Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/NmKq3a7_Lsg_C-anvlpjZhX0OHw.roa
File: NmKq3a7_Lsg_C-anvlpjZhX0OHw.roa (raw, json)
Hash identifier: jRAFTDzXmxCAAxxLNXTmtkBa5N8/B+uqegFRr5JAVzI=
Subject key identifier: 36:62:AA:DD:AE:FF:2E:C8:3F:0B:E6:A7:BE:5A:63:66:15:F4:38:7C
Certificate issuer: /CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Certificate serial: 0192FB7FACF2ADB8C1F505654FC9D7B6994B
Authority key identifier: 65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/NmKq3a7_Lsg_C-anvlpjZhX0OHw.roa
Signing time: Tue 05 Nov 2024 08:45:01 +0000
ROA not before: Tue 05 Nov 2024 08:45:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51765
IP address blocks: 195.216.160.0/24 maxlen: 24
195.216.186.0/24 maxlen: 24
195.216.189.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:54:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:fb:7f:ac:f2:ad:b8:c1:f5:05:65:4f:c9:d7:b6:99:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Validity
Not Before: Nov 5 08:45:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3662aaddaeff2ec83f0be6a7be5a636615f4387c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:9a:3a:96:07:63:c6:48:78:c9:82:86:6b:a8:
fa:5c:79:41:6c:2f:6b:12:30:8e:08:9d:1e:91:0b:
98:23:28:14:cc:39:dc:83:49:6d:61:6f:a2:f8:e2:
41:9b:37:da:c7:f5:7f:c2:18:fc:61:09:72:8a:ef:
d2:0b:48:c9:bf:d1:e4:be:5e:14:7c:ae:89:f4:f3:
f8:cb:49:98:1f:79:3e:b5:b0:ab:86:a1:6a:18:ed:
eb:71:8a:46:1b:4e:26:d9:6c:46:d6:30:20:5a:13:
f9:e5:50:5d:b0:7e:b4:36:94:85:39:8e:96:3b:0e:
21:12:99:23:44:9a:eb:6c:50:65:5b:31:03:29:c6:
41:10:e4:4e:bd:a8:99:82:9c:e3:31:f4:42:93:c5:
73:f6:f5:88:eb:4a:d2:2c:af:a8:9f:c4:18:2b:2c:
bc:d7:66:2a:91:e4:e5:db:48:94:14:89:ac:20:17:
9a:6e:d6:9a:78:9e:9f:77:e8:ab:77:6b:57:46:4c:
46:88:54:ec:a0:5f:ff:ac:82:64:1b:87:0e:25:65:
48:8a:03:61:d2:b7:d8:a6:a3:fc:ff:9c:1a:b9:e5:
81:ac:cc:d2:b8:7b:bf:b1:d3:93:ed:0c:80:cf:32:
1e:ff:2f:9e:20:7e:d1:ec:35:9c:3f:07:73:7e:87:
9d:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:62:AA:DD:AE:FF:2E:C8:3F:0B:E6:A7:BE:5A:63:66:15:F4:38:7C
X509v3 Authority Key Identifier:
keyid:65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/NmKq3a7_Lsg_C-anvlpjZhX0OHw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ZbfWaZg1v-moCB38EU3xv20hXac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.216.160.0/24
195.216.186.0/24
195.216.189.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:0f:d4:51:c3:01:64:e2:69:e7:20:dc:d5:47:9d:0d:8e:24:
fb:5e:68:f5:09:d3:a6:0e:f0:cf:b4:fa:06:4c:90:4b:15:38:
ee:d1:b8:c6:f2:90:de:ff:04:e1:5e:6f:87:1d:48:57:68:6f:
d6:42:a1:d1:02:76:4c:b7:d6:03:8f:4d:3e:a3:91:e3:04:b0:
34:a8:96:4a:02:3f:b2:ac:c5:12:ab:56:91:cf:c7:84:aa:6f:
a9:3f:a2:f5:fc:06:e2:3c:26:d6:d7:86:a3:8f:0a:be:64:bd:
3e:26:1b:cf:b7:e9:89:3b:a8:22:a5:c9:76:92:d6:54:11:a1:
c9:98:62:88:b1:c1:53:78:70:b3:32:e9:c5:a3:cd:7b:8f:2c:
3c:23:6f:4f:94:44:ee:75:20:a9:cf:f9:d3:7d:be:87:16:a9:
63:0b:9c:5b:03:90:b2:6d:6c:b2:f9:1c:f7:f6:e4:e9:17:83:
f1:98:40:8b:23:9b:fe:66:c2:a8:ce:a9:fa:4a:69:8e:17:ee:
a2:35:2d:ac:d2:74:28:5a:96:e6:9b:88:3a:0c:61:f8:cc:99:
17:bd:6c:88:57:0d:65:a9:00:53:fb:f8:c1:28:14:92:f0:19:
48:03:9d:b4:bd:3e:3c:c7:3a:00:b1:63:c7:a0:32:9a:51:15:
a1:96:5a:bc
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZL7f6zyrbjB9QVlT8nXtplLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YjdkNjY5OTgzNWJmZTlhODA4MWRmYzExNGRmMWJmNmQy
MTVkYTcwHhcNMjQxMTA1MDg0NTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjYyYWFkZGFlZmYyZWM4M2YwYmU2YTdiZTVhNjM2NjE1ZjQzODdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4po6lgdjxkh4yYKGa6j6XHlBbC9r
EjCOCJ0ekQuYIygUzDncg0ltYW+i+OJBmzfax/V/whj8YQlyiu/SC0jJv9Hkvl4U
fK6J9PP4y0mYH3k+tbCrhqFqGO3rcYpGG04m2WxG1jAgWhP55VBdsH60NpSFOY6W
Ow4hEpkjRJrrbFBlWzEDKcZBEOROvaiZgpzjMfRCk8Vz9vWI60rSLK+on8QYKyy8
12YqkeTl20iUFImsIBeabtaaeJ6fd+ird2tXRkxGiFTsoF//rIJkG4cOJWVIigNh
0rfYpqP8/5waueWBrMzSuHu/sdOT7QyAzzIe/y+eIH7R7DWcPwdzfoedEwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDZiqt2u/y7IPwvmp75aY2YV9Dh8MB8GA1UdIwQY
MBaAFGW31mmYNb/pqAgd/BFN8b9tIV2nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDct
OWU0MTNlYmY0MmYzLzEvTm1LcTNhN19Mc2dfQy1hbnZscGpaaFgwT0h3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDctOWU0MTNlYmY0MmYz
LzEvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAw9igAwQA
w9i6AwQAw9i9MA0GCSqGSIb3DQEBCwUAA4IBAQBsD9RRwwFk4mnnINzVR50NjiT7
Xmj1CdOmDvDPtPoGTJBLFTju0bjG8pDe/wThXm+HHUhXaG/WQqHRAnZMt9YDj00+
o5HjBLA0qJZKAj+yrMUSq1aRz8eEqm+pP6L1/AbiPCbW14ajjwq+ZL0+JhvPt+mJ
O6gipcl2ktZUEaHJmGKIscFTeHCzMunFo817jyw8I29PlETudSCpz/nTfb6HFqlj
C5xbA5CybWyy+Rz39uTpF4PxmECLI5v+ZsKozqn6SmmOF+6iNS2s0nQoWpbmm4g6
DGH4zJkXvWyIVw1lqQBT+/jBKBSS8BlIA520vT48xzoAsWPHoDKaURWhllq8
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:25:10 2025 by rpki-client