Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/nLxKHNqN9fKE6nj46eBlef9JGKs.roa
File: nLxKHNqN9fKE6nj46eBlef9JGKs.roa (raw, json)
Hash identifier: eEm8YTOx/SzRV/r6iT4EfGpQnSk3gxkOjdLQDzwgCcs=
Subject key identifier: 9C:BC:4A:1C:DA:8D:F5:F2:84:EA:78:F8:E9:E0:65:79:FF:49:18:AB
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018E7F6231AE3F137034D52D259648A2F39F
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/nLxKHNqN9fKE6nj46eBlef9JGKs.roa
Signing time: Wed 27 Mar 2024 10:08:45 +0000
ROA not before: Wed 27 Mar 2024 10:08:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60781
IP address blocks: 82.153.246.0/24 maxlen: 24
213.218.243.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 06 Jun 2024 15:43:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:7f:62:31:ae:3f:13:70:34:d5:2d:25:96:48:a2:f3:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Mar 27 10:08:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9cbc4a1cda8df5f284ea78f8e9e06579ff4918ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:d3:4d:82:27:27:a6:3c:6a:0c:ee:61:47:f0:
23:39:87:d5:ed:2b:4a:4a:a8:ed:c4:5b:03:4c:dd:
dc:15:ab:2f:07:05:42:e4:f6:e6:af:6c:5b:b1:d0:
50:8d:e4:02:52:8d:9f:ca:dd:a1:db:91:9b:66:dd:
7d:e0:b4:20:97:71:26:4d:68:0f:42:75:ea:c2:e0:
d9:6f:ec:e9:0d:4a:4e:6c:fe:91:c2:d2:2d:b6:de:
d8:e3:af:20:1e:07:e4:39:98:cc:e5:e9:a3:f7:f6:
a4:02:2b:00:a2:bc:c1:de:2a:2a:b0:46:44:ab:b0:
0b:a0:22:02:ad:5c:bc:c4:1f:57:f1:9f:a0:d1:1b:
af:a1:84:84:54:27:da:76:8f:f2:b8:8c:f7:1d:44:
24:91:ba:95:cf:f2:e3:d8:92:b4:f3:83:7a:59:3c:
6e:b1:46:ab:50:ae:b4:9d:4a:83:c7:b8:9f:26:12:
49:0f:c6:d3:28:e1:c5:9c:b0:2b:33:a5:e5:10:9d:
b3:e5:2b:45:33:dc:bf:b6:84:9e:b4:ca:4d:fe:b1:
d0:5d:db:5c:ce:db:9d:e3:45:08:ba:17:94:6d:b5:
c9:c7:aa:09:90:f0:70:1a:4c:5b:df:82:a6:31:ce:
bd:07:bf:0d:bb:f6:41:0e:84:68:74:1b:34:6b:cb:
d5:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:BC:4A:1C:DA:8D:F5:F2:84:EA:78:F8:E9:E0:65:79:FF:49:18:AB
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/nLxKHNqN9fKE6nj46eBlef9JGKs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.246.0/24
213.218.243.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:9d:7a:1f:43:db:b6:74:76:d5:a3:59:24:47:d6:81:43:85:
0d:12:d9:e1:71:3f:ac:65:8b:1b:23:b8:b2:4f:7a:5f:2a:b7:
4c:f4:41:c0:31:f2:b2:ae:c6:e0:cf:69:e6:3a:4a:2e:7e:a5:
b3:75:7e:1b:47:73:27:b9:96:d4:aa:96:7a:72:86:3e:2a:1b:
91:15:f7:73:71:e3:67:bf:e5:85:6a:7b:4f:a8:87:4c:c5:f0:
7e:71:f8:29:11:92:3e:d2:02:23:9b:0f:0f:f5:9d:e3:49:6a:
75:91:f1:75:8c:01:75:b4:f7:ce:58:82:87:cc:db:3d:69:66:
57:9c:a2:4f:c4:b3:27:d7:05:ff:80:56:e7:d7:87:06:04:14:
7c:5c:7f:69:eb:7c:a3:ab:26:b1:6b:55:fc:3b:88:9d:a6:96:
61:d1:2e:78:f9:40:d6:af:72:2c:95:d7:0c:a8:05:b9:f4:13:
83:bc:6f:b9:e6:2b:e9:dd:66:f5:06:6c:e6:83:17:ba:98:ae:
dd:c4:88:e0:13:68:de:86:9f:a2:47:a6:65:00:0f:15:6a:89:
4b:0a:76:fc:15:26:25:6d:9d:ab:ba:1a:c0:7f:94:6c:c1:6f:
92:65:18:60:0b:16:f4:1c:bc:c3:6c:70:50:8e:6c:16:2c:bb:
2c:35:0a:21
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY5/YjGuPxNwNNUtJZZIovOfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMzI3MTAwODQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2JjNGExY2RhOGRmNWYyODRlYTc4ZjhlOWUwNjU3OWZmNDkxOGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgNNNgicnpjxqDO5hR/AjOYfV7StK
SqjtxFsDTN3cFasvBwVC5Pbmr2xbsdBQjeQCUo2fyt2h25GbZt194LQgl3EmTWgP
QnXqwuDZb+zpDUpObP6RwtIttt7Y468gHgfkOZjM5emj9/akAisAorzB3ioqsEZE
q7ALoCICrVy8xB9X8Z+g0RuvoYSEVCfado/yuIz3HUQkkbqVz/Lj2JK084N6WTxu
sUarUK60nUqDx7ifJhJJD8bTKOHFnLArM6XlEJ2z5StFM9y/toSetMpN/rHQXdtc
ztud40UIuheUbbXJx6oJkPBwGkxb34KmMc69B78Nu/ZBDoRodBs0a8vVPwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJy8ShzajfXyhOp4+OngZXn/SRirMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvbkx4S0hOcU45ZktFNm5qNDZlQmxlZjlKR0tzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUpn2AwQA
1drzMA0GCSqGSIb3DQEBCwUAA4IBAQBdnXofQ9u2dHbVo1kkR9aBQ4UNEtnhcT+s
ZYsbI7iyT3pfKrdM9EHAMfKyrsbgz2nmOkoufqWzdX4bR3MnuZbUqpZ6coY+KhuR
FfdzceNnv+WFantPqIdMxfB+cfgpEZI+0gIjmw8P9Z3jSWp1kfF1jAF1tPfOWIKH
zNs9aWZXnKJPxLMn1wX/gFbn14cGBBR8XH9p63yjqyaxa1X8O4idppZh0S54+UDW
r3IsldcMqAW59BODvG+55ivp3Wb1Bmzmgxe6mK7dxIjgE2jehp+iR6ZlAA8VaolL
Cnb8FSYlbZ2ruhrAf5RswW+SZRhgCxb0HLzDbHBQjmwWLLssNQoh
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:08:27 2025 by rpki-client