Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fe3f3e-e187-4a12-aa9a-243c5f4e2e40/1/nichfFWXOE8MB5fu6NVdFi5teE0.roa
File: nichfFWXOE8MB5fu6NVdFi5teE0.roa (raw, json)
Hash identifier: TUeW9WRPzCmVoslirFX2I6JmRWSoOGLm2XZu6925Ei0=
Subject key identifier: 9E:27:21:7C:55:97:38:4F:0C:07:97:EE:E8:D5:5D:16:2E:6D:78:4D
Certificate issuer: /CN=a9a815be7547eb870eb5f641d30fe6963741c8e0
Certificate serial: 018CC3B69F302E0658EB67BA4335509AB999
Authority key identifier: A9:A8:15:BE:75:47:EB:87:0E:B5:F6:41:D3:0F:E6:96:37:41:C8:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qagVvnVH64cOtfZB0w_mljdByOA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fe3f3e-e187-4a12-aa9a-243c5f4e2e40/1/nichfFWXOE8MB5fu6NVdFi5teE0.roa
Signing time: Mon 01 Jan 2024 06:29:34 +0000
ROA not before: Mon 01 Jan 2024 06:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44215
IP address blocks: 79.99.97.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:48:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:9f:30:2e:06:58:eb:67:ba:43:35:50:9a:b9:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9a815be7547eb870eb5f641d30fe6963741c8e0
Validity
Not Before: Jan 1 06:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9e27217c5597384f0c0797eee8d55d162e6d784d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:1e:a1:df:29:86:c9:2b:3f:91:53:72:0f:5c:
64:39:7a:fe:da:3b:87:6d:79:3d:82:39:30:25:b0:
69:ee:92:2c:ea:f4:e4:4d:a4:1e:31:a9:90:e2:63:
b7:7a:e6:99:82:f2:ef:32:69:16:14:28:7e:4e:4d:
b2:36:07:f5:4f:df:52:35:a5:85:14:8b:0a:80:99:
db:26:9c:12:a5:00:5d:82:0b:3a:6c:7d:88:91:de:
b4:b9:5c:47:27:00:1d:99:e9:36:94:1c:6c:fd:9d:
f6:e0:6c:80:eb:51:89:c9:42:d7:62:1e:5c:ac:ab:
b0:74:e5:07:4b:d9:03:c3:61:32:de:d0:aa:90:31:
f1:00:fa:61:43:0f:94:9e:55:71:06:cf:b7:ad:38:
44:a2:86:72:65:a8:e5:19:82:69:62:f3:c1:5a:bb:
75:32:85:01:f4:44:09:0d:98:c3:31:9f:da:7e:8d:
35:7f:81:48:55:4a:57:07:9b:87:5e:51:42:fa:78:
de:3d:a3:b0:fe:14:66:0e:7c:5c:23:af:7f:64:9c:
70:71:af:15:94:ba:02:ea:c8:93:d6:eb:cf:44:5f:
0c:82:6a:00:97:73:18:c8:d0:dc:a7:fc:e4:56:33:
fa:78:bb:3f:f6:c2:e7:16:92:6c:1c:47:dc:c1:52:
61:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:27:21:7C:55:97:38:4F:0C:07:97:EE:E8:D5:5D:16:2E:6D:78:4D
X509v3 Authority Key Identifier:
keyid:A9:A8:15:BE:75:47:EB:87:0E:B5:F6:41:D3:0F:E6:96:37:41:C8:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qagVvnVH64cOtfZB0w_mljdByOA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fe3f3e-e187-4a12-aa9a-243c5f4e2e40/1/nichfFWXOE8MB5fu6NVdFi5teE0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fe3f3e-e187-4a12-aa9a-243c5f4e2e40/1/qagVvnVH64cOtfZB0w_mljdByOA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.99.97.0/24
Signature Algorithm: sha256WithRSAEncryption
dc:8d:76:dd:f6:78:86:46:bd:5b:54:3c:89:51:b3:31:05:4c:
85:e5:b7:02:89:7d:5f:fd:8e:de:c4:6a:0f:23:1b:aa:60:4d:
7e:de:bb:a4:4c:71:6c:09:37:06:27:66:9f:b4:c2:b5:f6:68:
dc:7c:af:06:3d:e1:1a:f5:29:bf:6d:fe:78:46:ed:fd:07:91:
68:62:a1:6a:19:49:ef:c9:48:d2:58:4d:4a:ff:93:25:42:29:
c2:f8:a1:d9:e9:76:08:dd:a0:62:a0:d3:c5:a2:ac:9e:26:38:
16:36:06:98:5f:92:82:c6:8b:c4:a2:44:31:7a:e7:a6:23:af:
fe:dd:60:22:b6:be:e2:91:19:45:64:15:4c:b4:22:70:3c:85:
39:ae:17:25:1b:e9:04:cf:33:d6:97:9a:a9:11:9e:4e:02:e1:
b0:df:d0:57:28:a9:a3:4e:71:95:1e:c9:06:5c:54:45:61:71:
ab:b2:88:2e:cc:8d:fc:2b:5b:92:5d:55:28:c8:0f:50:bd:ab:
08:06:72:80:86:9c:0e:57:a7:f1:06:4f:5d:77:cc:04:e8:c5:
4e:91:40:c8:46:eb:94:48:6d:87:ce:2d:2c:5a:62:fb:b9:16:
28:bc:e8:44:54:a7:3b:41:bd:8e:0a:cd:f9:37:5a:f7:a0:02:
d6:24:8a:f5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtp8wLgZY62e6QzVQmrmZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5YTgxNWJlNzU0N2ViODcwZWI1ZjY0MWQzMGZlNjk2Mzc0
MWM4ZTAwHhcNMjQwMTAxMDYyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTI3MjE3YzU1OTczODRmMGMwNzk3ZWVlOGQ1NWQxNjJlNmQ3ODRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnh6h3ymGySs/kVNyD1xkOXr+2juH
bXk9gjkwJbBp7pIs6vTkTaQeMamQ4mO3euaZgvLvMmkWFCh+Tk2yNgf1T99SNaWF
FIsKgJnbJpwSpQBdggs6bH2Ikd60uVxHJwAdmek2lBxs/Z324GyA61GJyULXYh5c
rKuwdOUHS9kDw2Ey3tCqkDHxAPphQw+UnlVxBs+3rThEooZyZajlGYJpYvPBWrt1
MoUB9EQJDZjDMZ/afo01f4FIVUpXB5uHXlFC+njePaOw/hRmDnxcI69/ZJxwca8V
lLoC6siT1uvPRF8MgmoAl3MYyNDcp/zkVjP6eLs/9sLnFpJsHEfcwVJhHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ4nIXxVlzhPDAeX7ujVXRYubXhNMB8GA1UdIwQY
MBaAFKmoFb51R+uHDrX2QdMP5pY3QcjgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWFnVnZuVkg2NGNPdGZaQjB3X21samRCeU9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZTNmM2UtZTE4Ny00YTEyLWFhOWEt
MjQzYzVmNGUyZTQwLzEvbmljaGZGV1hPRThNQjVmdTZOVmRGaTV0ZUUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZTNmM2UtZTE4Ny00YTEyLWFhOWEtMjQzYzVmNGUyZTQw
LzEvcWFnVnZuVkg2NGNPdGZaQjB3X21samRCeU9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAT2NhMA0G
CSqGSIb3DQEBCwUAA4IBAQDcjXbd9niGRr1bVDyJUbMxBUyF5bcCiX1f/Y7exGoP
IxuqYE1+3rukTHFsCTcGJ2aftMK19mjcfK8GPeEa9Sm/bf54Ru39B5FoYqFqGUnv
yUjSWE1K/5MlQinC+KHZ6XYI3aBioNPFoqyeJjgWNgaYX5KCxovEokQxeuemI6/+
3WAitr7ikRlFZBVMtCJwPIU5rhclG+kEzzPWl5qpEZ5OAuGw39BXKKmjTnGVHskG
XFRFYXGrsoguzI38K1uSXVUoyA9QvasIBnKAhpwOV6fxBk9dd8wE6MVOkUDIRuuU
SG2Hzi0sWmL7uRYovOhEVKc7Qb2OCs35N1r3oALWJIr1
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:48:57 2025 by rpki-client