Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/nzlGfQoRGWUWRkSFvIfCccefgsM.roa
File: nzlGfQoRGWUWRkSFvIfCccefgsM.roa (raw, json)
Hash identifier: V92dErgblNkjyp0+wRyvrbJvyiiYdDVhidS1+iHApLo=
Subject key identifier: 9F:39:46:7D:0A:11:19:65:16:46:44:85:BC:87:C2:71:C7:9F:82:C3
Certificate issuer: /CN=e0559ce889ae4241121fe0a1653e4b955f3edf4b
Certificate serial: 019315E186698D1EE9A4A16DD1AA60634CD1
Authority key identifier: E0:55:9C:E8:89:AE:42:41:12:1F:E0:A1:65:3E:4B:95:5F:3E:DF:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4FWc6ImuQkESH-ChZT5LlV8-30s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/nzlGfQoRGWUWRkSFvIfCccefgsM.roa
Signing time: Sun 10 Nov 2024 11:42:01 +0000
ROA not before: Sun 10 Nov 2024 11:42:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20649
IP address blocks: 103.83.87.0/24 maxlen: 24
2a0b:9800::/32 maxlen: 32
2a0b:9801::/32 maxlen: 32
2a0b:9802::/32 maxlen: 32
2a0b:9803::/32 maxlen: 32
2a0b:9804::/32 maxlen: 32
2a0b:9805::/32 maxlen: 32
2a0b:9806::/32 maxlen: 32
2a0b:9807::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 11 Nov 2024 22:27:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:15:e1:86:69:8d:1e:e9:a4:a1:6d:d1:aa:60:63:4c:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0559ce889ae4241121fe0a1653e4b955f3edf4b
Validity
Not Before: Nov 10 11:42:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9f39467d0a11196516464485bc87c271c79f82c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:ec:6a:ff:74:a9:4c:73:11:29:e7:9e:aa:b3:
5e:49:74:1d:30:b8:6c:f3:0b:dd:82:8d:03:08:1d:
ab:11:10:4e:ca:e1:75:28:b5:9a:3e:c9:ac:69:cf:
fc:a4:46:bf:a0:db:11:cc:d0:50:56:68:4c:b1:c9:
4f:76:a1:41:43:73:f7:d5:88:b6:66:8c:3b:73:a7:
c6:9c:56:52:1b:5c:58:1b:85:95:96:53:bd:80:7b:
f5:2d:1b:c2:4b:5d:b7:79:ee:36:46:47:31:70:f0:
bb:47:76:5d:c1:16:b4:f7:35:13:8d:a0:fb:4f:8e:
57:38:6b:fb:94:56:64:1d:1e:15:cc:ea:63:6c:a5:
3a:9f:36:f3:35:01:54:d8:ee:17:44:fd:49:8c:90:
ca:1d:30:6c:cf:5a:0f:8f:9f:d8:a6:18:76:a3:ac:
ce:2b:14:27:2b:d8:fe:7c:86:5e:3d:68:a6:80:78:
66:12:3c:76:6c:f0:a2:11:27:b6:3d:80:3e:f9:d9:
7c:74:34:a8:83:e7:b6:65:7f:c2:1c:09:1b:82:08:
fe:91:8b:74:ed:cb:e4:46:0c:30:70:0e:7c:fa:ff:
16:39:c5:e1:eb:ea:6e:36:ae:e9:80:b1:0f:0c:9a:
a6:4b:44:ca:85:c6:e8:dd:86:9a:9c:2b:7b:3e:21:
58:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:39:46:7D:0A:11:19:65:16:46:44:85:BC:87:C2:71:C7:9F:82:C3
X509v3 Authority Key Identifier:
keyid:E0:55:9C:E8:89:AE:42:41:12:1F:E0:A1:65:3E:4B:95:5F:3E:DF:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4FWc6ImuQkESH-ChZT5LlV8-30s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/nzlGfQoRGWUWRkSFvIfCccefgsM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/4FWc6ImuQkESH-ChZT5LlV8-30s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.83.87.0/24
IPv6:
2a0b:9800::/29
Signature Algorithm: sha256WithRSAEncryption
0a:69:38:59:f9:98:97:7f:a2:26:23:a0:6b:66:84:f8:50:e8:
e7:b7:6c:96:01:02:bd:15:0e:1c:97:41:16:d9:58:f8:c1:03:
fb:dd:53:12:04:2f:29:6e:2c:20:66:b1:71:17:12:3e:11:ca:
07:2c:12:42:26:87:0b:1c:e1:03:fe:c5:46:32:3a:ef:72:0e:
5a:83:09:e7:5c:4c:43:f5:cc:5f:82:b4:94:1a:de:87:8d:59:
25:03:63:c2:bb:f8:2e:65:84:f9:3e:6a:20:7f:7a:7a:d3:75:
bf:d6:b9:0e:62:ca:c2:ea:a6:19:22:4d:af:81:1f:19:61:ad:
d0:9c:3c:f1:0e:f3:6b:e8:f1:c7:9b:9c:e9:3d:c2:65:bd:75:
d5:2e:1c:d1:e8:5f:90:4c:0b:b4:cb:2b:66:1b:f5:ea:91:e7:
25:dc:83:56:50:c7:b2:e6:52:13:c6:9f:a8:e1:3a:31:6e:36:
b6:4f:ea:bf:23:44:48:87:9d:9d:0c:c1:58:17:9f:12:7e:43:
31:19:7f:9e:c4:35:0a:a9:bd:f1:b9:5d:12:7a:79:3d:b5:24:
8d:54:61:76:fb:00:db:b0:f4:2a:65:15:99:67:02:e7:57:8c:
65:2f:0d:cb:d6:99:08:b9:a2:6d:4a:37:76:c4:95:9c:0b:26:
ae:78:80:4e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZMV4YZpjR7ppKFt0apgY0zRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwNTU5Y2U4ODlhZTQyNDExMjFmZTBhMTY1M2U0Yjk1NWYz
ZWRmNGIwHhcNMjQxMTEwMTE0MjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjM5NDY3ZDBhMTExOTY1MTY0NjQ0ODViYzg3YzI3MWM3OWY4MmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Oxq/3SpTHMRKeeeqrNeSXQdMLhs
8wvdgo0DCB2rERBOyuF1KLWaPsmsac/8pEa/oNsRzNBQVmhMsclPdqFBQ3P31Yi2
Zow7c6fGnFZSG1xYG4WVllO9gHv1LRvCS123ee42RkcxcPC7R3ZdwRa09zUTjaD7
T45XOGv7lFZkHR4VzOpjbKU6nzbzNQFU2O4XRP1JjJDKHTBsz1oPj5/Yphh2o6zO
KxQnK9j+fIZePWimgHhmEjx2bPCiESe2PYA++dl8dDSog+e2ZX/CHAkbggj+kYt0
7cvkRgwwcA58+v8WOcXh6+puNq7pgLEPDJqmS0TKhcbo3YaanCt7PiFYvwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJ85Rn0KERllFkZEhbyHwnHHn4LDMB8GA1UdIwQY
MBaAFOBVnOiJrkJBEh/goWU+S5VfPt9LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEZXYzZJbXVRa0VTSC1DaFpUNUxsVjgtMzBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi8xZmE0YTEtOWExYy00N2RlLWFjYTYt
OTQ0OTk1N2ZkNWE1LzEvbnpsR2ZRb1JHV1VXUmtTRnZJZkNjY2VmZ3NNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi8xZmE0YTEtOWExYy00N2RlLWFjYTYtOTQ0OTk1N2ZkNWE1
LzEvNEZXYzZJbXVRa0VTSC1DaFpUNUxsVjgtMzBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAZ1NXMA0E
AgACMAcDBQMqC5gAMA0GCSqGSIb3DQEBCwUAA4IBAQAKaThZ+ZiXf6ImI6BrZoT4
UOjnt2yWAQK9FQ4cl0EW2Vj4wQP73VMSBC8pbiwgZrFxFxI+EcoHLBJCJocLHOED
/sVGMjrvcg5agwnnXExD9cxfgrSUGt6HjVklA2PCu/guZYT5Pmogf3p603W/1rkO
YsrC6qYZIk2vgR8ZYa3QnDzxDvNr6PHHm5zpPcJlvXXVLhzR6F+QTAu0yytmG/Xq
kecl3INWUMey5lITxp+o4Toxbja2T+q/I0RIh52dDMFYF58SfkMxGX+exDUKqb3x
uV0Senk9tSSNVGF2+wDbsPQqZRWZZwLnV4xlLw3L1pkIuaJtSjd2xJWcCyaueIBO
-----END CERTIFICATE-----
Generated at Tue Nov 12 02:40:04 2024 by rpki-client on console-fra.rpki-client.org