Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/872dc7-7c01-4e66-844e-599d1ca6a5fd/1/Ng-v19hpn2YATJld3B39_R9zlUE.roa
File: Ng-v19hpn2YATJld3B39_R9zlUE.roa (raw, json)
Hash identifier: kVA9hI2rvzTUleN9KcHZFDqqf0yZ48yRNybYAPE12U0=
Subject key identifier: 36:0F:AF:D7:D8:69:9F:66:00:4C:99:5D:DC:1D:FD:FD:1F:73:95:41
Certificate issuer: /CN=8d66032e08894118d7998c5c060ca46eb3871338
Certificate serial: 018CC50019194319B8954E4E2696BC0CCF42
Authority key identifier: 8D:66:03:2E:08:89:41:18:D7:99:8C:5C:06:0C:A4:6E:B3:87:13:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jWYDLgiJQRjXmYxcBgykbrOHEzg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/872dc7-7c01-4e66-844e-599d1ca6a5fd/1/Ng-v19hpn2YATJld3B39_R9zlUE.roa
Signing time: Mon 01 Jan 2024 12:29:26 +0000
ROA not before: Mon 01 Jan 2024 12:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43006
IP address blocks: 217.70.224.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 31 May 2024 11:21:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:19:19:43:19:b8:95:4e:4e:26:96:bc:0c:cf:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d66032e08894118d7998c5c060ca46eb3871338
Validity
Not Before: Jan 1 12:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=360fafd7d8699f66004c995ddc1dfdfd1f739541
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:58:d3:90:bf:d7:9d:11:1d:d6:fe:7e:98:8a:
9e:a1:f3:18:da:a7:1f:58:de:fb:22:5d:58:4b:7a:
b4:61:57:12:7a:ba:8e:b6:23:11:f6:64:8c:78:2e:
8b:84:3b:00:5d:41:86:8e:54:3c:44:c1:e6:18:eb:
a6:01:50:b0:1d:5c:b4:6e:f0:7e:23:7c:5f:5f:0c:
61:d1:13:06:b5:c2:ca:fe:ef:07:9d:f2:97:86:8f:
31:82:93:13:e5:a4:77:20:c7:87:62:13:17:a9:ba:
ea:bf:a8:2a:d4:87:92:58:da:27:4d:1b:70:6d:68:
67:b9:26:51:cc:c3:3f:15:89:c8:95:87:9b:98:e7:
17:6c:af:a1:b1:54:0c:64:89:6a:bf:92:d9:76:4e:
fb:31:e1:33:c7:fe:31:b3:7e:0b:ee:67:05:ab:1c:
c4:c8:0b:24:4b:83:bc:95:d7:62:df:09:13:64:c1:
fe:5f:ce:c8:3c:fc:e0:2a:ba:f5:a8:4b:ee:0c:db:
b3:76:f1:b6:fa:c9:97:a0:a4:b6:fa:6a:1b:81:5a:
a4:d1:21:d0:b3:aa:5b:b5:a4:1f:ca:65:77:86:36:
6f:6f:0f:a0:89:68:20:3e:6b:6c:57:db:59:b0:de:
d4:3f:4b:6b:22:93:70:d4:05:e7:42:e2:34:ce:f0:
6f:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:0F:AF:D7:D8:69:9F:66:00:4C:99:5D:DC:1D:FD:FD:1F:73:95:41
X509v3 Authority Key Identifier:
keyid:8D:66:03:2E:08:89:41:18:D7:99:8C:5C:06:0C:A4:6E:B3:87:13:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jWYDLgiJQRjXmYxcBgykbrOHEzg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/872dc7-7c01-4e66-844e-599d1ca6a5fd/1/Ng-v19hpn2YATJld3B39_R9zlUE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/872dc7-7c01-4e66-844e-599d1ca6a5fd/1/jWYDLgiJQRjXmYxcBgykbrOHEzg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.70.224.0/22
Signature Algorithm: sha256WithRSAEncryption
a4:d9:60:d1:89:8e:f7:1c:fe:05:4f:10:cf:d7:b2:a9:d5:3f:
f8:70:95:da:d7:f8:60:36:3d:cb:0e:d8:b8:70:3c:ac:2a:86:
59:d0:41:4b:db:3e:c7:9a:96:7c:dd:36:01:1d:2f:40:00:6c:
eb:1a:b4:3e:6a:e7:46:24:18:a0:cd:d1:32:40:ea:f1:0a:ad:
fe:f4:a6:b2:50:a5:b5:15:c1:33:a9:e3:a8:de:80:b2:c0:ec:
e9:73:2a:fa:db:59:cf:f4:a2:dc:8d:88:d4:06:d1:a4:e4:68:
99:50:aa:a6:2d:e5:35:1c:39:cf:58:9e:47:22:e1:71:19:ef:
65:d6:7e:d7:57:4b:6d:34:b3:af:6f:f3:1d:1e:1d:8a:86:b4:
dd:b7:10:cc:20:30:79:4b:78:bc:ea:5c:fb:aa:46:7a:fd:74:
2b:65:0d:d5:a5:d3:80:d0:75:55:b7:7f:2d:a2:3e:91:b5:5a:
38:5e:03:b8:9a:83:f8:7e:b3:f1:92:fe:0c:de:b0:96:8c:f8:
a5:8a:f3:b5:a9:f8:0b:f1:98:93:b6:44:36:22:54:91:89:15:
64:d0:32:f9:87:80:7f:f8:7e:83:e4:b4:81:86:ba:95:f5:80:
c6:80:68:54:f0:9e:dd:0f:01:f3:be:c8:01:2b:11:76:da:d2:
d8:19:8f:07
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFABkZQxm4lU5OJpa8DM9CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkNjYwMzJlMDg4OTQxMThkNzk5OGM1YzA2MGNhNDZlYjM4
NzEzMzgwHhcNMjQwMTAxMTIyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjBmYWZkN2Q4Njk5ZjY2MDA0Yzk5NWRkYzFkZmRmZDFmNzM5NTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhFjTkL/XnREd1v5+mIqeofMY2qcf
WN77Il1YS3q0YVcSerqOtiMR9mSMeC6LhDsAXUGGjlQ8RMHmGOumAVCwHVy0bvB+
I3xfXwxh0RMGtcLK/u8HnfKXho8xgpMT5aR3IMeHYhMXqbrqv6gq1IeSWNonTRtw
bWhnuSZRzMM/FYnIlYebmOcXbK+hsVQMZIlqv5LZdk77MeEzx/4xs34L7mcFqxzE
yAskS4O8lddi3wkTZMH+X87IPPzgKrr1qEvuDNuzdvG2+smXoKS2+mobgVqk0SHQ
s6pbtaQfymV3hjZvbw+giWggPmtsV9tZsN7UP0trIpNw1AXnQuI0zvBvXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDYPr9fYaZ9mAEyZXdwd/f0fc5VBMB8GA1UdIwQY
MBaAFI1mAy4IiUEY15mMXAYMpG6zhxM4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaldZRExnaUpRUmpYbVl4Y0JneWtick9IRXpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC84NzJkYzctN2MwMS00ZTY2LTg0NGUt
NTk5ZDFjYTZhNWZkLzEvTmctdjE5aHBuMllBVEpsZDNCMzlfUjl6bFVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC84NzJkYzctN2MwMS00ZTY2LTg0NGUtNTk5ZDFjYTZhNWZk
LzEvaldZRExnaUpRUmpYbVl4Y0JneWtick9IRXpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC2UbgMA0G
CSqGSIb3DQEBCwUAA4IBAQCk2WDRiY73HP4FTxDP17Kp1T/4cJXa1/hgNj3LDti4
cDysKoZZ0EFL2z7HmpZ83TYBHS9AAGzrGrQ+audGJBigzdEyQOrxCq3+9KayUKW1
FcEzqeOo3oCywOzpcyr621nP9KLcjYjUBtGk5GiZUKqmLeU1HDnPWJ5HIuFxGe9l
1n7XV0ttNLOvb/MdHh2KhrTdtxDMIDB5S3i86lz7qkZ6/XQrZQ3VpdOA0HVVt38t
oj6RtVo4XgO4moP4frPxkv4M3rCWjPilivO1qfgL8ZiTtkQ2IlSRiRVk0DL5h4B/
+H6D5LSBhrqV9YDGgGhU8J7dDwHzvsgBKxF22tLYGY8H
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:30:28 2025 by rpki-client