Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/29e166-98d2-49f2-8497-0503749adea0/1/nmh-ak3ChDLQ5VibftZzcV9MhB0.roa
File: nmh-ak3ChDLQ5VibftZzcV9MhB0.roa (raw, json)
Hash identifier: Le+p7lP3Yy5kO2G8fL7SSfFmybeIw0CNuloiHaKQMP4=
Subject key identifier: 9E:68:7E:6A:4D:C2:84:32:D0:E5:58:9B:7E:D6:73:71:5F:4C:84:1D
Certificate issuer: /CN=468b592f3110bc6c35249a8271a0dac1a9acb0ce
Certificate serial: 018D182988B3FB69D51775FE9DED8BF2C0F8
Authority key identifier: 46:8B:59:2F:31:10:BC:6C:35:24:9A:82:71:A0:DA:C1:A9:AC:B0:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RotZLzEQvGw1JJqCcaDawamssM4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/29e166-98d2-49f2-8497-0503749adea0/1/nmh-ak3ChDLQ5VibftZzcV9MhB0.roa
Signing time: Wed 17 Jan 2024 16:03:11 +0000
ROA not before: Wed 17 Jan 2024 16:03:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 10753
IP address blocks: 146.19.50.0/24 maxlen: 24
146.19.142.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 24 Feb 2024 16:51:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:18:29:88:b3:fb:69:d5:17:75:fe:9d:ed:8b:f2:c0:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=468b592f3110bc6c35249a8271a0dac1a9acb0ce
Validity
Not Before: Jan 17 16:03:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9e687e6a4dc28432d0e5589b7ed673715f4c841d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:1d:38:44:eb:21:1e:fa:d8:81:8e:a6:dc:8b:
b4:72:eb:4b:c4:9d:1d:e1:75:1a:4d:5d:6e:65:3a:
1e:c2:db:ba:70:19:00:5f:cf:e6:66:b0:a7:e4:2f:
eb:bf:cb:64:f8:ce:44:78:9a:86:cf:76:55:c3:b8:
c1:0e:fb:8e:14:49:64:27:1d:4d:0c:69:06:57:14:
11:75:3a:f8:7a:e0:97:46:45:61:f7:09:65:1d:e1:
8a:86:d3:f2:f7:f7:fe:af:a7:43:f8:12:a0:d8:4e:
85:a3:ab:16:5e:94:9c:8f:54:41:dd:82:a6:b9:20:
8f:b5:b6:85:5f:7c:10:39:8c:08:83:19:9e:c8:50:
63:a5:ad:da:fb:77:90:1c:90:22:ba:87:d4:03:65:
c8:d5:55:4a:55:47:e7:de:81:c2:1c:4f:f9:5e:13:
47:dd:dc:af:42:45:cb:38:08:6b:9a:51:55:d9:c4:
c5:74:b8:65:ee:d6:63:fc:6d:e2:a0:9b:23:4c:f4:
09:15:fa:20:0c:47:1c:53:82:92:d7:b7:98:06:1d:
f0:2a:83:ac:ce:27:10:62:45:d8:94:ea:a1:2c:57:
1e:4d:36:5e:df:91:f6:9b:82:55:b1:1d:bd:11:fa:
32:c3:e5:19:84:08:e0:a7:0a:24:2e:56:27:ba:5e:
fe:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:68:7E:6A:4D:C2:84:32:D0:E5:58:9B:7E:D6:73:71:5F:4C:84:1D
X509v3 Authority Key Identifier:
keyid:46:8B:59:2F:31:10:BC:6C:35:24:9A:82:71:A0:DA:C1:A9:AC:B0:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RotZLzEQvGw1JJqCcaDawamssM4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/29e166-98d2-49f2-8497-0503749adea0/1/nmh-ak3ChDLQ5VibftZzcV9MhB0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/29e166-98d2-49f2-8497-0503749adea0/1/RotZLzEQvGw1JJqCcaDawamssM4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.50.0/24
146.19.142.0/24
Signature Algorithm: sha256WithRSAEncryption
37:77:9e:09:74:c5:56:db:45:dd:2f:00:72:24:fb:ab:c2:08:
96:69:6e:64:fd:10:49:61:7b:cf:34:f0:81:a6:77:b2:62:75:
61:b5:b3:94:99:11:04:12:b5:90:71:c3:d9:53:03:46:34:82:
71:91:bb:6d:45:d5:18:e9:f9:58:ed:bf:f3:ab:06:5b:3f:ba:
58:b1:ca:bd:82:73:bc:5e:d5:8d:42:e1:b2:64:95:6a:6c:3b:
97:1e:e1:9f:b6:76:5e:55:2a:15:e9:6c:8b:ac:76:ff:ca:30:
e3:3b:a1:d2:00:6d:54:c8:fd:3d:64:fa:ea:b3:17:66:ee:81:
76:b8:d7:29:e4:24:c1:62:4f:08:8c:87:62:78:f3:25:9c:e4:
fb:20:32:c1:9b:4b:93:3c:ee:f8:77:3f:7f:ef:79:88:2e:c7:
c9:72:93:57:6e:8c:53:17:92:cc:3a:6a:f5:55:27:29:62:eb:
39:41:e0:2a:0e:62:7d:9f:13:11:95:16:a7:b0:d2:51:5e:27:
7a:98:4f:1a:b0:56:e4:8a:64:3b:e3:fa:07:c7:25:70:18:43:
07:87:17:a5:53:d3:00:5f:91:9b:8e:ff:58:c4:58:4d:89:1b:
5b:00:d2:87:4b:3f:e5:e1:4b:c6:20:af:0f:96:99:34:37:ff:
56:cd:6a:e2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY0YKYiz+2nVF3X+ne2L8sD4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2OGI1OTJmMzExMGJjNmMzNTI0OWE4MjcxYTBkYWMxYTlh
Y2IwY2UwHhcNMjQwMTE3MTYwMzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTY4N2U2YTRkYzI4NDMyZDBlNTU4OWI3ZWQ2NzM3MTVmNGM4NDFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqR04ROshHvrYgY6m3Iu0cutLxJ0d
4XUaTV1uZToewtu6cBkAX8/mZrCn5C/rv8tk+M5EeJqGz3ZVw7jBDvuOFElkJx1N
DGkGVxQRdTr4euCXRkVh9wllHeGKhtPy9/f+r6dD+BKg2E6Fo6sWXpScj1RB3YKm
uSCPtbaFX3wQOYwIgxmeyFBjpa3a+3eQHJAiuofUA2XI1VVKVUfn3oHCHE/5XhNH
3dyvQkXLOAhrmlFV2cTFdLhl7tZj/G3ioJsjTPQJFfogDEccU4KS17eYBh3wKoOs
zicQYkXYlOqhLFceTTZe35H2m4JVsR29Efoyw+UZhAjgpwokLlYnul7+SQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJ5ofmpNwoQy0OVYm37Wc3FfTIQdMB8GA1UdIwQY
MBaAFEaLWS8xELxsNSSagnGg2sGprLDOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUm90Wkx6RVF2R3cxSkpxQ2NhRGF3YW1zc000LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy8yOWUxNjYtOThkMi00OWYyLTg0OTct
MDUwMzc0OWFkZWEwLzEvbm1oLWFrM0NoRExRNVZpYmZ0WnpjVjlNaEIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy8yOWUxNjYtOThkMi00OWYyLTg0OTctMDUwMzc0OWFkZWEw
LzEvUm90Wkx6RVF2R3cxSkpxQ2NhRGF3YW1zc000LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAkhMyAwQA
khOOMA0GCSqGSIb3DQEBCwUAA4IBAQA3d54JdMVW20XdLwByJPurwgiWaW5k/RBJ
YXvPNPCBpneyYnVhtbOUmREEErWQccPZUwNGNIJxkbttRdUY6flY7b/zqwZbP7pY
scq9gnO8XtWNQuGyZJVqbDuXHuGftnZeVSoV6WyLrHb/yjDjO6HSAG1UyP09ZPrq
sxdm7oF2uNcp5CTBYk8IjIdiePMlnOT7IDLBm0uTPO74dz9/73mILsfJcpNXboxT
F5LMOmr1VScpYus5QeAqDmJ9nxMRlRansNJRXid6mE8asFbkimQ74/oHxyVwGEMH
hxelU9MAX5Gbjv9YxFhNiRtbANKHSz/l4UvGIK8Plpk0N/9WzWri
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:27 2024 by rpki-client on console-ams.rpki-client.org