Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/NlMct1iRS14ntIaiduqC4GgJxGU.roa
File: NlMct1iRS14ntIaiduqC4GgJxGU.roa (raw, json)
Hash identifier: lSbvNOy9SaZce1hKvy7tvjy2/YYE09YqBeQzhfW+DeY=
Subject key identifier: 36:53:1C:B7:58:91:4B:5E:27:B4:86:A2:76:EA:82:E0:68:09:C4:65
Certificate issuer: /CN=6e6d7bcabfcc308d420053c482a0d59fb1282e30
Certificate serial: 018E7F4050673BE032771DC5FC19FE139B63
Authority key identifier: 6E:6D:7B:CA:BF:CC:30:8D:42:00:53:C4:82:A0:D5:9F:B1:28:2E:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bm17yr_MMI1CAFPEgqDVn7EoLjA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/NlMct1iRS14ntIaiduqC4GgJxGU.roa
Signing time: Wed 27 Mar 2024 09:31:45 +0000
ROA not before: Wed 27 Mar 2024 09:31:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8075
IP address blocks: 145.219.22.0/24 maxlen: 24
145.219.24.0/22 maxlen: 22
145.219.28.0/22 maxlen: 22
2a04:b0c0:10::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Apr 2024 09:16:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:7f:40:50:67:3b:e0:32:77:1d:c5:fc:19:fe:13:9b:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e6d7bcabfcc308d420053c482a0d59fb1282e30
Validity
Not Before: Mar 27 09:31:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=36531cb758914b5e27b486a276ea82e06809c465
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:8c:8f:4c:21:9d:f6:af:1e:c5:ff:8a:22:c6:
00:b0:77:bc:ab:9c:bf:2b:41:c6:1b:33:ac:b2:7d:
fd:c5:3c:77:3f:d2:a8:98:ab:24:dc:16:31:35:91:
ee:64:c9:9a:e7:39:87:b8:97:74:22:88:e3:91:c9:
b4:50:85:d0:fe:cc:6e:6b:65:e5:f5:52:b9:a6:66:
e4:29:9b:22:11:cb:a6:96:9f:ca:cf:d7:29:12:f9:
3b:1b:a3:ef:5d:63:40:ef:a8:e0:d3:48:06:9d:97:
a7:be:24:31:2b:55:cd:97:76:70:9a:77:8b:7a:c9:
a5:c9:41:20:20:55:ce:8f:d7:91:2a:29:6b:30:aa:
91:48:3f:45:6b:14:e0:1a:21:ae:3d:a6:dd:24:30:
ec:6d:16:95:3b:03:93:a4:b0:9d:c6:f3:73:26:f2:
4c:4c:84:41:e2:ea:84:3e:3c:68:cc:76:1a:81:e2:
de:04:31:d3:dd:ad:0e:79:72:63:e5:74:fd:8b:6e:
ee:41:a4:53:88:5b:22:7a:fd:ea:7a:af:bc:2a:3b:
cc:fa:e6:2c:55:a4:4d:e4:e5:bd:87:19:c1:98:fd:
77:fb:fa:26:a1:7a:c3:15:89:22:b2:0f:13:bf:59:
eb:db:79:40:31:13:9d:81:bf:ba:77:8f:39:38:9d:
0d:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:53:1C:B7:58:91:4B:5E:27:B4:86:A2:76:EA:82:E0:68:09:C4:65
X509v3 Authority Key Identifier:
keyid:6E:6D:7B:CA:BF:CC:30:8D:42:00:53:C4:82:A0:D5:9F:B1:28:2E:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bm17yr_MMI1CAFPEgqDVn7EoLjA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/NlMct1iRS14ntIaiduqC4GgJxGU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/bm17yr_MMI1CAFPEgqDVn7EoLjA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.219.22.0/24
145.219.24.0/21
IPv6:
2a04:b0c0:10::/48
Signature Algorithm: sha256WithRSAEncryption
45:d0:0b:47:6b:68:29:90:1c:2e:45:e7:e8:5f:dc:5e:b8:ac:
7c:40:82:28:c1:39:4b:9d:c2:e2:24:22:d9:d3:af:f2:1b:f7:
38:a7:55:19:a4:a0:5b:cc:6c:da:5e:19:83:bb:2d:a9:5b:3f:
5f:d1:ec:b2:06:85:b2:a4:dd:2b:85:a7:17:a7:88:36:d6:06:
9f:a1:9f:f8:db:78:db:9a:eb:c2:d8:9d:84:7b:7f:89:89:ba:
04:1a:29:3e:8b:ec:0d:da:b3:25:91:74:99:72:e4:30:9d:bc:
b9:8e:dc:c5:86:c3:21:37:3b:76:5f:63:bf:9b:61:f0:90:ee:
8b:ac:ad:82:e5:09:74:8d:50:8d:31:da:1e:08:18:f4:0b:e9:
9e:e5:e1:ae:aa:29:9a:85:ad:1c:3f:15:88:0c:ce:b8:e3:01:
5a:e2:2a:32:00:bc:27:59:8e:28:03:3f:3a:be:6a:75:dc:99:
97:6e:68:49:d5:51:46:d2:4d:5c:19:25:05:dc:fb:f9:f6:36:
17:4a:8f:0d:31:e5:d8:cf:6e:57:38:b1:dc:c3:2b:99:84:91:
16:b2:11:4e:6c:43:68:91:b7:8d:3d:09:a2:a1:1f:12:62:98:
bc:ed:56:e8:01:aa:e6:f6:47:1e:57:95:7d:32:56:56:53:0e:
1c:6c:b2:63
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAY5/QFBnO+Aydx3F/Bn+E5tjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlNmQ3YmNhYmZjYzMwOGQ0MjAwNTNjNDgyYTBkNTlmYjEy
ODJlMzAwHhcNMjQwMzI3MDkzMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjUzMWNiNzU4OTE0YjVlMjdiNDg2YTI3NmVhODJlMDY4MDljNDY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvIyPTCGd9q8exf+KIsYAsHe8q5y/
K0HGGzOssn39xTx3P9KomKsk3BYxNZHuZMma5zmHuJd0Iojjkcm0UIXQ/sxua2Xl
9VK5pmbkKZsiEcumlp/Kz9cpEvk7G6PvXWNA76jg00gGnZenviQxK1XNl3ZwmneL
esmlyUEgIFXOj9eRKilrMKqRSD9FaxTgGiGuPabdJDDsbRaVOwOTpLCdxvNzJvJM
TIRB4uqEPjxozHYageLeBDHT3a0OeXJj5XT9i27uQaRTiFsiev3qeq+8KjvM+uYs
VaRN5OW9hxnBmP13+/omoXrDFYkisg8Tv1nr23lAMROdgb+6d485OJ0NJQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFDZTHLdYkUteJ7SGonbqguBoCcRlMB8GA1UdIwQY
MBaAFG5te8q/zDCNQgBTxIKg1Z+xKC4wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm0xN3lyX01NSTFDQUZQRWdxRFZuN0VvTGpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy80NWM2ODktYWZhYS00ZGEzLWE5NDIt
OTMxOTRlYjYxMDhkLzEvTmxNY3QxaVJTMTRudElhaWR1cUM0R2dKeEdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy80NWM2ODktYWZhYS00ZGEzLWE5NDItOTMxOTRlYjYxMDhk
LzEvYm0xN3lyX01NSTFDQUZQRWdxRFZuN0VvTGpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAkdsWAwQD
kdsYMA8EAgACMAkDBwAqBLDAABAwDQYJKoZIhvcNAQELBQADggEBAEXQC0draCmQ
HC5F5+hf3F64rHxAgijBOUudwuIkItnTr/Ib9zinVRmkoFvMbNpeGYO7LalbP1/R
7LIGhbKk3SuFpxeniDbWBp+hn/jbeNua68LYnYR7f4mJugQaKT6L7A3asyWRdJly
5DCdvLmO3MWGwyE3O3ZfY7+bYfCQ7ousrYLlCXSNUI0x2h4IGPQL6Z7l4a6qKZqF
rRw/FYgMzrjjAVriKjIAvCdZjigDPzq+anXcmZduaEnVUUbSTVwZJQXc+/n2NhdK
jw0x5djPblc4sdzDK5mEkRayEU5sQ2iRt409CaKhHxJimLztVugBqub2Rx5XlX0y
VlZTDhxssmM=
-----END CERTIFICATE-----
Generated at Tue Apr 2 11:48:40 2024 by rpki-client on console-ams.rpki-client.org