Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/4291a2-03a9-4195-b1a7-3f40547e52d1/1/Nhj6mwpFfHH2QxjQDZJ34-WM8_A.roa
File: Nhj6mwpFfHH2QxjQDZJ34-WM8_A.roa (raw, json)
Hash identifier: 2zBsB4VIUjxPZaHkl9ZFLVL78qrgFt3k2y2d3G2YE3U=
Subject key identifier: 36:18:FA:9B:0A:45:7C:71:F6:43:18:D0:0D:92:77:E3:E5:8C:F3:F0
Certificate issuer: /CN=b38b25ad7c96589e4a8caa5fa4892cc4dfcc7b53
Certificate serial: 018CC8DF12908768D931438F308E0730E997
Authority key identifier: B3:8B:25:AD:7C:96:58:9E:4A:8C:AA:5F:A4:89:2C:C4:DF:CC:7B:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s4slrXyWWJ5KjKpfpIksxN_Me1M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/4291a2-03a9-4195-b1a7-3f40547e52d1/1/Nhj6mwpFfHH2QxjQDZJ34-WM8_A.roa
Signing time: Tue 02 Jan 2024 06:31:51 +0000
ROA not before: Tue 02 Jan 2024 06:31:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39053
IP address blocks: 193.176.68.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:12:90:87:68:d9:31:43:8f:30:8e:07:30:e9:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b38b25ad7c96589e4a8caa5fa4892cc4dfcc7b53
Validity
Not Before: Jan 2 06:31:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3618fa9b0a457c71f64318d00d9277e3e58cf3f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:5d:b3:ea:7a:80:36:32:e0:95:a8:d1:05:f5:
3b:46:ca:80:b8:f9:9d:3b:71:55:ec:d4:6d:b4:15:
f5:f8:d2:d6:ad:b4:a5:57:cc:46:16:36:76:16:81:
9f:42:b8:6b:4b:87:05:bb:03:9f:65:90:b2:1f:a6:
53:a9:69:ed:f6:54:3e:0e:bc:17:d3:b4:a7:ce:a4:
3b:0a:f7:56:41:c5:99:fb:d2:b8:b4:67:17:84:dd:
fd:13:51:1a:21:5e:78:c7:25:c0:66:01:62:9d:98:
85:c1:ca:2d:58:7c:74:e4:b3:9d:1c:8b:ba:d0:1d:
5f:a2:16:52:34:5d:e1:bc:c5:e1:36:79:14:93:18:
b4:c8:43:60:0a:f8:4a:94:a0:9c:7d:3b:8a:c8:62:
55:ee:fa:74:83:27:69:66:92:b1:ac:c3:7b:76:80:
d2:a3:dd:05:aa:03:17:0c:44:78:8f:c4:b4:a9:12:
31:0c:96:31:b4:3b:70:92:9d:4d:f9:9a:60:41:8e:
19:50:74:9c:87:d7:65:7e:c6:b0:9a:2f:00:ec:16:
63:5c:df:64:9c:66:a8:37:f5:de:e4:1d:48:74:31:
b2:bc:40:23:5e:56:fd:93:5c:2a:8f:15:5f:69:36:
c2:6a:66:9c:8f:6b:d5:b9:c3:23:15:bf:b8:23:73:
0c:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:18:FA:9B:0A:45:7C:71:F6:43:18:D0:0D:92:77:E3:E5:8C:F3:F0
X509v3 Authority Key Identifier:
keyid:B3:8B:25:AD:7C:96:58:9E:4A:8C:AA:5F:A4:89:2C:C4:DF:CC:7B:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s4slrXyWWJ5KjKpfpIksxN_Me1M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/4291a2-03a9-4195-b1a7-3f40547e52d1/1/Nhj6mwpFfHH2QxjQDZJ34-WM8_A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/4291a2-03a9-4195-b1a7-3f40547e52d1/1/s4slrXyWWJ5KjKpfpIksxN_Me1M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.176.68.0/22
Signature Algorithm: sha256WithRSAEncryption
12:15:1e:39:52:51:ac:50:b9:ba:40:fd:71:82:6a:a3:0f:28:
ab:d6:2a:39:fc:a0:b4:52:c1:b0:2a:73:02:fe:9f:26:b2:44:
ea:0e:5f:77:77:d9:41:20:81:04:97:21:20:f0:38:37:b1:79:
0c:7a:4b:5a:1f:6e:20:94:8e:e3:52:8f:79:31:6e:49:c1:c7:
8d:4d:f3:2a:eb:1b:57:3f:eb:b9:d1:9d:40:c7:1b:74:d7:17:
be:51:d2:bf:1b:1d:4f:69:93:f4:af:20:f9:b8:6b:f4:f8:25:
f8:1e:d1:3f:b0:ca:c0:c1:dc:91:09:58:87:62:fc:cd:57:41:
e6:f4:17:de:47:96:cf:e8:af:9c:3a:f5:3f:98:0a:cd:ab:84:
c3:49:be:e3:a9:49:44:bb:0e:ab:82:8b:24:c2:45:0c:73:68:
93:76:3b:4f:cb:50:02:0b:5a:ab:5d:e4:90:6c:36:d1:18:fc:
9d:bb:b0:60:d0:f6:85:50:73:41:0f:13:96:11:ef:ac:b0:af:
6c:15:81:28:ef:a3:12:ed:9e:c1:83:f7:93:fd:0f:f2:07:e8:
83:7f:e8:3c:de:23:8e:47:a2:65:a9:1f:9e:56:61:c0:9b:7d:
e6:04:16:77:e6:f6:15:70:3d:e2:ab:35:90:09:fa:ad:93:04:
74:8c:d8:77
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3xKQh2jZMUOPMI4HMOmXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzOGIyNWFkN2M5NjU4OWU0YThjYWE1ZmE0ODkyY2M0ZGZj
YzdiNTMwHhcNMjQwMTAyMDYzMTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjE4ZmE5YjBhNDU3YzcxZjY0MzE4ZDAwZDkyNzdlM2U1OGNmM2YwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArF2z6nqANjLglajRBfU7RsqAuPmd
O3FV7NRttBX1+NLWrbSlV8xGFjZ2FoGfQrhrS4cFuwOfZZCyH6ZTqWnt9lQ+DrwX
07SnzqQ7CvdWQcWZ+9K4tGcXhN39E1EaIV54xyXAZgFinZiFwcotWHx05LOdHIu6
0B1fohZSNF3hvMXhNnkUkxi0yENgCvhKlKCcfTuKyGJV7vp0gydpZpKxrMN7doDS
o90FqgMXDER4j8S0qRIxDJYxtDtwkp1N+ZpgQY4ZUHSch9dlfsawmi8A7BZjXN9k
nGaoN/Xe5B1IdDGyvEAjXlb9k1wqjxVfaTbCamacj2vVucMjFb+4I3MM8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDYY+psKRXxx9kMY0A2Sd+PljPPwMB8GA1UdIwQY
MBaAFLOLJa18llieSoyqX6SJLMTfzHtTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczRzbHJYeVdXSjVLaktwZnBJa3N4Tl9NZTFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy80MjkxYTItMDNhOS00MTk1LWIxYTct
M2Y0MDU0N2U1MmQxLzEvTmhqNm13cEZmSEgyUXhqUURaSjM0LVdNOF9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy80MjkxYTItMDNhOS00MTk1LWIxYTctM2Y0MDU0N2U1MmQx
LzEvczRzbHJYeVdXSjVLaktwZnBJa3N4Tl9NZTFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwbBEMA0G
CSqGSIb3DQEBCwUAA4IBAQASFR45UlGsULm6QP1xgmqjDyir1io5/KC0UsGwKnMC
/p8mskTqDl93d9lBIIEElyEg8Dg3sXkMektaH24glI7jUo95MW5JwceNTfMq6xtX
P+u50Z1Axxt01xe+UdK/Gx1PaZP0ryD5uGv0+CX4HtE/sMrAwdyRCViHYvzNV0Hm
9BfeR5bP6K+cOvU/mArNq4TDSb7jqUlEuw6rgoskwkUMc2iTdjtPy1ACC1qrXeSQ
bDbRGPydu7Bg0PaFUHNBDxOWEe+ssK9sFYEo76MS7Z7Bg/eT/Q/yB+iDf+g83iOO
R6JlqR+eVmHAm33mBBZ35vYVcD3iqzWQCfqtkwR0jNh3
-----END CERTIFICATE-----
Generated at Mon Apr 21 10:50:55 2025 by rpki-client