Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de477f-0785-4026-83be-69890c829e33/1/NdSpJ4XYuJod2OWjMPxiXgOcw1M.roa
File: NdSpJ4XYuJod2OWjMPxiXgOcw1M.roa (raw, json)
Hash identifier: MW8VqP19npNGZ0bZLadX0cAR6KWcVntPfqJTJFqZxVI=
Subject key identifier: 35:D4:A9:27:85:D8:B8:9A:1D:D8:E5:A3:30:FC:62:5E:03:9C:C3:53
Certificate issuer: /CN=89da60f049dfba34be4b4e8418b9ff492125c449
Certificate serial: 018CC9BC6725FEC3328E444FA84299404F09
Authority key identifier: 89:DA:60:F0:49:DF:BA:34:BE:4B:4E:84:18:B9:FF:49:21:25:C4:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/idpg8EnfujS-S06EGLn_SSElxEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de477f-0785-4026-83be-69890c829e33/1/NdSpJ4XYuJod2OWjMPxiXgOcw1M.roa
Signing time: Tue 02 Jan 2024 10:33:36 +0000
ROA not before: Tue 02 Jan 2024 10:33:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1
IP address blocks: 94.206.108.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:47:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:67:25:fe:c3:32:8e:44:4f:a8:42:99:40:4f:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89da60f049dfba34be4b4e8418b9ff492125c449
Validity
Not Before: Jan 2 10:33:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=35d4a92785d8b89a1dd8e5a330fc625e039cc353
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:6b:be:42:dc:2c:9f:d9:60:d7:69:43:2f:63:
c7:83:e0:a4:86:f3:29:ab:ff:b2:95:56:14:37:82:
0e:55:11:af:a6:d7:c8:94:8f:97:52:a4:c5:91:53:
ea:f3:fb:b4:24:0c:1c:46:d2:f1:73:ca:90:ec:f0:
a4:96:c6:f0:b4:16:07:b5:66:b5:83:fd:9a:88:59:
eb:1c:62:19:aa:d9:1d:ac:80:3c:0d:99:b7:49:a2:
98:e5:ea:5a:a6:6d:dd:46:f4:1d:23:a1:24:13:51:
fd:f1:f1:fe:76:d2:2d:22:ed:8b:e4:15:6e:b9:cf:
4d:c5:e2:66:3f:f2:c2:35:1a:21:89:55:00:d4:63:
f7:84:d3:41:1b:26:89:f6:d9:57:21:ce:45:3c:7d:
56:b8:66:8b:1d:c9:55:ea:32:34:f3:f8:27:60:0f:
40:f6:98:14:a8:9d:9b:39:09:e2:cd:03:35:ed:2c:
26:b0:7f:0c:4d:da:95:f5:b0:a2:e5:48:d8:bd:c9:
92:52:1e:03:15:fd:96:98:e5:6a:26:5e:57:86:1d:
4d:07:5b:2f:6b:6b:60:31:59:38:99:bd:3a:97:ee:
0e:e2:13:e3:ce:b0:14:45:48:98:4d:6e:22:55:bc:
d5:85:a2:5f:52:08:e0:65:ce:ac:9a:3c:81:45:24:
77:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:D4:A9:27:85:D8:B8:9A:1D:D8:E5:A3:30:FC:62:5E:03:9C:C3:53
X509v3 Authority Key Identifier:
keyid:89:DA:60:F0:49:DF:BA:34:BE:4B:4E:84:18:B9:FF:49:21:25:C4:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/idpg8EnfujS-S06EGLn_SSElxEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de477f-0785-4026-83be-69890c829e33/1/NdSpJ4XYuJod2OWjMPxiXgOcw1M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de477f-0785-4026-83be-69890c829e33/1/idpg8EnfujS-S06EGLn_SSElxEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.206.108.0/23
Signature Algorithm: sha256WithRSAEncryption
45:11:5e:71:78:9c:b6:82:d3:f2:30:5a:d8:3a:9d:eb:d8:91:
84:60:26:34:41:d0:3b:be:89:3c:51:de:0a:65:2d:e9:f1:3e:
20:65:d5:62:9e:37:a2:04:a5:0d:27:5c:20:ad:24:00:27:b4:
d1:cc:0a:11:2e:2a:8e:d8:ad:a7:26:eb:26:aa:dc:f6:19:ef:
02:aa:58:7b:9c:be:a3:f4:3f:d6:f5:33:4b:74:14:28:43:c1:
c7:f9:eb:34:2d:ba:23:81:34:84:73:9c:06:98:65:62:54:3a:
b1:b1:d3:cd:9d:ce:43:bf:b2:95:a0:29:8a:80:26:65:9c:18:
59:4a:0f:8d:21:cc:38:88:f0:4a:4e:de:b5:f0:63:7a:e9:b5:
fa:6a:91:eb:9c:fd:46:87:e7:44:ac:2c:95:eb:d3:d3:c3:9d:
62:c3:00:fa:06:1a:40:9e:08:d2:89:66:59:f1:02:34:ff:10:
bd:76:98:4e:ad:b2:65:b0:81:4d:4a:2e:fc:ca:48:de:35:9b:
e4:fc:11:02:fd:74:96:84:d8:ef:38:0c:80:76:b7:e0:77:80:
51:c6:5a:fe:cc:3a:91:82:7d:99:d3:a2:d9:83:36:4a:76:ad:
02:c6:c1:72:0d:03:e4:b3:c1:57:1c:85:fe:b0:02:20:e4:2b:
51:0c:26:0f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJvGcl/sMyjkRPqEKZQE8JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5ZGE2MGYwNDlkZmJhMzRiZTRiNGU4NDE4YjlmZjQ5MjEy
NWM0NDkwHhcNMjQwMTAyMTAzMzM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWQ0YTkyNzg1ZDhiODlhMWRkOGU1YTMzMGZjNjI1ZTAzOWNjMzUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArWu+Qtwsn9lg12lDL2PHg+CkhvMp
q/+ylVYUN4IOVRGvptfIlI+XUqTFkVPq8/u0JAwcRtLxc8qQ7PCklsbwtBYHtWa1
g/2aiFnrHGIZqtkdrIA8DZm3SaKY5epapm3dRvQdI6EkE1H98fH+dtItIu2L5BVu
uc9NxeJmP/LCNRohiVUA1GP3hNNBGyaJ9tlXIc5FPH1WuGaLHclV6jI08/gnYA9A
9pgUqJ2bOQnizQM17SwmsH8MTdqV9bCi5UjYvcmSUh4DFf2WmOVqJl5Xhh1NB1sv
a2tgMVk4mb06l+4O4hPjzrAURUiYTW4iVbzVhaJfUgjgZc6smjyBRSR37QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDXUqSeF2LiaHdjlozD8Yl4DnMNTMB8GA1UdIwQY
MBaAFInaYPBJ37o0vktOhBi5/0khJcRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWRwZzhFbmZ1alMtUzA2RUdMbl9TU0VseEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTQ3N2YtMDc4NS00MDI2LTgzYmUt
Njk4OTBjODI5ZTMzLzEvTmRTcEo0WFl1Sm9kMk9Xak1QeGlYZ09jdzFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTQ3N2YtMDc4NS00MDI2LTgzYmUtNjk4OTBjODI5ZTMz
LzEvaWRwZzhFbmZ1alMtUzA2RUdMbl9TU0VseEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBXs5sMA0G
CSqGSIb3DQEBCwUAA4IBAQBFEV5xeJy2gtPyMFrYOp3r2JGEYCY0QdA7vok8Ud4K
ZS3p8T4gZdVinjeiBKUNJ1wgrSQAJ7TRzAoRLiqO2K2nJusmqtz2Ge8Cqlh7nL6j
9D/W9TNLdBQoQ8HH+es0LbojgTSEc5wGmGViVDqxsdPNnc5Dv7KVoCmKgCZlnBhZ
Sg+NIcw4iPBKTt618GN66bX6apHrnP1Gh+dErCyV69PTw51iwwD6BhpAngjSiWZZ
8QI0/xC9dphOrbJlsIFNSi78ykjeNZvk/BEC/XSWhNjvOAyAdrfgd4BRxlr+zDqR
gn2Z06LZgzZKdq0CxsFyDQPks8FXHIX+sAIg5CtRDCYP
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:29:27 2025 by rpki-client