Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/29aa96-123f-40ea-95d5-d25b7ca3db89/1/nmbAw0PF_9uvmNDVc4sUjXkkF8Q.roa
File: nmbAw0PF_9uvmNDVc4sUjXkkF8Q.roa (raw, json)
Hash identifier: H7CgRPLGbVj8HojuuDALjBbbCEKhiccERm+DkmA2qd4=
Subject key identifier: 9E:66:C0:C3:43:C5:FF:DB:AF:98:D0:D5:73:8B:14:8D:79:24:17:C4
Certificate issuer: /CN=b085804db153eb724c58557c79359c4408205550
Certificate serial: 018EEB6DCEE4196B3EE2C494C254F625EB0C
Authority key identifier: B0:85:80:4D:B1:53:EB:72:4C:58:55:7C:79:35:9C:44:08:20:55:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sIWATbFT63JMWFV8eTWcRAggVVA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/29aa96-123f-40ea-95d5-d25b7ca3db89/1/nmbAw0PF_9uvmNDVc4sUjXkkF8Q.roa
Signing time: Wed 17 Apr 2024 09:40:25 +0000
ROA not before: Wed 17 Apr 2024 09:40:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51171
IP address blocks: 195.54.168.0/23 maxlen: 23
195.54.168.0/24 maxlen: 24
195.54.169.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:49:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:eb:6d:ce:e4:19:6b:3e:e2:c4:94:c2:54:f6:25:eb:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b085804db153eb724c58557c79359c4408205550
Validity
Not Before: Apr 17 09:40:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9e66c0c343c5ffdbaf98d0d5738b148d792417c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:3f:a7:40:28:d1:13:65:27:42:80:b2:95:56:
38:88:dd:ef:10:4a:74:7a:0d:ee:88:7a:39:54:9d:
ff:9f:aa:dd:3b:94:46:45:e6:da:b4:95:b3:49:06:
0d:8f:aa:ee:cc:8b:35:10:f1:32:9f:1e:6e:5f:10:
da:3a:78:d0:db:88:06:c3:76:40:9b:53:01:ec:87:
c2:8a:da:59:8b:43:aa:6f:d6:08:a8:09:ad:f7:02:
23:b7:cd:06:62:8d:31:b0:23:d8:50:1e:9e:a4:44:
b5:f0:6f:73:b1:b4:6a:fa:0a:47:f3:8b:84:cf:d3:
07:fa:1c:10:52:ca:9e:af:73:38:8a:bf:50:08:c4:
bc:2c:c8:01:8c:c1:4a:97:5f:d4:b0:7a:86:43:e4:
43:a6:48:6d:40:da:8c:37:1f:85:d8:e0:be:2a:18:
b8:f3:a4:40:cb:65:f5:1d:01:19:c5:dd:9b:b1:85:
6f:65:90:f2:36:33:8b:45:57:d2:0a:b0:cc:78:3c:
3d:cf:ee:b4:60:60:67:84:f8:ae:c8:2b:f3:c7:54:
1c:f1:5b:49:29:1c:45:a0:cb:85:94:d5:31:c4:13:
a8:74:8b:70:e0:af:18:f5:50:54:d0:66:e2:9f:a2:
35:d4:19:c3:30:96:c1:1e:e8:09:28:61:da:1e:cb:
ff:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:66:C0:C3:43:C5:FF:DB:AF:98:D0:D5:73:8B:14:8D:79:24:17:C4
X509v3 Authority Key Identifier:
keyid:B0:85:80:4D:B1:53:EB:72:4C:58:55:7C:79:35:9C:44:08:20:55:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sIWATbFT63JMWFV8eTWcRAggVVA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/29aa96-123f-40ea-95d5-d25b7ca3db89/1/nmbAw0PF_9uvmNDVc4sUjXkkF8Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/29aa96-123f-40ea-95d5-d25b7ca3db89/1/sIWATbFT63JMWFV8eTWcRAggVVA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.54.168.0/23
Signature Algorithm: sha256WithRSAEncryption
32:fa:33:d1:82:d8:45:92:e5:04:b3:94:f2:84:3f:01:99:41:
d3:ea:ce:3b:68:6a:d9:fa:0f:cc:38:63:6b:78:c9:d2:42:14:
e4:a1:d1:d2:b1:5c:70:2d:39:9c:f0:d2:ac:24:99:20:e8:21:
b3:31:6f:f8:88:4c:c4:03:50:58:2e:f7:ea:f7:33:df:cb:fe:
b6:85:b6:a6:62:99:e8:5f:0a:22:e1:ad:94:52:39:5b:d2:ce:
de:d7:78:dd:41:f7:d3:24:6e:e1:18:fd:0c:a6:48:3c:8b:ee:
3d:80:8e:c9:1e:ad:b2:8e:a7:2b:32:4e:16:f6:a9:ea:2e:cd:
94:d6:31:9d:2a:1a:a7:c9:82:a5:0c:d6:66:ab:05:6c:88:1c:
02:52:37:39:ad:87:c5:77:a7:36:fc:cf:ba:c3:f5:cc:df:9f:
e3:68:e9:b7:a2:c7:73:70:31:f9:ee:f5:bb:25:99:e5:44:12:
b7:7f:48:2d:31:82:5f:d3:b5:8f:6f:77:84:cf:12:15:a4:35:
d9:fd:28:68:d6:c4:b4:fd:75:99:6d:5f:df:99:dd:33:83:04:
33:fd:be:9a:68:f2:6a:09:1f:f0:01:9a:90:ed:93:06:cb:84:
4c:d7:63:a0:99:ce:9b:f0:d8:78:9a:47:09:50:29:2b:99:27:
9a:91:cf:99
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY7rbc7kGWs+4sSUwlT2JesMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwODU4MDRkYjE1M2ViNzI0YzU4NTU3Yzc5MzU5YzQ0MDgy
MDU1NTAwHhcNMjQwNDE3MDk0MDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTY2YzBjMzQzYzVmZmRiYWY5OGQwZDU3MzhiMTQ4ZDc5MjQxN2M0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApj+nQCjRE2UnQoCylVY4iN3vEEp0
eg3uiHo5VJ3/n6rdO5RGRebatJWzSQYNj6ruzIs1EPEynx5uXxDaOnjQ24gGw3ZA
m1MB7IfCitpZi0Oqb9YIqAmt9wIjt80GYo0xsCPYUB6epES18G9zsbRq+gpH84uE
z9MH+hwQUsqer3M4ir9QCMS8LMgBjMFKl1/UsHqGQ+RDpkhtQNqMNx+F2OC+Khi4
86RAy2X1HQEZxd2bsYVvZZDyNjOLRVfSCrDMeDw9z+60YGBnhPiuyCvzx1Qc8VtJ
KRxFoMuFlNUxxBOodItw4K8Y9VBU0Gbin6I11BnDMJbBHugJKGHaHsv/jwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ5mwMNDxf/br5jQ1XOLFI15JBfEMB8GA1UdIwQY
MBaAFLCFgE2xU+tyTFhVfHk1nEQIIFVQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0lXQVRiRlQ2M0pNV0ZWOGVUV2NSQWdnVlZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC8yOWFhOTYtMTIzZi00MGVhLTk1ZDUt
ZDI1YjdjYTNkYjg5LzEvbm1iQXcwUEZfOXV2bU5EVmM0c1VqWGtrRjhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC8yOWFhOTYtMTIzZi00MGVhLTk1ZDUtZDI1YjdjYTNkYjg5
LzEvc0lXQVRiRlQ2M0pNV0ZWOGVUV2NSQWdnVlZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwzaoMA0G
CSqGSIb3DQEBCwUAA4IBAQAy+jPRgthFkuUEs5TyhD8BmUHT6s47aGrZ+g/MOGNr
eMnSQhTkodHSsVxwLTmc8NKsJJkg6CGzMW/4iEzEA1BYLvfq9zPfy/62hbamYpno
Xwoi4a2UUjlb0s7e13jdQffTJG7hGP0Mpkg8i+49gI7JHq2yjqcrMk4W9qnqLs2U
1jGdKhqnyYKlDNZmqwVsiBwCUjc5rYfFd6c2/M+6w/XM35/jaOm3osdzcDH57vW7
JZnlRBK3f0gtMYJf07WPb3eEzxIVpDXZ/Sho1sS0/XWZbV/fmd0zgwQz/b6aaPJq
CR/wAZqQ7ZMGy4RM12Ogmc6b8Nh4mkcJUCkrmSeakc+Z
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:36:02 2025 by rpki-client