Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/cb28b6-2966-444a-8fbd-97fb900d668b/1/NfAx8AXVD91-Lcpq-IJEMrpYon4.roa
File: NfAx8AXVD91-Lcpq-IJEMrpYon4.roa (raw, json)
Hash identifier: PfLM8sC3X7QZXLOXD3U00buTmv3NgoXvA6ch+pPLZ5U=
Subject key identifier: 35:F0:31:F0:05:D5:0F:DD:7E:2D:CA:6A:F8:82:44:32:BA:58:A2:7E
Certificate issuer: /CN=0265ad94e797135906b3e11a847c8eafd094e745
Certificate serial: 018CC9BCC43936732389FF2D346990D25076
Authority key identifier: 02:65:AD:94:E7:97:13:59:06:B3:E1:1A:84:7C:8E:AF:D0:94:E7:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AmWtlOeXE1kGs-EahHyOr9CU50U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/cb28b6-2966-444a-8fbd-97fb900d668b/1/NfAx8AXVD91-Lcpq-IJEMrpYon4.roa
Signing time: Tue 02 Jan 2024 10:34:00 +0000
ROA not before: Tue 02 Jan 2024 10:34:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51985
IP address blocks: 185.45.172.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:47:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:c4:39:36:73:23:89:ff:2d:34:69:90:d2:50:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0265ad94e797135906b3e11a847c8eafd094e745
Validity
Not Before: Jan 2 10:34:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=35f031f005d50fdd7e2dca6af8824432ba58a27e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:a2:b3:fe:4f:cb:3a:fb:bc:15:07:01:c4:20:
0e:7b:05:c1:8c:20:f3:78:2e:5a:46:ac:2a:66:8b:
85:a3:39:7f:32:42:0b:48:3f:74:b4:0d:da:66:5f:
c1:d4:4f:47:3d:d0:10:3e:a5:20:c3:6c:5a:1c:72:
92:ff:ec:98:62:14:e3:f6:c3:75:70:4c:2b:8c:6a:
c0:2d:61:fb:ee:77:1a:09:33:f1:ad:9b:78:b0:d9:
b0:18:01:9d:80:78:d4:e8:82:9a:b5:44:19:88:53:
dc:59:d0:65:0c:09:26:3e:5e:2e:3b:5b:bf:9a:c9:
17:66:58:5b:50:02:d0:10:b6:1d:1d:74:4a:1d:da:
17:c1:56:1d:f0:6d:70:ba:f5:e4:7e:67:c1:36:5e:
5f:2f:23:b0:62:bd:58:23:14:78:c1:6f:7e:5f:41:
17:f6:52:e2:59:d7:a5:ad:df:50:fe:b6:94:7d:cf:
7b:66:ea:27:7b:4e:a1:cd:8d:10:07:dd:4a:79:b8:
86:a1:10:c4:9a:4a:ae:7f:1f:5a:6b:3a:49:cb:56:
a1:7d:eb:56:d9:2b:dc:43:3e:6f:76:51:2c:03:ca:
77:e0:89:35:53:43:e7:81:96:3b:d7:8f:5d:fa:91:
b4:ad:3e:7a:83:56:5a:ce:61:0c:5e:30:2a:fc:d7:
13:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:F0:31:F0:05:D5:0F:DD:7E:2D:CA:6A:F8:82:44:32:BA:58:A2:7E
X509v3 Authority Key Identifier:
keyid:02:65:AD:94:E7:97:13:59:06:B3:E1:1A:84:7C:8E:AF:D0:94:E7:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AmWtlOeXE1kGs-EahHyOr9CU50U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/cb28b6-2966-444a-8fbd-97fb900d668b/1/NfAx8AXVD91-Lcpq-IJEMrpYon4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/cb28b6-2966-444a-8fbd-97fb900d668b/1/AmWtlOeXE1kGs-EahHyOr9CU50U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.45.172.0/22
Signature Algorithm: sha256WithRSAEncryption
6b:76:11:54:aa:a3:f5:0d:24:90:4e:b9:9b:48:f8:ac:39:bb:
54:81:f4:1e:76:cd:eb:6e:d5:c2:87:0e:93:ea:cf:f4:fe:c5:
c9:56:b5:38:69:65:81:82:dc:d8:36:79:3a:86:29:b5:ba:1a:
05:b6:32:05:05:de:81:d3:b1:70:a0:25:5f:08:56:3e:64:ee:
89:cb:f6:a7:7b:eb:4a:e6:22:11:56:0b:8f:ff:7d:34:8f:60:
a9:38:e9:6a:d7:dd:3f:60:0d:d1:f6:2d:42:32:7d:fd:d3:6a:
8f:70:06:98:09:6e:f7:0d:40:22:ef:72:5d:ea:21:9a:15:49:
98:ee:f7:73:07:b6:b9:64:57:c2:ae:83:e0:d8:b6:40:0b:25:
45:a3:20:f3:f1:8f:95:0b:4a:44:ef:0c:54:19:08:9e:8b:d1:
07:db:60:e5:04:c7:d3:89:11:ae:fb:49:b7:4f:d1:86:51:8a:
fc:01:7b:8a:20:65:36:35:04:2a:34:f2:56:fe:a2:8f:2b:39:
a6:d9:d5:76:df:2e:a6:a5:52:a4:75:cb:4a:5b:f7:16:8e:1a:
cf:83:41:b1:71:93:50:22:8e:aa:a3:44:65:52:90:62:09:ee:
f5:6e:f9:38:02:59:74:e2:3a:c8:ad:dd:d4:4b:6a:39:3a:ed:
ae:f7:35:ee
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJvMQ5NnMjif8tNGmQ0lB2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyNjVhZDk0ZTc5NzEzNTkwNmIzZTExYTg0N2M4ZWFmZDA5
NGU3NDUwHhcNMjQwMTAyMTAzNDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWYwMzFmMDA1ZDUwZmRkN2UyZGNhNmFmODgyNDQzMmJhNThhMjdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApqKz/k/LOvu8FQcBxCAOewXBjCDz
eC5aRqwqZouFozl/MkILSD90tA3aZl/B1E9HPdAQPqUgw2xaHHKS/+yYYhTj9sN1
cEwrjGrALWH77ncaCTPxrZt4sNmwGAGdgHjU6IKatUQZiFPcWdBlDAkmPl4uO1u/
mskXZlhbUALQELYdHXRKHdoXwVYd8G1wuvXkfmfBNl5fLyOwYr1YIxR4wW9+X0EX
9lLiWdelrd9Q/raUfc97Zuone06hzY0QB91KebiGoRDEmkqufx9aazpJy1ahfetW
2SvcQz5vdlEsA8p34Ik1U0PngZY7149d+pG0rT56g1ZazmEMXjAq/NcT4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDXwMfAF1Q/dfi3KaviCRDK6WKJ+MB8GA1UdIwQY
MBaAFAJlrZTnlxNZBrPhGoR8jq/QlOdFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQW1XdGxPZVhFMWtHcy1FYWhIeU9yOUNVNTBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni9jYjI4YjYtMjk2Ni00NDRhLThmYmQt
OTdmYjkwMGQ2NjhiLzEvTmZBeDhBWFZEOTEtTGNwcS1JSkVNcnBZb240LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni9jYjI4YjYtMjk2Ni00NDRhLThmYmQtOTdmYjkwMGQ2Njhi
LzEvQW1XdGxPZVhFMWtHcy1FYWhIeU9yOUNVNTBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuS2sMA0G
CSqGSIb3DQEBCwUAA4IBAQBrdhFUqqP1DSSQTrmbSPisObtUgfQeds3rbtXChw6T
6s/0/sXJVrU4aWWBgtzYNnk6him1uhoFtjIFBd6B07FwoCVfCFY+ZO6Jy/ane+tK
5iIRVguP/300j2CpOOlq190/YA3R9i1CMn3902qPcAaYCW73DUAi73Jd6iGaFUmY
7vdzB7a5ZFfCroPg2LZACyVFoyDz8Y+VC0pE7wxUGQiei9EH22DlBMfTiRGu+0m3
T9GGUYr8AXuKIGU2NQQqNPJW/qKPKzmm2dV23y6mpVKkdctKW/cWjhrPg0GxcZNQ
Io6qo0RlUpBiCe71bvk4All04jrIrd3US2o5Ou2u9zXu
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:35:27 2025 by rpki-client