Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/ff7d33-e4f7-43c0-924b-6b2d46924c6f/1/HNnDHLNSKFSdXd3qPKXykP7JDCQ.roa
File: HNnDHLNSKFSdXd3qPKXykP7JDCQ.roa (raw, json)
Hash identifier: bNDNCqsAAhJOcQT2ElMIFNsyKJDF2cqRSSQCKZsVqM0=
Subject key identifier: 1C:D9:C3:1C:B3:52:28:54:9D:5D:DD:EA:3C:A5:F2:90:FE:C9:0C:24
Certificate issuer: /CN=9e4b3281b08e6b5ec1fdeb0d0440528ed934dc3f
Certificate serial: 0191B2EFC1C2B0A96BA22418EA523FE40B97
Authority key identifier: 9E:4B:32:81:B0:8E:6B:5E:C1:FD:EB:0D:04:40:52:8E:D9:34:DC:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nksygbCOa17B_esNBEBSjtk03D8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/ff7d33-e4f7-43c0-924b-6b2d46924c6f/1/HNnDHLNSKFSdXd3qPKXykP7JDCQ.roa
Signing time: Mon 02 Sep 2024 13:32:22 +0000
ROA not before: Mon 02 Sep 2024 13:32:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210595
IP address blocks: 2a01:e08::/32 maxlen: 32
2a01:e08:100::/44 maxlen: 44
2a01:e08:500::/44 maxlen: 44
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:53:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b2:ef:c1:c2:b0:a9:6b:a2:24:18:ea:52:3f:e4:0b:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e4b3281b08e6b5ec1fdeb0d0440528ed934dc3f
Validity
Not Before: Sep 2 13:32:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1cd9c31cb35228549d5dddea3ca5f290fec90c24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:f7:d6:c9:c4:14:a7:f4:f2:7e:67:1f:c3:1f:
bb:9b:61:38:b4:fa:a2:a0:36:53:33:e6:55:19:3c:
81:f6:b9:6d:d6:cf:48:32:7b:2b:4a:79:b3:d1:9d:
62:f2:9f:b7:dd:c2:71:29:49:67:93:97:cb:01:69:
ac:6b:2a:57:c3:68:a4:8e:85:4b:26:25:89:ab:3b:
f4:bb:cf:73:f1:0b:60:45:7a:db:9a:f6:89:31:36:
2b:ce:cb:8e:a4:e6:30:83:d5:fc:63:85:6e:e7:7f:
60:7e:8d:81:e3:1c:0a:6d:c0:d8:d4:76:c6:c4:8f:
81:aa:f2:8d:52:39:50:36:c9:29:00:98:2d:44:93:
d9:62:c0:23:9b:20:41:5a:3a:dc:40:97:54:39:7d:
9e:05:fd:82:3c:30:b0:16:5b:30:3d:91:df:25:48:
a4:b0:f8:a6:90:50:a4:83:f9:f2:66:77:b4:07:c5:
c9:a7:b2:4f:cf:ff:3e:d5:e4:7d:09:3c:d7:fb:05:
91:03:1d:2f:b3:89:18:4f:78:b4:93:12:0c:fc:c5:
35:2c:f6:b6:f7:11:99:26:f8:11:a4:d4:3e:cd:70:
64:2f:be:56:04:d5:e0:2d:25:cb:6a:1c:a4:19:cd:
8a:38:7f:d2:e9:63:bb:ec:d1:71:f2:a0:ea:17:0b:
c4:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:D9:C3:1C:B3:52:28:54:9D:5D:DD:EA:3C:A5:F2:90:FE:C9:0C:24
X509v3 Authority Key Identifier:
keyid:9E:4B:32:81:B0:8E:6B:5E:C1:FD:EB:0D:04:40:52:8E:D9:34:DC:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nksygbCOa17B_esNBEBSjtk03D8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/ff7d33-e4f7-43c0-924b-6b2d46924c6f/1/HNnDHLNSKFSdXd3qPKXykP7JDCQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/ff7d33-e4f7-43c0-924b-6b2d46924c6f/1/nksygbCOa17B_esNBEBSjtk03D8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:e08::/32
Signature Algorithm: sha256WithRSAEncryption
81:87:ee:09:10:c0:7b:4c:80:7b:07:02:f8:27:9f:9a:ab:8e:
13:de:96:2e:a2:0f:49:87:43:24:3e:e4:fe:61:68:fd:c1:25:
dd:15:28:16:7d:88:c5:f4:79:87:39:73:83:e7:98:52:db:7d:
fe:58:64:fd:75:91:35:0c:f8:36:bb:4d:6c:dd:c7:ee:6c:2f:
c4:a8:55:bd:45:70:95:85:b1:57:18:4b:e9:7f:aa:62:1c:57:
87:3a:d8:a8:61:da:77:20:13:a8:d6:36:e7:b6:c5:d6:79:dc:
9f:72:f2:35:b2:5d:0d:b2:86:5c:26:f8:2f:ac:ce:89:e3:e7:
bc:52:01:0c:d0:dc:7e:76:41:b4:bf:63:60:76:0c:81:72:17:
1a:86:d1:0b:47:e4:a1:f7:b9:ad:44:34:3c:fa:1a:a9:1d:9c:
c2:67:66:67:8f:bb:f7:f6:49:13:b1:93:35:a8:fe:fb:d6:75:
b4:27:5e:5b:bf:39:66:14:18:83:b8:9b:30:b1:79:66:97:a6:
64:b5:0e:95:53:e0:9c:34:61:54:88:90:5a:f7:5e:d0:36:5c:
3a:f1:85:a8:07:4b:88:13:55:58:24:af:25:5a:cc:66:71:50:
3f:26:53:62:a4:50:56:ab:cf:c3:39:b3:23:31:c1:15:8c:97:
1d:3a:8f:24
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZGy78HCsKlroiQY6lI/5AuXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllNGIzMjgxYjA4ZTZiNWVjMWZkZWIwZDA0NDA1MjhlZDkz
NGRjM2YwHhcNMjQwOTAyMTMzMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2Q5YzMxY2IzNTIyODU0OWQ1ZGRkZWEzY2E1ZjI5MGZlYzkwYzI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/fWycQUp/Tyfmcfwx+7m2E4tPqi
oDZTM+ZVGTyB9rlt1s9IMnsrSnmz0Z1i8p+33cJxKUlnk5fLAWmsaypXw2ikjoVL
JiWJqzv0u89z8QtgRXrbmvaJMTYrzsuOpOYwg9X8Y4Vu539gfo2B4xwKbcDY1HbG
xI+BqvKNUjlQNskpAJgtRJPZYsAjmyBBWjrcQJdUOX2eBf2CPDCwFlswPZHfJUik
sPimkFCkg/nyZne0B8XJp7JPz/8+1eR9CTzX+wWRAx0vs4kYT3i0kxIM/MU1LPa2
9xGZJvgRpNQ+zXBkL75WBNXgLSXLahykGc2KOH/S6WO77NFx8qDqFwvEDQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFBzZwxyzUihUnV3d6jyl8pD+yQwkMB8GA1UdIwQY
MBaAFJ5LMoGwjmtewf3rDQRAUo7ZNNw/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmtzeWdiQ09hMTdCX2VzTkJFQlNqdGswM0Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9mZjdkMzMtZTRmNy00M2MwLTkyNGIt
NmIyZDQ2OTI0YzZmLzEvSE5uREhMTlNLRlNkWGQzcVBLWHlrUDdKRENRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9mZjdkMzMtZTRmNy00M2MwLTkyNGItNmIyZDQ2OTI0YzZm
LzEvbmtzeWdiQ09hMTdCX2VzTkJFQlNqdGswM0Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgEOCDAN
BgkqhkiG9w0BAQsFAAOCAQEAgYfuCRDAe0yAewcC+CefmquOE96WLqIPSYdDJD7k
/mFo/cEl3RUoFn2IxfR5hzlzg+eYUtt9/lhk/XWRNQz4NrtNbN3H7mwvxKhVvUVw
lYWxVxhL6X+qYhxXhzrYqGHadyATqNY257bF1nncn3LyNbJdDbKGXCb4L6zOiePn
vFIBDNDcfnZBtL9jYHYMgXIXGobRC0fkofe5rUQ0PPoaqR2cwmdmZ4+79/ZJE7GT
Naj++9Z1tCdeW785ZhQYg7ibMLF5ZpemZLUOlVPgnDRhVIiQWvde0DZcOvGFqAdL
iBNVWCSvJVrMZnFQPyZTYqRQVqvPwzmzIzHBFYyXHTqPJA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:23:27 2025 by rpki-client