Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/13da09-5e0e-45cb-95a3-ca545838afc0/1/nbZIEfUUzdKSt1bjNunfXMR11qQ.roa
File: nbZIEfUUzdKSt1bjNunfXMR11qQ.roa (raw, json)
Hash identifier: xYQLJLSFdFJ3Rm529l7VhrbU9MenJ87WZq3KVQTIYZc=
Subject key identifier: 9D:B6:48:11:F5:14:CD:D2:92:B7:56:E3:36:E9:DF:5C:C4:75:D6:A4
Certificate issuer: /CN=0bb71e4264ce62c35e1cee64d18765d33290f2a4
Certificate serial: 018CC3B6A3A6C43B41589C839CA26CB56A82
Authority key identifier: 0B:B7:1E:42:64:CE:62:C3:5E:1C:EE:64:D1:87:65:D3:32:90:F2:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C7ceQmTOYsNeHO5k0Ydl0zKQ8qQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/13da09-5e0e-45cb-95a3-ca545838afc0/1/nbZIEfUUzdKSt1bjNunfXMR11qQ.roa
Signing time: Mon 01 Jan 2024 06:29:35 +0000
ROA not before: Mon 01 Jan 2024 06:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207470
IP address blocks: 193.104.98.0/24 maxlen: 24
193.104.110.0/24 maxlen: 24
193.104.130.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 28 Mar 2024 09:44:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:a3:a6:c4:3b:41:58:9c:83:9c:a2:6c:b5:6a:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0bb71e4264ce62c35e1cee64d18765d33290f2a4
Validity
Not Before: Jan 1 06:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9db64811f514cdd292b756e336e9df5cc475d6a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:3c:3f:d1:66:9d:41:8c:cc:3f:e9:c3:77:f3:
35:a0:9c:35:4d:60:37:fd:92:c9:85:90:ed:97:e4:
3b:21:cd:40:94:71:62:fd:b7:a1:0e:8a:fb:55:c4:
d7:49:77:21:ea:84:a4:b9:a2:ec:b0:f4:e4:09:01:
f8:6d:a9:60:ba:d7:e1:38:30:a4:d8:0e:1c:10:af:
6d:0f:66:23:28:49:86:ae:77:37:1d:11:66:4c:23:
25:18:cc:bb:db:6a:21:19:63:e3:1b:53:8a:ac:04:
79:f9:ff:9e:1c:05:a5:d1:3e:ad:86:28:ca:62:c0:
9d:a5:1d:29:b7:86:f4:36:94:01:66:59:c0:b0:61:
81:2f:9d:67:58:04:22:7c:0b:b7:3e:99:14:97:ae:
c9:a9:89:25:1e:97:f6:b9:a7:6b:12:b5:5c:19:41:
1e:8b:c9:9a:d1:7a:74:a1:31:74:37:a2:8f:dd:42:
7c:fe:2d:3b:a6:8e:1c:7c:6d:86:38:6b:f6:0f:af:
98:8f:4c:db:3a:c1:0c:95:85:64:67:5e:ed:a0:a8:
a6:2a:86:c1:aa:a2:1a:f7:15:9d:40:62:76:a8:62:
b7:33:f4:71:35:fa:a3:d2:be:5d:39:45:d1:43:96:
73:be:ce:cf:a7:e3:28:12:a1:88:c8:0e:57:5a:ba:
76:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:B6:48:11:F5:14:CD:D2:92:B7:56:E3:36:E9:DF:5C:C4:75:D6:A4
X509v3 Authority Key Identifier:
keyid:0B:B7:1E:42:64:CE:62:C3:5E:1C:EE:64:D1:87:65:D3:32:90:F2:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C7ceQmTOYsNeHO5k0Ydl0zKQ8qQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/13da09-5e0e-45cb-95a3-ca545838afc0/1/nbZIEfUUzdKSt1bjNunfXMR11qQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/13da09-5e0e-45cb-95a3-ca545838afc0/1/C7ceQmTOYsNeHO5k0Ydl0zKQ8qQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.104.98.0/24
193.104.110.0/24
193.104.130.0/24
Signature Algorithm: sha256WithRSAEncryption
00:1e:ad:a3:ff:cf:3a:a2:c3:5a:d9:f5:f9:bc:f9:9d:e7:ae:
49:4d:6b:b9:24:2a:2b:f7:b4:bd:82:f6:3c:a2:cb:13:40:c7:
0d:60:0b:53:6d:7a:93:98:9a:dd:51:23:be:35:64:2b:b1:9f:
8c:94:f2:09:1b:90:9f:c2:56:78:8e:2c:8e:b6:10:17:4a:9c:
9c:12:e0:df:d4:1f:25:83:22:32:69:34:db:9d:05:bb:69:3a:
c4:9b:3e:b4:a6:5b:d3:e1:00:01:ac:8e:20:08:97:67:58:13:
9d:6f:c2:39:df:fb:5e:7f:de:9c:a1:fb:2f:8c:41:cf:91:c7:
18:f5:80:e1:1e:be:88:7a:1c:66:d3:b9:b7:a2:db:9f:d8:bc:
7e:bb:68:21:ad:4a:1f:9d:59:30:80:63:3e:4f:a0:c6:83:17:
b1:2e:c0:08:43:b0:a8:4d:aa:29:c6:d2:df:59:ac:f2:f8:36:
79:45:16:70:89:48:43:3c:c5:6a:8f:49:66:08:ba:59:e3:db:
9e:ca:60:d2:79:4e:2c:74:8f:94:a9:d3:ee:30:9e:e0:3d:67:
d1:4b:a4:84:78:c3:d7:12:4b:33:ae:33:7e:51:99:41:00:ec:
7f:be:aa:e3:25:b8:35:fd:4c:2b:70:32:fd:4d:f8:01:a4:32:
aa:09:31:9e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzDtqOmxDtBWJyDnKJstWqCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiYjcxZTQyNjRjZTYyYzM1ZTFjZWU2NGQxODc2NWQzMzI5
MGYyYTQwHhcNMjQwMTAxMDYyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGI2NDgxMWY1MTRjZGQyOTJiNzU2ZTMzNmU5ZGY1Y2M0NzVkNmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiDw/0WadQYzMP+nDd/M1oJw1TWA3
/ZLJhZDtl+Q7Ic1AlHFi/behDor7VcTXSXch6oSkuaLssPTkCQH4balgutfhODCk
2A4cEK9tD2YjKEmGrnc3HRFmTCMlGMy722ohGWPjG1OKrAR5+f+eHAWl0T6thijK
YsCdpR0pt4b0NpQBZlnAsGGBL51nWAQifAu3PpkUl67JqYklHpf2uadrErVcGUEe
i8ma0Xp0oTF0N6KP3UJ8/i07po4cfG2GOGv2D6+Yj0zbOsEMlYVkZ17toKimKobB
qqIa9xWdQGJ2qGK3M/RxNfqj0r5dOUXRQ5Zzvs7Pp+MoEqGIyA5XWrp2UwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJ22SBH1FM3SkrdW4zbp31zEddakMB8GA1UdIwQY
MBaAFAu3HkJkzmLDXhzuZNGHZdMykPKkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzdjZVFtVE9Zc05lSE81azBZZGwwektROHFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS8xM2RhMDktNWUwZS00NWNiLTk1YTMt
Y2E1NDU4MzhhZmMwLzEvbmJaSUVmVVV6ZEtTdDFiak51bmZYTVIxMXFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS8xM2RhMDktNWUwZS00NWNiLTk1YTMtY2E1NDU4MzhhZmMw
LzEvQzdjZVFtVE9Zc05lSE81azBZZGwwektROHFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwWhiAwQA
wWhuAwQAwWiCMA0GCSqGSIb3DQEBCwUAA4IBAQAAHq2j/886osNa2fX5vPmd565J
TWu5JCor97S9gvY8ossTQMcNYAtTbXqTmJrdUSO+NWQrsZ+MlPIJG5CfwlZ4jiyO
thAXSpycEuDf1B8lgyIyaTTbnQW7aTrEmz60plvT4QABrI4gCJdnWBOdb8I53/te
f96cofsvjEHPkccY9YDhHr6Iehxm07m3otuf2Lx+u2ghrUofnVkwgGM+T6DGgxex
LsAIQ7CoTaopxtLfWazy+DZ5RRZwiUhDPMVqj0lmCLpZ49ueymDSeU4sdI+UqdPu
MJ7gPWfRS6SEeMPXEkszrjN+UZlBAOx/vqrjJbg1/UwrcDL9TfgBpDKqCTGe
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:22:14 2025 by rpki-client