Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/nz3nO_xiZt2348s2k7BCrjgIhUI.roa
File: nz3nO_xiZt2348s2k7BCrjgIhUI.roa (raw, json)
Hash identifier: 6U9GMWli9G3B4XADilmXdTJ/ArrAVChGNMBw2+TqGsw=
Subject key identifier: 9F:3D:E7:3B:FC:62:66:DD:B7:E3:CB:36:93:B0:42:AE:38:08:85:42
Certificate issuer: /CN=4d5a2921fbeb8a448e7ae1ec5a11b8ab898d22fd
Certificate serial: 0187B81909C7C0D2703DB4FE12BD3FAFC8DF
Authority key identifier: 4D:5A:29:21:FB:EB:8A:44:8E:7A:E1:EC:5A:11:B8:AB:89:8D:22:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TVopIfvrikSOeuHsWhG4q4mNIv0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/nz3nO_xiZt2348s2k7BCrjgIhUI.roa
Signing time: Tue 25 Apr 2023 11:07:41 +0000
ROA not before: Tue 25 Apr 2023 11:07:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 275
IP address blocks: 185.84.19.224/27 maxlen: 27
213.130.47.16/28 maxlen: 28
5.158.213.64/31 maxlen: 31
2001:728:0:5000::1532/127 maxlen: 127
2001:728:0:7000::/64 maxlen: 64
Validation: Failed, certificate revoked on Tue 25 Apr 2023 14:20:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b8:19:09:c7:c0:d2:70:3d:b4:fe:12:bd:3f:af:c8:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d5a2921fbeb8a448e7ae1ec5a11b8ab898d22fd
Validity
Not Before: Apr 25 11:07:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9f3de73bfc6266ddb7e3cb3693b042ae38088542
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:8f:e0:7f:49:ff:43:14:b9:0f:12:81:3a:30:
03:7a:e6:c8:1b:06:b8:69:81:d6:ce:77:9b:76:35:
2b:88:d7:44:0f:1c:5f:1c:93:fe:48:04:c1:74:11:
4e:f7:35:6a:5c:35:8b:00:6a:14:4c:69:f8:8a:79:
49:4b:8d:0d:5c:89:43:00:2e:87:36:4b:91:77:fd:
d9:7f:dd:22:fa:0b:5b:b9:3a:ce:61:83:cb:68:c5:
94:30:07:34:29:f4:87:09:d9:84:b9:03:9b:f2:43:
bb:56:07:4d:71:26:85:a1:82:96:ab:b5:66:9f:d6:
6f:b9:5a:e7:31:c1:42:65:b9:bd:ea:e3:19:4a:51:
51:1c:2b:a1:d8:8b:67:59:0e:49:a7:a8:60:88:13:
24:35:fe:f4:b1:cc:90:ea:6b:37:1f:92:e1:26:e4:
d5:26:e9:9b:6b:63:66:3d:81:22:30:6f:98:1e:38:
86:fa:db:67:94:21:b8:44:30:0c:f8:27:38:f9:31:
8c:15:bc:81:df:08:da:11:a1:80:14:a9:e1:1d:93:
25:92:b5:4d:ef:aa:44:ff:74:49:87:7f:f5:58:41:
0a:f1:86:7e:1e:c6:02:ec:66:a1:22:9a:3a:f9:69:
ed:b6:3f:bb:93:91:22:32:7c:26:29:ba:7a:80:51:
6d:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:3D:E7:3B:FC:62:66:DD:B7:E3:CB:36:93:B0:42:AE:38:08:85:42
X509v3 Authority Key Identifier:
keyid:4D:5A:29:21:FB:EB:8A:44:8E:7A:E1:EC:5A:11:B8:AB:89:8D:22:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TVopIfvrikSOeuHsWhG4q4mNIv0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/nz3nO_xiZt2348s2k7BCrjgIhUI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/TVopIfvrikSOeuHsWhG4q4mNIv0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.158.213.64/31
185.84.19.224/27
213.130.47.16/28
IPv6:
2001:728:0:5000:0:0:0:1532/127
2001:728:0:7000::/64
Signature Algorithm: sha256WithRSAEncryption
a9:46:f3:04:ad:d6:c8:50:2a:00:36:73:f3:46:38:f4:3d:fb:
85:e8:68:9b:d0:08:8e:76:2f:86:90:02:b3:95:b8:f7:18:3a:
56:8f:32:4b:ca:6d:20:cc:35:d5:23:3b:07:eb:3b:47:31:4e:
38:57:91:ef:69:95:0d:60:f7:6e:42:5b:20:5b:d4:e0:42:ef:
41:55:96:b7:a5:42:48:12:d7:ac:11:a8:dc:ea:75:69:ee:65:
51:1a:7f:47:6b:4b:a9:7c:ed:21:38:6b:3f:89:f0:91:ba:55:
49:d0:7d:ae:1c:5e:87:de:10:01:77:ff:ae:6e:b8:9e:b8:29:
de:40:c0:10:fb:35:b1:f7:fe:fc:27:1e:ac:18:e8:63:b2:6f:
f8:90:c1:bf:f0:3c:94:2f:95:38:67:30:47:c5:e8:b6:f7:2b:
38:10:db:56:66:37:c1:60:07:de:54:aa:3f:b8:44:a2:be:b5:
bf:8a:5a:74:e7:63:0b:44:81:6b:1c:74:8b:c0:7d:18:ef:96:
96:e7:b4:2f:66:c8:c0:56:9a:92:b3:54:7f:80:75:f4:b5:d7:
e4:dc:3c:78:5d:42:2e:7c:19:17:9b:68:91:db:f7:7d:cf:98:
f2:01:ee:36:f4:b7:04:0d:e7:22:fb:63:5c:7d:0c:ca:0d:36:
68:13:be:da
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAYe4GQnHwNJwPbT+Er0/r8jfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkNWEyOTIxZmJlYjhhNDQ4ZTdhZTFlYzVhMTFiOGFiODk4
ZDIyZmQwHhcNMjMwNDI1MTEwNzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjNkZTczYmZjNjI2NmRkYjdlM2NiMzY5M2IwNDJhZTM4MDg4NTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk4/gf0n/QxS5DxKBOjADeubIGwa4
aYHWznebdjUriNdEDxxfHJP+SATBdBFO9zVqXDWLAGoUTGn4inlJS40NXIlDAC6H
NkuRd/3Zf90i+gtbuTrOYYPLaMWUMAc0KfSHCdmEuQOb8kO7VgdNcSaFoYKWq7Vm
n9ZvuVrnMcFCZbm96uMZSlFRHCuh2ItnWQ5Jp6hgiBMkNf70scyQ6ms3H5LhJuTV
Jumba2NmPYEiMG+YHjiG+ttnlCG4RDAM+Cc4+TGMFbyB3wjaEaGAFKnhHZMlkrVN
76pE/3RJh3/1WEEK8YZ+HsYC7GahIpo6+Wnttj+7k5EiMnwmKbp6gFFtnQIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFJ895zv8Ymbdt+PLNpOwQq44CIVCMB8GA1UdIwQY
MBaAFE1aKSH764pEjnrh7FoRuKuJjSL9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFZvcElmdnJpa1NPZXVIc1doRzRxNG1OSXYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9lZThiOTgtNzI0MC00YjYyLWFjYzUt
NzgwYTI1Y2QwZGQ5LzEvbnozbk9feGladDIzNDhzMms3QkNyamdJaFVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9lZThiOTgtNzI0MC00YjYyLWFjYzUtNzgwYTI1Y2QwZGQ5
LzEvVFZvcElmdnJpa1NPZXVIc1doRzRxNG1OSXYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAbBAIAATAVAwUBBZ7VQAMF
BblUE+ADBQTVgi8QMCQEAgACMB4DEQEgAQcoAABQAAAAAAAAABUyAwkAIAEHKAAA
cAAwDQYJKoZIhvcNAQELBQADggEBAKlG8wSt1shQKgA2c/NGOPQ9+4XoaJvQCI52
L4aQArOVuPcYOlaPMkvKbSDMNdUjOwfrO0cxTjhXke9plQ1g925CWyBb1OBC70FV
lrelQkgS16wRqNzqdWnuZVEaf0drS6l87SE4az+J8JG6VUnQfa4cXofeEAF3/65u
uJ64Kd5AwBD7NbH3/vwnHqwY6GOyb/iQwb/wPJQvlThnMEfF6Lb3KzgQ21ZmN8Fg
B95Uqj+4RKK+tb+KWnTnYwtEgWscdIvAfRjvlpbntC9myMBWmpKzVH+AdfS11+Tc
PHhdQi58GRebaJHb933PmPIB7jb0twQN5yL7Y1x9DMoNNmgTvto=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:40 2024 by rpki-client on console-fra.rpki-client.org