Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/2b4823-4262-47d3-9b80-66758479863e/1/NZb3HyPVI_VSF2frXSYsx9jf8Z0.roa
File: NZb3HyPVI_VSF2frXSYsx9jf8Z0.roa (raw, json)
Hash identifier: F3h+T2MMsQMXsTkFfX5gTaULgMtsRu/0M8JOJI+yUD0=
Subject key identifier: 35:96:F7:1F:23:D5:23:F5:52:17:67:EB:5D:26:2C:C7:D8:DF:F1:9D
Certificate issuer: /CN=dcdcb02b61e3a15eac373b992e0e1a6545f61e52
Certificate serial: 018CC26D1310D7E92978E50A95C1552751A0
Authority key identifier: DC:DC:B0:2B:61:E3:A1:5E:AC:37:3B:99:2E:0E:1A:65:45:F6:1E:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3NywK2HjoV6sNzuZLg4aZUX2HlI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/2b4823-4262-47d3-9b80-66758479863e/1/NZb3HyPVI_VSF2frXSYsx9jf8Z0.roa
Signing time: Mon 01 Jan 2024 00:29:37 +0000
ROA not before: Mon 01 Jan 2024 00:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209799
IP address blocks: 194.15.100.0/22 maxlen: 24
92.243.85.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:48:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:13:10:d7:e9:29:78:e5:0a:95:c1:55:27:51:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcdcb02b61e3a15eac373b992e0e1a6545f61e52
Validity
Not Before: Jan 1 00:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3596f71f23d523f5521767eb5d262cc7d8dff19d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:73:70:af:99:16:36:cf:0e:21:a7:87:5b:ae:
e9:47:25:d0:9a:3e:31:e2:bf:33:8e:1e:85:f3:82:
6a:b3:24:56:b0:c2:1f:b0:d9:ce:65:4d:84:ba:eb:
5d:dd:45:9a:a7:67:65:1f:61:30:54:8b:60:58:77:
ee:b2:6c:f3:3b:3e:23:66:5d:73:6c:cd:78:18:2c:
32:24:80:00:ff:a3:65:fa:85:15:7e:8f:b6:83:ce:
62:52:16:19:e8:f0:fa:43:4c:8e:a3:55:dc:27:34:
32:ec:43:3f:d8:1b:d8:30:b4:11:7b:96:36:92:b7:
d4:87:3c:ee:6d:85:0e:98:37:2d:5e:f7:fa:25:71:
3b:a5:95:e9:98:5e:da:73:cd:15:cc:ea:77:d7:d5:
8c:08:2a:1b:c1:2c:66:d2:6a:66:16:21:35:82:66:
7e:f4:7b:3d:2b:3e:a4:48:85:25:1c:96:b3:fd:9b:
8c:12:07:e2:c0:c8:94:08:a4:e5:5b:20:33:b0:1d:
69:29:f5:f6:b8:7a:70:ee:65:e2:d7:df:c1:1b:9a:
59:5d:ed:0b:c0:00:83:c5:09:ce:4b:07:31:ba:06:
c4:f3:97:74:ba:a9:56:a0:c2:3e:30:62:ed:19:69:
61:32:be:35:76:e4:cd:b0:c4:df:47:a1:6d:1e:ad:
e7:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:96:F7:1F:23:D5:23:F5:52:17:67:EB:5D:26:2C:C7:D8:DF:F1:9D
X509v3 Authority Key Identifier:
keyid:DC:DC:B0:2B:61:E3:A1:5E:AC:37:3B:99:2E:0E:1A:65:45:F6:1E:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3NywK2HjoV6sNzuZLg4aZUX2HlI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/2b4823-4262-47d3-9b80-66758479863e/1/NZb3HyPVI_VSF2frXSYsx9jf8Z0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/2b4823-4262-47d3-9b80-66758479863e/1/3NywK2HjoV6sNzuZLg4aZUX2HlI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.243.85.0/24
194.15.100.0/22
Signature Algorithm: sha256WithRSAEncryption
1f:08:e8:78:c9:21:e5:c8:c7:b9:4d:72:db:49:53:f4:78:99:
4e:eb:e0:3e:91:83:e0:2e:7c:c7:c0:a8:a1:28:d7:f7:08:d1:
5d:67:b7:32:55:f3:79:d4:70:b6:b8:c7:02:05:77:fd:f2:f4:
b3:be:78:cf:f3:06:d1:3e:16:78:b9:70:47:b7:63:de:6f:84:
fe:6a:85:b4:c7:60:b0:84:c0:df:62:02:32:86:f3:da:0e:4d:
b3:0b:d6:7f:d3:a4:fc:86:e4:dd:a3:7c:d3:8c:36:58:f9:1b:
10:ce:e9:71:bc:cb:c2:b9:03:76:a8:31:96:1f:aa:99:2b:80:
08:22:3d:0b:67:6a:a7:05:17:11:b8:cc:e3:c1:e1:11:4f:08:
d1:07:1c:d1:04:be:c4:4f:57:64:a3:5a:0c:df:04:28:f2:47:
05:8f:97:bc:6c:46:2e:c1:54:fd:2c:d6:9f:fb:27:59:45:c6:
44:95:69:14:d6:a8:12:39:24:8c:01:f5:0b:b9:77:ec:35:6d:
8a:1c:59:0e:1c:ea:d7:94:24:83:cf:ad:b1:93:09:a4:d7:31:
9e:89:24:a3:b6:82:ad:ec:49:7e:9f:f0:7b:2a:87:24:ad:78:
20:16:5e:f1:6d:45:ba:e2:e4:88:07:6e:94:96:e4:2e:07:0f:
06:a2:06:ad
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzCbRMQ1+kpeOUKlcFVJ1GgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjZGNiMDJiNjFlM2ExNWVhYzM3M2I5OTJlMGUxYTY1NDVm
NjFlNTIwHhcNMjQwMTAxMDAyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTk2ZjcxZjIzZDUyM2Y1NTIxNzY3ZWI1ZDI2MmNjN2Q4ZGZmMTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvHNwr5kWNs8OIaeHW67pRyXQmj4x
4r8zjh6F84JqsyRWsMIfsNnOZU2Euutd3UWap2dlH2EwVItgWHfusmzzOz4jZl1z
bM14GCwyJIAA/6Nl+oUVfo+2g85iUhYZ6PD6Q0yOo1XcJzQy7EM/2BvYMLQRe5Y2
krfUhzzubYUOmDctXvf6JXE7pZXpmF7ac80VzOp319WMCCobwSxm0mpmFiE1gmZ+
9Hs9Kz6kSIUlHJaz/ZuMEgfiwMiUCKTlWyAzsB1pKfX2uHpw7mXi19/BG5pZXe0L
wACDxQnOSwcxugbE85d0uqlWoMI+MGLtGWlhMr41duTNsMTfR6FtHq3neQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDWW9x8j1SP1Uhdn610mLMfY3/GdMB8GA1UdIwQY
MBaAFNzcsCth46FerDc7mS4OGmVF9h5SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM055d0sySGpvVjZzTnp1WkxnNGFaVVgySGxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS8yYjQ4MjMtNDI2Mi00N2QzLTliODAt
NjY3NTg0Nzk4NjNlLzEvTlpiM0h5UFZJX1ZTRjJmclhTWXN4OWpmOFowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS8yYjQ4MjMtNDI2Mi00N2QzLTliODAtNjY3NTg0Nzk4NjNl
LzEvM055d0sySGpvVjZzTnp1WkxnNGFaVVgySGxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXPNVAwQC
wg9kMA0GCSqGSIb3DQEBCwUAA4IBAQAfCOh4ySHlyMe5TXLbSVP0eJlO6+A+kYPg
LnzHwKihKNf3CNFdZ7cyVfN51HC2uMcCBXf98vSzvnjP8wbRPhZ4uXBHt2Peb4T+
aoW0x2CwhMDfYgIyhvPaDk2zC9Z/06T8huTdo3zTjDZY+RsQzulxvMvCuQN2qDGW
H6qZK4AIIj0LZ2qnBRcRuMzjweERTwjRBxzRBL7ET1dko1oM3wQo8kcFj5e8bEYu
wVT9LNaf+ydZRcZElWkU1qgSOSSMAfULuXfsNW2KHFkOHOrXlCSDz62xkwmk1zGe
iSSjtoKt7El+n/B7KockrXggFl7xbUW64uSIB26UluQuBw8Gogat
-----END CERTIFICATE-----
Generated at Wed Apr 23 05:11:51 2025 by rpki-client