Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/N_XvLJCvc_RXZWRJfWN_AMGm_bY.roa
File: N_XvLJCvc_RXZWRJfWN_AMGm_bY.roa (raw, json)
Hash identifier: S3b2ZGz/A7kGIjV0vJEhE5ga7AOgm3fQOIBphjJKjeA=
Subject key identifier: 37:F5:EF:2C:90:AF:73:F4:57:65:64:49:7D:63:7F:00:C1:A6:FD:B6
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018CC5011DE1C9A7C805B7B5B75B10E50154
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/N_XvLJCvc_RXZWRJfWN_AMGm_bY.roa
Signing time: Mon 01 Jan 2024 12:30:33 +0000
ROA not before: Mon 01 Jan 2024 12:30:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197432
IP address blocks: 45.123.40.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:1d:e1:c9:a7:c8:05:b7:b5:b7:5b:10:e5:01:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 1 12:30:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=37f5ef2c90af73f4576564497d637f00c1a6fdb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:ed:51:6d:26:ce:87:25:8b:e3:d6:5f:c9:2a:
b0:ac:f6:46:bb:28:95:38:94:32:11:02:23:3b:df:
ce:89:87:2e:56:0e:ba:6b:5b:cd:68:c4:49:08:8e:
0e:7a:aa:ba:b7:43:aa:a0:5a:01:e7:cc:3d:e2:7c:
be:2c:18:3f:ed:b8:60:59:a8:3e:2d:98:1c:9f:6e:
50:64:2a:8a:04:11:e2:22:3b:16:fd:e4:c4:ea:b2:
28:b2:c5:db:58:c0:a1:fe:a4:d5:9c:3f:7e:76:96:
b4:0c:ae:7b:a4:0c:b8:3c:e4:37:6a:14:40:09:83:
41:1e:ca:6b:f5:ae:49:06:a7:34:2a:56:ae:46:4c:
b3:ce:75:21:81:25:ae:7c:80:40:26:08:9e:f9:9d:
b8:3f:fc:d9:92:23:c8:f7:1c:eb:10:35:fb:81:c3:
f7:d1:ab:01:4f:cf:d0:85:08:a7:04:97:90:a8:9d:
4c:30:fa:d3:99:85:e6:d8:3e:c8:c4:49:f4:76:1c:
a1:d2:d2:3b:57:fd:39:f4:8e:c7:9a:81:87:c2:94:
4b:5a:d6:73:7b:12:c8:dc:96:15:03:65:9c:29:09:
d9:21:28:e5:0d:18:b0:b1:7d:aa:df:b7:52:78:67:
be:a7:02:88:49:dd:5d:48:b0:08:64:46:e4:41:45:
d2:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:F5:EF:2C:90:AF:73:F4:57:65:64:49:7D:63:7F:00:C1:A6:FD:B6
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/N_XvLJCvc_RXZWRJfWN_AMGm_bY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.123.40.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:d6:61:45:18:65:5d:ac:b7:53:c8:76:0a:4a:00:bd:e4:f1:
9c:39:5b:7e:05:e8:77:98:1a:f9:73:24:16:13:ad:3b:b3:69:
31:b2:48:33:6f:68:d2:96:ef:9d:6e:77:d9:62:0d:c0:30:29:
e9:f3:a2:d4:61:75:2d:3c:0b:f3:79:21:5a:0d:87:37:f3:92:
94:5a:24:bf:d3:57:e4:7c:5a:f0:b6:8d:34:9f:c1:a1:9c:b4:
8f:80:e9:a1:91:f3:e5:a2:07:bc:b8:5f:e3:dc:e6:1c:7e:cd:
27:5b:6c:0d:6e:7e:86:52:ac:eb:5c:6d:31:ef:49:8b:04:5d:
a2:bc:39:69:53:7d:e1:8e:04:b8:27:3a:1f:46:03:3a:cd:bc:
bf:71:82:d5:d4:07:45:5b:62:10:cb:1e:3f:10:69:15:f6:68:
94:fe:fd:2a:5f:76:ba:0d:79:01:8b:f5:57:f6:a6:ed:68:a2:
47:30:a5:9f:c7:68:ea:b9:e0:5d:e4:00:34:8c:bf:e6:fc:8f:
db:ea:dc:02:6d:1e:9a:71:49:f2:1a:92:0b:8f:c7:d0:ae:64:
b7:48:c1:7c:5c:f5:39:4e:52:1d:70:f1:eb:8e:77:5d:3e:5d:
49:01:47:f2:7c:52:ad:13:35:78:91:07:ba:4f:80:43:32:aa:
86:c3:0e:da
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFAR3hyafIBbe1t1sQ5QFUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwMTAxMTIzMDMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2Y1ZWYyYzkwYWY3M2Y0NTc2NTY0NDk3ZDYzN2YwMGMxYTZmZGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhO1RbSbOhyWL49ZfySqwrPZGuyiV
OJQyEQIjO9/OiYcuVg66a1vNaMRJCI4Oeqq6t0OqoFoB58w94ny+LBg/7bhgWag+
LZgcn25QZCqKBBHiIjsW/eTE6rIossXbWMCh/qTVnD9+dpa0DK57pAy4POQ3ahRA
CYNBHspr9a5JBqc0KlauRkyzznUhgSWufIBAJgie+Z24P/zZkiPI9xzrEDX7gcP3
0asBT8/QhQinBJeQqJ1MMPrTmYXm2D7IxEn0dhyh0tI7V/059I7HmoGHwpRLWtZz
exLI3JYVA2WcKQnZISjlDRiwsX2q37dSeGe+pwKISd1dSLAIZEbkQUXSJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDf17yyQr3P0V2VkSX1jfwDBpv22MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvTl9YdkxKQ3ZjX1JYWldSSmZXTl9BTUdtX2JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALXsoMA0G
CSqGSIb3DQEBCwUAA4IBAQCM1mFFGGVdrLdTyHYKSgC95PGcOVt+Beh3mBr5cyQW
E607s2kxskgzb2jSlu+dbnfZYg3AMCnp86LUYXUtPAvzeSFaDYc385KUWiS/01fk
fFrwto00n8GhnLSPgOmhkfPloge8uF/j3OYcfs0nW2wNbn6GUqzrXG0x70mLBF2i
vDlpU33hjgS4JzofRgM6zby/cYLV1AdFW2IQyx4/EGkV9miU/v0qX3a6DXkBi/VX
9qbtaKJHMKWfx2jqueBd5AA0jL/m/I/b6twCbR6acUnyGpILj8fQrmS3SMF8XPU5
TlIdcPHrjnddPl1JAUfyfFKtEzV4kQe6T4BDMqqGww7a
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:13:13 2025 by rpki-client