Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/nmXCKl3GMuhoIPpr6xIznkvaJE0.roa
File: nmXCKl3GMuhoIPpr6xIznkvaJE0.roa (raw, json)
Hash identifier: Slul1tGgvTwjvwc9eXRC6lvAYjsPS95PPbhbFWZh5Ms=
Subject key identifier: 9E:65:C2:2A:5D:C6:32:E8:68:20:FA:6B:EB:12:33:9E:4B:DA:24:4D
Certificate issuer: /CN=95b30111b0b720a209f788c8b90f60380b465c2e
Certificate serial: 01856F94D0C762FF73C777AEDBA1FEB15B6A
Authority key identifier: 95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/nmXCKl3GMuhoIPpr6xIznkvaJE0.roa
Signing time: Sun 01 Jan 2023 23:05:01 +0000
ROA not before: Sun 01 Jan 2023 23:05:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199312
IP address blocks: 46.28.160.0/21 maxlen: 24
185.10.248.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:94:d0:c7:62:ff:73:c7:77:ae:db:a1:fe:b1:5b:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95b30111b0b720a209f788c8b90f60380b465c2e
Validity
Not Before: Jan 1 23:05:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9e65c22a5dc632e86820fa6beb12339e4bda244d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:26:ea:d1:f3:e7:ad:d7:f4:6e:57:35:b0:92:
29:ea:3b:dd:3d:6b:09:00:78:2a:bd:eb:f1:79:ce:
f4:2c:e5:a6:63:a1:87:43:a7:8a:8e:f8:26:6f:ec:
db:b3:d8:a0:78:9c:19:e4:33:c9:7c:cf:d4:93:e6:
61:06:7c:58:99:63:5b:5d:15:3f:6a:e5:10:9a:d3:
86:78:0b:7b:b7:68:0b:84:b0:3d:ba:d9:60:8c:1d:
53:54:77:38:ca:04:18:0c:cf:56:2c:98:a2:1d:c5:
3a:af:ec:40:59:c7:4b:b6:62:95:f2:2d:6c:3d:b5:
9c:9c:0f:43:f9:1f:bd:22:b9:6a:05:12:74:79:26:
8a:7d:3a:f9:82:72:34:dc:02:e4:43:82:e5:d6:07:
ce:61:96:a2:85:5f:db:e2:b1:8b:00:34:2f:d4:77:
a8:82:18:9a:7e:e8:db:dc:0b:e6:6d:56:f2:7c:a8:
85:3d:19:62:8c:b7:18:d4:d8:b5:72:64:df:a0:f7:
cc:1d:55:87:f1:59:21:78:ba:14:dc:6f:52:b8:03:
2c:5f:90:50:4c:69:d7:fb:da:f4:3d:5d:22:88:ac:
ff:85:87:56:bf:4f:b6:33:ce:c8:c0:a2:6d:8f:26:
2f:af:a5:8c:f8:9b:e4:37:41:cf:09:98:15:de:b3:
58:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:65:C2:2A:5D:C6:32:E8:68:20:FA:6B:EB:12:33:9E:4B:DA:24:4D
X509v3 Authority Key Identifier:
keyid:95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/nmXCKl3GMuhoIPpr6xIznkvaJE0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.28.160.0/21
185.10.248.0/22
Signature Algorithm: sha256WithRSAEncryption
51:dc:d9:60:c4:a1:cc:b3:2f:8d:f0:39:59:e7:7d:19:f2:1a:
67:25:42:48:2c:cf:98:51:c9:0a:13:05:c4:53:35:4b:ba:e2:
b2:cc:32:b0:31:c9:80:5f:e1:9c:17:e6:47:36:d6:ac:74:0b:
bd:ac:44:2d:6c:02:f0:b6:ab:50:24:a9:19:0d:02:78:90:c7:
4a:4f:0b:3d:b9:3e:0b:48:d0:03:bc:b9:9d:4a:fa:07:45:e6:
1c:5a:97:0f:c5:13:95:23:55:26:a6:69:76:2c:2c:c4:c8:11:
81:3d:2e:02:40:13:bf:30:d1:47:88:2b:56:29:23:e7:f3:1c:
25:bb:e6:a0:f9:19:80:9f:a0:89:ad:8a:c8:93:2a:39:f9:ec:
64:f8:b3:ae:90:38:9d:7b:6f:45:d1:f2:29:5b:40:ad:e7:d5:
00:07:38:0a:71:53:ed:90:69:89:97:88:74:ff:a3:fd:7f:4a:
34:a8:fb:63:12:10:b2:b4:61:af:30:c8:cb:01:d5:57:54:ee:
ed:d4:50:ed:91:77:18:64:07:19:83:2a:41:d4:88:a4:5f:e6:
0e:a5:94:ee:f2:a5:31:fd:3d:c9:6e:1e:a3:7d:0b:72:65:c1:
8c:bd:f9:bb:c1:b4:7b:21:85:3d:6f:7e:74:20:4f:02:69:ba:
07:74:98:ec
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvlNDHYv9zx3eu26H+sVtqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YjMwMTExYjBiNzIwYTIwOWY3ODhjOGI5MGY2MDM4MGI0
NjVjMmUwHhcNMjMwMTAxMjMwNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTY1YzIyYTVkYzYzMmU4NjgyMGZhNmJlYjEyMzM5ZTRiZGEyNDRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmybq0fPnrdf0blc1sJIp6jvdPWsJ
AHgqvevxec70LOWmY6GHQ6eKjvgmb+zbs9igeJwZ5DPJfM/Uk+ZhBnxYmWNbXRU/
auUQmtOGeAt7t2gLhLA9utlgjB1TVHc4ygQYDM9WLJiiHcU6r+xAWcdLtmKV8i1s
PbWcnA9D+R+9IrlqBRJ0eSaKfTr5gnI03ALkQ4Ll1gfOYZaihV/b4rGLADQv1Heo
ghiafujb3AvmbVbyfKiFPRlijLcY1Ni1cmTfoPfMHVWH8VkheLoU3G9SuAMsX5BQ
TGnX+9r0PV0iiKz/hYdWv0+2M87IwKJtjyYvr6WM+JvkN0HPCZgV3rNYqQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJ5lwipdxjLoaCD6a+sSM55L2iRNMB8GA1UdIwQY
MBaAFJWzARGwtyCiCfeIyLkPYDgLRlwuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmIt
OTE2NDZiZjAxNTNkLzEvbm1YQ0tsM0dNdWhvSVBwcjZ4SXpua3ZhSkUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmItOTE2NDZiZjAxNTNk
LzEvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDLhygAwQC
uQr4MA0GCSqGSIb3DQEBCwUAA4IBAQBR3NlgxKHMsy+N8DlZ530Z8hpnJUJILM+Y
UckKEwXEUzVLuuKyzDKwMcmAX+GcF+ZHNtasdAu9rEQtbALwtqtQJKkZDQJ4kMdK
Tws9uT4LSNADvLmdSvoHReYcWpcPxROVI1Umpml2LCzEyBGBPS4CQBO/MNFHiCtW
KSPn8xwlu+ag+RmAn6CJrYrIkyo5+exk+LOukDide29F0fIpW0Ct59UABzgKcVPt
kGmJl4h0/6P9f0o0qPtjEhCytGGvMMjLAdVXVO7t1FDtkXcYZAcZgypB1IikX+YO
pZTu8qUx/T3Jbh6jfQtyZcGMvfm7wbR7IYU9b350IE8CaboHdJjs
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:18 2024 by rpki-client on console-fra.rpki-client.org