Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/d1f172-2def-4797-805f-b494664724ad/1/N0XENMnUNzbtikrQgbnR5NrDb7M.roa
File: N0XENMnUNzbtikrQgbnR5NrDb7M.roa (raw, json)
Hash identifier: XEd7H+aQrC+5yywtPGGxqxhd+hIzlyfLPqlTpqFkl1g=
Subject key identifier: 37:45:C4:34:C9:D4:37:36:ED:8A:4A:D0:81:B9:D1:E4:DA:C3:6F:B3
Certificate issuer: /CN=3def11bb8a8d480a0313e1f218a66bdf4e95f627
Certificate serial: 018CC501101815A1259F46E8BB6DED6028D6
Authority key identifier: 3D:EF:11:BB:8A:8D:48:0A:03:13:E1:F2:18:A6:6B:DF:4E:95:F6:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pe8Ru4qNSAoDE-HyGKZr306V9ic.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/d1f172-2def-4797-805f-b494664724ad/1/N0XENMnUNzbtikrQgbnR5NrDb7M.roa
Signing time: Mon 01 Jan 2024 12:30:30 +0000
ROA not before: Mon 01 Jan 2024 12:30:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47331
IP address blocks: 212.156.0.0/16 maxlen: 24
81.212.0.0/14 maxlen: 24
85.96.0.0/12 maxlen: 24
95.0.0.0/12 maxlen: 24
88.224.0.0/11 maxlen: 24
78.160.0.0/11 maxlen: 24
212.174.0.0/15 maxlen: 24
2a01:358::/29 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:10:18:15:a1:25:9f:46:e8:bb:6d:ed:60:28:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3def11bb8a8d480a0313e1f218a66bdf4e95f627
Validity
Not Before: Jan 1 12:30:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3745c434c9d43736ed8a4ad081b9d1e4dac36fb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:81:3d:87:d8:55:9b:5e:96:29:43:0b:f7:b5:
d0:0c:21:87:a4:b9:4b:87:2f:c9:52:41:ae:b3:00:
a5:91:61:50:a7:cc:48:13:be:c5:c7:39:45:e3:9f:
22:66:4f:88:80:43:4a:56:5f:49:1d:7e:36:d9:31:
e3:e8:e2:73:cc:ac:e1:a5:09:46:01:dc:f8:b6:55:
0b:99:f3:fb:e3:ef:44:e7:74:75:fb:78:3f:6e:bd:
d5:6f:08:f4:2b:56:0c:e4:25:20:9b:e2:ba:d1:dc:
ca:20:53:14:5c:8d:5a:ce:ba:83:00:a5:04:53:d1:
59:ea:4d:eb:99:d2:33:9a:77:7b:5e:28:54:04:87:
ee:7b:b5:30:30:0e:4f:3a:68:48:e1:d8:47:6e:4c:
95:4d:da:36:b6:23:fb:fd:6d:ba:22:7d:7c:fd:a9:
1a:11:f4:7d:f5:4c:3d:1f:5f:ef:0d:69:d4:2d:e8:
15:1f:17:4d:65:b6:60:3c:51:62:3c:8e:9d:fb:8e:
00:a0:f3:b9:c9:e0:f2:15:61:b9:f7:73:61:42:1f:
ec:a4:79:01:a1:d8:bd:ab:8a:07:64:1b:6a:81:cc:
7e:b7:19:05:01:cd:fa:da:53:5f:fe:66:0e:da:08:
ae:6e:04:8c:92:e4:0c:d4:1e:f3:5f:f1:06:59:41:
3e:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:45:C4:34:C9:D4:37:36:ED:8A:4A:D0:81:B9:D1:E4:DA:C3:6F:B3
X509v3 Authority Key Identifier:
keyid:3D:EF:11:BB:8A:8D:48:0A:03:13:E1:F2:18:A6:6B:DF:4E:95:F6:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pe8Ru4qNSAoDE-HyGKZr306V9ic.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/d1f172-2def-4797-805f-b494664724ad/1/N0XENMnUNzbtikrQgbnR5NrDb7M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/d1f172-2def-4797-805f-b494664724ad/1/Pe8Ru4qNSAoDE-HyGKZr306V9ic.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.160.0.0/11
81.212.0.0/14
85.96.0.0/12
88.224.0.0/11
95.0.0.0/12
212.156.0.0/16
212.174.0.0/15
IPv6:
2a01:358::/29
Signature Algorithm: sha256WithRSAEncryption
b1:79:9a:cc:41:c4:46:3c:a5:a1:8d:7e:71:a2:86:5f:6b:ed:
5a:bf:fa:16:6f:7b:04:7b:24:38:bd:68:40:46:8e:e0:bb:24:
25:64:1a:d3:de:1a:35:41:06:a2:8f:77:7b:c9:fc:9f:1b:39:
03:1f:30:81:c9:ce:0c:ec:2e:b3:5a:e9:f1:08:0b:1c:3b:cd:
e0:78:d8:b9:4b:d5:59:d1:1b:46:e3:60:bb:1d:3b:59:c5:48:
3b:fe:b3:11:c1:52:0c:de:af:df:ca:8a:d7:f8:78:e7:66:4f:
dc:a1:1f:e0:88:b6:67:80:c8:32:83:a1:ad:64:05:21:5d:c4:
d9:e9:4f:a4:c6:07:48:cd:c5:b8:85:c9:32:a0:85:6b:1c:dd:
fa:bf:66:df:f7:dc:c0:f5:d9:bb:5e:9a:e3:d0:a7:71:c2:18:
dc:c1:f9:6f:04:05:b0:57:9d:5c:0a:22:38:9a:24:11:13:9f:
1f:ad:da:77:12:74:52:af:d9:0c:91:8e:b3:f4:d7:9c:0a:6d:
91:fe:fa:62:c7:af:db:36:4e:d3:02:70:e7:c6:7c:0b:15:2b:
fd:f3:fb:55:3f:4e:77:b0:e8:47:11:50:c6:90:70:fa:36:ac:
52:2c:5a:43:bb:9c:bb:17:f2:75:1c:f6:e6:3b:85:d8:42:df:
01:c4:89:65
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYzFARAYFaEln0bou23tYCjWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkZWYxMWJiOGE4ZDQ4MGEwMzEzZTFmMjE4YTY2YmRmNGU5
NWY2MjcwHhcNMjQwMTAxMTIzMDMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzQ1YzQzNGM5ZDQzNzM2ZWQ4YTRhZDA4MWI5ZDFlNGRhYzM2ZmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhIE9h9hVm16WKUML97XQDCGHpLlL
hy/JUkGuswClkWFQp8xIE77FxzlF458iZk+IgENKVl9JHX422THj6OJzzKzhpQlG
Adz4tlULmfP74+9E53R1+3g/br3Vbwj0K1YM5CUgm+K60dzKIFMUXI1azrqDAKUE
U9FZ6k3rmdIzmnd7XihUBIfue7UwMA5POmhI4dhHbkyVTdo2tiP7/W26In18/aka
EfR99Uw9H1/vDWnULegVHxdNZbZgPFFiPI6d+44AoPO5yeDyFWG593NhQh/spHkB
odi9q4oHZBtqgcx+txkFAc362lNf/mYO2giubgSMkuQM1B7zX/EGWUE+aQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFDdFxDTJ1Dc27YpK0IG50eTaw2+zMB8GA1UdIwQY
MBaAFD3vEbuKjUgKAxPh8hima99OlfYnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGU4UnU0cU5TQW9ERS1IeUdLWnIzMDZWOWljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9kMWYxNzItMmRlZi00Nzk3LTgwNWYt
YjQ5NDY2NDcyNGFkLzEvTjBYRU5NblVOemJ0aWtyUWdiblI1TnJEYjdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9kMWYxNzItMmRlZi00Nzk3LTgwNWYtYjQ5NDY2NDcyNGFk
LzEvUGU4UnU0cU5TQW9ERS1IeUdLWnIzMDZWOWljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjApBAIAATAjAwMFTqADAwJR
1AMDBFVgAwMFWOADAwRfAAMDANScAwMB1K4wDQQCAAIwBwMFAyoBA1gwDQYJKoZI
hvcNAQELBQADggEBALF5msxBxEY8paGNfnGihl9r7Vq/+hZvewR7JDi9aEBGjuC7
JCVkGtPeGjVBBqKPd3vJ/J8bOQMfMIHJzgzsLrNa6fEICxw7zeB42LlL1VnRG0bj
YLsdO1nFSDv+sxHBUgzer9/Kitf4eOdmT9yhH+CItmeAyDKDoa1kBSFdxNnpT6TG
B0jNxbiFyTKghWsc3fq/Zt/33MD12btemuPQp3HCGNzB+W8EBbBXnVwKIjiaJBET
nx+t2ncSdFKv2QyRjrP015wKbZH++mLHr9s2TtMCcOfGfAsVK/3z+1U/Tnew6EcR
UMaQcPo2rFIsWkO7nLsX8nUc9uY7hdhC3wHEiWU=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:45:36 2025 by rpki-client