Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/nHVkBV53zmTU5cOhwsfSsiHI_E0.roa
File: nHVkBV53zmTU5cOhwsfSsiHI_E0.roa (raw, json)
Hash identifier: VmfWQnsprOixfoja0VoSdL6hgfboczP1/mCKhSbAfsc=
Subject key identifier: 9C:75:64:05:5E:77:CE:64:D4:E5:C3:A1:C2:C7:D2:B2:21:C8:FC:4D
Certificate issuer: /CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Certificate serial: 0191DCE24FA6A31D9F8A89E4E7ED1B5FA877
Authority key identifier: 65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/nHVkBV53zmTU5cOhwsfSsiHI_E0.roa
Signing time: Tue 10 Sep 2024 17:01:44 +0000
ROA not before: Tue 10 Sep 2024 17:01:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200202
IP address blocks: 195.216.190.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:54:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:dc:e2:4f:a6:a3:1d:9f:8a:89:e4:e7:ed:1b:5f:a8:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Validity
Not Before: Sep 10 17:01:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9c7564055e77ce64d4e5c3a1c2c7d2b221c8fc4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:4a:5c:a0:5a:95:5f:f1:a2:8b:68:7d:94:33:
0e:29:58:42:30:fb:88:a9:03:80:5b:36:a8:33:e7:
eb:1e:9e:4e:22:57:60:66:de:69:1b:eb:41:be:2c:
69:85:a1:a7:b6:a8:ca:ef:5f:92:38:8b:ad:7a:e9:
49:1b:5c:81:8f:34:08:f5:ed:7f:0d:c2:8d:eb:72:
43:0d:57:32:a5:41:10:7a:2e:98:e3:4b:a2:ec:b8:
60:33:44:19:dd:be:40:3d:b0:c0:85:a6:a4:9e:3c:
45:ef:7f:a1:de:7c:ec:e2:af:ca:7a:a5:ce:48:1f:
12:6e:02:fa:7e:50:d8:4d:95:94:db:d1:92:98:13:
0a:a7:99:3b:b9:78:24:23:61:0a:5f:fc:78:1c:09:
ec:10:72:b5:07:6f:b0:98:1a:82:00:41:5e:a2:32:
cd:0e:d3:bb:da:e8:93:ec:2d:71:b8:5d:f6:dc:82:
f2:3e:32:11:bf:a6:b4:cc:a3:5f:23:b7:4c:ae:f9:
c1:29:79:1b:42:27:d2:d9:cf:74:28:12:16:0a:02:
0f:20:65:04:e2:51:18:f7:59:b9:08:37:79:f9:0e:
cc:30:e6:45:d5:9e:0c:d2:f3:f3:67:64:3a:77:0c:
f8:35:11:e0:fc:29:52:a5:94:68:eb:a8:73:fc:bb:
70:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:75:64:05:5E:77:CE:64:D4:E5:C3:A1:C2:C7:D2:B2:21:C8:FC:4D
X509v3 Authority Key Identifier:
keyid:65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/nHVkBV53zmTU5cOhwsfSsiHI_E0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ZbfWaZg1v-moCB38EU3xv20hXac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.216.190.0/24
Signature Algorithm: sha256WithRSAEncryption
55:af:4d:95:0c:d3:4a:d7:cf:0e:48:b0:a2:a4:40:fe:f7:ae:
36:59:8b:3b:73:ea:03:c9:60:0c:dc:07:d5:88:63:3f:52:39:
91:34:9c:3f:fe:96:e2:cd:5e:55:13:21:47:ba:4d:8d:d0:ce:
ef:74:c0:d1:7e:ab:fa:1f:5f:8b:cb:3e:e7:19:4d:f9:be:30:
8c:b5:9e:ae:d2:7a:84:8e:fb:4b:8b:53:3a:8b:58:24:76:64:
c1:d3:1f:f9:30:42:51:27:46:fd:68:9c:b2:be:bd:ba:6a:61:
83:6a:7b:a6:77:72:20:1f:28:c8:f0:c3:0c:1c:45:a9:33:c0:
bf:ca:11:d6:a9:c2:f2:ac:19:b0:91:6a:04:1f:4c:24:42:2b:
44:2d:f2:a8:81:1d:c1:10:22:51:4b:0c:73:6a:9f:f4:ef:72:
b1:88:b1:bc:f0:c3:ab:aa:bb:15:77:fc:58:05:63:be:a6:ae:
e9:ba:aa:db:e5:54:30:82:57:17:d9:f1:95:3c:2e:90:d4:ff:
ba:92:62:ea:33:60:9b:1c:4a:6d:30:dc:12:e5:dc:93:5a:fa:
44:ae:12:30:3d:be:91:3e:45:7f:ab:cf:f4:35:88:6e:dc:f1:
13:ee:e3:f5:ad:18:77:29:96:fc:f5:93:c7:8c:e3:9d:e4:48:
ab:62:44:42
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZHc4k+mox2fionk5+0bX6h3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YjdkNjY5OTgzNWJmZTlhODA4MWRmYzExNGRmMWJmNmQy
MTVkYTcwHhcNMjQwOTEwMTcwMTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Yzc1NjQwNTVlNzdjZTY0ZDRlNWMzYTFjMmM3ZDJiMjIxYzhmYzRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq0pcoFqVX/Gii2h9lDMOKVhCMPuI
qQOAWzaoM+frHp5OIldgZt5pG+tBvixphaGntqjK71+SOIuteulJG1yBjzQI9e1/
DcKN63JDDVcypUEQei6Y40ui7LhgM0QZ3b5APbDAhaaknjxF73+h3nzs4q/KeqXO
SB8SbgL6flDYTZWU29GSmBMKp5k7uXgkI2EKX/x4HAnsEHK1B2+wmBqCAEFeojLN
DtO72uiT7C1xuF323ILyPjIRv6a0zKNfI7dMrvnBKXkbQifS2c90KBIWCgIPIGUE
4lEY91m5CDd5+Q7MMOZF1Z4M0vPzZ2Q6dwz4NRHg/ClSpZRo66hz/Ltw7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJx1ZAVed85k1OXDocLH0rIhyPxNMB8GA1UdIwQY
MBaAFGW31mmYNb/pqAgd/BFN8b9tIV2nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDct
OWU0MTNlYmY0MmYzLzEvbkhWa0JWNTN6bVRVNWNPaHdzZlNzaUhJX0UwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDctOWU0MTNlYmY0MmYz
LzEvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw9i+MA0G
CSqGSIb3DQEBCwUAA4IBAQBVr02VDNNK188OSLCipED+9642WYs7c+oDyWAM3AfV
iGM/UjmRNJw//pbizV5VEyFHuk2N0M7vdMDRfqv6H1+Lyz7nGU35vjCMtZ6u0nqE
jvtLi1M6i1gkdmTB0x/5MEJRJ0b9aJyyvr26amGDanumd3IgHyjI8MMMHEWpM8C/
yhHWqcLyrBmwkWoEH0wkQitELfKogR3BECJRSwxzap/073KxiLG88MOrqrsVd/xY
BWO+pq7puqrb5VQwglcX2fGVPC6Q1P+6kmLqM2CbHEptMNwS5dyTWvpErhIwPb6R
PkV/q8/0NYhu3PET7uP1rRh3KZb89ZPHjOOd5EirYkRC
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:19:35 2025 by rpki-client