Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/NfyzKt9xS6LbqSN55q6TteFw0n0.roa
File: NfyzKt9xS6LbqSN55q6TteFw0n0.roa (raw, json)
Hash identifier: ht1BmO8ZbvAexPiLMqCnr1uXba8WcEf3KYYTj59TKgw=
Subject key identifier: 35:FC:B3:2A:DF:71:4B:A2:DB:A9:23:79:E6:AE:93:B5:E1:70:D2:7D
Certificate issuer: /CN=f84128146b7bec8bd1185bbe0c3b9340aaf5b714
Certificate serial: 018CC56EAF43492EAA5C59A9E54281964794
Authority key identifier: F8:41:28:14:6B:7B:EC:8B:D1:18:5B:BE:0C:3B:93:40:AA:F5:B7:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-EEoFGt77IvRGFu-DDuTQKr1txQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/NfyzKt9xS6LbqSN55q6TteFw0n0.roa
Signing time: Mon 01 Jan 2024 14:30:14 +0000
ROA not before: Mon 01 Jan 2024 14:30:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41911
IP address blocks: 91.241.120.0/21 maxlen: 22
176.110.32.0/19 maxlen: 19
46.250.96.0/19 maxlen: 20
91.243.0.0/19 maxlen: 20
176.110.0.0/19 maxlen: 19
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:49:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:af:43:49:2e:aa:5c:59:a9:e5:42:81:96:47:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f84128146b7bec8bd1185bbe0c3b9340aaf5b714
Validity
Not Before: Jan 1 14:30:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=35fcb32adf714ba2dba92379e6ae93b5e170d27d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:f9:5c:3f:4e:9e:85:f9:0a:c7:54:a0:d8:67:
1f:17:6c:88:60:7b:22:4d:54:1a:ea:dc:16:3f:6b:
e3:19:a3:d0:23:2c:2d:7b:27:f7:6c:6e:01:97:c1:
af:9b:06:fa:a1:6d:32:29:02:59:d1:ce:2b:8b:ba:
64:47:c4:a9:a3:85:0f:0b:11:2f:8e:ac:3f:23:27:
6a:6b:0a:b0:f5:3f:4a:b5:8f:9f:06:d0:12:2e:ec:
c3:9f:26:02:1d:15:02:1d:ee:b7:d3:81:d4:b5:76:
20:a6:fa:b4:5f:fe:12:5e:3a:ec:06:05:5e:1e:e6:
1d:c3:05:1d:82:36:7e:0c:6e:7c:98:a0:f6:47:57:
63:75:d0:60:fc:f7:1e:e3:ff:d2:b6:f6:b0:e2:fb:
28:f6:ec:ec:15:53:23:07:ba:b7:69:a8:4b:67:fb:
5a:78:ee:f6:79:14:12:7e:54:93:2f:b5:81:2c:5b:
11:cd:fa:cb:7c:61:d5:f4:62:e8:d2:91:ce:6f:b3:
6e:1f:69:ad:9a:21:37:3e:8c:5a:c4:54:fb:a3:15:
b0:81:48:95:25:91:fb:93:77:5b:1c:24:02:b2:0c:
36:fc:c8:ce:24:d4:26:49:3c:dd:a6:53:61:63:4c:
53:50:d2:0e:9f:2f:00:14:29:c0:a2:13:6b:23:ee:
c2:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:FC:B3:2A:DF:71:4B:A2:DB:A9:23:79:E6:AE:93:B5:E1:70:D2:7D
X509v3 Authority Key Identifier:
keyid:F8:41:28:14:6B:7B:EC:8B:D1:18:5B:BE:0C:3B:93:40:AA:F5:B7:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-EEoFGt77IvRGFu-DDuTQKr1txQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/NfyzKt9xS6LbqSN55q6TteFw0n0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/1-EEoFGt77IvRGFu-DDuTQKr1txQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.250.96.0/19
91.241.120.0/21
91.243.0.0/19
176.110.0.0/18
Signature Algorithm: sha256WithRSAEncryption
37:dc:fb:3c:b9:33:70:b4:31:c9:b6:c9:b5:b7:dd:f1:99:b0:
89:57:4f:0a:69:86:9e:f2:b1:e1:53:19:e7:68:c6:20:95:4d:
e8:6a:40:36:40:90:af:f3:0a:de:a2:ee:db:3e:e0:c3:84:dc:
05:03:2a:60:0f:ad:4d:5c:6f:58:87:07:10:6f:87:61:04:84:
0f:02:d0:2d:23:5c:e0:9b:8a:4d:6e:c2:b8:fa:4c:fa:54:11:
88:81:5b:8e:bd:79:f7:8e:c9:c3:7d:10:94:c9:08:61:94:f2:
95:13:fb:75:0f:0b:15:7d:c5:b3:1e:bb:c3:99:27:30:ec:34:
e1:e9:09:62:16:3c:ce:93:b6:2d:89:3e:c9:a8:4e:2b:c6:12:
32:c3:94:f4:0d:1a:91:d1:b8:44:36:65:d9:85:03:20:40:17:
bd:98:25:d8:f1:a3:22:8d:af:17:32:36:98:f6:c4:ba:19:f0:
d8:97:27:ac:50:65:44:f0:78:7e:c8:b7:ef:e3:bf:62:27:d0:
40:5e:69:e1:ef:38:46:a1:48:b9:74:57:76:fd:a6:67:53:8b:
da:9f:cf:29:f4:0d:69:13:67:62:d6:80:6e:53:40:20:86:61:
e6:e3:d2:62:93:1b:ba:74:fc:74:b6:fb:84:97:0d:62:12:36:
55:40:93:26
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzFbq9DSS6qXFmp5UKBlkeUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4NDEyODE0NmI3YmVjOGJkMTE4NWJiZTBjM2I5MzQwYWFm
NWI3MTQwHhcNMjQwMTAxMTQzMDE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWZjYjMyYWRmNzE0YmEyZGJhOTIzNzllNmFlOTNiNWUxNzBkMjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgvlcP06ehfkKx1Sg2GcfF2yIYHsi
TVQa6twWP2vjGaPQIywteyf3bG4Bl8Gvmwb6oW0yKQJZ0c4ri7pkR8Spo4UPCxEv
jqw/Iydqawqw9T9KtY+fBtASLuzDnyYCHRUCHe6304HUtXYgpvq0X/4SXjrsBgVe
HuYdwwUdgjZ+DG58mKD2R1djddBg/Pce4//Stvaw4vso9uzsFVMjB7q3aahLZ/ta
eO72eRQSflSTL7WBLFsRzfrLfGHV9GLo0pHOb7NuH2mtmiE3PoxaxFT7oxWwgUiV
JZH7k3dbHCQCsgw2/MjOJNQmSTzdplNhY0xTUNIOny8AFCnAohNrI+7CYQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFDX8syrfcUui26kjeeauk7XhcNJ9MB8GA1UdIwQY
MBaAFPhBKBRre+yL0Rhbvgw7k0Cq9bcUMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1FRW9GR3Q3N0l2UkdGdS1ERHVUUUtyMXR4US5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIvZmIyNDExLTQ4NWItNDE0My05MjQx
LTEzODM5NjQwYTYwNC8xL05meXpLdDl4UzZMYnFTTjU1cTZUdGVGdzBuMC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNjIvZmIyNDExLTQ4NWItNDE0My05MjQxLTEzODM5NjQwYTYw
NC8xLzEtRUVvRkd0NzdJdlJHRnUtRER1VFFLcjF0eFEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBAUu+mAD
BANb8XgDBAVb8wADBAawbgAwDQYJKoZIhvcNAQELBQADggEBADfc+zy5M3C0Mcm2
ybW33fGZsIlXTwpphp7yseFTGedoxiCVTehqQDZAkK/zCt6i7ts+4MOE3AUDKmAP
rU1cb1iHBxBvh2EEhA8C0C0jXOCbik1uwrj6TPpUEYiBW469efeOycN9EJTJCGGU
8pUT+3UPCxV9xbMeu8OZJzDsNOHpCWIWPM6Tti2JPsmoTivGEjLDlPQNGpHRuEQ2
ZdmFAyBAF72YJdjxoyKNrxcyNpj2xLoZ8NiXJ6xQZUTweH7It+/jv2In0EBeaeHv
OEahSLl0V3b9pmdTi9qfzyn0DWkTZ2LWgG5TQCCGYebj0mKTG7p0/HS2+4SXDWIS
NlVAkyY=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:31:40 2025 by rpki-client