Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/6b5f99-2c5f-40b8-9c89-395b0e7702cc/1/Nm7bo8qhFYYB7jtPEHG5biDCgcE.roa
File: Nm7bo8qhFYYB7jtPEHG5biDCgcE.roa (raw, json)
Hash identifier: 8nqlY0sMN9P4OB4doJIQfoVpaKNWg8h+BCEU+ebVJ5I=
Subject key identifier: 36:6E:DB:A3:CA:A1:15:86:01:EE:3B:4F:10:71:B9:6E:20:C2:81:C1
Certificate issuer: /CN=ec11b6d0ee6b9eccfe34ec506a275078c39eccb3
Certificate serial: 018CC6B875827C04F1F953519261AE9452B8
Authority key identifier: EC:11:B6:D0:EE:6B:9E:CC:FE:34:EC:50:6A:27:50:78:C3:9E:CC:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7BG20O5rnsz-NOxQaidQeMOezLM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/6b5f99-2c5f-40b8-9c89-395b0e7702cc/1/Nm7bo8qhFYYB7jtPEHG5biDCgcE.roa
Signing time: Mon 01 Jan 2024 20:30:26 +0000
ROA not before: Mon 01 Jan 2024 20:30:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197075
IP address blocks: 45.156.60.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 09 Jan 2024 15:12:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:75:82:7c:04:f1:f9:53:51:92:61:ae:94:52:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec11b6d0ee6b9eccfe34ec506a275078c39eccb3
Validity
Not Before: Jan 1 20:30:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=366edba3caa1158601ee3b4f1071b96e20c281c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:07:0f:56:3d:11:cd:13:62:87:52:45:4d:26:
96:6b:da:78:f6:72:8a:dc:1a:38:25:b3:9c:4a:fa:
33:dd:0a:c3:c5:02:50:ca:38:7d:9b:3d:0d:ab:da:
86:4d:d9:5b:a9:ea:50:db:0b:f0:b2:8a:f3:bc:93:
b9:f1:bf:43:37:ce:48:67:08:73:13:df:45:3b:b0:
d8:ea:fa:a3:99:b2:a1:55:0d:45:e9:ac:9b:57:1a:
03:e6:7d:ac:d4:a1:90:01:6e:c5:a5:09:d0:bd:43:
7b:91:38:ab:3b:7d:51:99:f1:5a:03:fc:3f:b7:4f:
41:c2:fd:ac:d4:3b:2e:a7:4a:25:1d:07:4b:9f:ce:
d3:a6:30:8f:57:5a:9c:34:a8:cb:8a:be:73:85:f6:
4e:27:66:22:57:8f:16:9d:37:0a:c8:da:34:0f:a1:
c6:7e:fe:c1:72:c1:a2:57:b8:60:b9:11:97:80:e4:
30:86:56:5f:cb:4e:78:a1:7d:b8:43:e5:19:8c:d3:
88:1a:99:37:85:ca:9a:af:30:1b:9f:29:23:36:b5:
6c:61:ac:e0:c0:d4:04:ae:f2:f3:49:f2:81:17:a7:
da:19:d3:31:46:9b:82:b9:f9:20:da:e1:a0:e5:d5:
c0:18:0e:9d:e2:2f:e1:c9:15:49:e9:07:ab:e1:01:
70:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:6E:DB:A3:CA:A1:15:86:01:EE:3B:4F:10:71:B9:6E:20:C2:81:C1
X509v3 Authority Key Identifier:
keyid:EC:11:B6:D0:EE:6B:9E:CC:FE:34:EC:50:6A:27:50:78:C3:9E:CC:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7BG20O5rnsz-NOxQaidQeMOezLM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/6b5f99-2c5f-40b8-9c89-395b0e7702cc/1/Nm7bo8qhFYYB7jtPEHG5biDCgcE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/6b5f99-2c5f-40b8-9c89-395b0e7702cc/1/7BG20O5rnsz-NOxQaidQeMOezLM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.60.0/23
Signature Algorithm: sha256WithRSAEncryption
4a:32:f2:d6:f5:90:2b:4e:cc:f7:01:ed:40:7f:30:93:17:22:
dc:fd:33:4b:73:ce:65:c4:bc:1e:11:e2:1c:0e:ad:68:e0:90:
71:24:9f:f3:f5:a9:a5:3a:42:f8:ce:7d:48:1d:cb:7a:39:a8:
4c:84:c7:b0:98:7f:2b:dc:27:2b:d7:6d:a1:50:24:96:65:e5:
f9:a3:76:a0:8f:1f:45:00:cb:81:d2:e0:4b:52:82:29:4c:d7:
a3:e6:de:68:6d:4c:41:80:d1:b8:3b:d5:ad:47:49:53:71:70:
1a:c1:4f:21:7d:ba:db:8a:ee:e5:eb:a3:40:78:b6:62:22:51:
f0:73:bf:72:4d:20:72:ab:75:fc:f8:44:d0:e9:5a:58:3b:cf:
88:2a:a1:dc:a2:b5:c8:bd:04:a3:9b:35:6b:27:c6:01:30:e9:
c3:0d:40:4c:09:91:5f:48:5b:d9:96:45:dc:2b:5f:dc:df:bd:
5f:a8:f4:6c:18:ab:33:34:1a:da:5e:c1:9c:ae:a2:9b:42:72:
92:16:10:fc:5d:07:8f:78:40:4c:ac:40:c4:f8:42:26:01:ba:
25:fa:25:dd:19:90:22:57:33:2e:3d:86:bb:cc:df:47:25:bd:
6b:e1:29:97:89:e6:2b:f5:c2:83:a3:19:34:ca:8d:1c:bf:2c:
cf:d2:e0:23
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGuHWCfATx+VNRkmGulFK4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjMTFiNmQwZWU2YjllY2NmZTM0ZWM1MDZhMjc1MDc4YzM5
ZWNjYjMwHhcNMjQwMTAxMjAzMDI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjZlZGJhM2NhYTExNTg2MDFlZTNiNGYxMDcxYjk2ZTIwYzI4MWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApgcPVj0RzRNih1JFTSaWa9p49nKK
3Bo4JbOcSvoz3QrDxQJQyjh9mz0Nq9qGTdlbqepQ2wvwsorzvJO58b9DN85IZwhz
E99FO7DY6vqjmbKhVQ1F6aybVxoD5n2s1KGQAW7FpQnQvUN7kTirO31RmfFaA/w/
t09Bwv2s1Dsup0olHQdLn87TpjCPV1qcNKjLir5zhfZOJ2YiV48WnTcKyNo0D6HG
fv7BcsGiV7hguRGXgOQwhlZfy054oX24Q+UZjNOIGpk3hcqarzAbnykjNrVsYazg
wNQErvLzSfKBF6faGdMxRpuCufkg2uGg5dXAGA6d4i/hyRVJ6Qer4QFwJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDZu26PKoRWGAe47TxBxuW4gwoHBMB8GA1UdIwQY
MBaAFOwRttDua57M/jTsUGonUHjDnsyzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0JHMjBPNXJuc3otTk94UWFpZFFlTU9lekxNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS82YjVmOTktMmM1Zi00MGI4LTljODkt
Mzk1YjBlNzcwMmNjLzEvTm03Ym84cWhGWVlCN2p0UEVIRzViaURDZ2NFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS82YjVmOTktMmM1Zi00MGI4LTljODktMzk1YjBlNzcwMmNj
LzEvN0JHMjBPNXJuc3otTk94UWFpZFFlTU9lekxNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLZw8MA0G
CSqGSIb3DQEBCwUAA4IBAQBKMvLW9ZArTsz3Ae1AfzCTFyLc/TNLc85lxLweEeIc
Dq1o4JBxJJ/z9amlOkL4zn1IHct6OahMhMewmH8r3Ccr122hUCSWZeX5o3agjx9F
AMuB0uBLUoIpTNej5t5obUxBgNG4O9WtR0lTcXAawU8hfbrbiu7l66NAeLZiIlHw
c79yTSByq3X8+ETQ6VpYO8+IKqHcorXIvQSjmzVrJ8YBMOnDDUBMCZFfSFvZlkXc
K1/c371fqPRsGKszNBraXsGcrqKbQnKSFhD8XQePeEBMrEDE+EImAbol+iXdGZAi
VzMuPYa7zN9HJb1r4SmXieYr9cKDoxk0yo0cvyzP0uAj
-----END CERTIFICATE-----
Generated at Tue Jan 9 19:43:20 2024 by rpki-client on console-ams.rpki-client.org