Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/11e13f-4cea-44af-81f9-b2cccf0eadab/1/NjSrknOuvjjVzVylgGOFtpNNUmw.roa
File: NjSrknOuvjjVzVylgGOFtpNNUmw.roa (raw, json)
Hash identifier: ZdJ1CZOU/K75rBYsAP10c16en3BOHpVaJT9YUfeE2o0=
Subject key identifier: 36:34:AB:92:73:AE:BE:38:D5:CD:5C:A5:80:63:85:B6:93:4D:52:6C
Certificate issuer: /CN=333361fba8409174fb3c482b8ca26f235ebd22c2
Certificate serial: 0187A281163C1A84846C417FDD9C8088CD5C
Authority key identifier: 33:33:61:FB:A8:40:91:74:FB:3C:48:2B:8C:A2:6F:23:5E:BD:22:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MzNh-6hAkXT7PEgrjKJvI169IsI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/11e13f-4cea-44af-81f9-b2cccf0eadab/1/NjSrknOuvjjVzVylgGOFtpNNUmw.roa
Signing time: Fri 21 Apr 2023 06:29:41 +0000
ROA not before: Fri 21 Apr 2023 06:29:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 133199
IP address blocks: 45.145.229.0/24 maxlen: 24
45.145.228.0/23 maxlen: 23
45.145.228.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:34:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:a2:81:16:3c:1a:84:84:6c:41:7f:dd:9c:80:88:cd:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=333361fba8409174fb3c482b8ca26f235ebd22c2
Validity
Not Before: Apr 21 06:29:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3634ab9273aebe38d5cd5ca5806385b6934d526c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:95:a3:e2:aa:2c:19:63:94:d0:eb:16:f5:82:
bd:12:36:93:45:2b:c7:c1:74:3c:8a:8d:9d:48:2f:
39:30:d9:6a:05:8c:71:51:95:29:cb:8a:0f:92:e0:
70:f8:1a:71:c0:35:49:e1:67:45:6e:98:5c:10:9d:
5d:a2:f7:5b:64:40:5b:f3:6d:99:2b:13:93:bd:06:
46:3d:d5:51:02:8f:e3:6e:9b:90:26:d7:55:62:c8:
55:d0:a1:88:dd:a6:58:cf:da:e2:cf:f1:eb:9a:7b:
11:86:ac:b9:46:b6:04:0f:4d:b6:a3:f4:a6:7e:7a:
51:f2:2a:6b:13:f5:96:0a:89:e0:9b:bb:ae:05:35:
bd:2b:03:02:60:69:1a:06:31:02:66:bf:54:56:2f:
a9:c0:ef:31:1a:83:df:de:db:a1:d3:8c:e1:bd:ff:
38:69:1f:68:af:13:1e:00:ae:98:ff:7f:81:50:e0:
5b:1c:a7:63:cf:f3:8a:98:bf:71:fe:1e:b6:08:42:
87:92:e6:80:e0:1e:2d:24:9c:79:c1:0d:d7:2b:91:
04:59:71:b2:6f:9c:35:80:85:44:e6:9e:24:73:96:
01:d6:df:8d:c4:93:14:c8:53:fa:0e:6a:59:b6:6a:
e0:87:1c:75:52:44:1a:7f:16:eb:ec:43:45:2a:45:
f5:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:34:AB:92:73:AE:BE:38:D5:CD:5C:A5:80:63:85:B6:93:4D:52:6C
X509v3 Authority Key Identifier:
keyid:33:33:61:FB:A8:40:91:74:FB:3C:48:2B:8C:A2:6F:23:5E:BD:22:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MzNh-6hAkXT7PEgrjKJvI169IsI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/11e13f-4cea-44af-81f9-b2cccf0eadab/1/NjSrknOuvjjVzVylgGOFtpNNUmw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/11e13f-4cea-44af-81f9-b2cccf0eadab/1/MzNh-6hAkXT7PEgrjKJvI169IsI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.228.0/23
Signature Algorithm: sha256WithRSAEncryption
a7:aa:28:d3:bf:a4:53:95:7b:c0:34:aa:f3:e5:2a:40:97:be:
23:ae:f5:ab:52:b8:84:ef:da:a5:b4:e7:5a:92:0b:d8:f6:be:
f2:ba:dc:ac:50:8b:0e:76:d3:99:24:96:d8:08:e7:88:a0:72:
c3:90:32:14:10:3b:c9:30:40:35:39:57:cb:13:5c:c9:70:b3:
0c:53:cb:4a:65:e6:72:91:a3:6c:86:5d:33:9b:c4:8a:a9:f1:
8b:65:23:0f:b1:2d:9d:73:6e:fd:85:b9:3b:3b:89:11:04:4a:
48:6c:d7:dc:98:0b:ed:0f:d8:c0:37:d8:62:90:0a:8d:48:4b:
d4:0c:e8:79:20:4d:6f:de:e5:22:1b:43:5e:6a:bb:8d:15:0c:
bd:47:67:ff:ce:e3:1b:df:57:a0:17:f4:56:81:3d:3f:c5:5d:
19:7d:0d:1c:e4:90:73:0a:8f:71:14:4f:de:ca:28:e7:61:5b:
57:08:57:e6:59:6e:6f:28:c3:df:30:bc:89:f2:6c:83:45:98:
ba:2b:15:09:21:80:5c:e0:4b:81:a7:72:89:3b:86:bc:fd:c7:
6c:df:fe:a1:bf:59:2b:92:a9:f7:49:a4:35:4e:81:d6:3b:35:
b4:3e:12:46:43:27:6e:a1:ef:6c:6e:12:6d:7c:41:2f:b3:c9:
c3:0b:7d:58
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYeigRY8GoSEbEF/3ZyAiM1cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzMzM2MWZiYTg0MDkxNzRmYjNjNDgyYjhjYTI2ZjIzNWVi
ZDIyYzIwHhcNMjMwNDIxMDYyOTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjM0YWI5MjczYWViZTM4ZDVjZDVjYTU4MDYzODViNjkzNGQ1MjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJWj4qosGWOU0OsW9YK9EjaTRSvH
wXQ8io2dSC85MNlqBYxxUZUpy4oPkuBw+BpxwDVJ4WdFbphcEJ1dovdbZEBb822Z
KxOTvQZGPdVRAo/jbpuQJtdVYshV0KGI3aZYz9riz/HrmnsRhqy5RrYED022o/Sm
fnpR8iprE/WWCongm7uuBTW9KwMCYGkaBjECZr9UVi+pwO8xGoPf3tuh04zhvf84
aR9orxMeAK6Y/3+BUOBbHKdjz/OKmL9x/h62CEKHkuaA4B4tJJx5wQ3XK5EEWXGy
b5w1gIVE5p4kc5YB1t+NxJMUyFP6DmpZtmrghxx1UkQafxbr7ENFKkX19wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDY0q5Jzrr441c1cpYBjhbaTTVJsMB8GA1UdIwQY
MBaAFDMzYfuoQJF0+zxIK4yibyNevSLCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXpOaC02aEFrWFQ3UEVncmpLSnZJMTY5SXNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi8xMWUxM2YtNGNlYS00NGFmLTgxZjkt
YjJjY2NmMGVhZGFiLzEvTmpTcmtuT3V2ampWelZ5bGdHT0Z0cE5OVW13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi8xMWUxM2YtNGNlYS00NGFmLTgxZjktYjJjY2NmMGVhZGFi
LzEvTXpOaC02aEFrWFQ3UEVncmpLSnZJMTY5SXNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLZHkMA0G
CSqGSIb3DQEBCwUAA4IBAQCnqijTv6RTlXvANKrz5SpAl74jrvWrUriE79qltOda
kgvY9r7yutysUIsOdtOZJJbYCOeIoHLDkDIUEDvJMEA1OVfLE1zJcLMMU8tKZeZy
kaNshl0zm8SKqfGLZSMPsS2dc279hbk7O4kRBEpIbNfcmAvtD9jAN9hikAqNSEvU
DOh5IE1v3uUiG0NearuNFQy9R2f/zuMb31egF/RWgT0/xV0ZfQ0c5JBzCo9xFE/e
yijnYVtXCFfmWW5vKMPfMLyJ8myDRZi6KxUJIYBc4EuBp3KJO4a8/cds3/6hv1kr
kqn3SaQ1ToHWOzW0PhJGQyduoe9sbhJtfEEvs8nDC31Y
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:32 2024 by rpki-client on console-ams.rpki-client.org