Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/855002-d823-41fe-8f9a-718fd195c5eb/1/NNslRT1uNvIf-FOaYbC2phnchIw.roa
File: NNslRT1uNvIf-FOaYbC2phnchIw.roa (raw, json)
Hash identifier: I5VpyMIoKUPAisaysLqkAgYPPgdB/6mUGBTV7BoWH3I=
Subject key identifier: 34:DB:25:45:3D:6E:36:F2:1F:F8:53:9A:61:B0:B6:A6:19:DC:84:8C
Certificate issuer: /CN=f73cdc6751d7c59073e4b706402d3691af09086f
Certificate serial: 019386365D9FDC3EE60B8CF9B3C4188FB4AB
Authority key identifier: F7:3C:DC:67:51:D7:C5:90:73:E4:B7:06:40:2D:36:91:AF:09:08:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9zzcZ1HXxZBz5LcGQC02ka8JCG8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/855002-d823-41fe-8f9a-718fd195c5eb/1/NNslRT1uNvIf-FOaYbC2phnchIw.roa
Signing time: Mon 02 Dec 2024 07:12:10 +0000
ROA not before: Mon 02 Dec 2024 07:12:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 52056
IP address blocks: 45.82.16.0/22 maxlen: 22
45.82.16.0/23 maxlen: 23
46.23.160.0/20 maxlen: 20
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:48:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:86:36:5d:9f:dc:3e:e6:0b:8c:f9:b3:c4:18:8f:b4:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f73cdc6751d7c59073e4b706402d3691af09086f
Validity
Not Before: Dec 2 07:12:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=34db25453d6e36f21ff8539a61b0b6a619dc848c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:7c:e3:7e:e8:b6:50:17:a0:80:a2:49:1d:cb:
e6:cf:96:c4:2b:7c:b7:3f:a8:da:5f:70:f8:1e:e7:
ff:5a:93:ff:10:52:a6:37:86:1f:b5:fd:3a:84:33:
6d:06:d2:92:29:50:a4:96:10:76:d6:ae:02:92:e6:
75:25:db:01:a8:be:3b:c7:6e:a7:99:45:0a:6d:a0:
df:97:85:08:b0:b2:76:8e:ec:d0:23:a8:9f:07:11:
26:bb:e9:da:5e:53:25:bd:22:62:34:cc:0b:6d:fa:
1d:c1:14:6d:aa:57:1b:fb:9f:bb:05:56:21:7f:04:
f4:de:55:95:45:41:93:fc:0c:df:e0:06:4a:c9:e4:
e9:84:75:50:93:b2:71:4a:ce:6b:3b:9d:d3:42:33:
b3:c7:fc:5d:2e:ca:00:22:37:0e:64:cc:ef:f0:a8:
c1:c4:da:f5:7d:91:07:65:19:cd:ed:ff:01:eb:3e:
b5:0c:94:e2:bd:f7:76:e7:97:e9:1e:d4:2e:3c:b0:
bd:6d:92:aa:5f:92:a9:38:1d:ad:e1:5e:5c:12:27:
d0:10:9a:b8:73:2c:9d:50:8a:ff:e5:e6:6b:22:53:
fb:9a:5b:6e:a3:ee:5a:df:f8:0a:59:0d:47:47:bf:
51:9a:41:2f:c5:09:52:c3:2c:14:24:74:e8:5c:e2:
aa:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:DB:25:45:3D:6E:36:F2:1F:F8:53:9A:61:B0:B6:A6:19:DC:84:8C
X509v3 Authority Key Identifier:
keyid:F7:3C:DC:67:51:D7:C5:90:73:E4:B7:06:40:2D:36:91:AF:09:08:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9zzcZ1HXxZBz5LcGQC02ka8JCG8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/855002-d823-41fe-8f9a-718fd195c5eb/1/NNslRT1uNvIf-FOaYbC2phnchIw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/855002-d823-41fe-8f9a-718fd195c5eb/1/9zzcZ1HXxZBz5LcGQC02ka8JCG8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.82.16.0/22
46.23.160.0/20
Signature Algorithm: sha256WithRSAEncryption
97:9f:4a:be:cd:07:71:b5:aa:bf:07:e5:c6:2e:8b:cd:6d:41:
25:c3:8b:2a:18:a3:6a:64:84:c9:e7:c6:ec:c5:a8:fe:b8:41:
f7:f9:12:a6:22:ac:40:ad:c3:7a:92:20:30:1e:86:98:31:93:
82:f3:63:40:a2:a7:fe:58:9e:dd:61:27:e8:7f:53:82:59:cb:
52:b2:ea:24:27:87:ec:d3:6c:b2:b0:38:d1:70:5b:88:df:b3:
5a:d5:b7:8e:0e:7c:47:2c:3d:47:7a:f0:9d:00:7f:55:2d:24:
45:46:0b:2e:f3:16:50:62:3d:06:05:02:76:e8:c9:5c:9d:fd:
c3:07:e0:b1:41:73:a4:7a:7d:bf:34:a1:01:8c:36:6f:0a:cd:
c8:63:fa:7d:a5:8a:ed:2e:ac:ac:59:6a:01:c5:7b:f7:98:f5:
a4:f0:24:3f:fd:1f:63:f2:15:65:25:b4:00:0d:28:90:99:4c:
1e:2e:86:b1:79:9c:c1:e9:7e:e6:14:1a:89:fd:19:c3:99:38:
ee:a6:db:62:3f:44:8e:85:77:62:86:ad:45:60:a0:2b:ab:f6:
3f:1e:06:15:f1:a8:94:e5:e2:e9:93:3d:28:74:e0:76:a0:8e:
f7:41:4b:a7:9c:a8:0d:c7:49:a1:69:37:bd:d8:a6:af:bb:2f:
f3:a7:e0:ae
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZOGNl2f3D7mC4z5s8QYj7SrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3M2NkYzY3NTFkN2M1OTA3M2U0YjcwNjQwMmQzNjkxYWYw
OTA4NmYwHhcNMjQxMjAyMDcxMjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGRiMjU0NTNkNmUzNmYyMWZmODUzOWE2MWIwYjZhNjE5ZGM4NDhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw3zjfui2UBeggKJJHcvmz5bEK3y3
P6jaX3D4Huf/WpP/EFKmN4Yftf06hDNtBtKSKVCklhB21q4CkuZ1JdsBqL47x26n
mUUKbaDfl4UIsLJ2juzQI6ifBxEmu+naXlMlvSJiNMwLbfodwRRtqlcb+5+7BVYh
fwT03lWVRUGT/Azf4AZKyeTphHVQk7JxSs5rO53TQjOzx/xdLsoAIjcOZMzv8KjB
xNr1fZEHZRnN7f8B6z61DJTivfd255fpHtQuPLC9bZKqX5KpOB2t4V5cEifQEJq4
cyydUIr/5eZrIlP7mltuo+5a3/gKWQ1HR79RmkEvxQlSwywUJHToXOKqPwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDTbJUU9bjbyH/hTmmGwtqYZ3ISMMB8GA1UdIwQY
MBaAFPc83GdR18WQc+S3BkAtNpGvCQhvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXp6Y1oxSFh4WkJ6NUxjR1FDMDJrYThKQ0c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS84NTUwMDItZDgyMy00MWZlLThmOWEt
NzE4ZmQxOTVjNWViLzEvTk5zbFJUMXVOdklmLUZPYVliQzJwaG5jaEl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS84NTUwMDItZDgyMy00MWZlLThmOWEtNzE4ZmQxOTVjNWVi
LzEvOXp6Y1oxSFh4WkJ6NUxjR1FDMDJrYThKQ0c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLVIQAwQE
LhegMA0GCSqGSIb3DQEBCwUAA4IBAQCXn0q+zQdxtaq/B+XGLovNbUElw4sqGKNq
ZITJ58bsxaj+uEH3+RKmIqxArcN6kiAwHoaYMZOC82NAoqf+WJ7dYSfof1OCWctS
suokJ4fs02yysDjRcFuI37Na1beODnxHLD1HevCdAH9VLSRFRgsu8xZQYj0GBQJ2
6Mlcnf3DB+CxQXOken2/NKEBjDZvCs3IY/p9pYrtLqysWWoBxXv3mPWk8CQ//R9j
8hVlJbQADSiQmUweLoaxeZzB6X7mFBqJ/RnDmTjupttiP0SOhXdihq1FYKArq/Y/
HgYV8aiU5eLpkz0odOB2oI73QUunnKgNx0mhaTe92Kavuy/zp+Cu
-----END CERTIFICATE-----
Generated at Sun Apr 13 08:55:17 2025 by rpki-client