Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/ddc1aa-5a3a-4163-b5e8-15ea337a7840/1/nW9AzuLvNnhWjuaFdFYYM-MyX9o.roa
File: nW9AzuLvNnhWjuaFdFYYM-MyX9o.roa (raw, json)
Hash identifier: 7pbYL9/seWFsOrYEJ3c/xz+7ssJf8bpJimIa56ZLnRA=
Subject key identifier: 9D:6F:40:CE:E2:EF:36:78:56:8E:E6:85:74:56:18:33:E3:32:5F:DA
Certificate issuer: /CN=9d3d627c297fe542d8359a86d8e2f9ebd9565a81
Certificate serial: 018CC80188C03A5783C7494EF19770D3EA2F
Authority key identifier: 9D:3D:62:7C:29:7F:E5:42:D8:35:9A:86:D8:E2:F9:EB:D9:56:5A:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nT1ifCl_5ULYNZqG2OL569lWWoE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/ddc1aa-5a3a-4163-b5e8-15ea337a7840/1/nW9AzuLvNnhWjuaFdFYYM-MyX9o.roa
Signing time: Tue 02 Jan 2024 02:29:52 +0000
ROA not before: Tue 02 Jan 2024 02:29:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207484
IP address blocks: 94.231.199.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 24 May 2024 10:27:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:88:c0:3a:57:83:c7:49:4e:f1:97:70:d3:ea:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d3d627c297fe542d8359a86d8e2f9ebd9565a81
Validity
Not Before: Jan 2 02:29:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9d6f40cee2ef3678568ee68574561833e3325fda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:c4:27:51:4c:bd:53:9b:ed:f2:aa:1b:92:db:
99:9d:47:84:f6:c0:a5:06:eb:02:4f:cc:0f:bc:bb:
f2:fe:5a:ce:6b:2d:a6:84:33:ba:04:2f:35:07:b8:
6d:ce:d5:01:f4:38:99:9c:27:40:e1:db:d7:a7:31:
1e:a1:86:bb:ad:6a:1e:58:d5:f0:df:99:3f:3c:6b:
b2:f0:0b:c5:ef:e6:d2:45:9e:24:3b:4b:ec:de:39:
f7:e7:2c:e1:15:fb:f7:c9:13:12:85:00:3c:a7:4a:
66:b4:0f:ea:2d:1e:7c:7a:b9:e5:e0:cf:27:15:be:
11:c8:17:0a:8d:b3:f6:42:88:48:e1:a0:9d:94:e6:
5e:53:d6:61:15:82:21:57:5b:df:f0:50:3f:eb:8a:
78:b4:c8:e7:5e:4d:95:11:cb:c7:38:91:0f:f6:75:
fa:58:ab:e9:e6:9b:25:c2:15:bf:dd:24:c1:49:62:
9b:b7:c7:36:0c:87:6e:1e:57:4d:05:95:55:d7:98:
b9:e8:56:9a:3f:46:1b:7a:5a:f0:0d:e0:71:26:d5:
43:be:70:02:be:58:4c:25:1f:b8:cc:81:01:b5:5a:
79:12:6a:84:14:56:44:5d:43:6a:f0:96:34:91:cb:
dc:30:07:03:7c:0d:1e:24:82:4a:40:8a:26:fd:99:
6c:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:6F:40:CE:E2:EF:36:78:56:8E:E6:85:74:56:18:33:E3:32:5F:DA
X509v3 Authority Key Identifier:
keyid:9D:3D:62:7C:29:7F:E5:42:D8:35:9A:86:D8:E2:F9:EB:D9:56:5A:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nT1ifCl_5ULYNZqG2OL569lWWoE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/ddc1aa-5a3a-4163-b5e8-15ea337a7840/1/nW9AzuLvNnhWjuaFdFYYM-MyX9o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/ddc1aa-5a3a-4163-b5e8-15ea337a7840/1/nT1ifCl_5ULYNZqG2OL569lWWoE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.231.199.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:1a:cf:8b:82:0e:5b:cd:c4:40:93:83:74:15:96:8a:9a:a7:
80:3e:c1:b4:1a:35:a5:73:6a:9c:f3:b0:8d:15:e7:c7:b8:e0:
d0:b9:ef:9d:f4:85:d2:38:05:72:2c:c4:f5:50:c4:df:34:ed:
a7:c9:00:b2:c5:7c:21:a8:1c:93:f8:8b:6f:bd:2e:59:2b:1d:
fe:49:bb:30:fb:aa:4b:c7:38:f4:61:01:dc:e7:21:d7:71:a7:
1e:db:ce:20:58:0d:42:3b:fe:e1:41:26:28:64:7b:22:86:46:
87:0e:46:3f:55:7e:1c:82:5b:28:85:94:74:1c:57:c0:eb:ec:
20:17:71:e7:54:6f:5b:8c:ea:dc:77:c6:96:bf:d2:85:8b:2d:
59:ee:dc:96:6e:45:3c:1e:47:a4:22:39:33:13:98:4e:b1:44:
47:b8:b0:7a:1c:ee:13:cf:a2:a5:2c:1a:03:44:cc:e4:d5:a5:
46:c3:67:fd:d1:52:93:11:66:f7:d4:05:d5:34:e0:d5:c3:c6:
f4:2b:de:51:2c:d7:ee:5b:12:7b:3e:bd:ca:f1:2f:1e:58:b7:
8f:55:9c:d5:ad:7d:91:e3:a2:97:a7:00:c1:cf:99:62:24:9e:
c6:b2:da:17:31:95:6c:50:7a:c3:48:5a:7b:1c:11:b4:73:5a:
43:fb:57:18
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAYjAOleDx0lO8Zdw0+ovMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkM2Q2MjdjMjk3ZmU1NDJkODM1OWE4NmQ4ZTJmOWViZDk1
NjVhODEwHhcNMjQwMTAyMDIyOTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDZmNDBjZWUyZWYzNjc4NTY4ZWU2ODU3NDU2MTgzM2UzMzI1ZmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz8QnUUy9U5vt8qobktuZnUeE9sCl
BusCT8wPvLvy/lrOay2mhDO6BC81B7htztUB9DiZnCdA4dvXpzEeoYa7rWoeWNXw
35k/PGuy8AvF7+bSRZ4kO0vs3jn35yzhFfv3yRMShQA8p0pmtA/qLR58ernl4M8n
Fb4RyBcKjbP2QohI4aCdlOZeU9ZhFYIhV1vf8FA/64p4tMjnXk2VEcvHOJEP9nX6
WKvp5pslwhW/3STBSWKbt8c2DIduHldNBZVV15i56FaaP0YbelrwDeBxJtVDvnAC
vlhMJR+4zIEBtVp5EmqEFFZEXUNq8JY0kcvcMAcDfA0eJIJKQIom/ZlsZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ1vQM7i7zZ4Vo7mhXRWGDPjMl/aMB8GA1UdIwQY
MBaAFJ09Ynwpf+VC2DWahtji+evZVlqBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblQxaWZDbF81VUxZTlpxRzJPTDU2OWxXV29FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9kZGMxYWEtNWEzYS00MTYzLWI1ZTgt
MTVlYTMzN2E3ODQwLzEvblc5QXp1THZObmhXanVhRmRGWVlNLU15WDlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9kZGMxYWEtNWEzYS00MTYzLWI1ZTgtMTVlYTMzN2E3ODQw
LzEvblQxaWZDbF81VUxZTlpxRzJPTDU2OWxXV29FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXufHMA0G
CSqGSIb3DQEBCwUAA4IBAQB/Gs+Lgg5bzcRAk4N0FZaKmqeAPsG0GjWlc2qc87CN
FefHuODQue+d9IXSOAVyLMT1UMTfNO2nyQCyxXwhqByT+ItvvS5ZKx3+Sbsw+6pL
xzj0YQHc5yHXcace284gWA1CO/7hQSYoZHsihkaHDkY/VX4cglsohZR0HFfA6+wg
F3HnVG9bjOrcd8aWv9KFiy1Z7tyWbkU8HkekIjkzE5hOsURHuLB6HO4Tz6KlLBoD
RMzk1aVGw2f90VKTEWb31AXVNODVw8b0K95RLNfuWxJ7Pr3K8S8eWLePVZzVrX2R
46KXpwDBz5liJJ7GstoXMZVsUHrDSFp7HBG0c1pD+1cY
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:18:11 2025 by rpki-client