Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/nrYj8o9ctAMrHUvy9NUmZP_gBbk.roa
File: nrYj8o9ctAMrHUvy9NUmZP_gBbk.roa (raw, json)
Hash identifier: iSC7Rfd4GDJ/zn6hnztEkSiK7bq2TkJWx8kIhr2koeY=
Subject key identifier: 9E:B6:23:F2:8F:5C:B4:03:2B:1D:4B:F2:F4:D5:26:64:FF:E0:05:B9
Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial: 019424B2A011658588676D5E71BB944E8374
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/nrYj8o9ctAMrHUvy9NUmZP_gBbk.roa
Signing time: Thu 02 Jan 2025 01:47:53 +0000
ROA not before: Thu 02 Jan 2025 01:47:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 23470
IP address blocks: 62.171.230.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 19 Jan 2025 17:38:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:a0:11:65:85:88:67:6d:5e:71:bb:94:4e:83:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Validity
Not Before: Jan 2 01:47:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9eb623f28f5cb4032b1d4bf2f4d52664ffe005b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:93:11:2a:ae:a1:b8:a8:90:13:09:31:a8:00:
64:c0:3a:82:2c:aa:10:69:28:c7:82:74:3f:83:94:
0b:c9:fe:19:3b:25:66:a1:7c:98:b1:c1:9f:b6:1d:
13:15:6d:10:1b:92:1e:b7:8f:bf:0b:02:e4:c7:b3:
21:91:59:a0:75:0a:15:08:aa:c7:0b:32:a8:69:10:
8c:f3:ad:82:4e:11:0b:d6:88:3f:d1:b5:44:0e:ac:
32:c9:5e:e0:ed:02:57:58:b3:bb:17:51:93:51:79:
43:05:a2:94:f5:cd:6b:15:e5:74:16:e8:1e:fd:e2:
e5:e0:96:d6:61:28:62:e2:dd:6f:ac:82:1f:87:6c:
85:54:57:b4:3f:8b:a1:f7:30:16:d8:4b:55:02:29:
9e:61:bf:9b:a2:b4:a6:2b:f7:d4:23:5b:3a:2e:2f:
72:e6:16:6f:64:ca:9f:87:26:dc:23:e1:95:4c:aa:
2b:6c:bd:04:53:2f:33:fd:fb:c7:9d:10:9f:1b:8d:
db:ed:52:e7:8c:57:97:48:bc:9d:8a:ef:a5:dc:b8:
7f:08:57:a8:38:89:99:75:e3:01:e2:ba:aa:85:48:
9b:45:45:2e:3a:fa:64:0b:69:b2:f3:47:1c:9d:18:
af:ba:92:09:4e:ef:c0:dc:8d:b0:14:db:09:65:fb:
0b:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:B6:23:F2:8F:5C:B4:03:2B:1D:4B:F2:F4:D5:26:64:FF:E0:05:B9
X509v3 Authority Key Identifier:
keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/nrYj8o9ctAMrHUvy9NUmZP_gBbk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.171.230.0/24
Signature Algorithm: sha256WithRSAEncryption
83:a8:04:47:97:f3:3a:72:c8:b4:14:b4:03:29:f0:0e:97:a1:
c7:70:8f:d2:42:a8:85:ac:e3:ba:63:42:ed:ed:ac:e0:bb:d5:
74:4e:7e:c3:3d:aa:6f:17:03:5d:dc:60:ab:34:1c:bb:3b:5a:
3b:76:f2:6b:23:e5:bf:76:a7:93:5f:f7:a5:8e:86:8c:38:1f:
0b:a4:c7:27:95:4e:da:8d:ff:c6:2d:27:68:d7:c4:fe:a2:c3:
10:de:44:dc:a3:2e:47:57:60:9f:91:b8:e5:60:52:fb:b7:fe:
88:30:7e:77:02:14:23:3b:23:30:89:f7:da:a5:2c:f7:0a:73:
0d:9e:e0:2c:ed:9e:8b:db:b4:70:63:ed:15:f3:95:ba:67:5f:
75:7a:d1:5c:41:41:b2:73:54:7a:86:7a:7e:65:4f:8c:01:71:
47:b2:0b:8d:33:b0:5c:1d:fd:f2:d8:d2:95:cf:a3:5e:2e:fb:
8f:62:00:48:f6:5d:bb:7d:53:d6:0e:57:69:d2:88:c0:0f:7b:
0c:b7:f2:09:b0:de:4f:1a:49:ab:74:9c:0b:2e:0e:77:5c:ce:
10:e6:c3:86:99:22:c3:c2:06:d7:87:da:f9:d9:bb:eb:eb:b2:
56:17:cd:50:d4:ff:fb:e9:69:2d:77:44:b6:f7:1a:ac:4c:4f:
13:ce:ae:f3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQksqARZYWIZ21ecbuUToN0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjUwMTAyMDE0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWI2MjNmMjhmNWNiNDAzMmIxZDRiZjJmNGQ1MjY2NGZmZTAwNWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJMRKq6huKiQEwkxqABkwDqCLKoQ
aSjHgnQ/g5QLyf4ZOyVmoXyYscGfth0TFW0QG5Iet4+/CwLkx7MhkVmgdQoVCKrH
CzKoaRCM862CThEL1og/0bVEDqwyyV7g7QJXWLO7F1GTUXlDBaKU9c1rFeV0Fuge
/eLl4JbWYShi4t1vrIIfh2yFVFe0P4uh9zAW2EtVAimeYb+borSmK/fUI1s6Li9y
5hZvZMqfhybcI+GVTKorbL0EUy8z/fvHnRCfG43b7VLnjFeXSLydiu+l3Lh/CFeo
OImZdeMB4rqqhUibRUUuOvpkC2my80ccnRivupIJTu/A3I2wFNsJZfsLuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ62I/KPXLQDKx1L8vTVJmT/4AW5MB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEvbnJZajhvOWN0QU1ySFV2eTlOVW1aUF9nQmJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPqvmMA0G
CSqGSIb3DQEBCwUAA4IBAQCDqARHl/M6csi0FLQDKfAOl6HHcI/SQqiFrOO6Y0Lt
7azgu9V0Tn7DPapvFwNd3GCrNBy7O1o7dvJrI+W/dqeTX/eljoaMOB8LpMcnlU7a
jf/GLSdo18T+osMQ3kTcoy5HV2CfkbjlYFL7t/6IMH53AhQjOyMwiffapSz3CnMN
nuAs7Z6L27RwY+0V85W6Z191etFcQUGyc1R6hnp+ZU+MAXFHsguNM7BcHf3y2NKV
z6NeLvuPYgBI9l27fVPWDldp0ojAD3sMt/IJsN5PGkmrdJwLLg53XM4Q5sOGmSLD
wgbXh9r52bvr67JWF81Q1P/76Wktd0S29xqsTE8Tzq7z
-----END CERTIFICATE-----
Generated at Wed Feb 5 14:59:52 2025 by rpki-client