Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/08f9b4-115c-4488-b567-5cf7c0621065/1/nkoME7SKfIeb9G-LS0_JL85YF2A.roa
File: nkoME7SKfIeb9G-LS0_JL85YF2A.roa (raw, json)
Hash identifier: RHoiYlVGlSEV6JhD1TMqhLoSMBieB5Uh/JN4jZA1KFc=
Subject key identifier: 9E:4A:0C:13:B4:8A:7C:87:9B:F4:6F:8B:4B:4F:C9:2F:CE:58:17:60
Certificate issuer: /CN=f3751cf8c3a2d36c9744c96519899945ac607820
Certificate serial: 01856EC233C71A9188086568A27D880553D3
Authority key identifier: F3:75:1C:F8:C3:A2:D3:6C:97:44:C9:65:19:89:99:45:AC:60:78:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/83Uc-MOi02yXRMllGYmZRaxgeCA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/08f9b4-115c-4488-b567-5cf7c0621065/1/nkoME7SKfIeb9G-LS0_JL85YF2A.roa
Signing time: Sun 01 Jan 2023 19:14:59 +0000
ROA not before: Sun 01 Jan 2023 19:14:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209749
IP address blocks: 37.46.12.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:c2:33:c7:1a:91:88:08:65:68:a2:7d:88:05:53:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f3751cf8c3a2d36c9744c96519899945ac607820
Validity
Not Before: Jan 1 19:14:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9e4a0c13b48a7c879bf46f8b4b4fc92fce581760
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:76:69:5d:7f:08:5d:37:fa:17:05:54:d0:ed:
90:df:77:55:ab:23:88:5f:5a:dc:ca:14:2e:b9:2c:
c3:b2:2f:4a:59:3c:b9:1a:ea:da:93:60:2c:f0:bf:
f4:ca:70:bd:ad:94:3d:cc:77:a8:f6:a6:d0:a1:bc:
47:7b:d4:2b:3e:cb:ab:24:c1:0f:e4:f8:45:74:ee:
82:e2:2c:47:21:2e:4e:9d:8f:86:10:c0:d0:9d:11:
69:4a:bf:66:a8:7b:e0:89:e0:53:d3:33:57:48:2f:
a5:16:6b:91:08:26:17:b3:b1:a2:f3:e7:55:72:22:
c3:08:aa:de:03:e4:f2:bd:cb:e0:85:3c:95:d4:f5:
9f:04:4c:1c:c3:e4:38:3e:fc:c7:7c:f5:73:09:c6:
bd:b9:88:c8:68:c4:23:06:93:91:a6:3d:bf:44:84:
bb:37:3a:38:6b:c7:3e:bd:85:c5:c9:43:c9:6c:e3:
f1:b7:46:46:64:bc:be:0b:85:eb:29:5b:99:34:dc:
c0:06:b2:b9:a6:b2:c0:a7:2f:6e:f1:29:f2:69:31:
fd:fd:9f:2c:7e:15:b6:70:07:a6:09:30:ac:e5:0f:
b6:e2:21:28:02:28:eb:b4:af:a9:64:65:e7:a2:10:
4f:b8:ce:0e:87:5b:bd:49:95:34:f2:89:f8:77:cf:
37:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:4A:0C:13:B4:8A:7C:87:9B:F4:6F:8B:4B:4F:C9:2F:CE:58:17:60
X509v3 Authority Key Identifier:
keyid:F3:75:1C:F8:C3:A2:D3:6C:97:44:C9:65:19:89:99:45:AC:60:78:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/83Uc-MOi02yXRMllGYmZRaxgeCA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/08f9b4-115c-4488-b567-5cf7c0621065/1/nkoME7SKfIeb9G-LS0_JL85YF2A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/08f9b4-115c-4488-b567-5cf7c0621065/1/83Uc-MOi02yXRMllGYmZRaxgeCA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.46.12.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:2b:99:0f:2c:ac:fa:5c:92:ee:20:0a:62:d1:70:da:ee:29:
bf:e7:e1:8b:db:88:22:12:d5:f1:d3:47:90:96:8e:24:9c:75:
1b:f0:21:0c:18:f1:10:fb:b4:dd:fc:d2:47:7d:f5:4b:9a:0b:
b1:cf:e8:98:35:ca:fa:92:cf:57:99:ba:3e:39:09:5d:83:c2:
6a:5a:1b:1e:06:7a:ac:00:ac:1d:5a:9c:b8:d3:41:e4:69:5f:
0e:1e:fe:85:28:be:0f:d0:d7:bc:9d:78:01:ef:2f:95:c5:1c:
e4:cb:66:16:2f:7d:c0:8c:5d:c6:b9:6a:78:38:5c:9b:6b:81:
2e:fc:b4:e8:82:dc:71:63:84:eb:99:7f:30:f9:2d:c1:b4:c7:
17:2e:94:51:a4:5c:84:9a:22:f0:3e:ae:58:6e:86:68:d9:08:
e8:e7:5a:02:23:82:28:95:90:e0:11:22:f8:9f:21:11:4f:64:
6d:71:06:e9:30:a7:d4:9f:d6:32:35:87:d4:31:49:97:aa:01:
f7:8f:76:85:df:6a:4d:ee:71:66:70:9f:7f:75:71:fe:c6:19:
03:f2:d6:35:95:de:67:cf:03:89:69:28:3b:17:4f:ce:68:0c:
cd:c9:3c:8c:c9:4e:2f:ed:f6:a6:b6:ab:ba:c7:f3:11:b9:78:
c1:eb:7c:b2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuwjPHGpGICGVoon2IBVPTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzNzUxY2Y4YzNhMmQzNmM5NzQ0Yzk2NTE5ODk5OTQ1YWM2
MDc4MjAwHhcNMjMwMTAxMTkxNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTRhMGMxM2I0OGE3Yzg3OWJmNDZmOGI0YjRmYzkyZmNlNTgxNzYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiHZpXX8IXTf6FwVU0O2Q33dVqyOI
X1rcyhQuuSzDsi9KWTy5Gurak2As8L/0ynC9rZQ9zHeo9qbQobxHe9QrPsurJMEP
5PhFdO6C4ixHIS5OnY+GEMDQnRFpSr9mqHvgieBT0zNXSC+lFmuRCCYXs7Gi8+dV
ciLDCKreA+TyvcvghTyV1PWfBEwcw+Q4PvzHfPVzCca9uYjIaMQjBpORpj2/RIS7
Nzo4a8c+vYXFyUPJbOPxt0ZGZLy+C4XrKVuZNNzABrK5prLApy9u8SnyaTH9/Z8s
fhW2cAemCTCs5Q+24iEoAijrtK+pZGXnohBPuM4Oh1u9SZU08on4d883CwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ5KDBO0inyHm/Rvi0tPyS/OWBdgMB8GA1UdIwQY
MBaAFPN1HPjDotNsl0TJZRmJmUWsYHggMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODNVYy1NT2kwMnlYUk1sbEdZbVpSYXhnZUNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi8wOGY5YjQtMTE1Yy00NDg4LWI1Njct
NWNmN2MwNjIxMDY1LzEvbmtvTUU3U0tmSWViOUctTFMwX0pMODVZRjJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi8wOGY5YjQtMTE1Yy00NDg4LWI1NjctNWNmN2MwNjIxMDY1
LzEvODNVYy1NT2kwMnlYUk1sbEdZbVpSYXhnZUNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJS4MMA0G
CSqGSIb3DQEBCwUAA4IBAQA+K5kPLKz6XJLuIApi0XDa7im/5+GL24giEtXx00eQ
lo4knHUb8CEMGPEQ+7Td/NJHffVLmguxz+iYNcr6ks9Xmbo+OQldg8JqWhseBnqs
AKwdWpy400HkaV8OHv6FKL4P0Ne8nXgB7y+VxRzky2YWL33AjF3GuWp4OFyba4Eu
/LTogtxxY4TrmX8w+S3BtMcXLpRRpFyEmiLwPq5YboZo2Qjo51oCI4IolZDgESL4
nyERT2RtcQbpMKfUn9YyNYfUMUmXqgH3j3aF32pN7nFmcJ9/dXH+xhkD8tY1ld5n
zwOJaSg7F0/OaAzNyTyMyU4v7famtqu6x/MRuXjB63yy
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:34 2024 by rpki-client on console-ams.rpki-client.org