Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/nMbZefTZD2yPdchJSX2kMxbrHEg.roa
File: nMbZefTZD2yPdchJSX2kMxbrHEg.roa (raw, json)
Hash identifier: vERz6/x4e9fQfY5PczV30teSj3A65nWLLmomszRb5e4=
Subject key identifier: 9C:C6:D9:79:F4:D9:0F:6C:8F:75:C8:49:49:7D:A4:33:16:EB:1C:48
Certificate issuer: /CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Certificate serial: 019424B3D54D103E756703A1483053EBA0A5
Authority key identifier: F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/nMbZefTZD2yPdchJSX2kMxbrHEg.roa
Signing time: Thu 02 Jan 2025 01:49:12 +0000
ROA not before: Thu 02 Jan 2025 01:49:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21155
IP address blocks: 80.84.224.0/19 maxlen: 19
81.4.64.0/19 maxlen: 19
81.4.96.0/22 maxlen: 22
81.4.112.0/22 maxlen: 22
81.4.116.0/22 maxlen: 22
83.96.128.0/17 maxlen: 17
85.158.248.0/22 maxlen: 22
85.158.252.0/23 maxlen: 23
91.142.240.0/20 maxlen: 20
91.142.244.0/23 maxlen: 23
91.142.252.0/23 maxlen: 23
91.142.254.0/23 maxlen: 23
91.205.32.0/22 maxlen: 22
91.216.162.0/24 maxlen: 24
185.95.68.0/22 maxlen: 22
193.93.172.0/22 maxlen: 22
193.242.119.0/24 maxlen: 24
2001:828::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 18 Mar 2025 15:21:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:d5:4d:10:3e:75:67:03:a1:48:30:53:eb:a0:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Validity
Not Before: Jan 2 01:49:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9cc6d979f4d90f6c8f75c849497da43316eb1c48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:0d:d5:15:2c:50:f2:47:5a:96:56:ae:74:f5:
d7:9f:fa:09:2f:18:4d:1c:a7:8b:90:8e:b5:ec:eb:
2f:4a:32:42:fd:6b:15:b3:14:ff:c1:c9:39:a9:29:
49:fb:ca:7f:2a:b4:d9:5e:5d:64:c1:8e:33:4c:43:
05:ac:cc:91:ed:13:22:29:45:51:60:ed:bc:68:3e:
35:c9:29:bc:88:ea:df:40:9d:89:3f:40:ac:53:55:
7b:a3:85:4d:92:af:91:02:69:88:ec:1d:26:33:35:
18:4d:72:1f:ea:3d:a7:a8:ba:39:2a:6d:c6:3b:80:
55:32:a9:60:f4:7e:ad:e5:83:e5:7a:5a:98:3f:88:
12:44:ad:7c:ec:03:19:1c:de:10:88:88:26:9d:ab:
dc:44:8a:0f:69:96:42:15:42:06:3d:43:70:60:62:
b0:cc:33:e0:c8:2a:df:58:ad:89:b1:e6:ed:82:c3:
61:7d:92:08:68:1a:17:e2:6c:12:02:31:ba:54:2f:
14:9a:61:bc:ff:9c:c1:90:1c:0b:63:0b:04:f5:53:
b8:ae:66:25:a8:9b:68:25:71:d6:fb:ae:3a:56:d2:
dd:4b:5b:d0:df:e8:35:e9:75:c6:c7:e7:34:d2:7d:
39:87:1a:01:7e:19:cc:33:d0:30:03:77:4e:ed:65:
b6:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:C6:D9:79:F4:D9:0F:6C:8F:75:C8:49:49:7D:A4:33:16:EB:1C:48
X509v3 Authority Key Identifier:
keyid:F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/nMbZefTZD2yPdchJSX2kMxbrHEg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9RNpzL-GsehOGutG5tM20591Kuc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.84.224.0/19
81.4.64.0-81.4.99.255
81.4.112.0/21
83.96.128.0/17
85.158.248.0-85.158.253.255
91.142.240.0/20
91.205.32.0/22
91.216.162.0/24
185.95.68.0/22
193.93.172.0/22
193.242.119.0/24
IPv6:
2001:828::/32
Signature Algorithm: sha256WithRSAEncryption
97:50:13:26:e9:6a:5f:e3:de:7b:37:e3:be:94:96:df:c7:5c:
08:38:88:88:9f:05:75:c9:57:68:fb:d9:72:b2:1e:1b:1f:65:
87:4d:34:f3:33:f7:c3:1b:18:47:a7:be:0f:74:32:4a:59:70:
15:cd:c0:e5:ce:13:0b:be:52:54:f2:44:cf:42:ee:32:b5:31:
e9:71:42:c8:97:04:87:48:48:75:70:47:fd:b9:3b:92:cc:cc:
c7:0b:ee:92:61:c2:bd:f9:db:54:4d:7a:4c:5e:39:18:12:e2:
cd:f7:10:6a:16:86:8f:d8:8a:3c:40:ef:f1:3f:4c:d3:f1:82:
74:8e:2e:e2:b4:a6:84:99:fd:f8:d6:7a:e6:e7:d2:36:59:85:
b2:a1:88:19:5c:c7:d4:66:2b:3f:61:b6:5e:40:00:1a:77:46:
64:49:ea:86:ab:ba:30:7b:a4:a5:b8:cf:c0:ae:d0:78:d7:1b:
76:cb:b7:26:7e:19:78:ec:6d:89:c8:ed:73:3a:02:b9:3b:60:
b9:15:29:a7:56:d2:12:43:7a:7f:1a:af:ed:5d:0c:41:8e:bc:
1d:ca:a6:cc:00:04:68:0b:7b:c9:b0:23:16:85:58:dd:25:cd:
45:92:1e:1f:f5:63:30:55:fd:b9:b2:f8:49:7b:3c:db:dc:77:
1f:56:b1:8e
-----BEGIN CERTIFICATE-----
MIIFWDCCBECgAwIBAgISAZQks9VNED51ZwOhSDBT66ClMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1MTM2OWNjYmY4NmIxZTg0ZTFhZWI0NmU2ZDMzNmQzOWY3
NTJhZTcwHhcNMjUwMTAyMDE0OTEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2M2ZDk3OWY0ZDkwZjZjOGY3NWM4NDk0OTdkYTQzMzE2ZWIxYzQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuA3VFSxQ8kdallaudPXXn/oJLxhN
HKeLkI617OsvSjJC/WsVsxT/wck5qSlJ+8p/KrTZXl1kwY4zTEMFrMyR7RMiKUVR
YO28aD41ySm8iOrfQJ2JP0CsU1V7o4VNkq+RAmmI7B0mMzUYTXIf6j2nqLo5Km3G
O4BVMqlg9H6t5YPlelqYP4gSRK187AMZHN4QiIgmnavcRIoPaZZCFUIGPUNwYGKw
zDPgyCrfWK2JsebtgsNhfZIIaBoX4mwSAjG6VC8UmmG8/5zBkBwLYwsE9VO4rmYl
qJtoJXHW+646VtLdS1vQ3+g16XXGx+c00n05hxoBfhnMM9AwA3dO7WW20QIDAQAB
o4ICZDCCAmAwHQYDVR0OBBYEFJzG2Xn02Q9sj3XISUl9pDMW6xxIMB8GA1UdIwQY
MBaAFPUTacy/hrHoThrrRubTNtOfdSrnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUt
MmI5MjBiZGUzOTkwLzEvbk1iWmVmVFpEMnlQZGNoSlNYMmtNeGJySEVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUtMmI5MjBiZGUzOTkw
LzEvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHoGCCsGAQUFBwEHAQH/BGswaTBYBAIAATBSAwQFUFTgMAwD
BAZRBEADBAJRBGADBANRBHADBAdTYIAwDAMEA1We+AMEAVWe/AMEBFuO8AMEAlvN
IAMEAFvYogMEArlfRAMEAsFdrAMEAMHydzANBAIAAjAHAwUAIAEIKDANBgkqhkiG
9w0BAQsFAAOCAQEAl1ATJulqX+PeezfjvpSW38dcCDiIiJ8FdclXaPvZcrIeGx9l
h0008zP3wxsYR6e+D3QySllwFc3A5c4TC75SVPJEz0LuMrUx6XFCyJcEh0hIdXBH
/bk7kszMxwvukmHCvfnbVE16TF45GBLizfcQahaGj9iKPEDv8T9M0/GCdI4u4rSm
hJn9+NZ65ufSNlmFsqGIGVzH1GYrP2G2XkAAGndGZEnqhqu6MHukpbjPwK7QeNcb
dsu3Jn4ZeOxticjtczoCuTtguRUpp1bSEkN6fxqv7V0MQY68HcqmzAAEaAt7ybAj
FoVY3SXNRZIeH/VjMFX9ubL4SXs829x3H1axjg==
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:27:11 2025 by rpki-client