Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/f8ae47-0ed4-4681-9c12-fa1260850709/1/NLMtAJen2k655e6xBiP-pYl1I48.roa
File: NLMtAJen2k655e6xBiP-pYl1I48.roa (raw, json)
Hash identifier: Y6XYM7+NtMXF2HbnjcMY7XLhpUJk4yZ5xd/NepZSW3U=
Subject key identifier: 34:B3:2D:00:97:A7:DA:4E:B9:E5:EE:B1:06:23:FE:A5:89:75:23:8F
Certificate issuer: /CN=5349c2d00ba46be9244b76194baa10f33ce3462c
Certificate serial: 018BA8E75B37D997ECF13E1D0230FD4AED3F
Authority key identifier: 53:49:C2:D0:0B:A4:6B:E9:24:4B:76:19:4B:AA:10:F3:3C:E3:46:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U0nC0Auka-kkS3YZS6oQ8zzjRiw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/f8ae47-0ed4-4681-9c12-fa1260850709/1/NLMtAJen2k655e6xBiP-pYl1I48.roa
Signing time: Tue 07 Nov 2023 08:30:16 +0000
ROA not before: Tue 07 Nov 2023 08:30:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20712
IP address blocks: 176.123.222.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a8:e7:5b:37:d9:97:ec:f1:3e:1d:02:30:fd:4a:ed:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5349c2d00ba46be9244b76194baa10f33ce3462c
Validity
Not Before: Nov 7 08:30:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=34b32d0097a7da4eb9e5eeb10623fea58975238f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:3b:c0:f5:1d:b8:c5:f5:96:5a:b3:5f:4b:cf:
1c:e3:a8:d1:8a:fe:9a:0c:2f:66:3c:fc:e5:c6:fe:
80:14:2b:7b:0a:98:5c:08:20:20:9a:f3:1b:71:84:
42:4d:ae:74:7a:5a:d1:bd:56:e0:5c:1f:b7:7c:14:
90:66:ba:62:fc:da:b7:38:8d:02:8f:50:a8:87:57:
c6:af:68:d9:65:d5:d0:c9:b6:b8:69:1d:ca:5d:ca:
01:0a:78:69:25:b1:25:96:62:f9:e9:81:00:65:da:
77:94:61:f0:66:4d:d5:be:a4:27:35:f4:bf:ca:37:
cc:fd:ce:70:04:44:6b:8b:9f:d8:42:2a:38:37:40:
31:88:5e:de:83:93:fa:e3:5c:c3:eb:4c:b5:ff:2f:
2b:f7:df:15:a0:13:e8:f8:c2:fc:35:e7:91:7b:47:
aa:a6:0e:98:53:7a:0e:4b:88:29:68:e8:41:9d:dd:
db:47:ff:9d:12:2a:26:4f:ba:34:38:d6:2a:de:fa:
4a:b9:54:02:37:44:ed:27:2a:e1:3e:94:e4:ef:fa:
3d:a8:86:c0:84:81:4e:9d:99:47:4b:ba:9c:8d:23:
ac:21:24:ab:bc:89:fe:1c:49:76:e1:88:5f:78:ed:
52:08:75:34:62:8c:6f:2e:9a:d3:be:4b:ce:96:2c:
8b:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:B3:2D:00:97:A7:DA:4E:B9:E5:EE:B1:06:23:FE:A5:89:75:23:8F
X509v3 Authority Key Identifier:
keyid:53:49:C2:D0:0B:A4:6B:E9:24:4B:76:19:4B:AA:10:F3:3C:E3:46:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U0nC0Auka-kkS3YZS6oQ8zzjRiw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/f8ae47-0ed4-4681-9c12-fa1260850709/1/NLMtAJen2k655e6xBiP-pYl1I48.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/f8ae47-0ed4-4681-9c12-fa1260850709/1/U0nC0Auka-kkS3YZS6oQ8zzjRiw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.123.222.0/24
Signature Algorithm: sha256WithRSAEncryption
65:63:a5:94:a4:99:7c:b5:e3:da:e3:81:76:6f:07:e5:63:80:
e5:f8:a4:8c:dc:ed:ce:c2:dd:3f:d6:8a:cf:98:f3:95:c0:a8:
82:c5:d0:64:10:0b:ef:8c:5d:b5:e2:a6:37:10:c6:2b:ab:84:
fe:87:34:fe:6e:13:c4:e5:dc:56:bb:c5:bc:44:36:be:a1:dd:
ad:03:2e:c4:56:9c:e7:7f:80:eb:1c:d2:bd:20:f4:e8:79:ab:
3d:21:95:9a:3a:90:81:bd:a7:da:d8:97:c4:95:f1:78:3c:b1:
4f:6a:a6:24:6d:44:79:21:31:5c:e8:f3:12:3b:4a:4c:fa:05:
1c:1b:1c:50:28:25:39:c6:51:cd:74:ef:16:e2:16:fb:1d:ee:
f0:0e:d5:f9:9d:2a:93:bd:a3:40:fc:27:fd:1b:3e:8a:cd:79:
57:a4:31:ee:c5:fa:a6:f3:3e:dd:9d:89:27:42:b9:b4:40:e1:
61:6f:91:4c:9f:db:18:7d:5e:96:58:e9:17:73:73:23:d2:07:
85:88:fc:19:29:37:e9:ea:20:c6:71:db:44:64:05:b1:53:40:
6e:32:50:18:bc:a5:ad:38:d5:b4:90:16:63:c1:8c:79:79:c7:
cd:b2:e1:a3:c5:57:5f:17:da:cd:52:fc:6f:ad:30:53:3b:a5:
1b:79:ab:db
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYuo51s32Zfs8T4dAjD9Su0/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzNDljMmQwMGJhNDZiZTkyNDRiNzYxOTRiYWExMGYzM2Nl
MzQ2MmMwHhcNMjMxMTA3MDgzMDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGIzMmQwMDk3YTdkYTRlYjllNWVlYjEwNjIzZmVhNTg5NzUyMzhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmzvA9R24xfWWWrNfS88c46jRiv6a
DC9mPPzlxv6AFCt7CphcCCAgmvMbcYRCTa50elrRvVbgXB+3fBSQZrpi/Nq3OI0C
j1Coh1fGr2jZZdXQyba4aR3KXcoBCnhpJbEllmL56YEAZdp3lGHwZk3VvqQnNfS/
yjfM/c5wBERri5/YQio4N0AxiF7eg5P641zD60y1/y8r998VoBPo+ML8NeeRe0eq
pg6YU3oOS4gpaOhBnd3bR/+dEiomT7o0ONYq3vpKuVQCN0TtJyrhPpTk7/o9qIbA
hIFOnZlHS7qcjSOsISSrvIn+HEl24YhfeO1SCHU0YoxvLprTvkvOliyL1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDSzLQCXp9pOueXusQYj/qWJdSOPMB8GA1UdIwQY
MBaAFFNJwtALpGvpJEt2GUuqEPM840YsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTBuQzBBdWthLWtrUzNZWlM2b1E4enpqUml3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9mOGFlNDctMGVkNC00NjgxLTljMTIt
ZmExMjYwODUwNzA5LzEvTkxNdEFKZW4yazY1NWU2eEJpUC1wWWwxSTQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9mOGFlNDctMGVkNC00NjgxLTljMTItZmExMjYwODUwNzA5
LzEvVTBuQzBBdWthLWtrUzNZWlM2b1E4enpqUml3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsHveMA0G
CSqGSIb3DQEBCwUAA4IBAQBlY6WUpJl8tePa44F2bwflY4Dl+KSM3O3Owt0/1orP
mPOVwKiCxdBkEAvvjF214qY3EMYrq4T+hzT+bhPE5dxWu8W8RDa+od2tAy7EVpzn
f4DrHNK9IPToeas9IZWaOpCBvafa2JfElfF4PLFPaqYkbUR5ITFc6PMSO0pM+gUc
GxxQKCU5xlHNdO8W4hb7He7wDtX5nSqTvaNA/Cf9Gz6KzXlXpDHuxfqm8z7dnYkn
Qrm0QOFhb5FMn9sYfV6WWOkXc3Mj0geFiPwZKTfp6iDGcdtEZAWxU0BuMlAYvKWt
ONW0kBZjwYx5ecfNsuGjxVdfF9rNUvxvrTBTO6Ubeavb
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:19:28 2024 by rpki-client on console-fra.rpki-client.org