Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/NJkAG0smHPwLJvBxd33DEC2x70o.roa
File: NJkAG0smHPwLJvBxd33DEC2x70o.roa (raw, json)
Hash identifier: YFZGhY6FyN085NdJstWBq5YomTP6xa8VqZ7+C0OH62Q=
Subject key identifier: 34:99:00:1B:4B:26:1C:FC:0B:26:F0:71:77:7D:C3:10:2D:B1:EF:4A
Certificate issuer: /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial: 018CC348BB37B0BFCCCF48E09EAAC796405A
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/NJkAG0smHPwLJvBxd33DEC2x70o.roa
Signing time: Mon 01 Jan 2024 04:29:32 +0000
ROA not before: Mon 01 Jan 2024 04:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 142111
IP address blocks: 46.37.112.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:48:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:bb:37:b0:bf:cc:cf:48:e0:9e:aa:c7:96:40:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Validity
Not Before: Jan 1 04:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3499001b4b261cfc0b26f071777dc3102db1ef4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:e6:03:68:08:fc:25:81:1c:16:77:d3:be:0c:
61:ad:2d:82:8e:d5:9e:f2:fa:1c:fd:d0:a8:82:9b:
43:64:52:f3:ce:c7:b2:a3:df:2a:93:05:9f:ee:82:
f3:f9:23:ae:92:0a:4b:ef:13:e2:fd:b8:72:e5:e0:
1d:51:85:68:dd:cf:72:9e:a8:6d:66:e8:c5:5f:4f:
f4:3a:fc:ad:3a:1f:ab:dc:53:1e:e0:9f:5f:37:ec:
30:84:7e:07:1d:6a:39:c4:d1:6d:11:f6:9e:30:9d:
cd:ac:f4:41:af:15:0c:fb:ad:3d:20:2c:ff:5f:6c:
7d:95:89:5d:79:16:54:5c:fc:0c:fd:86:e3:20:bb:
69:da:a2:d1:0f:7b:c8:27:1c:ee:5c:1f:a2:cf:03:
96:37:e9:81:47:90:7a:e1:b9:29:98:79:4a:05:0a:
2a:6a:a7:fd:08:84:c1:42:7c:55:8f:84:88:04:30:
a3:1b:70:1e:48:05:89:a2:af:89:34:2f:b3:8a:0d:
9a:dd:c9:b0:88:b0:fe:71:6f:dc:0d:45:1f:1c:94:
19:ae:15:16:18:85:c8:02:70:d4:e8:fd:eb:95:c3:
da:86:2c:8c:de:18:a0:f8:1f:98:04:9a:6d:99:32:
08:07:7f:c2:7d:e3:b6:93:05:eb:ac:80:08:27:c9:
20:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:99:00:1B:4B:26:1C:FC:0B:26:F0:71:77:7D:C3:10:2D:B1:EF:4A
X509v3 Authority Key Identifier:
keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/NJkAG0smHPwLJvBxd33DEC2x70o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.37.112.0/24
Signature Algorithm: sha256WithRSAEncryption
50:67:6d:2f:a5:85:a8:e8:63:cd:62:63:73:95:2b:ee:a6:13:
43:11:3e:d3:4b:9f:02:91:e9:52:4f:fd:f6:e8:2d:dc:7a:16:
10:c5:66:6b:b1:d3:80:f4:90:71:a7:b9:ca:2c:e9:e3:ed:1d:
26:75:a4:93:8e:67:4e:56:2f:84:fe:07:4b:ab:15:27:bb:0d:
f8:7a:40:e2:f9:17:3d:28:95:9d:a5:b1:c8:3c:1a:6e:03:3a:
12:c0:47:57:05:cc:d0:5d:56:d9:7c:b2:32:6c:63:f3:b2:51:
11:1e:68:18:8b:7c:7f:16:d0:03:99:d7:a4:69:46:00:5b:f7:
63:54:6b:60:2e:2c:17:b1:9e:1d:d6:90:3f:79:75:b3:c2:a6:
45:94:80:59:f2:f6:dc:8a:cd:0d:62:42:c7:ef:51:b2:cf:88:
ad:c3:d5:ae:3e:48:a4:1e:62:8b:c8:85:3c:bc:a4:89:3c:9c:
9b:5f:28:8c:f8:d4:2f:9a:89:69:38:da:45:1c:f1:2a:85:bd:
ba:b9:93:d2:2b:f2:8e:ed:ac:45:63:44:96:c2:7c:6d:e8:36:
df:ab:17:90:39:84:34:9f:35:d6:ae:5b:0e:c0:9a:b4:d0:82:
61:0e:6e:2e:d9:91:fd:32:35:a8:0f:b0:a3:46:17:4a:7e:8e:
79:7f:ab:0d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSLs3sL/Mz0jgnqrHlkBaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjQwMTAxMDQyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDk5MDAxYjRiMjYxY2ZjMGIyNmYwNzE3NzdkYzMxMDJkYjFlZjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAseYDaAj8JYEcFnfTvgxhrS2CjtWe
8voc/dCogptDZFLzzseyo98qkwWf7oLz+SOukgpL7xPi/bhy5eAdUYVo3c9ynqht
ZujFX0/0OvytOh+r3FMe4J9fN+wwhH4HHWo5xNFtEfaeMJ3NrPRBrxUM+609ICz/
X2x9lYldeRZUXPwM/YbjILtp2qLRD3vIJxzuXB+izwOWN+mBR5B64bkpmHlKBQoq
aqf9CITBQnxVj4SIBDCjG3AeSAWJoq+JNC+zig2a3cmwiLD+cW/cDUUfHJQZrhUW
GIXIAnDU6P3rlcPahiyM3hig+B+YBJptmTIIB3/CfeO2kwXrrIAIJ8kgEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDSZABtLJhz8CybwcXd9wxAtse9KMB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEvTkprQUcwc21IUHdMSnZCeGQzM0RFQzJ4NzBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALiVwMA0G
CSqGSIb3DQEBCwUAA4IBAQBQZ20vpYWo6GPNYmNzlSvuphNDET7TS58CkelST/32
6C3cehYQxWZrsdOA9JBxp7nKLOnj7R0mdaSTjmdOVi+E/gdLqxUnuw34ekDi+Rc9
KJWdpbHIPBpuAzoSwEdXBczQXVbZfLIybGPzslERHmgYi3x/FtADmdekaUYAW/dj
VGtgLiwXsZ4d1pA/eXWzwqZFlIBZ8vbcis0NYkLH71Gyz4itw9WuPkikHmKLyIU8
vKSJPJybXyiM+NQvmolpONpFHPEqhb26uZPSK/KO7axFY0SWwnxt6DbfqxeQOYQ0
nzXWrlsOwJq00IJhDm4u2ZH9MjWoD7CjRhdKfo55f6sN
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:24:17 2025 by rpki-client