Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/5cfc47-2210-4739-a964-cef01362c4a8/1/NusJh_P0McPkZcD12dDvwISr_bI.roa
File: NusJh_P0McPkZcD12dDvwISr_bI.roa (raw, json)
Hash identifier: p/sMdJIsf8ujrci2lDdoGRjNkM8yZuVKyeo2UzyJxrc=
Subject key identifier: 36:EB:09:87:F3:F4:31:C3:E4:65:C0:F5:D9:D0:EF:C0:84:AB:FD:B2
Certificate issuer: /CN=87ae0af282dd4e9bc1b82194aed3b19693d87298
Certificate serial: 018CC5DC4B17F966D30C326C9F3AD6B9423E
Authority key identifier: 87:AE:0A:F2:82:DD:4E:9B:C1:B8:21:94:AE:D3:B1:96:93:D8:72:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h64K8oLdTpvBuCGUrtOxlpPYcpg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/5cfc47-2210-4739-a964-cef01362c4a8/1/NusJh_P0McPkZcD12dDvwISr_bI.roa
Signing time: Mon 01 Jan 2024 16:29:57 +0000
ROA not before: Mon 01 Jan 2024 16:29:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43204
IP address blocks: 78.108.122.0/24 maxlen: 24
185.36.21.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:48:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:4b:17:f9:66:d3:0c:32:6c:9f:3a:d6:b9:42:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87ae0af282dd4e9bc1b82194aed3b19693d87298
Validity
Not Before: Jan 1 16:29:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=36eb0987f3f431c3e465c0f5d9d0efc084abfdb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:9f:9f:e6:c8:f8:c9:99:e7:5b:96:cd:48:41:
97:2e:06:10:55:5a:b6:09:ac:4e:da:e9:2d:f7:45:
c2:6d:4e:59:cd:8e:a3:ac:cd:9b:92:36:3e:fa:5e:
e3:79:22:a7:f0:82:97:ab:e1:bc:bd:77:58:05:fe:
e7:8b:96:43:88:62:10:50:0d:fa:fc:1f:ec:49:c8:
e0:e0:4c:47:f1:6a:a8:70:67:75:71:d8:02:6f:d6:
ce:bd:fe:6e:cc:d3:43:79:60:75:d4:b1:ea:5b:5a:
ac:eb:3a:3e:c5:b2:a6:88:73:c8:9c:86:c5:cf:75:
4c:b4:37:ed:5c:21:34:76:ae:06:80:db:5f:ab:64:
bf:52:92:3c:4c:0f:f0:5f:ad:ae:76:59:be:43:20:
a0:3d:39:bb:15:a0:ce:a7:12:02:51:5d:6e:ef:04:
46:ed:dc:0e:51:6a:04:50:f5:e2:a2:d7:32:d8:14:
99:4a:33:f2:09:af:2b:b3:02:12:48:c2:de:6e:92:
ef:1a:fe:fb:56:70:c1:7d:58:56:09:cc:18:e6:0c:
a3:20:d0:2d:2b:25:c3:7d:ed:fd:d7:ef:3b:d0:65:
94:ab:9e:56:30:94:4f:93:8d:69:5e:c0:84:e2:d4:
35:be:71:78:a7:7e:fd:44:59:98:8d:99:0e:2a:78:
a4:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:EB:09:87:F3:F4:31:C3:E4:65:C0:F5:D9:D0:EF:C0:84:AB:FD:B2
X509v3 Authority Key Identifier:
keyid:87:AE:0A:F2:82:DD:4E:9B:C1:B8:21:94:AE:D3:B1:96:93:D8:72:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h64K8oLdTpvBuCGUrtOxlpPYcpg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/5cfc47-2210-4739-a964-cef01362c4a8/1/NusJh_P0McPkZcD12dDvwISr_bI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/5cfc47-2210-4739-a964-cef01362c4a8/1/h64K8oLdTpvBuCGUrtOxlpPYcpg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.108.122.0/24
185.36.21.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:14:a4:31:9e:7e:aa:0c:b5:e0:f2:0e:1f:5f:3d:29:55:a7:
9f:fb:60:aa:91:79:32:aa:e9:0f:92:8c:a4:b0:82:70:8a:a5:
b8:ca:2b:e8:ba:5b:42:85:38:5a:4b:e2:4c:b9:56:3a:3c:e1:
c0:1c:94:53:74:dc:86:24:c7:d6:aa:12:47:99:00:93:c6:03:
c0:86:6d:48:14:e3:99:7f:ed:96:20:2e:0d:81:c5:27:dd:bb:
b6:7a:ee:ec:8e:9e:90:1f:a1:3b:27:78:ec:e6:b5:b7:c7:f5:
54:84:2c:3a:4d:d4:d9:45:bf:8b:83:2d:99:88:8e:5b:f0:d3:
41:42:e8:55:1c:a9:42:10:76:44:1e:87:7b:74:4a:a6:a4:88:
66:e0:07:1c:51:35:e4:fd:5b:e3:39:d5:72:53:82:ca:9c:b9:
3d:6a:d4:90:cd:0b:7c:9f:48:c5:a1:24:d3:33:c5:2c:b5:07:
1f:20:71:76:4c:a7:05:d3:4f:e1:18:0e:bf:93:4a:f7:7d:49:
d8:ac:68:4f:ed:ec:9b:6f:d8:e0:fe:fb:2e:24:5b:c4:28:22:
a2:f0:1c:1b:1a:50:4e:97:85:41:9d:72:a8:58:11:9e:a9:57:
2a:c5:02:e3:99:7c:ed:e1:b7:4c:70:1b:fd:8e:81:a3:74:ac:
76:34:5c:4a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzF3EsX+WbTDDJsnzrWuUI+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3YWUwYWYyODJkZDRlOWJjMWI4MjE5NGFlZDNiMTk2OTNk
ODcyOTgwHhcNMjQwMTAxMTYyOTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmViMDk4N2YzZjQzMWMzZTQ2NWMwZjVkOWQwZWZjMDg0YWJmZGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmp+f5sj4yZnnW5bNSEGXLgYQVVq2
CaxO2ukt90XCbU5ZzY6jrM2bkjY++l7jeSKn8IKXq+G8vXdYBf7ni5ZDiGIQUA36
/B/sScjg4ExH8WqocGd1cdgCb9bOvf5uzNNDeWB11LHqW1qs6zo+xbKmiHPInIbF
z3VMtDftXCE0dq4GgNtfq2S/UpI8TA/wX62udlm+QyCgPTm7FaDOpxICUV1u7wRG
7dwOUWoEUPXiotcy2BSZSjPyCa8rswISSMLebpLvGv77VnDBfVhWCcwY5gyjINAt
KyXDfe391+870GWUq55WMJRPk41pXsCE4tQ1vnF4p379RFmYjZkOKnik7wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDbrCYfz9DHD5GXA9dnQ78CEq/2yMB8GA1UdIwQY
MBaAFIeuCvKC3U6bwbghlK7TsZaT2HKYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDY0SzhvTGRUcHZCdUNHVXJ0T3hscFBZY3BnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS81Y2ZjNDctMjIxMC00NzM5LWE5NjQt
Y2VmMDEzNjJjNGE4LzEvTnVzSmhfUDBNY1BrWmNEMTJkRHZ3SVNyX2JJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS81Y2ZjNDctMjIxMC00NzM5LWE5NjQtY2VmMDEzNjJjNGE4
LzEvaDY0SzhvTGRUcHZCdUNHVXJ0T3hscFBZY3BnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATmx6AwQA
uSQVMA0GCSqGSIb3DQEBCwUAA4IBAQA6FKQxnn6qDLXg8g4fXz0pVaef+2CqkXky
qukPkoyksIJwiqW4yivoultChThaS+JMuVY6POHAHJRTdNyGJMfWqhJHmQCTxgPA
hm1IFOOZf+2WIC4NgcUn3bu2eu7sjp6QH6E7J3js5rW3x/VUhCw6TdTZRb+Lgy2Z
iI5b8NNBQuhVHKlCEHZEHod7dEqmpIhm4AccUTXk/VvjOdVyU4LKnLk9atSQzQt8
n0jFoSTTM8UstQcfIHF2TKcF00/hGA6/k0r3fUnYrGhP7eybb9jg/vsuJFvEKCKi
8BwbGlBOl4VBnXKoWBGeqVcqxQLjmXzt4bdMcBv9joGjdKx2NFxK
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:03:41 2025 by rpki-client