Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/NxOGEcUq12vG4FvOsQE1Pk0ejMw.roa
File: NxOGEcUq12vG4FvOsQE1Pk0ejMw.roa (raw, json)
Hash identifier: bG6uzGHe0Gnu2XPYjhA7iKqxDG7N1+ITuNeRAWHzu04=
Subject key identifier: 37:13:86:11:C5:2A:D7:6B:C6:E0:5B:CE:B1:01:35:3E:4D:1E:8C:CC
Certificate issuer: /CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b
Certificate serial: 019141C96A4C81CF613A05A03F34AA358173
Authority key identifier: 7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/NxOGEcUq12vG4FvOsQE1Pk0ejMw.roa
Signing time: Sun 11 Aug 2024 14:13:24 +0000
ROA not before: Sun 11 Aug 2024 14:13:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34918
IP address blocks: 45.11.185.0/24 maxlen: 24
45.11.187.0/24 maxlen: 24
2a05:9080:6::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 13 Aug 2024 08:36:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:41:c9:6a:4c:81:cf:61:3a:05:a0:3f:34:aa:35:81:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b
Validity
Not Before: Aug 11 14:13:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=37138611c52ad76bc6e05bceb101353e4d1e8ccc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:ff:87:8a:61:46:ad:17:3f:6d:9b:62:ff:dc:
74:ed:5b:91:4d:1b:3b:f6:22:31:75:cc:76:d9:8f:
d5:68:2b:14:6b:d8:3f:0e:fe:f9:2a:0f:a5:f2:d2:
cd:fd:92:20:59:d4:f4:3e:20:c2:b4:dc:74:dc:38:
67:02:90:4d:3f:b2:8f:41:2f:fa:c8:c6:47:c3:f5:
0a:fe:f2:82:64:67:9a:97:80:cc:b3:a6:61:61:c0:
6f:7f:c1:69:ad:17:f1:a4:e3:2e:80:52:23:b4:47:
8b:8e:c3:62:d2:1a:a3:4c:51:c5:d6:4d:13:64:fb:
70:3f:34:57:56:f7:74:d9:ca:d3:ff:da:5f:79:88:
71:0f:ca:33:79:14:a4:ab:a2:8c:9c:6c:44:3d:7b:
ff:57:18:c4:41:b6:31:f8:cd:5a:d1:90:3b:e8:58:
e8:1c:98:69:e3:53:b8:4c:32:d6:4d:be:d7:cf:69:
98:32:f7:6b:48:1c:52:16:ec:f5:80:cb:68:c4:51:
33:16:9d:fb:c1:f0:9f:c8:9e:60:f3:ea:26:f4:4d:
e0:cd:2b:b3:3e:12:a5:bf:b1:61:76:86:e0:87:2e:
7e:f7:f3:f2:b8:1e:4c:7e:f0:52:9f:20:d1:17:e0:
9f:b7:7a:64:3f:61:3e:c8:b9:dc:a2:b2:a6:0f:67:
c2:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:13:86:11:C5:2A:D7:6B:C6:E0:5B:CE:B1:01:35:3E:4D:1E:8C:CC
X509v3 Authority Key Identifier:
keyid:7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/NxOGEcUq12vG4FvOsQE1Pk0ejMw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.185.0/24
45.11.187.0/24
IPv6:
2a05:9080:6::/48
Signature Algorithm: sha256WithRSAEncryption
2e:fb:39:a4:51:11:65:83:01:f5:15:ed:00:cf:c1:84:b7:be:
b5:ae:e0:99:7e:6e:19:7f:8c:77:c9:0e:17:a1:ba:95:81:7f:
d1:c4:4c:18:d3:ac:f9:b2:61:27:13:f6:3a:db:e3:7c:b7:98:
1d:86:33:a1:40:b0:2d:3f:90:38:31:91:7c:9e:36:cc:51:30:
24:f7:45:0d:d6:eb:1a:aa:5e:3f:60:c6:dc:0c:ad:f1:01:f8:
a9:e3:02:39:b9:05:ab:fe:fd:db:e7:9d:77:47:fe:dd:4e:93:
fe:30:4b:15:31:34:88:2a:a1:91:cf:0f:53:7c:39:a3:07:11:
bc:09:85:46:38:41:16:ee:bf:c1:2c:ed:16:2a:0a:0c:9b:a5:
41:45:21:3c:af:b1:31:7d:ee:39:58:ee:18:d9:43:82:be:bd:
8b:e6:90:53:e1:51:5e:19:bd:00:b9:f7:b7:57:27:05:60:a1:
1d:0e:ec:a5:f4:da:17:eb:23:5d:ef:c8:6c:bd:2d:4b:01:c9:
37:ce:1f:eb:22:d7:fe:61:b4:9c:5d:6f:88:8d:42:c6:b6:9c:
91:5d:b1:27:09:52:07:25:43:57:8d:35:ea:66:37:9c:9b:94:
e6:58:6f:cd:ad:9b:06:44:0c:38:b6:ae:f7:49:85:4e:8c:6f:
7f:71:f3:6c
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZFByWpMgc9hOgWgPzSqNYFzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjM2QwMjJhMjQwY2U3MWUwYTZlMWU5YWFlMDExMmRhODQw
Y2MzNGIwHhcNMjQwODExMTQxMzI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzEzODYxMWM1MmFkNzZiYzZlMDViY2ViMTAxMzUzZTRkMWU4Y2NjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm/+HimFGrRc/bZti/9x07VuRTRs7
9iIxdcx22Y/VaCsUa9g/Dv75Kg+l8tLN/ZIgWdT0PiDCtNx03DhnApBNP7KPQS/6
yMZHw/UK/vKCZGeal4DMs6ZhYcBvf8FprRfxpOMugFIjtEeLjsNi0hqjTFHF1k0T
ZPtwPzRXVvd02crT/9pfeYhxD8ozeRSkq6KMnGxEPXv/VxjEQbYx+M1a0ZA76Fjo
HJhp41O4TDLWTb7Xz2mYMvdrSBxSFuz1gMtoxFEzFp37wfCfyJ5g8+om9E3gzSuz
PhKlv7Fhdobghy5+9/PyuB5MfvBSnyDRF+Cft3pkP2E+yLncorKmD2fCSwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFDcThhHFKtdrxuBbzrEBNT5NHozMMB8GA1UdIwQY
MBaAFHw9AiokDOceCm4emq4BEtqEDMNLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYt
MDk0ODk4OWU2ZDU1LzEvTnhPR0VjVXExMnZHNEZ2T3NRRTFQazBlak13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYtMDk0ODk4OWU2ZDU1
LzEvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQALQu5AwQA
LQu7MA8EAgACMAkDBwAqBZCAAAYwDQYJKoZIhvcNAQELBQADggEBAC77OaRREWWD
AfUV7QDPwYS3vrWu4Jl+bhl/jHfJDhehupWBf9HETBjTrPmyYScT9jrb43y3mB2G
M6FAsC0/kDgxkXyeNsxRMCT3RQ3W6xqqXj9gxtwMrfEB+KnjAjm5Bav+/dvnnXdH
/t1Ok/4wSxUxNIgqoZHPD1N8OaMHEbwJhUY4QRbuv8Es7RYqCgybpUFFITyvsTF9
7jlY7hjZQ4K+vYvmkFPhUV4ZvQC597dXJwVgoR0O7KX02hfrI13vyGy9LUsByTfO
H+si1/5htJxdb4iNQsa2nJFdsScJUgclQ1eNNepmN5yblOZYb82tmwZEDDi2rvdJ
hU6Mb39x82w=
-----END CERTIFICATE-----
Generated at Tue Aug 13 11:36:48 2024 by rpki-client on console-ams.rpki-client.org