Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/a9beb0-cbe7-465e-8008-d54722cca849/1/n9evG8EQgqx8aSuNwNInfGBRG7g.roa
File: n9evG8EQgqx8aSuNwNInfGBRG7g.roa (raw, json)
Hash identifier: ur7qpjl24Ji66X5mV71cnQcDIRvirlweFHKvsCKn1Ew=
Subject key identifier: 9F:D7:AF:1B:C1:10:82:AC:7C:69:2B:8D:C0:D2:27:7C:60:51:1B:B8
Certificate issuer: /CN=044fa3808c2d28c577f9976c61cd226e188695d8
Certificate serial: 018CC5DC13DF7289A442F09D540A0072AA73
Authority key identifier: 04:4F:A3:80:8C:2D:28:C5:77:F9:97:6C:61:CD:22:6E:18:86:95:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BE-jgIwtKMV3-ZdsYc0ibhiGldg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/a9beb0-cbe7-465e-8008-d54722cca849/1/n9evG8EQgqx8aSuNwNInfGBRG7g.roa
Signing time: Mon 01 Jan 2024 16:29:43 +0000
ROA not before: Mon 01 Jan 2024 16:29:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57458
IP address blocks: 130.255.177.0/24 maxlen: 24
2a03:c080::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:53:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:13:df:72:89:a4:42:f0:9d:54:0a:00:72:aa:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=044fa3808c2d28c577f9976c61cd226e188695d8
Validity
Not Before: Jan 1 16:29:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9fd7af1bc11082ac7c692b8dc0d2277c60511bb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:2f:75:f4:cf:f9:0a:31:57:34:a4:23:48:c2:
28:08:2b:91:65:65:e4:00:42:54:6d:a7:5c:c5:4e:
cf:d1:b0:09:a0:a1:65:89:42:68:20:0c:b5:80:f3:
62:09:f2:da:e9:9b:33:68:14:44:61:b8:26:8b:b2:
1c:36:69:cf:58:04:f6:45:5c:bd:2a:f5:68:68:40:
94:63:15:fb:f5:f7:61:9d:3a:e6:db:51:3d:30:4d:
bb:4f:29:a3:d2:c3:b5:71:10:59:36:73:6a:66:4e:
ae:00:de:dd:ed:e9:df:df:0a:8a:8d:f4:ef:ce:c4:
40:45:e7:31:39:15:d7:af:f0:bb:ad:fc:e3:60:77:
45:e5:01:8a:79:13:72:1e:c8:96:a7:48:bb:23:8b:
4f:09:c4:87:6b:f3:3a:d5:38:78:5d:8c:2e:9b:46:
63:fe:04:27:d5:74:84:42:4d:0e:fc:cc:a7:66:28:
7b:2e:6c:b4:e8:e6:0c:43:49:1e:c2:f2:ec:a7:82:
e0:c0:df:a2:49:d1:c8:63:b8:8e:1b:0c:3d:53:40:
97:f9:ea:87:70:eb:a7:c7:97:35:f6:3d:32:a9:4e:
06:18:08:9f:86:fd:6e:22:4c:d4:a1:d8:75:e4:c4:
00:02:ab:87:bd:bd:13:da:c4:01:02:0b:28:f6:e3:
96:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:D7:AF:1B:C1:10:82:AC:7C:69:2B:8D:C0:D2:27:7C:60:51:1B:B8
X509v3 Authority Key Identifier:
keyid:04:4F:A3:80:8C:2D:28:C5:77:F9:97:6C:61:CD:22:6E:18:86:95:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BE-jgIwtKMV3-ZdsYc0ibhiGldg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/a9beb0-cbe7-465e-8008-d54722cca849/1/n9evG8EQgqx8aSuNwNInfGBRG7g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/a9beb0-cbe7-465e-8008-d54722cca849/1/BE-jgIwtKMV3-ZdsYc0ibhiGldg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.255.177.0/24
IPv6:
2a03:c080::/32
Signature Algorithm: sha256WithRSAEncryption
3e:0f:e7:24:db:64:cb:47:64:25:eb:85:5d:ea:5a:1b:8c:a5:
6e:f6:f5:11:3f:37:2b:74:5d:7f:ad:20:20:ae:e5:f4:58:35:
f0:67:d5:eb:77:68:36:c5:8e:76:20:0a:a2:73:66:be:21:c6:
ef:63:fd:a5:0f:b8:ac:19:68:db:b1:76:c4:82:ad:59:62:64:
ac:27:5d:08:fe:f7:c7:d9:01:33:f0:eb:21:15:2f:16:a0:ff:
53:31:e4:d8:63:81:f9:d3:57:ed:b4:eb:ff:73:2c:f0:c5:9c:
1e:bc:70:b0:26:76:40:ac:7e:ae:e1:55:0a:8c:88:4c:d7:1b:
80:c2:15:8d:23:4f:95:29:e6:4a:ee:e7:dd:db:3e:31:8d:88:
34:08:2a:bf:c4:f0:a8:ee:8a:38:a7:ab:2c:8b:80:d1:49:28:
28:82:83:c4:e9:bd:75:f0:21:d9:16:b6:27:3e:28:70:70:d4:
7c:b3:95:76:d1:28:7f:ef:3b:48:7a:9c:82:86:da:0c:98:3a:
52:56:a1:0d:ed:67:a7:fa:fc:ba:97:87:f4:f1:fb:10:b5:5a:
30:95:b8:21:54:cb:26:cf:f1:5d:69:98:a3:6a:04:12:26:a4:
81:b9:d3:c0:b2:c7:4b:18:a0:af:c8:40:aa:a4:d6:d7:4c:e3:
65:93:fb:39
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzF3BPfcomkQvCdVAoAcqpzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0NGZhMzgwOGMyZDI4YzU3N2Y5OTc2YzYxY2QyMjZlMTg4
Njk1ZDgwHhcNMjQwMTAxMTYyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmQ3YWYxYmMxMTA4MmFjN2M2OTJiOGRjMGQyMjc3YzYwNTExYmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkC919M/5CjFXNKQjSMIoCCuRZWXk
AEJUbadcxU7P0bAJoKFliUJoIAy1gPNiCfLa6ZszaBREYbgmi7IcNmnPWAT2RVy9
KvVoaECUYxX79fdhnTrm21E9ME27Tymj0sO1cRBZNnNqZk6uAN7d7enf3wqKjfTv
zsRARecxORXXr/C7rfzjYHdF5QGKeRNyHsiWp0i7I4tPCcSHa/M61Th4XYwum0Zj
/gQn1XSEQk0O/MynZih7Lmy06OYMQ0kewvLsp4LgwN+iSdHIY7iOGww9U0CX+eqH
cOunx5c19j0yqU4GGAifhv1uIkzUodh15MQAAquHvb0T2sQBAgso9uOWSwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJ/XrxvBEIKsfGkrjcDSJ3xgURu4MB8GA1UdIwQY
MBaAFARPo4CMLSjFd/mXbGHNIm4YhpXYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkUtamdJd3RLTVYzLVpkc1ljMGliaGlHbGRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9hOWJlYjAtY2JlNy00NjVlLTgwMDgt
ZDU0NzIyY2NhODQ5LzEvbjlldkc4RVFncXg4YVN1TndOSW5mR0JSRzdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9hOWJlYjAtY2JlNy00NjVlLTgwMDgtZDU0NzIyY2NhODQ5
LzEvQkUtamdJd3RLTVYzLVpkc1ljMGliaGlHbGRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAgv+xMA0E
AgACMAcDBQAqA8CAMA0GCSqGSIb3DQEBCwUAA4IBAQA+D+ck22TLR2Ql64Vd6lob
jKVu9vURPzcrdF1/rSAgruX0WDXwZ9Xrd2g2xY52IAqic2a+IcbvY/2lD7isGWjb
sXbEgq1ZYmSsJ10I/vfH2QEz8OshFS8WoP9TMeTYY4H501fttOv/cyzwxZwevHCw
JnZArH6u4VUKjIhM1xuAwhWNI0+VKeZK7ufd2z4xjYg0CCq/xPCo7oo4p6ssi4DR
SSgogoPE6b118CHZFrYnPihwcNR8s5V20Sh/7ztIepyChtoMmDpSVqEN7Wen+vy6
l4f08fsQtVowlbghVMsmz/FdaZijagQSJqSBudPAssdLGKCvyECqpNbXTONlk/s5
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:06:48 2025 by rpki-client