Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Nox6RDJTnzq_2LxsQYFOq_9ZpOM.roa
File: Nox6RDJTnzq_2LxsQYFOq_9ZpOM.roa (raw, json)
Hash identifier: PodfiXXRAtKtmFPiMckO0HdR5fYL4YIdwn+otsujPRE=
Subject key identifier: 36:8C:7A:44:32:53:9F:3A:BF:D8:BC:6C:41:81:4E:AB:FF:59:A4:E3
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 019463B1EBAACC56529B68249BBBC3A4CBE5
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Nox6RDJTnzq_2LxsQYFOq_9ZpOM.roa
Signing time: Tue 14 Jan 2025 07:23:12 +0000
ROA not before: Tue 14 Jan 2025 07:23:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48795
IP address blocks: 45.12.68.0/23 maxlen: 23
185.238.188.0/22 maxlen: 24
193.58.239.0/24 maxlen: 24
194.50.111.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 15 Jan 2025 14:56:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:63:b1:eb:aa:cc:56:52:9b:68:24:9b:bb:c3:a4:cb:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 14 07:23:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=368c7a4432539f3abfd8bc6c41814eabff59a4e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:c9:a2:8c:78:92:07:70:6e:6b:eb:b3:11:bf:
75:c2:fc:08:a3:cc:17:ee:a7:75:1a:63:89:77:b4:
14:be:6a:ee:8a:08:db:1b:dd:d3:27:32:75:3d:01:
bb:13:a0:4b:d3:65:29:40:14:1a:18:28:26:b8:8c:
4d:73:d6:18:6c:6a:ed:c4:f3:6b:04:6b:20:f5:cf:
98:8c:05:44:d6:cc:76:a9:90:8b:fb:44:1f:71:06:
2d:fc:d5:ab:5d:24:36:35:5d:51:2b:ea:99:21:13:
47:d5:fa:a9:e5:e5:69:46:3a:59:52:da:49:16:a6:
25:e6:f0:9a:ce:98:05:ca:0b:d7:f0:f9:92:cb:5e:
dd:bd:89:da:02:ba:12:9d:f8:f4:72:c3:f3:c8:51:
8a:52:92:34:78:a7:d7:6c:29:4f:09:91:6c:04:ec:
4c:c9:da:db:1f:bf:cc:54:9b:c9:6d:73:61:84:53:
b0:eb:e3:d4:4b:3b:16:ee:4b:b9:4c:0a:9a:cf:82:
45:99:0b:b6:c5:bb:15:19:34:ff:e7:f2:75:a2:a7:
7b:82:29:06:af:2a:35:97:88:fe:d8:bd:89:10:db:
70:df:0a:7f:f4:c2:76:5d:c7:94:ec:06:a0:f1:09:
0c:a5:65:7d:0b:60:4f:2f:d0:2b:3b:2b:86:51:82:
93:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:8C:7A:44:32:53:9F:3A:BF:D8:BC:6C:41:81:4E:AB:FF:59:A4:E3
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Nox6RDJTnzq_2LxsQYFOq_9ZpOM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.68.0/23
185.238.188.0/22
193.58.239.0/24
194.50.111.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:1e:6c:56:aa:74:d6:34:06:15:27:77:1b:94:d3:0b:df:46:
63:70:9e:d7:b8:81:a7:a3:89:f8:f2:19:2e:0a:1e:15:6a:e1:
d8:84:40:4f:bd:6a:9a:1c:c9:b0:e1:16:fa:b1:e7:7e:5b:e0:
29:1a:96:33:11:86:c3:e8:ee:a0:09:ef:e0:f6:83:02:88:20:
4f:59:a1:92:f7:43:26:76:ee:69:f3:ff:4c:95:bf:22:05:72:
73:f1:60:ea:31:e4:a4:b5:eb:3e:4f:71:a5:06:bf:25:fc:57:
c2:da:b7:ed:17:68:12:cc:73:22:5a:49:39:c6:b9:86:1a:31:
70:14:8b:9f:62:9a:a8:4b:d9:c6:96:f3:a3:b3:18:b0:b3:92:
ef:f1:17:40:52:b4:d1:04:78:30:ba:7c:79:c3:1c:a6:3a:ae:
78:7f:ae:16:88:ed:93:40:d6:f5:3f:f5:c9:6f:4c:61:8b:52:
df:2d:5b:da:42:ca:6a:fb:25:4d:7f:19:45:80:26:93:6f:67:
8f:5e:32:21:73:17:62:dd:e8:c4:ac:a2:4a:bb:df:fb:65:11:
1c:59:c8:82:bc:e8:e2:2e:b0:0f:c7:3c:d0:f3:b3:ed:e2:26:
92:ae:35:fa:54:21:d4:d7:93:6f:9c:77:6a:be:45:ba:0d:12:
3f:c8:b1:c9
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZRjseuqzFZSm2gkm7vDpMvlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMTE0MDcyMzEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjhjN2E0NDMyNTM5ZjNhYmZkOGJjNmM0MTgxNGVhYmZmNTlhNGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtcmijHiSB3Bua+uzEb91wvwIo8wX
7qd1GmOJd7QUvmruigjbG93TJzJ1PQG7E6BL02UpQBQaGCgmuIxNc9YYbGrtxPNr
BGsg9c+YjAVE1sx2qZCL+0QfcQYt/NWrXSQ2NV1RK+qZIRNH1fqp5eVpRjpZUtpJ
FqYl5vCazpgFygvX8PmSy17dvYnaAroSnfj0csPzyFGKUpI0eKfXbClPCZFsBOxM
ydrbH7/MVJvJbXNhhFOw6+PUSzsW7ku5TAqaz4JFmQu2xbsVGTT/5/J1oqd7gikG
ryo1l4j+2L2JENtw3wp/9MJ2XceU7Aag8QkMpWV9C2BPL9ArOyuGUYKT8wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDaMekQyU586v9i8bEGBTqv/WaTjMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvTm94NlJESlRuenFfMkx4c1FZRk9xXzlacE9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBLQxEAwQC
ue68AwQAwTrvAwQAwjJvMA0GCSqGSIb3DQEBCwUAA4IBAQA8HmxWqnTWNAYVJ3cb
lNML30ZjcJ7XuIGno4n48hkuCh4VauHYhEBPvWqaHMmw4Rb6sed+W+ApGpYzEYbD
6O6gCe/g9oMCiCBPWaGS90Mmdu5p8/9Mlb8iBXJz8WDqMeSktes+T3GlBr8l/FfC
2rftF2gSzHMiWkk5xrmGGjFwFIufYpqoS9nGlvOjsxiws5Lv8RdAUrTRBHgwunx5
wxymOq54f64WiO2TQNb1P/XJb0xhi1LfLVvaQspq+yVNfxlFgCaTb2ePXjIhcxdi
3ejErKJKu9/7ZREcWciCvOjiLrAPxzzQ87Pt4iaSrjX6VCHU15NvnHdqvkW6DRI/
yLHJ
-----END CERTIFICATE-----
Generated at Wed Feb 5 07:01:33 2025 by rpki-client