Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/758203-d529-48a7-98f4-e51a90907226/1/N2KrmzfcCB_BrdYQ3YUQFlAO758.roa
File: N2KrmzfcCB_BrdYQ3YUQFlAO758.roa (raw, json)
Hash identifier: coJa60IGrn7svlSdRBnKD3l3TvU4KVbD88GohBNR5QM=
Subject key identifier: 37:62:AB:9B:37:DC:08:1F:C1:AD:D6:10:DD:85:10:16:50:0E:EF:9F
Certificate issuer: /CN=360c5935e51fe706c2447519d9b5f95ae363c186
Certificate serial: 018CC56DFC033CB70C86F744FE6748403966
Authority key identifier: 36:0C:59:35:E5:1F:E7:06:C2:44:75:19:D9:B5:F9:5A:E3:63:C1:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NgxZNeUf5wbCRHUZ2bX5WuNjwYY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/758203-d529-48a7-98f4-e51a90907226/1/N2KrmzfcCB_BrdYQ3YUQFlAO758.roa
Signing time: Mon 01 Jan 2024 14:29:28 +0000
ROA not before: Mon 01 Jan 2024 14:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211964
IP address blocks: 195.128.35.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:47:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:fc:03:3c:b7:0c:86:f7:44:fe:67:48:40:39:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=360c5935e51fe706c2447519d9b5f95ae363c186
Validity
Not Before: Jan 1 14:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3762ab9b37dc081fc1add610dd851016500eef9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:30:08:c6:64:21:1a:f8:a8:b7:cc:aa:30:be:
86:5b:4f:78:5c:8d:8b:17:8e:50:02:2d:64:fb:af:
a7:6f:af:14:62:4b:f0:73:a3:ea:a6:32:89:d6:37:
26:71:fe:96:fa:36:88:e6:3b:c3:56:60:16:37:0b:
19:38:ce:b4:50:86:9f:0b:e7:47:c5:95:60:e5:5e:
6f:14:9a:ed:a2:35:31:78:88:d0:f0:0d:1c:a5:28:
e2:82:30:3a:35:85:24:23:17:9b:57:34:b6:8e:4a:
19:28:03:9b:97:ab:f2:77:c6:42:93:bd:21:c1:9f:
6e:db:60:95:26:a6:3b:25:6a:45:70:11:c6:ba:1a:
94:21:ed:de:72:c2:6e:ea:be:3f:5b:45:50:4c:67:
07:6d:99:2d:fd:9e:82:fe:3f:7a:cf:36:5f:a4:51:
70:30:00:6b:7c:88:28:9c:10:fa:15:66:35:ab:31:
1f:5b:ac:1e:a6:29:16:50:34:4e:c9:1e:b3:fc:f5:
65:7b:5d:2c:45:f8:bd:96:6d:2a:24:44:0b:4e:33:
ba:00:a1:b9:ea:5b:70:13:01:a5:81:1c:09:04:63:
7c:b2:f0:8e:26:30:34:d6:21:44:fd:f3:ab:b6:44:
4c:fc:e7:c0:74:45:dd:9f:0a:22:13:41:0d:dc:b6:
27:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:62:AB:9B:37:DC:08:1F:C1:AD:D6:10:DD:85:10:16:50:0E:EF:9F
X509v3 Authority Key Identifier:
keyid:36:0C:59:35:E5:1F:E7:06:C2:44:75:19:D9:B5:F9:5A:E3:63:C1:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NgxZNeUf5wbCRHUZ2bX5WuNjwYY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/758203-d529-48a7-98f4-e51a90907226/1/N2KrmzfcCB_BrdYQ3YUQFlAO758.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/758203-d529-48a7-98f4-e51a90907226/1/NgxZNeUf5wbCRHUZ2bX5WuNjwYY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.128.35.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:a3:4f:cc:5d:c8:73:06:cc:01:40:a1:28:c1:0d:5f:e0:a3:
34:38:00:48:f6:98:ce:f8:31:61:40:ff:7c:86:8e:2f:11:58:
5a:86:08:9e:26:ea:e2:74:f4:90:a3:37:11:4a:ea:94:a1:d2:
04:3d:7c:12:37:fe:0d:82:3c:f7:66:19:36:fc:1f:9f:cf:fb:
42:71:0f:ee:c1:be:68:df:3d:f3:d0:41:42:fa:e1:6b:e5:76:
5d:ac:c4:0b:96:b1:83:fb:50:a3:75:65:a2:54:44:21:3f:e2:
09:93:f3:ec:0b:a7:eb:68:cb:a4:09:09:01:02:af:c5:ec:53:
8f:b4:21:9e:bf:5a:9a:62:b1:27:29:d5:29:eb:dc:05:cc:99:
5b:33:a5:97:bd:3f:b5:65:3b:67:c0:38:f7:9c:73:e2:a0:10:
3e:db:96:c1:78:e3:f0:b9:9b:1b:e1:e4:66:c2:b7:6c:72:0f:
34:c5:b2:e4:44:39:ed:f4:55:bb:3b:2b:29:2f:8d:2c:80:f7:
48:93:c1:a0:64:4f:98:54:76:0f:17:9c:31:ae:70:e1:43:c6:
65:50:30:b4:9f:56:55:7e:e5:aa:37:18:bb:dc:37:00:0d:ed:
fd:1a:9d:b5:2c:ba:17:ba:c7:45:2b:03:a6:b9:b9:4d:92:0e:
da:aa:1c:a8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbfwDPLcMhvdE/mdIQDlmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2MGM1OTM1ZTUxZmU3MDZjMjQ0NzUxOWQ5YjVmOTVhZTM2
M2MxODYwHhcNMjQwMTAxMTQyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzYyYWI5YjM3ZGMwODFmYzFhZGQ2MTBkZDg1MTAxNjUwMGVlZjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhjAIxmQhGviot8yqML6GW094XI2L
F45QAi1k+6+nb68UYkvwc6PqpjKJ1jcmcf6W+jaI5jvDVmAWNwsZOM60UIafC+dH
xZVg5V5vFJrtojUxeIjQ8A0cpSjigjA6NYUkIxebVzS2jkoZKAObl6vyd8ZCk70h
wZ9u22CVJqY7JWpFcBHGuhqUIe3ecsJu6r4/W0VQTGcHbZkt/Z6C/j96zzZfpFFw
MABrfIgonBD6FWY1qzEfW6wepikWUDROyR6z/PVle10sRfi9lm0qJEQLTjO6AKG5
6ltwEwGlgRwJBGN8svCOJjA01iFE/fOrtkRM/OfAdEXdnwoiE0EN3LYnSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDdiq5s33Agfwa3WEN2FEBZQDu+fMB8GA1UdIwQY
MBaAFDYMWTXlH+cGwkR1Gdm1+VrjY8GGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmd4Wk5lVWY1d2JDUkhVWjJiWDVXdU5qd1lZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny83NTgyMDMtZDUyOS00OGE3LTk4ZjQt
ZTUxYTkwOTA3MjI2LzEvTjJLcm16ZmNDQl9CcmRZUTNZVVFGbEFPNzU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny83NTgyMDMtZDUyOS00OGE3LTk4ZjQtZTUxYTkwOTA3MjI2
LzEvTmd4Wk5lVWY1d2JDUkhVWjJiWDVXdU5qd1lZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw4AjMA0G
CSqGSIb3DQEBCwUAA4IBAQCho0/MXchzBswBQKEowQ1f4KM0OABI9pjO+DFhQP98
ho4vEVhahgieJuridPSQozcRSuqUodIEPXwSN/4Ngjz3Zhk2/B+fz/tCcQ/uwb5o
3z3z0EFC+uFr5XZdrMQLlrGD+1CjdWWiVEQhP+IJk/PsC6fraMukCQkBAq/F7FOP
tCGev1qaYrEnKdUp69wFzJlbM6WXvT+1ZTtnwDj3nHPioBA+25bBeOPwuZsb4eRm
wrdscg80xbLkRDnt9FW7OyspL40sgPdIk8GgZE+YVHYPF5wxrnDhQ8ZlUDC0n1ZV
fuWqNxi73DcADe39Gp21LLoXusdFKwOmublNkg7aqhyo
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:55:29 2025 by rpki-client