Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/nkgfTMiNra1TKsUWEnk8TOwT-OM.roa
File: nkgfTMiNra1TKsUWEnk8TOwT-OM.roa (raw, json)
Hash identifier: jOUPTHes8qBnll1OX7Ak/nkhKc8gTbGLY94iNLW6zGw=
Subject key identifier: 9E:48:1F:4C:C8:8D:AD:AD:53:2A:C5:16:12:79:3C:4C:EC:13:F8:E3
Certificate issuer: /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial: 018B6701D87D4E7517C893A053657A5AE4A4
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/nkgfTMiNra1TKsUWEnk8TOwT-OM.roa
Signing time: Wed 25 Oct 2023 13:24:16 +0000
ROA not before: Wed 25 Oct 2023 13:24:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60446
IP address blocks: 46.37.120.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 22 Nov 2023 09:16:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:67:01:d8:7d:4e:75:17:c8:93:a0:53:65:7a:5a:e4:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Validity
Not Before: Oct 25 13:24:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9e481f4cc88dadad532ac51612793c4cec13f8e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:d4:e8:c6:6e:d4:69:af:1e:59:2d:a1:a8:f1:
53:a2:b1:c4:76:96:62:0c:e6:7f:86:7f:6e:eb:0b:
b1:e1:83:e1:56:af:2c:ee:67:bf:04:c8:8a:14:d0:
e2:64:4d:01:01:87:8d:a6:bd:a6:19:6c:05:ac:88:
42:57:bb:09:62:df:5a:74:32:76:9d:8d:e8:f7:23:
34:1b:57:48:40:1c:9e:7a:25:92:1e:17:5c:4d:87:
81:5f:21:6e:c2:3b:cf:b1:ba:98:f6:4f:b1:7f:40:
99:0a:bb:58:a7:7d:0a:81:5f:6e:0a:ec:0a:d2:4a:
aa:18:e2:e8:50:6b:6c:b7:d2:46:37:02:50:8d:ee:
38:a0:34:55:c5:13:36:55:21:bf:d8:17:35:2c:5e:
9b:84:2e:77:15:02:e8:37:3e:dc:c8:3c:47:40:26:
88:08:be:8b:c8:c0:d3:6f:b1:fa:c1:a3:7e:7b:49:
66:b0:70:6b:3b:f0:a4:b9:79:e7:d1:68:43:8c:d2:
bc:a0:3b:f7:7d:d5:71:a0:f6:3c:87:40:37:48:0d:
bd:10:e4:af:69:d1:61:4e:ff:97:39:f8:f2:ee:e4:
61:cb:7a:93:12:2a:35:5a:ac:df:cf:a2:d6:46:06:
44:23:f7:8c:91:f0:e9:9c:4c:96:2b:04:0c:49:ea:
9a:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:48:1F:4C:C8:8D:AD:AD:53:2A:C5:16:12:79:3C:4C:EC:13:F8:E3
X509v3 Authority Key Identifier:
keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/nkgfTMiNra1TKsUWEnk8TOwT-OM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.37.120.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:7b:55:67:0a:07:2a:81:69:39:0f:fe:1a:16:26:aa:5e:af:
a5:e2:a2:92:81:6c:f3:4e:48:e6:eb:79:d2:38:f5:fe:36:c3:
df:af:bb:a1:15:a5:37:59:3e:44:08:f1:f5:9e:4d:95:47:37:
f9:07:aa:09:2b:d3:a4:50:6c:04:13:79:75:a6:24:ef:34:2b:
8d:d3:00:a8:59:a2:f5:5e:47:60:ef:c5:dc:63:dd:5b:4e:aa:
81:5c:15:4f:8a:f5:54:37:44:88:08:d4:57:30:66:2d:cf:75:
70:84:09:9f:92:e1:01:49:2a:19:f7:78:d7:b3:4a:3b:4a:fd:
bc:84:c4:5c:2f:93:68:5d:5e:a5:df:54:d7:be:87:fd:3c:06:
17:78:51:5f:6f:bb:a6:ef:0d:a4:44:25:56:0d:70:6a:4f:d1:
f0:f2:7f:10:1d:0e:19:df:f3:8e:bd:bd:9f:1f:6d:7c:b5:e0:
a4:be:32:b6:d6:c6:a4:d1:4b:24:3d:14:6d:09:7a:64:ec:ed:
2e:b7:f9:d6:17:3f:00:18:2e:2e:e4:a3:0b:e3:3d:a1:c5:f9:
40:06:e9:71:f8:1d:b2:f7:45:80:95:bf:df:0c:13:2a:65:bf:
17:70:84:82:d6:27:35:af:c1:8a:dd:88:36:a5:55:b1:be:5f:
35:15:53:00
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYtnAdh9TnUXyJOgU2V6WuSkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjMxMDI1MTMyNDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTQ4MWY0Y2M4OGRhZGFkNTMyYWM1MTYxMjc5M2M0Y2VjMTNmOGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsNToxm7Uaa8eWS2hqPFTorHEdpZi
DOZ/hn9u6wux4YPhVq8s7me/BMiKFNDiZE0BAYeNpr2mGWwFrIhCV7sJYt9adDJ2
nY3o9yM0G1dIQByeeiWSHhdcTYeBXyFuwjvPsbqY9k+xf0CZCrtYp30KgV9uCuwK
0kqqGOLoUGtst9JGNwJQje44oDRVxRM2VSG/2Bc1LF6bhC53FQLoNz7cyDxHQCaI
CL6LyMDTb7H6waN+e0lmsHBrO/CkuXnn0WhDjNK8oDv3fdVxoPY8h0A3SA29EOSv
adFhTv+XOfjy7uRhy3qTEio1Wqzfz6LWRgZEI/eMkfDpnEyWKwQMSeqamwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ5IH0zIja2tUyrFFhJ5PEzsE/jjMB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEvbmtnZlRNaU5yYTFUS3NVV0VuazhUT3dULU9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALiV4MA0G
CSqGSIb3DQEBCwUAA4IBAQCze1VnCgcqgWk5D/4aFiaqXq+l4qKSgWzzTkjm63nS
OPX+NsPfr7uhFaU3WT5ECPH1nk2VRzf5B6oJK9OkUGwEE3l1piTvNCuN0wCoWaL1
Xkdg78XcY91bTqqBXBVPivVUN0SICNRXMGYtz3VwhAmfkuEBSSoZ93jXs0o7Sv28
hMRcL5NoXV6l31TXvof9PAYXeFFfb7um7w2kRCVWDXBqT9Hw8n8QHQ4Z3/OOvb2f
H218teCkvjK21sak0UskPRRtCXpk7O0ut/nWFz8AGC4u5KML4z2hxflABulx+B2y
90WAlb/fDBMqZb8XcISC1ic1r8GK3Yg2pVWxvl81FVMA
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:07 2024 by rpki-client on console-ams.rpki-client.org