Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/784838-0e3b-46ba-8595-d8f6ab83b533/1/NbNDJUzQH3dtWjDzVWxuRPVMYyo.roa
File: NbNDJUzQH3dtWjDzVWxuRPVMYyo.roa (raw, json)
Hash identifier: zPXQLLkqUR2q+otq95xoxuS3o0Oaha6YRs1J0+I7cCM=
Subject key identifier: 35:B3:43:25:4C:D0:1F:77:6D:5A:30:F3:55:6C:6E:44:F5:4C:63:2A
Certificate issuer: /CN=e5b1de7443eaf18ceb06888d7ef93a5635a4ae1e
Certificate serial: 018CC801A1C4DC499457E67F695743CF356D
Authority key identifier: E5:B1:DE:74:43:EA:F1:8C:EB:06:88:8D:7E:F9:3A:56:35:A4:AE:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5bHedEPq8YzrBoiNfvk6VjWkrh4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/784838-0e3b-46ba-8595-d8f6ab83b533/1/NbNDJUzQH3dtWjDzVWxuRPVMYyo.roa
Signing time: Tue 02 Jan 2024 02:29:59 +0000
ROA not before: Tue 02 Jan 2024 02:29:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43473
IP address blocks: 91.195.14.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:a1:c4:dc:49:94:57:e6:7f:69:57:43:cf:35:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5b1de7443eaf18ceb06888d7ef93a5635a4ae1e
Validity
Not Before: Jan 2 02:29:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=35b343254cd01f776d5a30f3556c6e44f54c632a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:df:48:f1:c8:33:16:fa:92:e8:b1:8d:af:70:
ba:4a:4f:0b:43:6e:d3:2d:c1:ba:b8:da:9a:34:0e:
23:ab:c6:2c:11:76:61:11:19:b8:a9:f7:0d:20:24:
44:d7:61:9f:07:d5:d4:73:c8:1b:be:6c:ab:37:9b:
3f:45:90:92:8f:af:bd:98:7e:dd:bc:ca:78:4d:c7:
22:d1:9d:62:fd:0f:9a:04:4e:4d:28:bc:b1:fc:c8:
1a:af:9f:9a:55:07:f5:1a:f6:6b:82:24:87:15:81:
16:1c:56:b4:0b:50:35:08:aa:46:69:6f:04:00:21:
db:23:ca:62:11:2c:61:70:b6:a8:5d:e6:7f:82:85:
f4:7c:5a:13:2f:80:ed:40:e6:eb:21:90:67:88:1d:
d7:b6:6f:bf:df:54:c1:58:bd:33:fb:e1:3a:37:ab:
68:79:9f:bb:53:46:09:0e:66:1c:37:0a:86:a1:90:
f8:7b:55:7b:33:af:4c:ea:54:85:3d:dc:df:56:30:
25:0d:2e:08:28:10:a7:bd:11:a7:08:6f:9c:a4:5e:
89:13:a9:a0:6d:47:93:42:2d:43:19:85:46:5f:aa:
5b:6c:05:32:ab:c0:78:49:58:6a:82:82:da:12:46:
6b:28:b4:8b:4c:be:0c:95:3f:13:94:23:f1:4a:a7:
a1:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:B3:43:25:4C:D0:1F:77:6D:5A:30:F3:55:6C:6E:44:F5:4C:63:2A
X509v3 Authority Key Identifier:
keyid:E5:B1:DE:74:43:EA:F1:8C:EB:06:88:8D:7E:F9:3A:56:35:A4:AE:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5bHedEPq8YzrBoiNfvk6VjWkrh4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/784838-0e3b-46ba-8595-d8f6ab83b533/1/NbNDJUzQH3dtWjDzVWxuRPVMYyo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/784838-0e3b-46ba-8595-d8f6ab83b533/1/5bHedEPq8YzrBoiNfvk6VjWkrh4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.195.14.0/23
Signature Algorithm: sha256WithRSAEncryption
9a:33:f5:d8:9a:28:87:28:ee:78:dc:14:46:ce:b7:80:7d:c4:
ff:b0:cc:20:e9:6c:95:90:b8:24:33:41:d6:6e:ac:a8:ce:06:
d7:d3:2a:12:c5:b7:bf:5c:ed:49:24:ae:68:88:37:d8:39:ab:
92:51:9a:00:d1:8f:ba:6a:b8:90:0f:1e:ad:5a:67:5c:b3:1a:
51:22:6f:dc:59:ed:50:c1:a2:de:d9:f6:8f:03:3b:42:ff:6f:
58:08:93:c3:81:3a:34:be:5b:e9:99:2e:7d:81:1a:77:80:8c:
d8:44:7c:fd:b2:16:4d:71:fa:c2:2f:4b:59:e9:90:16:9c:27:
77:12:41:de:cb:1e:c9:6b:0a:39:4d:12:f3:1b:d0:ed:74:a4:
ba:da:8f:89:13:c4:22:29:db:6b:5a:20:3c:61:33:86:3f:97:
c1:70:10:12:74:0f:7e:3a:b2:c3:93:22:ab:d8:7e:c4:65:c1:
1a:65:9c:32:0c:0c:75:a2:78:b5:6f:de:21:91:6e:dc:7f:ee:
bf:92:80:f9:92:40:f6:c3:55:d4:3d:db:d5:fd:1d:72:db:29:
ae:05:ce:ee:6f:4c:bd:63:f1:b0:6e:d0:d2:c0:a1:7b:dd:37:
c5:63:9d:30:27:db:7d:28:81:b2:01:92:f2:11:b2:0b:bb:0b:
42:0e:7a:da
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAaHE3EmUV+Z/aVdDzzVtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YjFkZTc0NDNlYWYxOGNlYjA2ODg4ZDdlZjkzYTU2MzVh
NGFlMWUwHhcNMjQwMTAyMDIyOTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWIzNDMyNTRjZDAxZjc3NmQ1YTMwZjM1NTZjNmU0NGY1NGM2MzJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi99I8cgzFvqS6LGNr3C6Sk8LQ27T
LcG6uNqaNA4jq8YsEXZhERm4qfcNICRE12GfB9XUc8gbvmyrN5s/RZCSj6+9mH7d
vMp4Tcci0Z1i/Q+aBE5NKLyx/Mgar5+aVQf1GvZrgiSHFYEWHFa0C1A1CKpGaW8E
ACHbI8piESxhcLaoXeZ/goX0fFoTL4DtQObrIZBniB3Xtm+/31TBWL0z++E6N6to
eZ+7U0YJDmYcNwqGoZD4e1V7M69M6lSFPdzfVjAlDS4IKBCnvRGnCG+cpF6JE6mg
bUeTQi1DGYVGX6pbbAUyq8B4SVhqgoLaEkZrKLSLTL4MlT8TlCPxSqehZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDWzQyVM0B93bVow81VsbkT1TGMqMB8GA1UdIwQY
MBaAFOWx3nRD6vGM6waIjX75OlY1pK4eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWJIZWRFUHE4WXpyQm9pTmZ2azZWaldrcmg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS83ODQ4MzgtMGUzYi00NmJhLTg1OTUt
ZDhmNmFiODNiNTMzLzEvTmJOREpVelFIM2R0V2pEelZXeHVSUFZNWXlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS83ODQ4MzgtMGUzYi00NmJhLTg1OTUtZDhmNmFiODNiNTMz
LzEvNWJIZWRFUHE4WXpyQm9pTmZ2azZWaldrcmg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW8MOMA0G
CSqGSIb3DQEBCwUAA4IBAQCaM/XYmiiHKO543BRGzreAfcT/sMwg6WyVkLgkM0HW
bqyozgbX0yoSxbe/XO1JJK5oiDfYOauSUZoA0Y+6ariQDx6tWmdcsxpRIm/cWe1Q
waLe2faPAztC/29YCJPDgTo0vlvpmS59gRp3gIzYRHz9shZNcfrCL0tZ6ZAWnCd3
EkHeyx7Jawo5TRLzG9DtdKS62o+JE8QiKdtrWiA8YTOGP5fBcBASdA9+OrLDkyKr
2H7EZcEaZZwyDAx1oni1b94hkW7cf+6/koD5kkD2w1XUPdvV/R1y2ymuBc7ub0y9
Y/GwbtDSwKF73TfFY50wJ9t9KIGyAZLyEbILuwtCDnra
-----END CERTIFICATE-----
Generated at Sat Apr 19 10:43:29 2025 by rpki-client