Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/94fdd8-04dd-4a22-8410-7d79c07173f4/1/nRICT2KRUllWyNkbOUIkDt31yHo.roa
File: nRICT2KRUllWyNkbOUIkDt31yHo.roa (raw, json)
Hash identifier: sTfiQARYgoxhKf5z6tE+9bQAiC6/VLzFynOdy1GyifI=
Subject key identifier: 9D:12:02:4F:62:91:52:59:56:C8:D9:1B:39:42:24:0E:DD:F5:C8:7A
Certificate issuer: /CN=41600300eeed5af5d7fc09d8fc158b65935ed057
Certificate serial: 018DF3C0638218E1CC69D97F70DD28E05D8E
Authority key identifier: 41:60:03:00:EE:ED:5A:F5:D7:FC:09:D8:FC:15:8B:65:93:5E:D0:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QWADAO7tWvXX_AnY_BWLZZNe0Fc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/94fdd8-04dd-4a22-8410-7d79c07173f4/1/nRICT2KRUllWyNkbOUIkDt31yHo.roa
Signing time: Thu 29 Feb 2024 07:24:48 +0000
ROA not before: Thu 29 Feb 2024 07:24:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8976
IP address blocks: 193.105.64.0/24 maxlen: 24
2001:67c:e14::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:49:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f3:c0:63:82:18:e1:cc:69:d9:7f:70:dd:28:e0:5d:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41600300eeed5af5d7fc09d8fc158b65935ed057
Validity
Not Before: Feb 29 07:24:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9d12024f6291525956c8d91b3942240eddf5c87a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:3c:dd:e4:78:ea:a8:1c:55:92:a0:5e:74:dd:
6f:4f:d5:11:44:1d:55:63:dc:bf:16:30:72:42:18:
6e:b3:cc:84:71:5b:6d:16:1c:36:04:56:81:bb:9e:
3a:51:10:4d:d6:21:1a:fd:3d:ad:cf:ff:ba:ba:68:
4f:93:81:cc:9a:c1:e7:84:a5:81:68:f2:9f:7c:b0:
dc:25:22:21:a0:0b:e3:1b:ed:50:24:63:4f:6f:ec:
87:c7:79:3d:72:24:f8:11:47:bc:4d:8f:f5:8d:61:
47:9a:ed:94:ed:8b:c3:76:83:b3:76:b7:09:21:8b:
ef:f7:60:08:37:64:bb:ee:d9:e3:73:3c:cc:f3:b4:
3c:c1:34:a4:35:d3:95:89:0a:2e:98:eb:b4:a6:9f:
a4:5a:7a:7c:69:31:89:fd:96:fd:cc:4f:20:f8:d8:
4f:77:3c:0a:b4:8d:85:dd:7e:13:b6:88:a1:3f:31:
bc:a6:fd:bf:08:44:f2:d8:e6:53:d5:8b:bf:93:31:
01:73:6e:ef:46:9b:dd:67:7a:79:e1:62:a7:48:9c:
e8:87:03:c8:0d:3c:92:5b:1a:9e:43:90:d5:9c:65:
aa:74:72:bb:be:ef:cc:62:45:17:ae:c3:f7:cb:16:
a6:68:ff:f6:be:61:6c:f3:da:62:89:5d:2e:07:8c:
67:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:12:02:4F:62:91:52:59:56:C8:D9:1B:39:42:24:0E:DD:F5:C8:7A
X509v3 Authority Key Identifier:
keyid:41:60:03:00:EE:ED:5A:F5:D7:FC:09:D8:FC:15:8B:65:93:5E:D0:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QWADAO7tWvXX_AnY_BWLZZNe0Fc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/94fdd8-04dd-4a22-8410-7d79c07173f4/1/nRICT2KRUllWyNkbOUIkDt31yHo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/94fdd8-04dd-4a22-8410-7d79c07173f4/1/QWADAO7tWvXX_AnY_BWLZZNe0Fc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.105.64.0/24
IPv6:
2001:67c:e14::/48
Signature Algorithm: sha256WithRSAEncryption
31:43:b3:f0:d2:ff:b7:01:ed:ce:0e:ec:f8:f8:f9:de:60:f9:
85:a3:d6:58:6e:a4:19:78:66:d4:c1:ad:29:5a:03:aa:2e:cd:
11:a5:cc:d8:36:d8:37:27:fe:f4:79:9e:c0:da:b3:62:97:5c:
95:0d:3a:1d:f5:61:7e:ba:5e:db:7a:3b:9d:f5:73:2b:fe:a2:
eb:f2:bf:cf:1d:2f:0c:67:51:1a:66:2f:67:59:49:76:12:69:
4e:87:05:96:69:e6:f3:92:8a:9e:c1:19:f4:21:d6:c5:31:4f:
86:8b:1d:9f:8e:55:ad:a7:35:c1:2b:e5:71:a0:f1:42:21:2f:
85:45:60:5c:b6:cf:b3:ab:27:b5:30:89:74:99:a3:bb:e9:f5:
aa:c4:d1:c6:0d:0b:56:6e:87:29:09:86:54:24:6a:be:9d:2a:
05:90:1d:b3:cb:b1:56:c5:b8:c1:6f:77:3b:f4:d8:ed:64:ad:
61:e7:e4:aa:50:a0:ac:c7:bb:f9:40:90:3f:de:d7:8a:74:8b:
60:ed:ee:7e:dd:6c:e7:bc:be:da:54:93:d5:db:c7:d0:85:12:
e7:71:a6:2e:0c:01:cc:30:7d:b1:7a:e1:02:21:af:5c:a0:dc:
87:18:df:84:af:17:32:80:18:36:4b:e5:5a:33:c8:fa:6e:77:
e5:c6:cb:0e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY3zwGOCGOHMadl/cN0o4F2OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxNjAwMzAwZWVlZDVhZjVkN2ZjMDlkOGZjMTU4YjY1OTM1
ZWQwNTcwHhcNMjQwMjI5MDcyNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDEyMDI0ZjYyOTE1MjU5NTZjOGQ5MWIzOTQyMjQwZWRkZjVjODdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApjzd5HjqqBxVkqBedN1vT9URRB1V
Y9y/FjByQhhus8yEcVttFhw2BFaBu546URBN1iEa/T2tz/+6umhPk4HMmsHnhKWB
aPKffLDcJSIhoAvjG+1QJGNPb+yHx3k9ciT4EUe8TY/1jWFHmu2U7YvDdoOzdrcJ
IYvv92AIN2S77tnjczzM87Q8wTSkNdOViQoumOu0pp+kWnp8aTGJ/Zb9zE8g+NhP
dzwKtI2F3X4TtoihPzG8pv2/CETy2OZT1Yu/kzEBc27vRpvdZ3p54WKnSJzohwPI
DTySWxqeQ5DVnGWqdHK7vu/MYkUXrsP3yxamaP/2vmFs89piiV0uB4xnxQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJ0SAk9ikVJZVsjZGzlCJA7d9ch6MB8GA1UdIwQY
MBaAFEFgAwDu7Vr11/wJ2PwVi2WTXtBXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVdBREFPN3RXdlhYX0FuWV9CV0xaWk5lMEZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny85NGZkZDgtMDRkZC00YTIyLTg0MTAt
N2Q3OWMwNzE3M2Y0LzEvblJJQ1QyS1JVbGxXeU5rYk9VSWtEdDMxeUhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny85NGZkZDgtMDRkZC00YTIyLTg0MTAtN2Q3OWMwNzE3M2Y0
LzEvUVdBREFPN3RXdlhYX0FuWV9CV0xaWk5lMEZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwWlAMA8E
AgACMAkDBwAgAQZ8DhQwDQYJKoZIhvcNAQELBQADggEBADFDs/DS/7cB7c4O7Pj4
+d5g+YWj1lhupBl4ZtTBrSlaA6ouzRGlzNg22Dcn/vR5nsDas2KXXJUNOh31YX66
Xtt6O531cyv+ouvyv88dLwxnURpmL2dZSXYSaU6HBZZp5vOSip7BGfQh1sUxT4aL
HZ+OVa2nNcEr5XGg8UIhL4VFYFy2z7OrJ7UwiXSZo7vp9arE0cYNC1ZuhykJhlQk
ar6dKgWQHbPLsVbFuMFvdzv02O1krWHn5KpQoKzHu/lAkD/e14p0i2Dt7n7dbOe8
vtpUk9Xbx9CFEudxpi4MAcwwfbF64QIhr1yg3IcY34SvFzKAGDZL5VozyPpud+XG
yw4=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:07:24 2025 by rpki-client