Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/76b1d3-4fd9-46cf-83e6-20c4dc1e4a77/1/0nbk3FXS3NT__eJmSxGcDLWeuzo.roa
File: 0nbk3FXS3NT__eJmSxGcDLWeuzo.roa (raw, json)
Hash identifier: hinUjqEj1zBneyzie25+lRVzBrX5Iad/O2+YOw1BJUU=
Subject key identifier: D2:76:E4:DC:55:D2:DC:D4:FF:FD:E2:66:4B:11:9C:0C:B5:9E:BB:3A
Certificate issuer: /CN=98eb33c2cefb5da34607b00b5005e44b75524a1f
Certificate serial: 018CC2DAC4827C4F9AED47757A18573F0EEF
Authority key identifier: 98:EB:33:C2:CE:FB:5D:A3:46:07:B0:0B:50:05:E4:4B:75:52:4A:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mOszws77XaNGB7ALUAXkS3VSSh8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/76b1d3-4fd9-46cf-83e6-20c4dc1e4a77/1/0nbk3FXS3NT__eJmSxGcDLWeuzo.roa
Signing time: Mon 01 Jan 2024 02:29:26 +0000
ROA not before: Mon 01 Jan 2024 02:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56958
IP address blocks: 201.46.112.0/23 maxlen: 24
178.211.133.0/24 maxlen: 24
2a12:d282::/31 maxlen: 31
2a12:d280::/31 maxlen: 31
Validation: Failed, certificate revoked on Fri 20 Sep 2024 09:19:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:c4:82:7c:4f:9a:ed:47:75:7a:18:57:3f:0e:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98eb33c2cefb5da34607b00b5005e44b75524a1f
Validity
Not Before: Jan 1 02:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d276e4dc55d2dcd4fffde2664b119c0cb59ebb3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:24:fa:b3:e4:72:4f:e6:46:52:e4:ab:f3:16:
63:96:f1:58:e6:ef:c8:62:bf:ba:3a:6c:46:d0:ae:
17:e1:d1:81:bf:ee:2a:81:c0:9f:66:76:b8:fa:05:
97:9a:a8:f2:9a:f3:43:f7:4b:b0:88:b2:1a:cd:e6:
72:a0:98:12:f3:11:d8:25:7a:49:1d:5a:d5:66:e0:
cf:ca:96:33:5f:91:ce:5c:cb:6d:82:16:a1:81:cd:
59:c0:a4:5b:d6:40:5f:31:be:25:93:41:fd:ff:c8:
40:db:30:5f:74:16:d7:2c:19:32:60:2c:81:52:63:
30:17:81:ab:b8:10:e2:e6:ac:31:88:19:18:36:02:
96:c1:19:25:a0:07:42:bf:b2:8a:26:1b:9d:d3:f0:
97:a8:d1:d4:b2:f1:de:33:8a:82:48:ae:f5:a0:30:
e3:62:53:87:17:5c:93:d1:2f:32:dd:d5:82:90:5b:
d5:26:88:35:8f:67:a5:c0:21:65:69:e2:de:2e:41:
cd:6e:22:63:e5:8a:a6:99:d4:42:1c:58:f7:8b:80:
eb:79:78:11:17:1a:c3:9d:33:a8:69:49:2d:93:68:
17:78:70:52:3c:be:70:b3:7d:66:82:92:a3:be:2a:
96:67:13:3a:5e:3a:7a:79:c2:ca:08:49:83:c2:67:
98:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:76:E4:DC:55:D2:DC:D4:FF:FD:E2:66:4B:11:9C:0C:B5:9E:BB:3A
X509v3 Authority Key Identifier:
keyid:98:EB:33:C2:CE:FB:5D:A3:46:07:B0:0B:50:05:E4:4B:75:52:4A:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mOszws77XaNGB7ALUAXkS3VSSh8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/76b1d3-4fd9-46cf-83e6-20c4dc1e4a77/1/0nbk3FXS3NT__eJmSxGcDLWeuzo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/76b1d3-4fd9-46cf-83e6-20c4dc1e4a77/1/mOszws77XaNGB7ALUAXkS3VSSh8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.211.133.0/24
201.46.112.0/23
IPv6:
2a12:d280::/30
Signature Algorithm: sha256WithRSAEncryption
3b:17:e5:cd:d6:8c:0d:06:70:26:fe:a0:fc:7b:10:a5:ed:04:
d5:73:21:93:ea:f8:b2:2e:58:a8:54:3a:6a:2d:3e:0e:13:59:
42:1a:33:12:fb:a7:80:be:06:fd:91:00:ec:54:80:31:ce:ae:
8c:47:a9:4d:9c:ee:be:bf:74:72:5c:51:03:d2:d2:5d:8e:d0:
57:26:8f:5a:b5:50:9e:97:9b:3a:64:54:57:35:d0:77:4d:60:
c3:3a:1d:50:12:ca:79:32:a6:99:a5:48:df:97:e5:e9:8a:98:
8e:7d:ae:27:5a:3a:7f:80:d5:82:7b:2c:d5:9f:02:06:b1:f2:
32:e7:1b:b2:1a:4d:fa:5b:77:b0:d6:3c:53:4a:28:d0:bf:59:
4f:35:3a:50:cf:44:d9:c5:5d:33:63:3f:29:52:b9:56:c1:8f:
fb:e2:b0:d1:1e:e4:f2:6a:ee:b6:5c:5d:8e:15:ec:fd:37:fe:
23:89:96:f0:87:6e:76:6f:96:21:a8:f1:d3:89:11:5f:f6:8f:
31:cf:65:dc:54:f8:1a:d9:d0:c6:c3:2e:93:d5:21:14:59:f7:
ea:3c:f5:f5:d3:73:2a:6d:4a:4d:55:73:6a:3c:cc:2f:46:f8:
01:9f:c2:dc:2d:c3:f3:50:a1:d5:22:c6:e7:b5:69:ea:60:76:
4d:b3:76:55
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzC2sSCfE+a7Ud1ehhXPw7vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4ZWIzM2MyY2VmYjVkYTM0NjA3YjAwYjUwMDVlNDRiNzU1
MjRhMWYwHhcNMjQwMTAxMDIyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjc2ZTRkYzU1ZDJkY2Q0ZmZmZGUyNjY0YjExOWMwY2I1OWViYjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3iT6s+RyT+ZGUuSr8xZjlvFY5u/I
Yr+6OmxG0K4X4dGBv+4qgcCfZna4+gWXmqjymvND90uwiLIazeZyoJgS8xHYJXpJ
HVrVZuDPypYzX5HOXMttghahgc1ZwKRb1kBfMb4lk0H9/8hA2zBfdBbXLBkyYCyB
UmMwF4GruBDi5qwxiBkYNgKWwRkloAdCv7KKJhud0/CXqNHUsvHeM4qCSK71oDDj
YlOHF1yT0S8y3dWCkFvVJog1j2elwCFlaeLeLkHNbiJj5YqmmdRCHFj3i4DreXgR
FxrDnTOoaUktk2gXeHBSPL5ws31mgpKjviqWZxM6Xjp6ecLKCEmDwmeYKwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNJ25NxV0tzU//3iZksRnAy1nrs6MB8GA1UdIwQY
MBaAFJjrM8LO+12jRgewC1AF5Et1UkofMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbU9zendzNzdYYU5HQjdBTFVBWGtTM1ZTU2g4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi83NmIxZDMtNGZkOS00NmNmLTgzZTYt
MjBjNGRjMWU0YTc3LzEvMG5iazNGWFMzTlRfX2VKbVN4R2NETFdldXpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi83NmIxZDMtNGZkOS00NmNmLTgzZTYtMjBjNGRjMWU0YTc3
LzEvbU9zendzNzdYYU5HQjdBTFVBWGtTM1ZTU2g4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAstOFAwQB
yS5wMA0EAgACMAcDBQIqEtKAMA0GCSqGSIb3DQEBCwUAA4IBAQA7F+XN1owNBnAm
/qD8exCl7QTVcyGT6viyLlioVDpqLT4OE1lCGjMS+6eAvgb9kQDsVIAxzq6MR6lN
nO6+v3RyXFED0tJdjtBXJo9atVCel5s6ZFRXNdB3TWDDOh1QEsp5MqaZpUjfl+Xp
ipiOfa4nWjp/gNWCeyzVnwIGsfIy5xuyGk36W3ew1jxTSijQv1lPNTpQz0TZxV0z
Yz8pUrlWwY/74rDRHuTyau62XF2OFez9N/4jiZbwh252b5YhqPHTiRFf9o8xz2Xc
VPga2dDGwy6T1SEUWffqPPX103MqbUpNVXNqPMwvRvgBn8LcLcPzUKHVIsbntWnq
YHZNs3ZV
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:28:07 2025 by rpki-client