Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/6b604b-4eed-4393-8e8c-cba0631f293f/1/nJLCkeFq6PWuBP5pmU35g6aw6sI.roa
File: nJLCkeFq6PWuBP5pmU35g6aw6sI.roa (raw, json)
Hash identifier: ywVRGE5EHM5ygzTuPpFzTzy/QKFAyJCv7ZyHiXmRELA=
Subject key identifier: 9C:92:C2:91:E1:6A:E8:F5:AE:04:FE:69:99:4D:F9:83:A6:B0:EA:C2
Certificate issuer: /CN=9b3620d6798e7eb186639c4548a0696af6e30589
Certificate serial: 018D69DDBE16DA9249770D70BF2FE4A94203
Authority key identifier: 9B:36:20:D6:79:8E:7E:B1:86:63:9C:45:48:A0:69:6A:F6:E3:05:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mzYg1nmOfrGGY5xFSKBpavbjBYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/6b604b-4eed-4393-8e8c-cba0631f293f/1/nJLCkeFq6PWuBP5pmU35g6aw6sI.roa
Signing time: Fri 02 Feb 2024 12:49:16 +0000
ROA not before: Fri 02 Feb 2024 12:49:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16189
IP address blocks: 185.171.4.0/22 maxlen: 22
2a07:97c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 04 Mar 2024 21:30:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:69:dd:be:16:da:92:49:77:0d:70:bf:2f:e4:a9:42:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b3620d6798e7eb186639c4548a0696af6e30589
Validity
Not Before: Feb 2 12:49:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9c92c291e16ae8f5ae04fe69994df983a6b0eac2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:70:0b:5c:54:71:a9:72:ed:d4:bd:2f:37:03:
fe:a8:89:09:42:b1:59:5e:c9:9e:5e:d6:9a:83:09:
76:c0:96:0f:36:5d:ab:49:61:63:42:00:b5:32:c1:
11:84:85:ca:0d:d1:c1:87:4e:0f:47:26:a2:6b:af:
01:f7:8b:e1:c2:3c:e6:0c:35:0d:ea:9c:c1:31:7f:
c8:fa:fa:35:cc:38:97:ff:fc:4d:cf:e8:6f:d9:ba:
88:be:75:b5:fc:5c:09:dd:39:05:53:64:5f:ab:2f:
07:ac:16:70:c4:f0:b3:9e:90:d1:27:0a:24:72:34:
ad:f3:22:f4:09:7f:83:94:7e:cf:1b:7b:7e:5a:9b:
21:de:22:1e:ea:e1:1f:42:61:c5:34:f8:76:92:8a:
29:5e:87:83:8c:50:32:30:18:b5:85:50:9c:68:36:
e7:dc:02:14:ac:2e:6e:60:7e:c6:ba:7e:bd:b7:c0:
2e:c8:b6:dd:a8:5c:13:11:7c:f8:e1:e7:28:5b:34:
0b:a6:39:b7:b0:9e:8d:26:c3:91:cf:7e:24:bf:3a:
cc:a0:ab:b8:2f:9f:a1:a3:0a:3d:35:77:67:2d:37:
8e:fb:c2:ea:0b:be:46:bf:4a:da:28:ae:db:b8:a3:
e4:38:ad:d2:a4:a9:a4:05:c9:00:8b:f9:6a:6f:dd:
2d:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:92:C2:91:E1:6A:E8:F5:AE:04:FE:69:99:4D:F9:83:A6:B0:EA:C2
X509v3 Authority Key Identifier:
keyid:9B:36:20:D6:79:8E:7E:B1:86:63:9C:45:48:A0:69:6A:F6:E3:05:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mzYg1nmOfrGGY5xFSKBpavbjBYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/6b604b-4eed-4393-8e8c-cba0631f293f/1/nJLCkeFq6PWuBP5pmU35g6aw6sI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/6b604b-4eed-4393-8e8c-cba0631f293f/1/mzYg1nmOfrGGY5xFSKBpavbjBYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.171.4.0/22
IPv6:
2a07:97c0::/29
Signature Algorithm: sha256WithRSAEncryption
3c:1a:a3:64:83:26:88:11:cf:7f:29:a1:76:48:4a:04:bc:b9:
4d:9c:ce:8b:12:96:4d:05:fd:d8:ad:8a:49:e0:d4:b7:d2:4a:
83:b3:7b:04:79:87:b5:e9:94:31:a1:da:cb:20:4a:ad:24:9f:
bd:45:61:85:a3:3f:50:60:f3:65:c4:11:1e:ae:28:2f:5b:3e:
26:28:b6:54:8c:53:a6:48:0e:e5:fa:88:27:75:57:26:f2:5b:
4b:54:82:62:98:4a:22:2d:83:ae:14:e3:fa:ef:41:4b:04:3d:
9d:ea:ef:1d:e4:1e:48:84:85:73:1e:36:f3:43:b6:b5:2e:e3:
51:36:32:54:e9:0a:1a:42:d4:4f:38:e8:5f:b3:9a:7c:c4:62:
22:c3:b1:82:e6:0f:9a:f9:40:70:e9:d5:57:84:03:4f:eb:3f:
0e:58:5d:f3:e4:52:d6:e4:68:10:4d:9e:6f:ad:70:23:b5:fc:
ef:fb:a5:88:f1:07:06:2e:ed:c8:8a:5b:96:2a:33:0b:a1:5a:
cf:54:2c:4f:3d:60:8c:8b:1c:59:7f:67:db:a6:8e:f1:ec:8c:
81:b5:f7:5c:76:f3:29:bb:fc:78:8b:7c:b8:32:1a:0a:8a:03:
84:8d:84:d1:06:cb:4b:52:d5:27:d4:47:92:63:97:3c:8c:78:
63:1f:2b:2e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY1p3b4W2pJJdw1wvy/kqUIDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliMzYyMGQ2Nzk4ZTdlYjE4NjYzOWM0NTQ4YTA2OTZhZjZl
MzA1ODkwHhcNMjQwMjAyMTI0OTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzkyYzI5MWUxNmFlOGY1YWUwNGZlNjk5OTRkZjk4M2E2YjBlYWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnXALXFRxqXLt1L0vNwP+qIkJQrFZ
XsmeXtaagwl2wJYPNl2rSWFjQgC1MsERhIXKDdHBh04PRyaia68B94vhwjzmDDUN
6pzBMX/I+vo1zDiX//xNz+hv2bqIvnW1/FwJ3TkFU2Rfqy8HrBZwxPCznpDRJwok
cjSt8yL0CX+DlH7PG3t+Wpsh3iIe6uEfQmHFNPh2koopXoeDjFAyMBi1hVCcaDbn
3AIUrC5uYH7Gun69t8AuyLbdqFwTEXz44ecoWzQLpjm3sJ6NJsORz34kvzrMoKu4
L5+howo9NXdnLTeO+8LqC75Gv0raKK7buKPkOK3SpKmkBckAi/lqb90tEwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJySwpHhauj1rgT+aZlN+YOmsOrCMB8GA1UdIwQY
MBaAFJs2INZ5jn6xhmOcRUigaWr24wWJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXpZZzFubU9mckdHWTV4RlNLQnBhdmJqQllrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS82YjYwNGItNGVlZC00MzkzLThlOGMt
Y2JhMDYzMWYyOTNmLzEvbkpMQ2tlRnE2UFd1QlA1cG1VMzVnNmF3NnNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS82YjYwNGItNGVlZC00MzkzLThlOGMtY2JhMDYzMWYyOTNm
LzEvbXpZZzFubU9mckdHWTV4RlNLQnBhdmJqQllrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuasEMA0E
AgACMAcDBQMqB5fAMA0GCSqGSIb3DQEBCwUAA4IBAQA8GqNkgyaIEc9/KaF2SEoE
vLlNnM6LEpZNBf3YrYpJ4NS30kqDs3sEeYe16ZQxodrLIEqtJJ+9RWGFoz9QYPNl
xBEerigvWz4mKLZUjFOmSA7l+ogndVcm8ltLVIJimEoiLYOuFOP670FLBD2d6u8d
5B5IhIVzHjbzQ7a1LuNRNjJU6QoaQtRPOOhfs5p8xGIiw7GC5g+a+UBw6dVXhANP
6z8OWF3z5FLW5GgQTZ5vrXAjtfzv+6WI8QcGLu3IiluWKjMLoVrPVCxPPWCMixxZ
f2fbpo7x7IyBtfdcdvMpu/x4i3y4MhoKigOEjYTRBstLUtUn1EeSY5c8jHhjHysu
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:56:23 2025 by rpki-client