Algorithm: sha256WithRSAEncryption
94:c3:07:ca:15:33:be:15:52:ac:8f:70:46:dd:4c:2a:fa:d9:
8e:4c:e5:a1:ad:53:0b:a3:e4:1a:ab:d0:f8:de:92:9b:0d:b6:
a1:72:63:62:28:4a:87:c7:a5:43:30:12:40:3a:f9:40:91:ed:
e6:ba:19:2d:15:0d:dc:2d:89:8c:eb:d3:cc:89:29:0c:ac:26:
fb:ab:44:8e:70:87:54:73:7c:66:8e:6b:81:f0:05:b5:9f:63:
a4:38:13:9a:89:75:e4:39:1c:15:8a:60:66:a2:cf:af:e0:62:
44:0d:db:00:2e:c9:d9:4c:94:1c:c5:fd:b4:5a:12:62:0c:d3:
a1:c2:29:7d:35:61:26:5a:73:56:58:e0:79:4a:bc:b8:f9:36:
71:85:f8:ca:68:73:0b:4c:15:ac:48:bc:32:4a:ac:5e:41:bd:
c8:11:0a:5b:c5:fb:9c:04:c1:a1:b2:a1:4f:e3:bd:72:7b:c9:
ba:3f:88:1e:50:1a:0e:1f:60:c9:da:b1:c3:29:9e:56:d2:26:
ef:09:9b:68:40:bc:82:26:a6:5c:de:29:c4:a9:18:f7:31:a8:
ef:48:00:66:9b:d2:fb:b7:1b:4c:2f:53:c0:20:4b:3a:c5:b1:
c9:49:10:17:94:82:85:a7:2f:aa:8c:19:b0:f1:20:c2:bf:df:
f8:37:4a:d1
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzpqzVWLh6fcLp3VAlgQNr8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZDAzZjI5ODE4MGNjMTA5ZjE5ZDRiMTk5MmM3ZDcxYzU2
YzhkY2MwHhcNMjQwMTA4MTUyMjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTVhMDM1M2U4MWY4NGQ4NDZjYTlkMTdiOWQ0M2I5OWRhMzY4NGNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgdEkd9QexElpwJerD4zryi+n9yD1
lODHP5uD6PXRqijVgonVV0xrnu9knsrR5bnjssVFXAjIooPxpofnlC8KNOHSBEV/
dmE3Ao0dGLXbNDwh7c0wOYCutpZMPr4zJ1+BVHvWPxPLDuXCniN/Qmh5SkDCqCF5
WPwuAlb0r99b1rq1WgUbB5tAC1uQXLWF5mT9mkl3aa8+Ijt12CavAS9W6vATE2m/
u7esDET0cyB5iyBFWxzBkrMYjzGxp2mZZAOaDK+ICXVGhMUDWePWofDjYBNEued3
VeIP5dymJptuNq2Mk9QH5m/vV5CKGKe1XJ3Coos3DyssR3qh3F8Y4O1C6QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJ5aA1PoH4TYRsqdF7nUO5naNoTLMB8GA1UdIwQY
MBaAFBfQPymBgMwQnxnUsZksfXHFbI3MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUt
OTE4YWM2NDYyNjc5LzEvbmxvRFUtZ2ZoTmhHeXAwWHVkUTdtZG8yaE1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUtOTE4YWM2NDYyNjc5
LzEvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQALYfuAwQA
ueukMA0EAgACMAcDBQAqCx8AMA0GCSqGSIb3DQEBCwUAA4IBAQCUwwfKFTO+FVKs
j3BG3Uwq+tmOTOWhrVMLo+Qaq9D43pKbDbahcmNiKEqHx6VDMBJAOvlAke3muhkt
FQ3cLYmM69PMiSkMrCb7q0SOcIdUc3xmjmuB8AW1n2OkOBOaiXXkORwVimBmos+v
4GJEDdsALsnZTJQcxf20WhJiDNOhwil9NWEmWnNWWOB5Sry4+TZxhfjKaHMLTBWs
SLwySqxeQb3IEQpbxfucBMGhsqFP471ye8m6P4geUBoOH2DJ2rHDKZ5W0ibvCZto
QLyCJqZc3inEqRj3MajvSABmm9L7txtML1PAIEs6xbHJSRAXlIKFpy+qjBmw8SDC
v9/4N0rR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:50 2024 by rpki-client on console-fra.rpki-client.org