Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/NHMW7M0YweKAQVdMpf3CjnNvVUw.roa
File: NHMW7M0YweKAQVdMpf3CjnNvVUw.roa (raw, json)
Hash identifier: CR32cg8KeUh06jjbOhY0Zymv4WCSpRr+JiEiFrIQBBo=
Subject key identifier: 34:73:16:EC:CD:18:C1:E2:80:41:57:4C:A5:FD:C2:8E:73:6F:55:4C
Certificate issuer: /CN=9799140b42db6cb6bf8c6dd413747fcf4a6fd9b5
Certificate serial: 0194D697E6450CA878953FB90BC2E52CF3BA
Authority key identifier: 97:99:14:0B:42:DB:6C:B6:BF:8C:6D:D4:13:74:7F:CF:4A:6F:D9:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l5kUC0LbbLa_jG3UE3R_z0pv2bU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/NHMW7M0YweKAQVdMpf3CjnNvVUw.roa
Signing time: Wed 05 Feb 2025 14:51:06 +0000
ROA not before: Wed 05 Feb 2025 14:51:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 82.206.2.0/23 maxlen: 23
82.206.4.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 07 Feb 2025 09:20:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:d6:97:e6:45:0c:a8:78:95:3f:b9:0b:c2:e5:2c:f3:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9799140b42db6cb6bf8c6dd413747fcf4a6fd9b5
Validity
Not Before: Feb 5 14:51:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=347316eccd18c1e28041574ca5fdc28e736f554c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:3f:ef:0a:a4:68:9b:5f:66:40:d4:bc:1e:8d:
82:e5:36:7a:e4:bc:31:23:35:f4:61:63:6f:39:00:
0a:5a:8f:08:d5:d8:b4:fd:81:ab:96:56:8a:93:c8:
d3:7c:cc:4f:6a:f8:94:a2:49:5d:6d:c5:7e:ab:74:
43:0d:c1:35:f4:19:34:25:29:f3:e1:d7:47:34:30:
79:f9:36:09:ff:75:ae:50:22:b1:97:e5:e2:48:cb:
7b:6b:a2:f0:3a:ea:c5:56:a6:63:77:2e:04:33:e1:
bb:19:cd:78:00:8d:d3:c8:16:8b:2b:36:c2:d7:34:
e5:55:da:e5:c5:08:79:d4:a0:c7:98:bb:dd:38:8e:
83:70:5f:1c:e9:51:56:ed:13:17:2f:2a:7b:87:6f:
da:65:a3:00:9a:2f:8b:7f:8e:87:11:37:6b:cb:3f:
3d:7c:d5:93:af:00:27:50:29:a0:19:8c:dd:37:3c:
cd:80:ca:ac:75:0e:ec:04:6c:aa:81:c8:c0:81:44:
54:bc:0b:c7:52:91:b5:63:d2:ec:3b:8a:e1:d0:b6:
1b:2c:da:6c:80:1f:a7:3f:01:0d:43:87:57:65:2a:
fd:89:07:50:2c:07:71:ca:73:0c:69:8c:4a:4b:42:
33:f4:59:27:8f:8c:ca:79:11:f2:5e:90:af:8f:2b:
3f:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:73:16:EC:CD:18:C1:E2:80:41:57:4C:A5:FD:C2:8E:73:6F:55:4C
X509v3 Authority Key Identifier:
keyid:97:99:14:0B:42:DB:6C:B6:BF:8C:6D:D4:13:74:7F:CF:4A:6F:D9:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l5kUC0LbbLa_jG3UE3R_z0pv2bU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/NHMW7M0YweKAQVdMpf3CjnNvVUw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/l5kUC0LbbLa_jG3UE3R_z0pv2bU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.206.2.0-82.206.7.255
Signature Algorithm: sha256WithRSAEncryption
89:a2:67:77:87:f5:5c:75:99:66:5d:fb:c8:9e:bc:8a:85:f8:
ff:f1:13:e3:59:eb:95:31:6d:da:1e:17:db:2d:f5:f9:8f:0e:
6c:75:c8:d4:71:1e:d0:75:32:40:58:74:62:94:27:19:77:66:
c3:32:c1:94:a2:4a:a8:0d:20:9c:73:72:e6:dc:f9:6c:f5:b5:
60:ae:9d:59:6d:6b:e7:17:97:67:d9:75:05:57:a1:1a:55:84:
15:03:46:0c:0d:0a:55:cd:13:48:ac:6a:98:d4:6c:c9:18:f6:
f0:f4:74:5a:24:ed:2a:e3:e1:5d:81:77:4d:cd:73:77:54:a4:
b4:84:93:3c:f5:3e:ba:ad:68:c8:35:90:dd:c7:8b:22:d7:00:
ef:46:07:b7:4c:12:38:33:a9:94:55:29:48:54:eb:43:b3:19:
90:4d:25:07:df:9c:2d:d5:63:da:ed:fa:da:10:b2:d7:40:fb:
91:3e:7e:73:b1:3a:7f:cf:fe:cb:2f:77:8d:a9:42:27:85:62:
55:91:35:11:35:2b:f7:5b:5c:3e:25:06:c8:f1:7b:2d:0f:0c:
71:58:e0:d8:d9:d5:75:5d:d4:34:ac:f1:e7:b5:5a:94:90:24:
73:f6:54:09:3b:b1:86:1f:50:f4:c9:da:94:48:d4:8e:cb:1d:
ca:e0:d2:e3
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZTWl+ZFDKh4lT+5C8LlLPO6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3OTkxNDBiNDJkYjZjYjZiZjhjNmRkNDEzNzQ3ZmNmNGE2
ZmQ5YjUwHhcNMjUwMjA1MTQ1MTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDczMTZlY2NkMThjMWUyODA0MTU3NGNhNWZkYzI4ZTczNmY1NTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyj/vCqRom19mQNS8Ho2C5TZ65Lwx
IzX0YWNvOQAKWo8I1di0/YGrllaKk8jTfMxPaviUokldbcV+q3RDDcE19Bk0JSnz
4ddHNDB5+TYJ/3WuUCKxl+XiSMt7a6LwOurFVqZjdy4EM+G7Gc14AI3TyBaLKzbC
1zTlVdrlxQh51KDHmLvdOI6DcF8c6VFW7RMXLyp7h2/aZaMAmi+Lf46HETdryz89
fNWTrwAnUCmgGYzdNzzNgMqsdQ7sBGyqgcjAgURUvAvHUpG1Y9LsO4rh0LYbLNps
gB+nPwENQ4dXZSr9iQdQLAdxynMMaYxKS0Iz9Fknj4zKeRHyXpCvjys/jQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFDRzFuzNGMHigEFXTKX9wo5zb1VMMB8GA1UdIwQY
MBaAFJeZFAtC22y2v4xt1BN0f89Kb9m1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDVrVUMwTGJiTGFfakczVUUzUl96MHB2MmJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS80ZWVmMDMtOTFmZS00NDVhLWE3Y2Qt
NTk1OTE5YmUwZjUyLzEvTkhNVzdNMFl3ZUtBUVZkTXBmM0Nqbk52VlV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS80ZWVmMDMtOTFmZS00NDVhLWE3Y2QtNTk1OTE5YmUwZjUy
LzEvbDVrVUMwTGJiTGFfakczVUUzUl96MHB2MmJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAFSzgID
BANSzgAwDQYJKoZIhvcNAQELBQADggEBAImiZ3eH9Vx1mWZd+8ievIqF+P/xE+NZ
65UxbdoeF9st9fmPDmx1yNRxHtB1MkBYdGKUJxl3ZsMywZSiSqgNIJxzcubc+Wz1
tWCunVlta+cXl2fZdQVXoRpVhBUDRgwNClXNE0isapjUbMkY9vD0dFok7Srj4V2B
d03Nc3dUpLSEkzz1PrqtaMg1kN3HiyLXAO9GB7dMEjgzqZRVKUhU60OzGZBNJQff
nC3VY9rt+toQstdA+5E+fnOxOn/P/ssvd42pQieFYlWRNRE1K/dbXD4lBsjxey0P
DHFY4NjZ1XVd1DSs8ee1WpSQJHP2VAk7sYYfUPTJ2pRI1I7LHcrg0uM=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:33:23 2025 by rpki-client