Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/8d1167-0c4d-488f-9a83-c0177dfda847/1/NSHEaaCBXTNz8CpvUtelrzzw0dw.roa
File: NSHEaaCBXTNz8CpvUtelrzzw0dw.roa (raw, json)
Hash identifier: J3vuWkEa9l3hsKKpcMLH9LuIPxogUD1PlFZMGFFJidg=
Subject key identifier: 35:21:C4:69:A0:81:5D:33:73:F0:2A:6F:52:D7:A5:AF:3C:F0:D1:DC
Certificate issuer: /CN=374f6f3e3cb973bac8a43f6c0b806b3d11c9adc3
Certificate serial: 018FFEAF3B00E799D4D0654F8DFDCE337A79
Authority key identifier: 37:4F:6F:3E:3C:B9:73:BA:C8:A4:3F:6C:0B:80:6B:3D:11:C9:AD:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N09vPjy5c7rIpD9sC4BrPRHJrcM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/8d1167-0c4d-488f-9a83-c0177dfda847/1/NSHEaaCBXTNz8CpvUtelrzzw0dw.roa
Signing time: Sun 09 Jun 2024 20:27:27 +0000
ROA not before: Sun 09 Jun 2024 20:27:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215671
IP address blocks: 5.22.200.0/24 maxlen: 24
5.22.201.0/24 maxlen: 24
2a06:bd40::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:47:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:fe:af:3b:00:e7:99:d4:d0:65:4f:8d:fd:ce:33:7a:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=374f6f3e3cb973bac8a43f6c0b806b3d11c9adc3
Validity
Not Before: Jun 9 20:27:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3521c469a0815d3373f02a6f52d7a5af3cf0d1dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:c2:25:a9:a5:8d:8a:a5:bf:54:a3:e5:9d:38:
eb:5e:de:4b:39:2a:42:24:61:55:50:f3:7f:4f:42:
e3:a0:e8:fb:e2:31:9e:0b:36:04:47:82:a8:aa:aa:
50:59:d6:39:ef:f6:75:d1:e4:0e:e4:dc:d9:64:fd:
68:ac:e6:03:24:92:ab:ea:48:7d:8a:ba:32:10:06:
52:0e:77:94:eb:78:8d:40:28:cf:e3:37:c4:77:39:
39:7a:77:37:94:42:4e:b7:e7:e3:17:91:29:c3:b2:
c3:f8:85:d1:84:61:57:5c:b1:bd:0a:1a:ac:2c:4e:
b6:6b:bd:5a:27:f9:b4:1b:fd:23:50:c2:1e:ec:ff:
00:59:04:f9:6e:79:2b:57:b0:d4:97:7f:93:93:39:
24:24:fe:7b:03:8d:1e:c4:e9:ff:2d:43:aa:53:5b:
fd:3c:34:d7:36:7f:a4:92:57:9a:f9:cc:6e:f0:86:
9f:8c:68:95:27:e7:2c:50:45:29:65:27:2c:55:06:
32:bd:3c:a6:fe:b7:d6:e1:f7:79:ef:f7:44:45:d3:
95:67:f8:e4:d3:cc:06:06:31:29:ee:61:4a:87:df:
df:13:db:00:06:63:9e:ec:3b:7d:15:50:a5:02:f9:
61:1d:3b:46:1e:ae:a2:de:a2:51:da:fb:59:5f:64:
84:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:21:C4:69:A0:81:5D:33:73:F0:2A:6F:52:D7:A5:AF:3C:F0:D1:DC
X509v3 Authority Key Identifier:
keyid:37:4F:6F:3E:3C:B9:73:BA:C8:A4:3F:6C:0B:80:6B:3D:11:C9:AD:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N09vPjy5c7rIpD9sC4BrPRHJrcM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/8d1167-0c4d-488f-9a83-c0177dfda847/1/NSHEaaCBXTNz8CpvUtelrzzw0dw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/8d1167-0c4d-488f-9a83-c0177dfda847/1/N09vPjy5c7rIpD9sC4BrPRHJrcM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.22.200.0/23
IPv6:
2a06:bd40::/29
Signature Algorithm: sha256WithRSAEncryption
1d:14:aa:a9:50:24:29:26:f8:95:e6:21:84:9d:9f:63:68:47:
9c:a0:68:b4:19:94:e0:09:7b:6b:e8:0f:1f:f0:b9:87:09:3b:
db:b9:b6:ee:49:95:cc:8c:07:2b:2c:63:f9:b3:33:84:b2:de:
63:77:c9:46:ac:df:6e:00:00:31:6b:6e:e3:1a:b0:88:21:41:
a9:14:25:75:38:5b:76:e4:f5:17:ba:cd:d1:0e:d7:1d:92:fb:
14:6f:7b:24:8f:33:fc:85:8a:e6:76:44:3f:93:19:08:24:ca:
8e:a3:7e:9d:9b:27:b2:1d:32:4a:b1:b2:e6:49:c7:90:0e:52:
42:60:9d:1e:46:f1:3a:41:38:7d:6d:85:a7:dc:0b:01:9b:54:
70:c2:4b:2c:b6:78:bc:69:f0:5d:2e:69:dd:e9:0c:27:28:24:
3b:13:ce:5b:c0:0a:17:f9:11:df:f1:4a:44:87:01:b8:56:b3:
95:e6:cb:de:61:c7:fe:f2:c9:4a:f4:8d:bc:31:53:65:1e:3e:
00:3b:03:f6:fb:9b:83:b0:ac:77:4f:cb:91:25:8c:dc:41:37:
0a:a7:6c:cd:36:ba:fd:e2:25:dc:dd:bf:a0:29:eb:d2:c2:e1:
ca:a9:1d:26:9a:60:1a:85:f5:5f:4f:18:0a:9c:e4:e0:6e:2e:
97:91:31:45
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY/+rzsA55nU0GVPjf3OM3p5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3NGY2ZjNlM2NiOTczYmFjOGE0M2Y2YzBiODA2YjNkMTFj
OWFkYzMwHhcNMjQwNjA5MjAyNzI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTIxYzQ2OWEwODE1ZDMzNzNmMDJhNmY1MmQ3YTVhZjNjZjBkMWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvsIlqaWNiqW/VKPlnTjrXt5LOSpC
JGFVUPN/T0LjoOj74jGeCzYER4KoqqpQWdY57/Z10eQO5NzZZP1orOYDJJKr6kh9
iroyEAZSDneU63iNQCjP4zfEdzk5enc3lEJOt+fjF5Epw7LD+IXRhGFXXLG9Chqs
LE62a71aJ/m0G/0jUMIe7P8AWQT5bnkrV7DUl3+TkzkkJP57A40exOn/LUOqU1v9
PDTXNn+kklea+cxu8IafjGiVJ+csUEUpZScsVQYyvTym/rfW4fd57/dERdOVZ/jk
08wGBjEp7mFKh9/fE9sABmOe7Dt9FVClAvlhHTtGHq6i3qJR2vtZX2SEFQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDUhxGmggV0zc/Aqb1LXpa888NHcMB8GA1UdIwQY
MBaAFDdPbz48uXO6yKQ/bAuAaz0Rya3DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjA5dlBqeTVjN3JJcEQ5c0M0QnJQUkhKcmNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi84ZDExNjctMGM0ZC00ODhmLTlhODMt
YzAxNzdkZmRhODQ3LzEvTlNIRWFhQ0JYVE56OENwdlV0ZWxyenp3MGR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi84ZDExNjctMGM0ZC00ODhmLTlhODMtYzAxNzdkZmRhODQ3
LzEvTjA5dlBqeTVjN3JJcEQ5c0M0QnJQUkhKcmNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBBRbIMA0E
AgACMAcDBQMqBr1AMA0GCSqGSIb3DQEBCwUAA4IBAQAdFKqpUCQpJviV5iGEnZ9j
aEecoGi0GZTgCXtr6A8f8LmHCTvbubbuSZXMjAcrLGP5szOEst5jd8lGrN9uAAAx
a27jGrCIIUGpFCV1OFt25PUXus3RDtcdkvsUb3skjzP8hYrmdkQ/kxkIJMqOo36d
myeyHTJKsbLmSceQDlJCYJ0eRvE6QTh9bYWn3AsBm1Rwwksstni8afBdLmnd6Qwn
KCQ7E85bwAoX+RHf8UpEhwG4VrOV5sveYcf+8slK9I28MVNlHj4AOwP2+5uDsKx3
T8uRJYzcQTcKp2zNNrr94iXc3b+gKevSwuHKqR0mmmAahfVfTxgKnOTgbi6XkTFF
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:31:10 2025 by rpki-client