Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/m3aPJE7Wp9FAzTA8mhNZ168MCVQ.roa
File: m3aPJE7Wp9FAzTA8mhNZ168MCVQ.roa (raw, json)
Hash identifier: NsgnOmFoVa2O36T1DwFWrwa7CM7vpeTGKiF10V45Gc4=
Subject key identifier: 9B:76:8F:24:4E:D6:A7:D1:40:CD:30:3C:9A:13:59:D7:AF:0C:09:54
Certificate issuer: /CN=9799140b42db6cb6bf8c6dd413747fcf4a6fd9b5
Certificate serial: 0194236A173222524D484803FB8D1C69B1C3
Authority key identifier: 97:99:14:0B:42:DB:6C:B6:BF:8C:6D:D4:13:74:7F:CF:4A:6F:D9:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l5kUC0LbbLa_jG3UE3R_z0pv2bU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/m3aPJE7Wp9FAzTA8mhNZ168MCVQ.roa
Signing time: Wed 01 Jan 2025 19:49:02 +0000
ROA not before: Wed 01 Jan 2025 19:49:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21106
IP address blocks: 82.206.16.0/21 maxlen: 24
Validation: Failed, certificate revoked on Fri 07 Feb 2025 10:46:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:17:32:22:52:4d:48:48:03:fb:8d:1c:69:b1:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9799140b42db6cb6bf8c6dd413747fcf4a6fd9b5
Validity
Not Before: Jan 1 19:49:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9b768f244ed6a7d140cd303c9a1359d7af0c0954
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:0d:26:13:64:76:27:0b:93:c6:04:69:e8:f1:
79:5d:7f:78:0d:c9:1a:fc:e0:2d:14:be:6c:9e:7e:
ed:cd:32:6b:c7:9b:af:79:6c:fe:5c:c5:26:46:2b:
5e:f9:af:23:ce:1c:58:47:2f:ed:78:e8:64:25:ff:
33:89:92:1a:e4:28:2f:e2:e9:9c:0b:cd:4d:75:ad:
ee:23:75:fd:10:5e:7e:58:20:4b:92:93:26:89:c1:
a1:ba:1e:02:85:ef:59:cc:0d:15:24:27:a1:e0:c0:
43:97:33:e7:2c:b0:2b:43:e5:de:0f:9a:66:9e:da:
96:7b:78:c9:78:b7:4a:cb:59:d1:b6:c3:91:da:9d:
f2:41:08:10:e7:a1:a7:03:6d:1e:7d:63:72:bb:11:
a6:cf:63:6c:96:ac:aa:e9:fb:ad:0f:3b:ee:77:42:
f1:85:fc:ba:c6:d8:be:1d:b3:0c:5e:af:a3:db:d8:
60:e4:56:42:31:ee:41:04:9b:3f:d8:58:14:6d:a6:
f3:7c:a4:66:4a:19:47:d4:db:c7:3f:1b:6f:2a:17:
9f:34:21:e3:3a:99:19:bb:b8:c7:0d:6f:02:1d:0c:
1d:88:c7:de:71:26:c8:02:f5:95:68:8b:1b:90:06:
dc:47:4a:1e:82:eb:94:5d:d2:d6:03:ea:a9:bd:46:
49:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:76:8F:24:4E:D6:A7:D1:40:CD:30:3C:9A:13:59:D7:AF:0C:09:54
X509v3 Authority Key Identifier:
keyid:97:99:14:0B:42:DB:6C:B6:BF:8C:6D:D4:13:74:7F:CF:4A:6F:D9:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l5kUC0LbbLa_jG3UE3R_z0pv2bU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/m3aPJE7Wp9FAzTA8mhNZ168MCVQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/l5kUC0LbbLa_jG3UE3R_z0pv2bU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.206.16.0/21
Signature Algorithm: sha256WithRSAEncryption
90:5d:3c:e2:cc:80:5c:94:b8:76:4c:71:c4:bd:85:80:4c:9b:
e8:eb:9b:40:70:5b:b8:ea:7a:40:ae:c7:06:2d:b6:8d:fb:2a:
71:8a:b4:3e:fb:05:27:07:2b:a4:36:11:df:44:35:ba:8e:32:
f9:c8:1e:d2:fa:a6:8c:df:df:1d:d0:cc:6a:5f:02:1e:c0:ba:
e7:a9:14:63:67:80:82:bf:99:65:73:17:07:3e:08:ab:96:ab:
1f:c0:bc:cd:2e:9a:1b:30:0b:26:26:6e:c6:ba:34:c4:c9:07:
0e:c8:be:89:2f:5b:6a:84:69:af:76:8c:ed:40:87:11:7c:3a:
e5:8f:58:a7:ae:13:c2:44:42:b6:0d:1b:fc:93:11:3e:76:08:
4d:f4:e3:5a:c2:22:78:7c:41:17:9b:af:79:ad:c1:e6:20:2e:
8e:e9:1d:ba:88:2b:6a:6d:4b:42:f3:21:9a:5a:9c:70:3a:48:
2e:e4:e0:0d:79:b4:a7:4d:35:59:b1:2b:b7:21:3e:0c:07:43:
44:0c:6c:60:97:38:69:4e:b6:37:c3:8b:0a:ad:fa:bd:1c:45:
8e:a8:1f:32:3f:cf:5a:4b:cc:26:ef:03:f7:38:0b:0a:a0:6c:
5c:b6:8c:5e:43:c4:b7:f3:d1:24:1b:0a:f4:df:94:4f:2f:f3:
91:07:f2:91
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjahcyIlJNSEgD+40cabHDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3OTkxNDBiNDJkYjZjYjZiZjhjNmRkNDEzNzQ3ZmNmNGE2
ZmQ5YjUwHhcNMjUwMTAxMTk0OTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Yjc2OGYyNDRlZDZhN2QxNDBjZDMwM2M5YTEzNTlkN2FmMGMwOTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQ0mE2R2JwuTxgRp6PF5XX94Dcka
/OAtFL5snn7tzTJrx5uveWz+XMUmRite+a8jzhxYRy/teOhkJf8ziZIa5Cgv4umc
C81Nda3uI3X9EF5+WCBLkpMmicGhuh4Che9ZzA0VJCeh4MBDlzPnLLArQ+XeD5pm
ntqWe3jJeLdKy1nRtsOR2p3yQQgQ56GnA20efWNyuxGmz2Nslqyq6futDzvud0Lx
hfy6xti+HbMMXq+j29hg5FZCMe5BBJs/2FgUbabzfKRmShlH1NvHPxtvKhefNCHj
OpkZu7jHDW8CHQwdiMfecSbIAvWVaIsbkAbcR0oeguuUXdLWA+qpvUZJpwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJt2jyRO1qfRQM0wPJoTWdevDAlUMB8GA1UdIwQY
MBaAFJeZFAtC22y2v4xt1BN0f89Kb9m1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDVrVUMwTGJiTGFfakczVUUzUl96MHB2MmJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS80ZWVmMDMtOTFmZS00NDVhLWE3Y2Qt
NTk1OTE5YmUwZjUyLzEvbTNhUEpFN1dwOUZBelRBOG1oTloxNjhNQ1ZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS80ZWVmMDMtOTFmZS00NDVhLWE3Y2QtNTk1OTE5YmUwZjUy
LzEvbDVrVUMwTGJiTGFfakczVUUzUl96MHB2MmJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDUs4QMA0G
CSqGSIb3DQEBCwUAA4IBAQCQXTzizIBclLh2THHEvYWATJvo65tAcFu46npArscG
LbaN+ypxirQ++wUnByukNhHfRDW6jjL5yB7S+qaM398d0MxqXwIewLrnqRRjZ4CC
v5llcxcHPgirlqsfwLzNLpobMAsmJm7GujTEyQcOyL6JL1tqhGmvdoztQIcRfDrl
j1inrhPCREK2DRv8kxE+dghN9ONawiJ4fEEXm695rcHmIC6O6R26iCtqbUtC8yGa
WpxwOkgu5OANebSnTTVZsSu3IT4MB0NEDGxglzhpTrY3w4sKrfq9HEWOqB8yP89a
S8wm7wP3OAsKoGxctoxeQ8S389EkGwr035RPL/ORB/KR
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:41:51 2025 by rpki-client