Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/nkbcL1G-EIAp8FQ9Rwvia5bqofU.roa
File: nkbcL1G-EIAp8FQ9Rwvia5bqofU.roa (raw, json)
Hash identifier: 3O+jiCkNOEFJZd+KXlwyKzidrSyRmUq51d7nvux0UdU=
Subject key identifier: 9E:46:DC:2F:51:BE:10:80:29:F0:54:3D:47:0B:E2:6B:96:EA:A1:F5
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 01927AE837DD65FD18BE470C0837DA405BB4
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/nkbcL1G-EIAp8FQ9Rwvia5bqofU.roa
Signing time: Fri 11 Oct 2024 09:28:11 +0000
ROA not before: Fri 11 Oct 2024 09:28:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 267507
IP address blocks: 37.202.218.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:48:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:7a:e8:37:dd:65:fd:18:be:47:0c:08:37:da:40:5b:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Oct 11 09:28:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9e46dc2f51be108029f0543d470be26b96eaa1f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:d6:ec:b7:aa:6c:90:47:bf:ee:1b:6d:24:45:
47:ad:c5:0b:8f:cd:85:bc:da:c0:87:ee:7e:97:ba:
86:d7:a9:60:ee:05:84:f4:9d:a1:85:f3:d1:cc:85:
3c:49:4e:88:5a:13:3e:db:3f:6d:6f:23:f2:6c:30:
8b:1e:27:8c:2b:72:de:4a:aa:77:c2:01:32:cb:ee:
d8:60:d7:47:f1:d4:1c:52:bb:e6:0f:52:3e:9b:e9:
64:4d:02:10:6a:6b:d6:a9:8d:b9:d7:94:87:e9:24:
b1:33:b6:86:85:d9:40:7b:77:85:f6:7a:e0:86:a3:
f1:e4:54:84:bd:f0:02:e3:74:97:a4:28:5d:66:5f:
e4:cb:f7:20:64:11:96:47:a1:a9:71:69:46:ad:b5:
5b:14:4d:2a:fe:d7:b1:fc:87:e5:eb:c7:24:30:d9:
72:2d:24:2c:0b:cc:49:20:b2:9f:f1:2c:47:c4:6b:
01:6c:66:2d:7e:4e:3d:da:df:4f:d2:c8:ce:56:95:
63:52:20:aa:3d:81:c8:1c:e5:5f:b6:e9:28:58:7c:
1e:02:81:d3:a3:a5:6f:86:c7:f3:42:50:31:1d:1a:
ce:1c:94:88:38:e5:68:91:21:24:2f:94:a6:5c:7f:
e4:00:b8:22:97:2b:11:dd:66:8b:33:41:fe:43:1e:
7c:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:46:DC:2F:51:BE:10:80:29:F0:54:3D:47:0B:E2:6B:96:EA:A1:F5
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/nkbcL1G-EIAp8FQ9Rwvia5bqofU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.218.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:17:d4:ed:23:2e:15:3b:a1:92:ea:1b:9a:4b:ef:d4:5e:a2:
dc:bc:ed:34:6c:d3:dc:f6:74:03:3d:9b:78:44:f7:c1:b6:77:
ce:ad:65:55:f1:06:0e:0f:b8:d4:7a:c3:d9:58:83:d7:b4:93:
9c:33:9c:ff:20:58:36:18:8b:d3:93:bb:33:b0:77:36:2a:d8:
34:24:ff:7e:f7:7b:31:a3:3d:22:59:8f:fd:84:07:cb:20:e7:
17:a9:03:a3:d9:aa:39:47:07:f6:cb:12:e9:61:8c:db:4e:44:
f7:3a:78:c3:19:fb:0c:44:57:9a:d4:79:79:1a:f0:dc:36:cb:
13:08:65:6e:63:71:0f:02:c9:27:11:5a:9f:83:12:18:cb:3e:
dc:39:e9:b9:c9:4a:e5:69:d1:73:f0:0d:6f:cc:a2:f8:ff:e3:
ad:aa:af:7b:6a:c7:9d:92:1a:8a:a4:a4:37:60:1d:eb:05:f7:
5f:79:d2:e6:2d:aa:f0:a7:e9:89:79:98:9f:57:24:e1:66:e0:
5c:c8:a2:10:11:ca:33:83:f8:f7:f1:85:0c:0f:dc:87:90:89:
1c:f7:b6:78:d6:e4:03:11:90:ec:87:7d:48:30:2d:2c:eb:33:
0f:f5:6a:c5:30:38:9f:ef:89:49:33:b0:00:bc:6d:cb:12:59:
db:3f:06:a7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZJ66DfdZf0YvkcMCDfaQFu0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjQxMDExMDkyODExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTQ2ZGMyZjUxYmUxMDgwMjlmMDU0M2Q0NzBiZTI2Yjk2ZWFhMWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAttbst6pskEe/7httJEVHrcULj82F
vNrAh+5+l7qG16lg7gWE9J2hhfPRzIU8SU6IWhM+2z9tbyPybDCLHieMK3LeSqp3
wgEyy+7YYNdH8dQcUrvmD1I+m+lkTQIQamvWqY2515SH6SSxM7aGhdlAe3eF9nrg
hqPx5FSEvfAC43SXpChdZl/ky/cgZBGWR6GpcWlGrbVbFE0q/tex/Ifl68ckMNly
LSQsC8xJILKf8SxHxGsBbGYtfk492t9P0sjOVpVjUiCqPYHIHOVftukoWHweAoHT
o6VvhsfzQlAxHRrOHJSIOOVokSEkL5SmXH/kALgilysR3WaLM0H+Qx58xQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ5G3C9RvhCAKfBUPUcL4muW6qH1MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvbmtiY0wxRy1FSUFwOEZROVJ3dmlhNWJxb2ZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJcraMA0G
CSqGSIb3DQEBCwUAA4IBAQA8F9TtIy4VO6GS6huaS+/UXqLcvO00bNPc9nQDPZt4
RPfBtnfOrWVV8QYOD7jUesPZWIPXtJOcM5z/IFg2GIvTk7szsHc2Ktg0JP9+93sx
oz0iWY/9hAfLIOcXqQOj2ao5Rwf2yxLpYYzbTkT3OnjDGfsMRFea1Hl5GvDcNssT
CGVuY3EPAsknEVqfgxIYyz7cOem5yUrladFz8A1vzKL4/+Otqq97asedkhqKpKQ3
YB3rBfdfedLmLarwp+mJeZifVyThZuBcyKIQEcozg/j38YUMD9yHkIkc97Z41uQD
EZDsh31IMC0s6zMP9WrFMDif74lJM7AAvG3LElnbPwan
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:26:01 2025 by rpki-client