Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/b31392-2d1c-4934-a59e-ed433aac7828/1/Nzvr0WDSK_lhCxbv62DyT5cKF-o.roa
File: Nzvr0WDSK_lhCxbv62DyT5cKF-o.roa (raw, json)
Hash identifier: xvSPIvr41yxFF5t3qB7CbjM8GCAp+ahO3U6+60VleNM=
Subject key identifier: 37:3B:EB:D1:60:D2:2B:F9:61:0B:16:EF:EB:60:F2:4F:97:0A:17:EA
Certificate issuer: /CN=29390ec0adca5f0743d181145c7899f991fb65e0
Certificate serial: 018CC7271B107E6FFFCA3EFA4244E075A627
Authority key identifier: 29:39:0E:C0:AD:CA:5F:07:43:D1:81:14:5C:78:99:F9:91:FB:65:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KTkOwK3KXwdD0YEUXHiZ-ZH7ZeA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/b31392-2d1c-4934-a59e-ed433aac7828/1/Nzvr0WDSK_lhCxbv62DyT5cKF-o.roa
Signing time: Mon 01 Jan 2024 22:31:17 +0000
ROA not before: Mon 01 Jan 2024 22:31:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51964
IP address blocks: 195.151.160.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:47:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:1b:10:7e:6f:ff:ca:3e:fa:42:44:e0:75:a6:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29390ec0adca5f0743d181145c7899f991fb65e0
Validity
Not Before: Jan 1 22:31:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=373bebd160d22bf9610b16efeb60f24f970a17ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:b2:2d:56:1d:b3:dd:9b:ab:15:32:e4:49:bf:
15:40:2c:96:e3:ad:24:aa:7e:9a:4c:76:2d:88:8d:
b5:a5:ef:60:6c:ea:c5:5c:fe:ce:56:12:6a:37:37:
11:cd:ac:57:2c:f9:8e:b0:4e:9e:ac:bf:0a:0e:0e:
f6:a2:2f:91:47:80:ea:95:85:aa:0c:42:2a:cd:e1:
8c:01:fb:b0:3b:29:5c:9e:85:18:a7:bb:16:16:b5:
a2:df:68:ef:f2:bc:83:96:bc:08:16:d3:e1:1e:25:
3e:1b:06:01:3e:98:98:4d:71:ea:1d:d0:66:80:fc:
01:da:70:cf:a2:26:e8:3d:4f:cd:91:3b:e1:93:ac:
4c:29:c0:10:7f:eb:62:1e:b3:a5:78:70:72:bd:40:
6b:8e:de:84:ad:a4:05:83:68:e2:35:8f:4e:56:fd:
cb:b5:56:db:72:df:c2:e7:03:48:b8:cd:d8:b4:1a:
d5:fa:b0:6e:51:4e:6b:8e:03:87:0f:8f:37:8b:b8:
8e:00:b3:55:68:a5:18:5a:4d:aa:2b:40:6c:50:60:
03:a5:31:1b:73:5a:46:2d:4b:25:f1:ff:5d:1a:9f:
b6:5d:53:d4:6f:c0:13:a5:33:93:91:8a:27:79:7a:
08:71:c2:45:88:ad:c5:85:c0:31:79:22:72:c2:c9:
63:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:3B:EB:D1:60:D2:2B:F9:61:0B:16:EF:EB:60:F2:4F:97:0A:17:EA
X509v3 Authority Key Identifier:
keyid:29:39:0E:C0:AD:CA:5F:07:43:D1:81:14:5C:78:99:F9:91:FB:65:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KTkOwK3KXwdD0YEUXHiZ-ZH7ZeA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/b31392-2d1c-4934-a59e-ed433aac7828/1/Nzvr0WDSK_lhCxbv62DyT5cKF-o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/b31392-2d1c-4934-a59e-ed433aac7828/1/KTkOwK3KXwdD0YEUXHiZ-ZH7ZeA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.151.160.0/24
Signature Algorithm: sha256WithRSAEncryption
60:35:2d:61:6e:9e:33:51:b1:1a:a2:25:53:ef:53:da:62:48:
e5:f5:3c:54:2a:9d:de:40:83:54:a3:03:fa:e4:99:33:67:56:
1b:e8:62:0b:11:c8:0a:6e:3f:96:62:70:05:58:20:61:b2:83:
52:2d:36:07:0e:5f:3c:01:c7:56:ee:92:be:3a:f6:61:e9:0d:
d7:9b:87:73:7e:91:c9:c0:76:13:34:8d:d9:01:9c:f6:2f:b7:
ce:34:3b:fd:e1:80:6e:d3:b7:c0:00:3d:b7:c9:dc:18:86:a6:
2d:a6:a6:c2:1f:96:ba:0e:6d:c5:3f:c4:b9:5e:c2:f2:62:cf:
59:4a:1e:9e:8f:34:2e:3d:21:c5:77:c1:46:f3:08:a9:32:c8:
50:39:b2:1b:5c:45:00:2d:8e:42:95:e8:a4:82:13:c5:8f:d5:
cd:00:9a:fd:f6:da:6c:f0:d4:56:fd:b1:79:d9:97:36:d9:8a:
c4:eb:66:6b:d9:39:3a:09:f6:74:1e:da:a8:89:b5:f0:cf:72:
2a:d3:6f:af:01:39:16:4f:43:6d:7d:b4:e9:fc:fd:41:e9:d8:
4e:65:5c:cb:9c:af:e4:96:d3:4c:33:99:08:65:24:cd:0e:c6:
a1:06:4c:5a:02:67:77:81:40:e1:b2:57:e9:50:94:c4:9a:ed:
4b:fa:87:d4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJxsQfm//yj76QkTgdaYnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MzkwZWMwYWRjYTVmMDc0M2QxODExNDVjNzg5OWY5OTFm
YjY1ZTAwHhcNMjQwMTAxMjIzMTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzNiZWJkMTYwZDIyYmY5NjEwYjE2ZWZlYjYwZjI0Zjk3MGExN2VhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnbItVh2z3ZurFTLkSb8VQCyW460k
qn6aTHYtiI21pe9gbOrFXP7OVhJqNzcRzaxXLPmOsE6erL8KDg72oi+RR4DqlYWq
DEIqzeGMAfuwOylcnoUYp7sWFrWi32jv8ryDlrwIFtPhHiU+GwYBPpiYTXHqHdBm
gPwB2nDPoiboPU/NkTvhk6xMKcAQf+tiHrOleHByvUBrjt6EraQFg2jiNY9OVv3L
tVbbct/C5wNIuM3YtBrV+rBuUU5rjgOHD483i7iOALNVaKUYWk2qK0BsUGADpTEb
c1pGLUsl8f9dGp+2XVPUb8ATpTOTkYoneXoIccJFiK3FhcAxeSJywsljfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDc769Fg0iv5YQsW7+tg8k+XChfqMB8GA1UdIwQY
MBaAFCk5DsCtyl8HQ9GBFFx4mfmR+2XgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1RrT3dLM0tYd2REMFlFVVhIaVotWkg3WmVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS9iMzEzOTItMmQxYy00OTM0LWE1OWUt
ZWQ0MzNhYWM3ODI4LzEvTnp2cjBXRFNLX2xoQ3hidjYyRHlUNWNLRi1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS9iMzEzOTItMmQxYy00OTM0LWE1OWUtZWQ0MzNhYWM3ODI4
LzEvS1RrT3dLM0tYd2REMFlFVVhIaVotWkg3WmVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw5egMA0G
CSqGSIb3DQEBCwUAA4IBAQBgNS1hbp4zUbEaoiVT71PaYkjl9TxUKp3eQINUowP6
5JkzZ1Yb6GILEcgKbj+WYnAFWCBhsoNSLTYHDl88AcdW7pK+OvZh6Q3Xm4dzfpHJ
wHYTNI3ZAZz2L7fONDv94YBu07fAAD23ydwYhqYtpqbCH5a6Dm3FP8S5XsLyYs9Z
Sh6ejzQuPSHFd8FG8wipMshQObIbXEUALY5CleikghPFj9XNAJr99tps8NRW/bF5
2Zc22YrE62Zr2Tk6CfZ0HtqoibXwz3Iq02+vATkWT0NtfbTp/P1B6dhOZVzLnK/k
ltNMM5kIZSTNDsahBkxaAmd3gUDhslfpUJTEmu1L+ofU
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:01:32 2025 by rpki-client