Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/nZSbJdM_EmXwVPbzgtk96lCNzI0.roa
File: nZSbJdM_EmXwVPbzgtk96lCNzI0.roa (raw, json)
Hash identifier: yULDqWuopln0yY8Ks9q2mPAA7w79jnXqs/mdN2cwOj8=
Subject key identifier: 9D:94:9B:25:D3:3F:12:65:F0:54:F6:F3:82:D9:3D:EA:50:8D:CC:8D
Certificate issuer: /CN=827603a93bca31b018f511f6d4b0b7546e963362
Certificate serial: 018DD0E115E5A6DE6D0D07B41812AB40A9AC
Authority key identifier: 82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/nZSbJdM_EmXwVPbzgtk96lCNzI0.roa
Signing time: Thu 22 Feb 2024 12:53:48 +0000
ROA not before: Thu 22 Feb 2024 12:53:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216157
IP address blocks: 2a07:6080::/29 maxlen: 29
2a09:4a40::/29 maxlen: 29
2a0d:4180::/29 maxlen: 29
2a10:9c0::/29 maxlen: 29
2a10:bc0::/29 maxlen: 29
2a10:12c0::/29 maxlen: 29
2a10:17c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 24 Feb 2024 11:30:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:d0:e1:15:e5:a6:de:6d:0d:07:b4:18:12:ab:40:a9:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827603a93bca31b018f511f6d4b0b7546e963362
Validity
Not Before: Feb 22 12:53:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9d949b25d33f1265f054f6f382d93dea508dcc8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:1a:cd:9b:d1:1b:e8:cb:e5:df:69:cb:39:71:
f3:7c:81:27:6e:ec:b4:0b:a1:c1:5c:d0:15:4d:18:
62:ba:e0:30:5d:d8:bc:c6:2d:f9:ed:7e:78:d8:24:
a1:32:14:bb:df:c0:a7:a9:05:65:f5:60:a5:be:c6:
d8:b5:0c:2c:ec:0e:e0:c3:98:ab:1b:8f:f4:70:a2:
ee:a0:4e:73:82:5f:09:dc:33:6e:6c:d0:11:3e:fe:
88:e6:89:b3:5c:fd:68:fa:87:4e:6a:3a:f9:80:f2:
d5:13:36:40:be:ac:e8:f7:8d:7a:dd:64:d3:88:af:
c9:13:59:eb:71:f6:2a:cf:12:d3:b3:42:b7:ae:fc:
8e:5c:30:12:2d:77:14:12:3c:6e:e5:81:f2:dc:3a:
75:9a:1d:56:2b:fa:c3:64:58:69:06:45:cd:6b:19:
55:99:c3:1e:66:5a:6e:4d:ab:3d:db:82:d5:af:08:
7c:4b:48:f2:c7:b4:7d:8f:55:b2:73:8d:f4:28:ff:
a8:3d:52:2e:72:0a:cd:92:52:60:64:2d:3e:ba:b1:
0f:06:dc:9c:42:aa:d8:cd:7d:ba:12:6d:26:e2:f7:
0d:a3:2c:6d:6e:5b:b1:fb:c8:a1:b5:78:8e:bd:aa:
a1:ce:9f:7a:09:78:3a:72:e4:1e:59:7f:76:62:b7:
e0:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:94:9B:25:D3:3F:12:65:F0:54:F6:F3:82:D9:3D:EA:50:8D:CC:8D
X509v3 Authority Key Identifier:
keyid:82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/nZSbJdM_EmXwVPbzgtk96lCNzI0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:6080::/29
2a09:4a40::/29
2a0d:4180::/29
2a10:9c0::/29
2a10:bc0::/29
2a10:12c0::/29
2a10:17c0::/29
Signature Algorithm: sha256WithRSAEncryption
8c:30:e4:83:b0:37:b9:b8:05:67:a6:ad:41:dd:8f:70:a3:3a:
3b:52:82:f9:d9:dc:1b:46:ca:d3:2d:5e:23:ca:75:8e:1d:5e:
85:32:d1:0d:46:54:03:49:8d:fe:9b:09:85:d0:01:b6:23:92:
6d:a9:f2:26:9d:9c:0c:19:eb:e0:4d:c6:6c:fd:7a:45:c4:e6:
d9:e2:37:12:dd:e9:3e:25:40:b8:51:23:c1:c7:2f:16:99:0e:
cb:ae:29:45:62:74:1a:ed:a7:6e:92:84:4d:d1:20:e3:79:e2:
47:9b:f0:ef:9f:79:26:2e:d4:db:3d:23:e8:cb:c6:5a:57:be:
87:7c:d2:65:a7:76:08:83:a4:56:e8:03:d7:9b:af:af:6b:87:
57:1b:89:0a:bf:df:c0:18:25:c0:9d:c8:5b:85:df:b5:4d:37:
ce:d2:ee:89:e1:0e:07:5f:99:37:a3:24:57:eb:4a:77:31:fc:
66:51:46:54:6b:73:0f:93:39:af:41:9d:4f:12:b6:1b:a5:f1:
1e:d3:70:21:25:a3:9d:53:34:b8:15:95:ba:f5:b3:c3:05:8c:
3a:58:05:30:7b:84:69:76:02:00:9a:44:90:14:82:0d:e4:36:
84:d9:45:db:28:e2:31:45:70:0c:22:1b:d7:6b:d5:5b:6b:c9:
69:b1:cb:6a
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAY3Q4RXlpt5tDQe0GBKrQKmsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNzYwM2E5M2JjYTMxYjAxOGY1MTFmNmQ0YjBiNzU0NmU5
NjMzNjIwHhcNMjQwMjIyMTI1MzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDk0OWIyNWQzM2YxMjY1ZjA1NGY2ZjM4MmQ5M2RlYTUwOGRjYzhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnRrNm9Eb6Mvl32nLOXHzfIEnbuy0
C6HBXNAVTRhiuuAwXdi8xi357X542CShMhS738CnqQVl9WClvsbYtQws7A7gw5ir
G4/0cKLuoE5zgl8J3DNubNARPv6I5omzXP1o+odOajr5gPLVEzZAvqzo94163WTT
iK/JE1nrcfYqzxLTs0K3rvyOXDASLXcUEjxu5YHy3Dp1mh1WK/rDZFhpBkXNaxlV
mcMeZlpuTas924LVrwh8S0jyx7R9j1Wyc430KP+oPVIucgrNklJgZC0+urEPBtyc
QqrYzX26Em0m4vcNoyxtblux+8ihtXiOvaqhzp96CXg6cuQeWX92YrfgKwIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFJ2UmyXTPxJl8FT284LZPepQjcyNMB8GA1UdIwQY
MBaAFIJ2A6k7yjGwGPUR9tSwt1RuljNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYt
YjE2Y2I0ZGZhZGQzLzEvblpTYkpkTV9FbVh3VlBiemd0azk2bENOekkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYtYjE2Y2I0ZGZhZGQz
LzEvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTA3BAIAAjAxAwUDKgdggAMF
AyoJSkADBQMqDUGAAwUDKhAJwAMFAyoQC8ADBQMqEBLAAwUDKhAXwDANBgkqhkiG
9w0BAQsFAAOCAQEAjDDkg7A3ubgFZ6atQd2PcKM6O1KC+dncG0bK0y1eI8p1jh1e
hTLRDUZUA0mN/psJhdABtiOSbanyJp2cDBnr4E3GbP16RcTm2eI3Et3pPiVAuFEj
wccvFpkOy64pRWJ0Gu2nbpKETdEg43niR5vw7595Ji7U2z0j6MvGWle+h3zSZad2
CIOkVugD15uvr2uHVxuJCr/fwBglwJ3IW4XftU03ztLuieEOB1+ZN6MkV+tKdzH8
ZlFGVGtzD5M5r0GdTxK2G6XxHtNwISWjnVM0uBWVuvWzwwWMOlgFMHuEaXYCAJpE
kBSCDeQ2hNlF2yjiMUVwDCIb12vVW2vJabHLag==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:34:18 2025 by rpki-client