Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/0a97f1-7bf5-4368-8260-8d715ac217e2/1/nKn0Q1H4eEkKo2A6qsizSVfuc9k.roa
File: nKn0Q1H4eEkKo2A6qsizSVfuc9k.roa (raw, json)
Hash identifier: y8QYa8vZe6h32x+lR/OUVN1ZJkF5IXPdvnhs3I0vvGI=
Subject key identifier: 9C:A9:F4:43:51:F8:78:49:0A:A3:60:3A:AA:C8:B3:49:57:EE:73:D9
Certificate issuer: /CN=cf5567122a88ca9889a1798b6c942dcc0cbc753b
Certificate serial: 019086BE7DD833602E364A4EDC3F5EA3CDFE
Authority key identifier: CF:55:67:12:2A:88:CA:98:89:A1:79:8B:6C:94:2D:CC:0C:BC:75:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z1VnEiqIypiJoXmLbJQtzAy8dTs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/0a97f1-7bf5-4368-8260-8d715ac217e2/1/nKn0Q1H4eEkKo2A6qsizSVfuc9k.roa
Signing time: Sat 06 Jul 2024 06:32:29 +0000
ROA not before: Sat 06 Jul 2024 06:32:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 442444
IP address blocks: 2.144.13.0/24 maxlen: 24
2.145.96.0/20 maxlen: 20
Validation: Failed, certificate revoked on Tue 17 Sep 2024 08:36:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:86:be:7d:d8:33:60:2e:36:4a:4e:dc:3f:5e:a3:cd:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf5567122a88ca9889a1798b6c942dcc0cbc753b
Validity
Not Before: Jul 6 06:32:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9ca9f44351f878490aa3603aaac8b34957ee73d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:0c:d7:4b:ac:c4:f1:2c:ea:82:c5:0e:e5:99:
b1:0a:9f:ce:60:ae:c5:00:6e:bd:6c:56:84:02:ee:
a6:31:4b:3a:80:82:87:89:92:f0:a8:05:95:4f:bb:
92:f4:e1:a2:b6:b5:da:65:c9:70:80:6f:af:62:2a:
33:03:72:88:82:37:e8:a8:f1:0c:bb:e6:81:65:52:
3f:b9:48:41:0f:54:28:2f:4f:36:94:f4:ef:6e:eb:
b5:38:1e:ae:0e:d8:6d:e4:aa:e1:52:da:a2:e1:a6:
4d:4a:24:fd:ae:5f:bf:85:15:25:1e:4a:34:35:e3:
eb:1c:c6:d1:80:73:cf:6a:98:76:8e:a9:6d:15:43:
8b:d4:d1:83:80:d4:bc:69:51:f7:62:77:64:1b:58:
b6:17:b8:a4:43:8c:bd:61:12:5a:62:33:78:53:f1:
35:5b:75:36:39:ff:91:07:7a:2e:8d:db:c3:ba:61:
21:99:f7:de:7a:69:e9:7b:0c:87:52:30:05:31:0c:
41:cf:81:bf:39:50:dc:46:f8:d7:0c:b1:50:a9:6a:
65:6b:29:1b:98:2d:79:96:4c:e0:2d:d2:07:8e:f6:
fc:fd:02:4d:ff:60:8c:b9:1e:35:66:8d:7f:51:7e:
9d:e7:ca:38:c2:ca:c3:72:60:c7:05:e7:c1:ba:b0:
f0:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:A9:F4:43:51:F8:78:49:0A:A3:60:3A:AA:C8:B3:49:57:EE:73:D9
X509v3 Authority Key Identifier:
keyid:CF:55:67:12:2A:88:CA:98:89:A1:79:8B:6C:94:2D:CC:0C:BC:75:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z1VnEiqIypiJoXmLbJQtzAy8dTs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/0a97f1-7bf5-4368-8260-8d715ac217e2/1/nKn0Q1H4eEkKo2A6qsizSVfuc9k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/0a97f1-7bf5-4368-8260-8d715ac217e2/1/z1VnEiqIypiJoXmLbJQtzAy8dTs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.144.13.0/24
2.145.96.0/20
Signature Algorithm: sha256WithRSAEncryption
5d:10:1a:6f:b4:d7:0c:71:d1:30:f6:5a:a4:fe:5d:12:cd:ae:
62:01:1c:b7:5c:f7:05:07:27:8e:8b:35:c1:10:ce:02:09:5c:
76:ef:9e:c5:9a:b3:a7:63:8d:36:8c:2e:ca:5e:db:38:4d:55:
d7:19:30:98:f5:ff:7c:d0:88:49:61:b2:c1:b7:4e:bf:a6:72:
86:0f:fa:0c:f8:21:25:dd:8f:43:1f:d8:0c:5a:d6:f1:34:38:
f3:05:5b:56:fe:c6:3c:56:c8:1c:3c:be:91:3d:07:5b:dd:b3:
79:35:e2:86:fd:b6:c5:de:de:4f:72:e8:7c:cf:c9:51:bf:4b:
1c:ad:c3:c4:f7:7c:ed:ac:41:9e:f5:da:83:41:00:fe:07:0a:
cf:3d:8d:5c:fd:e1:68:8b:3e:cb:db:f6:4b:1f:2b:38:7e:cd:
6b:b3:bd:cd:f6:ba:a7:2a:eb:49:79:2c:55:74:63:75:c5:89:
1c:67:c8:26:60:6d:af:96:2c:bb:b6:ca:95:38:6b:66:4f:be:
54:51:6d:2c:52:88:1a:52:e5:e4:b4:ae:8b:99:8d:ad:d1:16:
0e:fd:20:91:a0:a4:6f:0b:ef:60:66:75:f1:07:23:4c:e2:15:
cb:90:f3:0d:c1:f6:ea:64:36:8c:0d:e2:a3:d5:c0:fa:8b:e6:
9b:68:aa:21
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZCGvn3YM2AuNkpO3D9eo83+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmNTU2NzEyMmE4OGNhOTg4OWExNzk4YjZjOTQyZGNjMGNi
Yzc1M2IwHhcNMjQwNzA2MDYzMjI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2E5ZjQ0MzUxZjg3ODQ5MGFhMzYwM2FhYWM4YjM0OTU3ZWU3M2Q5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzwzXS6zE8SzqgsUO5ZmxCp/OYK7F
AG69bFaEAu6mMUs6gIKHiZLwqAWVT7uS9OGitrXaZclwgG+vYiozA3KIgjfoqPEM
u+aBZVI/uUhBD1QoL082lPTvbuu1OB6uDtht5KrhUtqi4aZNSiT9rl+/hRUlHko0
NePrHMbRgHPPaph2jqltFUOL1NGDgNS8aVH3YndkG1i2F7ikQ4y9YRJaYjN4U/E1
W3U2Of+RB3oujdvDumEhmffeemnpewyHUjAFMQxBz4G/OVDcRvjXDLFQqWplaykb
mC15lkzgLdIHjvb8/QJN/2CMuR41Zo1/UX6d58o4wsrDcmDHBefBurDw+wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJyp9ENR+HhJCqNgOqrIs0lX7nPZMB8GA1UdIwQY
MBaAFM9VZxIqiMqYiaF5i2yULcwMvHU7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejFWbkVpcUl5cGlKb1htTGJKUXR6QXk4ZFRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8wYTk3ZjEtN2JmNS00MzY4LTgyNjAt
OGQ3MTVhYzIxN2UyLzEvbktuMFExSDRlRWtLbzJBNnFzaXpTVmZ1YzlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8wYTk3ZjEtN2JmNS00MzY4LTgyNjAtOGQ3MTVhYzIxN2Uy
LzEvejFWbkVpcUl5cGlKb1htTGJKUXR6QXk4ZFRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAApANAwQE
ApFgMA0GCSqGSIb3DQEBCwUAA4IBAQBdEBpvtNcMcdEw9lqk/l0Sza5iARy3XPcF
ByeOizXBEM4CCVx2757FmrOnY402jC7KXts4TVXXGTCY9f980IhJYbLBt06/pnKG
D/oM+CEl3Y9DH9gMWtbxNDjzBVtW/sY8VsgcPL6RPQdb3bN5NeKG/bbF3t5Pcuh8
z8lRv0scrcPE93ztrEGe9dqDQQD+BwrPPY1c/eFoiz7L2/ZLHys4fs1rs73N9rqn
KutJeSxVdGN1xYkcZ8gmYG2vliy7tsqVOGtmT75UUW0sUogaUuXktK6LmY2t0RYO
/SCRoKRvC+9gZnXxByNM4hXLkPMNwfbqZDaMDeKj1cD6i+abaKoh
-----END CERTIFICATE-----
Generated at Tue Sep 17 09:41:17 2024 by rpki-client on console-fra.rpki-client.org