Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/nK_B3-FLV0bP6Y2hENMckP7xj_k.roa
File: nK_B3-FLV0bP6Y2hENMckP7xj_k.roa (raw, json)
Hash identifier: OPJNeVIECo28SF1LJdHL7pOK5lICwA3/BF27LCREoJo=
Subject key identifier: 9C:AF:C1:DF:E1:4B:57:46:CF:E9:8D:A1:10:D3:1C:90:FE:F1:8F:F9
Certificate issuer: /CN=0db67c5c7fa7fe2492eec37cf427642b71d425b0
Certificate serial: 018CC6B932C2C21732F2AB41851D0606389F
Authority key identifier: 0D:B6:7C:5C:7F:A7:FE:24:92:EE:C3:7C:F4:27:64:2B:71:D4:25:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DbZ8XH-n_iSS7sN89CdkK3HUJbA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/nK_B3-FLV0bP6Y2hENMckP7xj_k.roa
Signing time: Mon 01 Jan 2024 20:31:15 +0000
ROA not before: Mon 01 Jan 2024 20:31:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 147173
IP address blocks: 2a0e:da40:100::/40 maxlen: 128
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:49:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:32:c2:c2:17:32:f2:ab:41:85:1d:06:06:38:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0db67c5c7fa7fe2492eec37cf427642b71d425b0
Validity
Not Before: Jan 1 20:31:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9cafc1dfe14b5746cfe98da110d31c90fef18ff9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:a6:42:0a:d2:d3:66:ed:be:af:d1:c3:99:42:
de:a2:82:52:3d:e7:18:a4:ed:89:10:cf:d0:db:bd:
d1:9d:f0:f8:d5:2d:02:5a:c3:20:95:1b:68:81:7b:
ca:08:01:d3:00:28:1c:66:9b:17:6a:8e:df:de:87:
57:58:9e:47:90:88:bc:f2:f1:28:9a:42:81:f9:04:
67:6e:c3:2e:02:4c:a9:89:7d:b9:ed:e0:07:72:fc:
ed:6a:f3:f6:72:2e:f8:a3:43:9a:73:0f:a0:bb:cf:
29:97:04:93:f4:6a:f6:b8:b4:69:1b:28:26:c7:a5:
58:79:96:b4:1f:33:1d:c8:24:11:21:9b:84:e7:95:
b6:6c:0f:da:88:75:db:00:f2:c4:ce:0f:37:e8:49:
4e:70:87:25:21:4c:8f:84:ed:37:c8:bb:74:74:80:
89:30:27:b6:5f:d6:21:51:08:11:16:ff:14:62:db:
e5:57:db:ae:bb:82:a8:f7:69:6b:ae:73:13:f1:04:
a1:fb:b9:97:61:70:a8:4a:c4:de:af:c8:64:1c:70:
a4:d6:04:59:1d:3b:d2:6b:7a:64:59:ff:8b:a5:0f:
8f:18:e8:79:b7:94:c1:90:d8:a5:c7:5a:c1:8c:f3:
a0:8c:6a:13:35:08:38:ae:b6:4f:9c:67:3b:db:bf:
66:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:AF:C1:DF:E1:4B:57:46:CF:E9:8D:A1:10:D3:1C:90:FE:F1:8F:F9
X509v3 Authority Key Identifier:
keyid:0D:B6:7C:5C:7F:A7:FE:24:92:EE:C3:7C:F4:27:64:2B:71:D4:25:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DbZ8XH-n_iSS7sN89CdkK3HUJbA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/nK_B3-FLV0bP6Y2hENMckP7xj_k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/DbZ8XH-n_iSS7sN89CdkK3HUJbA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:da40:100::/40
Signature Algorithm: sha256WithRSAEncryption
90:9f:ac:0f:15:81:41:32:bf:6e:17:e5:16:c2:81:fb:b4:af:
10:12:3c:07:09:cf:1a:38:73:ef:81:77:5f:64:46:62:53:f4:
e5:16:ca:d4:1b:d0:25:9a:09:6b:f6:c9:8c:93:b1:62:9a:c1:
eb:e9:6a:a6:30:fa:9e:40:2b:87:07:29:fd:34:d7:3a:ea:09:
c5:ae:9e:d9:a4:7c:9d:24:5b:3a:1f:65:c9:14:6a:83:e1:26:
d2:5e:23:f4:ee:91:fd:b7:c3:52:25:a4:44:78:f8:61:d9:be:
06:dc:3c:59:f9:87:32:67:4a:c0:1a:1c:2a:6c:a5:6f:00:e5:
fe:c0:18:31:d5:b3:d5:c4:11:de:21:d0:4e:fa:4b:b1:52:d3:
9c:67:1b:3f:1d:21:c2:c5:77:8b:5f:23:ae:03:d3:5e:73:94:
d0:aa:91:37:56:ee:b3:35:48:95:31:ea:c0:ee:2c:a4:97:24:
36:15:15:4e:6e:43:c3:49:06:c8:f8:e8:ab:2c:33:7f:9f:06:
e4:1f:5a:0a:76:47:aa:ff:a9:12:3a:23:13:1c:36:43:60:88:
8e:ea:43:a9:52:5b:da:1d:68:af:a8:a7:a5:9e:a7:40:9c:fd:
83:c2:ec:f8:1f:e5:5e:c3:08:c0:e8:05:82:92:b0:4d:a5:d7:
f9:1a:d7:47
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzGuTLCwhcy8qtBhR0GBjifMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkYjY3YzVjN2ZhN2ZlMjQ5MmVlYzM3Y2Y0Mjc2NDJiNzFk
NDI1YjAwHhcNMjQwMTAxMjAzMTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2FmYzFkZmUxNGI1NzQ2Y2ZlOThkYTExMGQzMWM5MGZlZjE4ZmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu6ZCCtLTZu2+r9HDmULeooJSPecY
pO2JEM/Q273RnfD41S0CWsMglRtogXvKCAHTACgcZpsXao7f3odXWJ5HkIi88vEo
mkKB+QRnbsMuAkypiX257eAHcvztavP2ci74o0Oacw+gu88plwST9Gr2uLRpGygm
x6VYeZa0HzMdyCQRIZuE55W2bA/aiHXbAPLEzg836ElOcIclIUyPhO03yLt0dICJ
MCe2X9YhUQgRFv8UYtvlV9uuu4Ko92lrrnMT8QSh+7mXYXCoSsTer8hkHHCk1gRZ
HTvSa3pkWf+LpQ+PGOh5t5TBkNilx1rBjPOgjGoTNQg4rrZPnGc7279mzQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFJyvwd/hS1dGz+mNoRDTHJD+8Y/5MB8GA1UdIwQY
MBaAFA22fFx/p/4kku7DfPQnZCtx1CWwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGJaOFhILW5faVNTN3NOODlDZGtLM0hVSmJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS8wZjM3NTctZjBlZC00ZTdlLTkzMjkt
YjAzZGY5OTZlNDgxLzEvbktfQjMtRkxWMGJQNlkyaEVOTWNrUDd4al9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS8wZjM3NTctZjBlZC00ZTdlLTkzMjktYjAzZGY5OTZlNDgx
LzEvRGJaOFhILW5faVNTN3NOODlDZGtLM0hVSmJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKg7aQAEw
DQYJKoZIhvcNAQELBQADggEBAJCfrA8VgUEyv24X5RbCgfu0rxASPAcJzxo4c++B
d19kRmJT9OUWytQb0CWaCWv2yYyTsWKawevpaqYw+p5AK4cHKf001zrqCcWuntmk
fJ0kWzofZckUaoPhJtJeI/Tukf23w1IlpER4+GHZvgbcPFn5hzJnSsAaHCpspW8A
5f7AGDHVs9XEEd4h0E76S7FS05xnGz8dIcLFd4tfI64D015zlNCqkTdW7rM1SJUx
6sDuLKSXJDYVFU5uQ8NJBsj46KssM3+fBuQfWgp2R6r/qRI6IxMcNkNgiI7qQ6lS
W9odaK+op6Wep0Cc/YPC7Pgf5V7DCMDoBYKSsE2l1/ka10c=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:58:55 2025 by rpki-client