Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/NeGGEnxclVQQ-XVIUuNHdgPW9MI.roa
File: NeGGEnxclVQQ-XVIUuNHdgPW9MI.roa (raw, json)
Hash identifier: q3h37Gu4b6PRascm1WIDzXfB1CGE8VyJjE2/SL9UXCU=
Subject key identifier: 35:E1:86:12:7C:5C:95:54:10:F9:75:48:52:E3:47:76:03:D6:F4:C2
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 018E9EEC3B429C77FB023E7A29F8DA0E0BBD
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/NeGGEnxclVQQ-XVIUuNHdgPW9MI.roa
Signing time: Tue 02 Apr 2024 13:07:45 +0000
ROA not before: Tue 02 Apr 2024 13:07:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48031
IP address blocks: 46.149.173.0/24 maxlen: 24
194.59.246.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 08 Apr 2024 12:28:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:9e:ec:3b:42:9c:77:fb:02:3e:7a:29:f8:da:0e:0b:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Apr 2 13:07:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=35e186127c5c955410f9754852e3477603d6f4c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:f4:a1:83:41:97:49:02:49:a9:23:60:df:f7:
71:7e:3d:f5:80:36:a8:8c:bd:94:d2:00:e4:19:e3:
8f:03:2e:2d:d4:e7:e4:a9:ea:b4:c4:b7:a2:86:28:
fa:81:c1:db:e9:3c:e4:73:a9:a9:7e:de:69:13:bb:
6f:a8:e7:ef:26:f1:53:16:af:8f:68:81:7d:9d:79:
65:7c:0c:23:62:5d:64:25:e8:b9:6d:5e:83:b3:5d:
d0:03:db:df:da:29:10:16:49:81:38:74:1f:14:2e:
ba:ae:bf:d8:95:2d:10:26:fe:6e:9b:32:14:63:9e:
e7:89:6d:67:60:9c:29:d2:e9:8b:7c:f1:7f:c0:4d:
fa:4b:c9:55:de:34:a8:84:61:60:b4:92:c4:d1:7f:
bc:d7:30:86:e9:0d:0b:5d:43:4f:5b:12:87:6a:64:
d6:41:1e:36:d9:79:74:a5:db:98:dd:1d:74:58:b7:
98:fc:f9:4c:61:fc:1e:f3:2a:d2:24:6e:53:51:35:
81:8c:1c:94:36:0d:8f:98:b1:d7:2b:8f:fd:4a:4a:
14:dd:af:f1:9e:5c:cc:7a:2e:15:36:d4:f0:c6:56:
6a:a4:d1:92:1a:f7:18:ff:95:5a:7b:41:63:cd:6d:
4b:09:e3:29:56:a8:bd:49:11:ea:1f:fd:1a:0c:58:
83:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:E1:86:12:7C:5C:95:54:10:F9:75:48:52:E3:47:76:03:D6:F4:C2
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/NeGGEnxclVQQ-XVIUuNHdgPW9MI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.149.173.0/24
194.59.246.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:ce:58:f5:7f:31:a0:f2:38:52:76:f5:47:e4:c0:37:61:27:
a2:40:86:f0:8e:f5:bb:5d:59:27:3c:8c:74:b9:4e:4b:1a:38:
e1:d5:43:e0:00:52:61:a5:5c:09:58:78:30:df:79:aa:44:07:
3a:38:18:c0:2f:71:f9:14:92:f7:a1:01:5b:6b:9e:fb:a1:6d:
47:eb:c4:85:d1:52:d9:04:bc:82:b7:4f:08:4c:b1:32:09:5f:
ca:1d:33:5c:27:00:e2:05:f6:88:00:55:25:15:d1:06:da:75:
94:6e:7b:b8:26:47:5e:26:85:ce:b7:75:31:90:05:05:04:d0:
79:1a:a2:52:bc:97:0e:09:b1:4e:1a:01:cb:8a:ae:bc:ee:d8:
07:a5:09:e6:79:b5:f8:b6:3b:0d:b1:c1:21:b9:31:4c:b6:20:
18:35:83:36:b7:82:de:71:6b:f5:1c:96:d0:d0:eb:68:56:29:
cc:c0:58:68:64:ed:ff:d1:9b:a8:a5:1a:df:5c:6d:13:c8:25:
77:dd:4f:62:b0:98:f7:e8:fa:90:ca:1b:72:04:96:e0:0a:46:
3b:2c:c5:b3:17:30:0f:10:75:86:d6:ba:58:01:be:31:a3:18:
fe:6c:6f:80:d5:b8:b3:40:78:ee:b6:1d:36:c2:60:ee:04:73:
9c:16:b4:21
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY6e7DtCnHf7Aj56KfjaDgu9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQwNDAyMTMwNzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWUxODYxMjdjNWM5NTU0MTBmOTc1NDg1MmUzNDc3NjAzZDZmNGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApPShg0GXSQJJqSNg3/dxfj31gDao
jL2U0gDkGeOPAy4t1Ofkqeq0xLeihij6gcHb6Tzkc6mpft5pE7tvqOfvJvFTFq+P
aIF9nXllfAwjYl1kJei5bV6Ds13QA9vf2ikQFkmBOHQfFC66rr/YlS0QJv5umzIU
Y57niW1nYJwp0umLfPF/wE36S8lV3jSohGFgtJLE0X+81zCG6Q0LXUNPWxKHamTW
QR422Xl0pduY3R10WLeY/PlMYfwe8yrSJG5TUTWBjByUNg2PmLHXK4/9SkoU3a/x
nlzMei4VNtTwxlZqpNGSGvcY/5Vae0FjzW1LCeMpVqi9SRHqH/0aDFiDdQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDXhhhJ8XJVUEPl1SFLjR3YD1vTCMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvTmVHR0VueGNsVlFRLVhWSVV1TkhkZ1BXOU1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALpWtAwQA
wjv2MA0GCSqGSIb3DQEBCwUAA4IBAQBrzlj1fzGg8jhSdvVH5MA3YSeiQIbwjvW7
XVknPIx0uU5LGjjh1UPgAFJhpVwJWHgw33mqRAc6OBjAL3H5FJL3oQFba577oW1H
68SF0VLZBLyCt08ITLEyCV/KHTNcJwDiBfaIAFUlFdEG2nWUbnu4JkdeJoXOt3Ux
kAUFBNB5GqJSvJcOCbFOGgHLiq687tgHpQnmebX4tjsNscEhuTFMtiAYNYM2t4Le
cWv1HJbQ0OtoVinMwFhoZO3/0ZuopRrfXG0TyCV33U9isJj36PqQyhtyBJbgCkY7
LMWzFzAPEHWG1rpYAb4xoxj+bG+A1bizQHjuth02wmDuBHOcFrQh
-----END CERTIFICATE-----
Generated at Mon Apr 8 16:48:51 2024 by rpki-client on console-ams.rpki-client.org