Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/Nj0BOoobu4haVp1e97fU2zTOiBc.roa
File: Nj0BOoobu4haVp1e97fU2zTOiBc.roa (raw, json)
Hash identifier: /fky/E3RYXvTjMjPlsx3opXeYuBXpVG9+DEVG8GCpwg=
Subject key identifier: 36:3D:01:3A:8A:1B:BB:88:5A:56:9D:5E:F7:B7:D4:DB:34:CE:88:17
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 0194222CA761310E20A5BA2E7B95904AEB40
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/Nj0BOoobu4haVp1e97fU2zTOiBc.roa
Signing time: Wed 01 Jan 2025 14:02:19 +0000
ROA not before: Wed 01 Jan 2025 14:02:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208914
IP address blocks: 2a0c:9a46:600::/40 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:2c:a7:61:31:0e:20:a5:ba:2e:7b:95:90:4a:eb:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 1 14:02:19 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=363d013a8a1bbb885a569d5ef7b7d4db34ce8817
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:e7:b2:b3:17:38:e9:94:98:c0:b3:e5:17:68:
5e:fb:59:58:a5:aa:00:e7:3f:74:4f:a3:55:88:33:
fa:00:1f:13:a7:46:ae:ef:c4:76:72:f6:89:74:28:
c1:49:95:f6:7a:3b:36:19:f5:61:74:5d:39:72:46:
03:5e:10:e5:a6:68:fe:b4:b3:11:85:76:50:23:a5:
54:40:81:06:7e:f9:1b:b9:43:68:57:bc:d7:82:59:
5f:c7:6b:cc:3f:c1:bc:d3:69:8d:ef:64:ed:5e:05:
b7:c8:90:53:bd:13:e1:73:a4:fa:03:f1:b1:8b:a5:
75:bd:9f:b4:a2:52:71:dc:7e:16:c1:8c:b7:cd:32:
b6:a0:d9:cf:44:f7:db:cc:d6:cf:bf:d7:50:9f:48:
be:33:61:9c:9c:86:21:41:15:ce:8a:17:ba:92:7f:
3c:af:0b:cb:4d:a3:7f:3c:33:b6:ae:a8:05:58:fb:
d4:6e:61:26:c2:ec:2f:a2:f2:0c:42:80:4b:3c:89:
d3:0d:90:11:18:97:0b:4c:68:6e:c0:ff:a0:98:50:
28:c6:b2:22:c7:f9:98:89:66:27:2d:e3:94:ba:31:
67:48:66:df:55:ce:d5:c0:7b:a5:a5:78:1f:ed:55:
cf:4f:9a:bd:44:4c:6a:f2:d3:7f:a6:51:47:86:e3:
ff:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:3D:01:3A:8A:1B:BB:88:5A:56:9D:5E:F7:B7:D4:DB:34:CE:88:17
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/Nj0BOoobu4haVp1e97fU2zTOiBc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a46:600::/40
Signature Algorithm: sha256WithRSAEncryption
15:6d:10:3f:b0:cc:08:ed:0d:8d:b9:37:04:c3:0d:43:30:e1:
2e:e9:66:5c:30:fb:51:af:1a:e9:c4:d5:44:be:0b:21:11:d4:
1c:4f:28:b6:4c:30:b9:82:84:8c:32:75:c1:ee:6f:5a:0d:c4:
f5:1c:89:b6:60:e4:69:7f:31:fd:ca:fb:8f:9e:e3:7e:9d:b0:
90:03:44:13:db:8d:39:05:44:c7:13:3d:7b:cb:7e:bf:70:71:
41:82:83:92:9b:54:86:ae:e6:ea:08:56:65:e9:3c:4e:fd:31:
0d:1f:19:cf:72:9f:96:73:8f:95:3d:84:44:b3:c9:15:d8:e6:
40:0c:35:a3:07:d6:39:cc:82:d6:86:09:94:a4:20:3b:cd:fc:
42:2e:d8:90:66:d1:81:a2:54:62:43:51:dd:39:7b:25:2f:03:
a2:88:93:ae:2e:95:b1:ae:44:4f:26:bd:7d:a2:ea:9a:c1:12:
2d:4e:9e:80:44:31:46:47:da:5f:5b:93:47:12:4f:c7:7b:f6:
4f:fb:c1:f5:b9:fe:42:77:fe:14:1c:95:dd:dc:e6:15:be:f8:
da:b8:93:27:6e:26:30:20:e7:d1:fa:1d:78:90:62:a6:49:a6:
50:ec:a2:b5:c1:c2:08:02:dd:2f:43:e0:99:ba:67:b7:f4:12:
d4:a8:82:a0
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQiLKdhMQ4gpboue5WQSutAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjUwMTAxMTQwMjE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjNkMDEzYThhMWJiYjg4NWE1NjlkNWVmN2I3ZDRkYjM0Y2U4ODE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv+eysxc46ZSYwLPlF2he+1lYpaoA
5z90T6NViDP6AB8Tp0au78R2cvaJdCjBSZX2ejs2GfVhdF05ckYDXhDlpmj+tLMR
hXZQI6VUQIEGfvkbuUNoV7zXgllfx2vMP8G802mN72TtXgW3yJBTvRPhc6T6A/Gx
i6V1vZ+0olJx3H4WwYy3zTK2oNnPRPfbzNbPv9dQn0i+M2GcnIYhQRXOihe6kn88
rwvLTaN/PDO2rqgFWPvUbmEmwuwvovIMQoBLPInTDZARGJcLTGhuwP+gmFAoxrIi
x/mYiWYnLeOUujFnSGbfVc7VwHulpXgf7VXPT5q9RExq8tN/plFHhuP/ewIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFDY9ATqKG7uIWladXve31Ns0zogXMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvTmowQk9vb2J1NGhhVnAxZTk3ZlUyelRPaUJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgyaRgYw
DQYJKoZIhvcNAQELBQADggEBABVtED+wzAjtDY25NwTDDUMw4S7pZlww+1GvGunE
1US+CyER1BxPKLZMMLmChIwydcHub1oNxPUcibZg5Gl/Mf3K+4+e436dsJADRBPb
jTkFRMcTPXvLfr9wcUGCg5KbVIau5uoIVmXpPE79MQ0fGc9yn5Zzj5U9hESzyRXY
5kAMNaMH1jnMgtaGCZSkIDvN/EIu2JBm0YGiVGJDUd05eyUvA6KIk64ulbGuRE8m
vX2i6prBEi1OnoBEMUZH2l9bk0cST8d79k/7wfW5/kJ3/hQcld3c5hW++Nq4kydu
JjAg59H6HXiQYqZJplDsorXBwggC3S9D4Jm6Z7f0EtSogqA=
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:15:51 2025 by rpki-client