Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/NOZLn0SzVI8coI9NbAmXWAXqGYw.roa
File: NOZLn0SzVI8coI9NbAmXWAXqGYw.roa (raw, json)
Hash identifier: +s+XiZb2yNGpi7KxBysbolSKVra9ss4RCtGcqWuVxeQ=
Subject key identifier: 34:E6:4B:9F:44:B3:54:8F:1C:A0:8F:4D:6C:09:97:58:05:EA:19:8C
Certificate issuer: /CN=14bee0ebd06b4b812f9e13716e25f1c3c3d14cc6
Certificate serial: 018CC5DBEDF94331A4E2ECDCD7672004CEBC
Authority key identifier: 14:BE:E0:EB:D0:6B:4B:81:2F:9E:13:71:6E:25:F1:C3:C3:D1:4C:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FL7g69BrS4EvnhNxbiXxw8PRTMY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/NOZLn0SzVI8coI9NbAmXWAXqGYw.roa
Signing time: Mon 01 Jan 2024 16:29:34 +0000
ROA not before: Mon 01 Jan 2024 16:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213035
IP address blocks: 37.0.9.0/24 maxlen: 24
37.0.13.0/24 maxlen: 24
37.0.12.0/24 maxlen: 24
85.202.170.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 04 Mar 2024 04:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:db:ed:f9:43:31:a4:e2:ec:dc:d7:67:20:04:ce:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=14bee0ebd06b4b812f9e13716e25f1c3c3d14cc6
Validity
Not Before: Jan 1 16:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=34e64b9f44b3548f1ca08f4d6c09975805ea198c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:7b:de:be:b6:85:99:39:6b:dd:35:cd:a0:69:
57:e6:43:b9:01:e2:03:fe:c5:3e:bb:4a:f4:b9:96:
03:70:0a:78:d9:a0:71:27:f9:17:19:3f:94:36:76:
82:87:ef:6e:00:83:7e:a8:cd:00:04:4f:59:a1:a3:
47:ab:d3:ed:9f:8c:78:54:1d:30:ae:10:9d:65:16:
67:ca:13:33:f6:a9:ed:88:33:63:bf:33:b4:09:cd:
65:7e:32:16:9a:78:ba:51:33:3e:e8:05:a9:ed:ba:
65:17:8d:c9:7a:a1:6c:43:76:e4:2b:48:53:55:6d:
09:7d:86:71:29:b6:e1:ee:fb:da:73:f9:29:a5:e7:
0e:76:da:94:77:4c:c7:73:8a:aa:b3:e9:d7:e4:02:
62:44:7c:8b:85:f2:d6:5d:47:f4:aa:2a:ea:00:29:
8e:18:c6:39:0f:df:5f:1b:36:83:cc:2d:91:a7:cb:
79:fd:3d:96:50:13:6b:0c:41:0d:b4:84:b2:a2:05:
93:f1:d3:ea:cd:26:c6:1c:9e:25:00:f9:0b:98:22:
c0:44:07:26:33:09:52:7a:71:9d:81:17:40:06:b5:
ec:49:66:11:d2:75:6b:6a:1b:b3:9b:08:f3:b3:9a:
64:5a:a3:7e:35:87:5b:7e:e6:b8:ed:af:2e:6a:eb:
c6:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:E6:4B:9F:44:B3:54:8F:1C:A0:8F:4D:6C:09:97:58:05:EA:19:8C
X509v3 Authority Key Identifier:
keyid:14:BE:E0:EB:D0:6B:4B:81:2F:9E:13:71:6E:25:F1:C3:C3:D1:4C:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FL7g69BrS4EvnhNxbiXxw8PRTMY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/NOZLn0SzVI8coI9NbAmXWAXqGYw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/FL7g69BrS4EvnhNxbiXxw8PRTMY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.0.9.0/24
37.0.12.0/23
85.202.170.0/23
Signature Algorithm: sha256WithRSAEncryption
40:6f:e4:1f:a5:4a:42:6d:df:b7:67:4d:58:c0:3a:77:24:ab:
f2:0d:c7:26:de:a7:e0:4c:bf:83:9a:89:87:74:b5:31:72:c2:
0f:e1:3d:45:40:c1:a8:7d:c3:15:51:b4:d3:a3:c6:29:a5:4d:
a0:6c:f4:8a:1d:96:2b:05:eb:f5:cf:93:59:6b:a7:cd:c5:3f:
90:97:9a:73:b3:7e:d7:82:8f:1b:04:6e:46:f8:c4:1a:29:2a:
d8:20:21:e9:c6:1f:33:55:42:34:dc:2e:cd:47:ad:c8:78:93:
44:2f:f1:d2:fe:ae:c8:88:f6:38:6a:64:8f:49:2a:74:e5:73:
8b:91:af:3e:82:22:fc:b9:25:92:82:54:d6:90:8e:7b:68:a6:
90:51:10:16:d7:cd:f2:80:08:83:3f:c8:5d:d2:da:a0:21:d0:
e8:e5:19:5a:19:23:d8:b7:60:14:c5:57:c3:d6:bf:16:6b:a1:
c0:d7:84:0e:66:67:6a:7a:c0:f6:51:18:16:b4:33:a6:c9:02:
a5:7b:08:1d:ea:00:4a:1f:41:de:f9:71:8d:df:46:1a:12:42:
ec:21:40:be:5d:ed:23:46:02:a9:4c:a7:c7:8b:b7:3b:62:02:
08:37:07:24:08:11:ed:00:cb:6c:59:c7:39:e5:92:94:6f:38:
ef:fb:f5:af
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzF2+35QzGk4uzc12cgBM68MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0YmVlMGViZDA2YjRiODEyZjllMTM3MTZlMjVmMWMzYzNk
MTRjYzYwHhcNMjQwMTAxMTYyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGU2NGI5ZjQ0YjM1NDhmMWNhMDhmNGQ2YzA5OTc1ODA1ZWExOThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArHvevraFmTlr3TXNoGlX5kO5AeID
/sU+u0r0uZYDcAp42aBxJ/kXGT+UNnaCh+9uAIN+qM0ABE9ZoaNHq9Ptn4x4VB0w
rhCdZRZnyhMz9qntiDNjvzO0Cc1lfjIWmni6UTM+6AWp7bplF43JeqFsQ3bkK0hT
VW0JfYZxKbbh7vvac/kppecOdtqUd0zHc4qqs+nX5AJiRHyLhfLWXUf0qirqACmO
GMY5D99fGzaDzC2Rp8t5/T2WUBNrDEENtISyogWT8dPqzSbGHJ4lAPkLmCLARAcm
MwlSenGdgRdABrXsSWYR0nVrahuzmwjzs5pkWqN+NYdbfua47a8uauvGnQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDTmS59Es1SPHKCPTWwJl1gF6hmMMB8GA1UdIwQY
MBaAFBS+4OvQa0uBL54TcW4l8cPD0UzGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkw3ZzY5QnJTNEV2bmhOeGJpWHh3OFBSVE1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8xNjFjM2YtYjgzZC00NWIxLWFhOGUt
ZDFiYjZiNGRkNzAxLzEvTk9aTG4wU3pWSThjb0k5TmJBbVhXQVhxR1l3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8xNjFjM2YtYjgzZC00NWIxLWFhOGUtZDFiYjZiNGRkNzAx
LzEvRkw3ZzY5QnJTNEV2bmhOeGJpWHh3OFBSVE1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAJQAJAwQB
JQAMAwQBVcqqMA0GCSqGSIb3DQEBCwUAA4IBAQBAb+QfpUpCbd+3Z01YwDp3JKvy
Dccm3qfgTL+DmomHdLUxcsIP4T1FQMGofcMVUbTTo8YppU2gbPSKHZYrBev1z5NZ
a6fNxT+Ql5pzs37Xgo8bBG5G+MQaKSrYICHpxh8zVUI03C7NR63IeJNEL/HS/q7I
iPY4amSPSSp05XOLka8+giL8uSWSglTWkI57aKaQURAW183ygAiDP8hd0tqgIdDo
5RlaGSPYt2AUxVfD1r8Wa6HA14QOZmdqesD2URgWtDOmyQKlewgd6gBKH0He+XGN
30YaEkLsIUC+Xe0jRgKpTKfHi7c7YgIINwckCBHtAMtsWcc55ZKUbzjv+/Wv
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:19:46 2025 by rpki-client