Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/3ea478-a503-47d3-88f5-49be8d90f59e/1/nzz7zGIg1G4jByiOsUIYcUVoQtE.roa
File: nzz7zGIg1G4jByiOsUIYcUVoQtE.roa (raw, json)
Hash identifier: Sx5HwwIGt5nG7lKya5vAnjpi5XLVAXVDoeWP8LJNd+E=
Subject key identifier: 9F:3C:FB:CC:62:20:D4:6E:23:07:28:8E:B1:42:18:71:45:68:42:D1
Certificate issuer: /CN=0dd6efbe54671d71a59051e29a2448cd6af8d467
Certificate serial: 018CC4938E1F68B6082BEFF6C07FC1B0C521
Authority key identifier: 0D:D6:EF:BE:54:67:1D:71:A5:90:51:E2:9A:24:48:CD:6A:F8:D4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DdbvvlRnHXGlkFHimiRIzWr41Gc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/3ea478-a503-47d3-88f5-49be8d90f59e/1/nzz7zGIg1G4jByiOsUIYcUVoQtE.roa
Signing time: Mon 01 Jan 2024 10:30:53 +0000
ROA not before: Mon 01 Jan 2024 10:30:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42888
IP address blocks: 195.130.193.0/24 maxlen: 24
2001:67c:2144::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:47:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:8e:1f:68:b6:08:2b:ef:f6:c0:7f:c1:b0:c5:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0dd6efbe54671d71a59051e29a2448cd6af8d467
Validity
Not Before: Jan 1 10:30:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9f3cfbcc6220d46e2307288eb1421871456842d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:52:d3:ee:e8:6a:22:c2:cb:be:49:fc:db:7c:
0e:b2:65:f0:b6:f1:a7:ef:1c:86:bc:61:c7:0a:c1:
6b:fb:1c:0d:af:76:be:03:6a:82:c5:ad:b3:17:9e:
28:77:50:e1:98:8d:14:46:22:03:02:ab:f7:9b:1d:
e6:6e:24:26:d4:b3:0a:d7:b8:c5:e8:96:85:7e:56:
23:1e:b5:e9:5e:e3:63:f0:eb:70:16:cd:9e:85:5e:
01:56:98:25:cb:f7:92:b5:8f:37:22:7b:90:d8:43:
fd:34:d2:92:b4:28:d1:ef:f6:c1:71:49:ee:2c:4e:
b9:0a:29:63:c4:6b:a9:79:c2:ff:b5:81:ab:f5:fa:
8b:ad:7c:87:cb:79:33:db:c6:35:34:e2:b7:44:52:
9f:49:74:23:5d:39:56:0c:de:4b:a1:57:cc:50:94:
ed:dd:01:30:58:a2:0f:85:35:6b:83:7e:74:88:1b:
eb:88:37:d5:20:34:59:8c:3d:c4:64:c1:b0:7f:de:
92:26:d8:a1:6c:a5:f8:14:61:f3:5b:97:7d:8d:84:
a6:ca:53:34:dc:50:2f:fa:0f:91:35:59:24:45:3c:
31:c1:60:13:a8:34:0e:3a:5f:2e:1b:e3:00:e0:43:
9b:f1:1e:98:74:31:f9:fd:57:41:15:ab:a5:06:c5:
fb:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:3C:FB:CC:62:20:D4:6E:23:07:28:8E:B1:42:18:71:45:68:42:D1
X509v3 Authority Key Identifier:
keyid:0D:D6:EF:BE:54:67:1D:71:A5:90:51:E2:9A:24:48:CD:6A:F8:D4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DdbvvlRnHXGlkFHimiRIzWr41Gc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/3ea478-a503-47d3-88f5-49be8d90f59e/1/nzz7zGIg1G4jByiOsUIYcUVoQtE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/3ea478-a503-47d3-88f5-49be8d90f59e/1/DdbvvlRnHXGlkFHimiRIzWr41Gc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.130.193.0/24
IPv6:
2001:67c:2144::/48
Signature Algorithm: sha256WithRSAEncryption
06:ea:0c:9d:ab:f3:c6:1a:6d:86:cc:84:16:3b:45:72:3e:38:
4a:40:4a:50:d2:5c:e9:e6:13:12:ac:00:e4:49:37:f2:d4:39:
38:b3:bf:22:67:e4:72:cb:3e:5a:11:88:d6:42:ba:0f:4b:b1:
8b:78:4c:40:bf:32:7e:17:71:e3:34:9f:98:38:db:53:27:1e:
ea:59:e8:2c:dd:8e:0b:b0:a0:f6:60:84:ca:b1:c6:62:2c:4f:
6b:27:b6:42:d1:ac:ef:15:58:7b:c0:da:33:78:ab:ca:96:a3:
38:2d:f6:f1:54:47:b3:14:6d:c2:4a:89:58:25:ac:8c:13:31:
7b:cf:d8:e0:55:31:d6:41:37:c5:0b:a1:b0:eb:1d:12:ec:e3:
a3:e0:9a:1f:83:04:45:d3:c1:65:1e:cb:99:e6:f5:9a:11:9c:
a6:d5:7f:79:84:2f:0c:f9:71:a3:a1:68:cf:ef:c9:b6:58:80:
70:37:e9:98:af:e7:ed:5d:9b:fe:9b:17:a3:4e:ad:c6:c8:fa:
3f:da:5b:af:9c:de:ab:43:53:1b:de:4c:96:4a:e1:15:e3:00:
5b:6e:a0:6c:79:30:d8:cf:f4:aa:e4:1e:32:12:e9:cf:23:74:
d6:b2:3d:19:2b:20:fb:2c:91:06:bc:9a:f3:a1:3b:0c:29:26:
a7:27:90:f8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzEk44faLYIK+/2wH/BsMUhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkZDZlZmJlNTQ2NzFkNzFhNTkwNTFlMjlhMjQ0OGNkNmFm
OGQ0NjcwHhcNMjQwMTAxMTAzMDUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjNjZmJjYzYyMjBkNDZlMjMwNzI4OGViMTQyMTg3MTQ1Njg0MmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtVLT7uhqIsLLvkn823wOsmXwtvGn
7xyGvGHHCsFr+xwNr3a+A2qCxa2zF54od1DhmI0URiIDAqv3mx3mbiQm1LMK17jF
6JaFflYjHrXpXuNj8OtwFs2ehV4BVpgly/eStY83InuQ2EP9NNKStCjR7/bBcUnu
LE65CiljxGupecL/tYGr9fqLrXyHy3kz28Y1NOK3RFKfSXQjXTlWDN5LoVfMUJTt
3QEwWKIPhTVrg350iBvriDfVIDRZjD3EZMGwf96SJtihbKX4FGHzW5d9jYSmylM0
3FAv+g+RNVkkRTwxwWATqDQOOl8uG+MA4EOb8R6YdDH5/VdBFaulBsX7NwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJ88+8xiINRuIwcojrFCGHFFaELRMB8GA1UdIwQY
MBaAFA3W775UZx1xpZBR4pokSM1q+NRnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGRidnZsUm5IWEdsa0ZIaW1pUkl6V3I0MUdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8zZWE0NzgtYTUwMy00N2QzLTg4ZjUt
NDliZThkOTBmNTllLzEvbnp6N3pHSWcxRzRqQnlpT3NVSVljVVZvUXRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC8zZWE0NzgtYTUwMy00N2QzLTg4ZjUtNDliZThkOTBmNTll
LzEvRGRidnZsUm5IWEdsa0ZIaW1pUkl6V3I0MUdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAw4LBMA8E
AgACMAkDBwAgAQZ8IUQwDQYJKoZIhvcNAQELBQADggEBAAbqDJ2r88YabYbMhBY7
RXI+OEpASlDSXOnmExKsAORJN/LUOTizvyJn5HLLPloRiNZCug9LsYt4TEC/Mn4X
ceM0n5g421MnHupZ6CzdjguwoPZghMqxxmIsT2sntkLRrO8VWHvA2jN4q8qWozgt
9vFUR7MUbcJKiVglrIwTMXvP2OBVMdZBN8ULobDrHRLs46Pgmh+DBEXTwWUey5nm
9ZoRnKbVf3mELwz5caOhaM/vybZYgHA36Ziv5+1dm/6bF6NOrcbI+j/aW6+c3qtD
UxveTJZK4RXjAFtuoGx5MNjP9KrkHjIS6c8jdNayPRkrIPsskQa8mvOhOwwpJqcn
kPg=
-----END CERTIFICATE-----
Generated at Sun Apr 6 20:13:41 2025 by rpki-client