Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/NmO4_8tFMBXVpa2KcfClZKsOZgg.roa
File: NmO4_8tFMBXVpa2KcfClZKsOZgg.roa (raw, json)
Hash identifier: gBNLRt/6zNW9BYLVyPb8uvlbyEFlnkSLup4tBH4aLGE=
Subject key identifier: 36:63:B8:FF:CB:45:30:15:D5:A5:AD:8A:71:F0:A5:64:AB:0E:66:08
Certificate issuer: /CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Certificate serial: 019363117ABF20A88B39CC34D7EB6F754D1D
Authority key identifier: 30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/NmO4_8tFMBXVpa2KcfClZKsOZgg.roa
Signing time: Mon 25 Nov 2024 11:25:10 +0000
ROA not before: Mon 25 Nov 2024 11:25:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200521
IP address blocks: 195.57.163.0/24 maxlen: 24
195.76.204.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:48:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:63:11:7a:bf:20:a8:8b:39:cc:34:d7:eb:6f:75:4d:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Validity
Not Before: Nov 25 11:25:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3663b8ffcb453015d5a5ad8a71f0a564ab0e6608
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:2c:88:44:50:a9:24:c0:4a:05:60:c1:6f:42:
50:a7:f5:31:0b:26:6c:6b:77:95:b0:21:63:d8:f6:
8f:0a:9c:dc:e1:7b:ad:9f:e7:ee:d5:75:2e:bf:15:
f3:de:f6:eb:83:e5:a5:f0:d7:bd:6e:f4:64:77:8e:
33:a2:7e:5b:17:84:cd:ed:33:ad:d3:d5:26:2e:b6:
4e:b1:c9:36:71:bb:d5:22:49:b8:07:96:8f:5f:54:
65:d2:96:21:8b:84:15:22:b1:05:33:1b:62:3a:6c:
79:7b:9a:16:92:76:f6:d7:ca:bd:a1:5b:38:78:00:
5b:cb:2b:83:27:14:54:be:27:af:ec:3b:85:97:9d:
63:6b:74:cc:0f:a8:30:48:56:c8:e4:bd:5a:8b:29:
4f:0e:79:f7:ca:77:51:df:2f:76:78:43:78:27:61:
92:e9:13:56:e8:fb:54:07:f6:36:e8:45:3e:f1:59:
38:aa:a8:32:81:72:93:c0:36:aa:58:81:72:f5:e5:
4b:69:56:13:74:d1:b3:4a:7d:01:2d:2d:97:ab:6b:
e0:2a:15:e1:da:72:3c:bd:b4:90:d2:3e:3f:b5:66:
e8:c7:60:6d:5b:59:50:6f:8a:04:25:eb:5a:27:b5:
f6:41:de:c6:36:18:d2:da:3b:41:1c:16:77:fb:0e:
7e:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:63:B8:FF:CB:45:30:15:D5:A5:AD:8A:71:F0:A5:64:AB:0E:66:08
X509v3 Authority Key Identifier:
keyid:30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/NmO4_8tFMBXVpa2KcfClZKsOZgg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MH9f4nQKK23kw3CdKWQRWzyWfaE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.57.163.0/24
195.76.204.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:fe:74:c5:7c:ef:5e:d2:f5:69:95:72:71:8c:6e:29:f0:f6:
d3:74:b8:d7:36:74:53:74:86:8b:a6:4a:74:ed:27:fe:16:02:
32:c0:93:7a:66:2e:52:8b:cf:1d:b2:c7:a1:04:20:90:b8:89:
1f:8d:e8:5f:fe:ca:26:f0:1a:01:2b:6d:33:bd:96:99:1d:f2:
af:37:bc:57:7c:8b:c3:9f:1a:26:db:a6:c5:ec:e0:89:4b:1c:
4a:23:13:1c:c1:74:ba:ab:07:be:60:e6:18:58:f7:1d:7d:bc:
19:29:1f:79:a4:91:61:a7:cf:c3:8e:e8:bf:68:68:28:66:5d:
cb:db:98:7f:38:ef:3f:4e:07:50:06:e6:ab:82:dc:07:4b:8c:
fe:3d:91:d3:b5:b9:97:4c:55:be:55:ba:ca:a5:0d:66:6e:05:
b6:e5:9e:24:7f:45:13:05:58:10:bb:68:19:e9:cf:74:3e:c8:
b2:19:05:bd:2c:13:be:09:22:3e:ef:b4:8e:13:8e:02:4b:a8:
47:6e:cc:54:86:ca:d2:83:a5:8f:95:81:cf:f5:ce:2d:7e:68:
69:29:20:ef:e0:2a:ba:b8:8c:f0:fb:3e:c0:fe:bc:62:6d:a5:
f1:1c:23:77:e2:4c:8c:5a:1e:5f:67:d1:68:1d:2d:69:00:ed:
4f:95:5a:e8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZNjEXq/IKiLOcw01+tvdU0dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwN2Y1ZmUyNzQwYTJiNmRlNGMzNzA5ZDI5NjQxMTViM2M5
NjdkYTEwHhcNMjQxMTI1MTEyNTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjYzYjhmZmNiNDUzMDE1ZDVhNWFkOGE3MWYwYTU2NGFiMGU2NjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwyyIRFCpJMBKBWDBb0JQp/UxCyZs
a3eVsCFj2PaPCpzc4Xutn+fu1XUuvxXz3vbrg+Wl8Ne9bvRkd44zon5bF4TN7TOt
09UmLrZOsck2cbvVIkm4B5aPX1Rl0pYhi4QVIrEFMxtiOmx5e5oWknb218q9oVs4
eABbyyuDJxRUviev7DuFl51ja3TMD6gwSFbI5L1aiylPDnn3yndR3y92eEN4J2GS
6RNW6PtUB/Y26EU+8Vk4qqgygXKTwDaqWIFy9eVLaVYTdNGzSn0BLS2Xq2vgKhXh
2nI8vbSQ0j4/tWbox2BtW1lQb4oEJetaJ7X2Qd7GNhjS2jtBHBZ3+w5+LQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDZjuP/LRTAV1aWtinHwpWSrDmYIMB8GA1UdIwQY
MBaAFDB/X+J0Citt5MNwnSlkEVs8ln2hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQt
NGJhMmY4ZjFmODNiLzEvTm1PNF84dEZNQlhWcGEyS2NmQ2xaS3NPWmdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQtNGJhMmY4ZjFmODNi
LzEvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwzmjAwQA
w0zMMA0GCSqGSIb3DQEBCwUAA4IBAQC8/nTFfO9e0vVplXJxjG4p8PbTdLjXNnRT
dIaLpkp07Sf+FgIywJN6Zi5Si88dssehBCCQuIkfjehf/som8BoBK20zvZaZHfKv
N7xXfIvDnxom26bF7OCJSxxKIxMcwXS6qwe+YOYYWPcdfbwZKR95pJFhp8/Djui/
aGgoZl3L25h/OO8/TgdQBuargtwHS4z+PZHTtbmXTFW+VbrKpQ1mbgW25Z4kf0UT
BVgQu2gZ6c90PsiyGQW9LBO+CSI+77SOE44CS6hHbsxUhsrSg6WPlYHP9c4tfmhp
KSDv4Cq6uIzw+z7A/rxibaXxHCN34kyMWh5fZ9FoHS1pAO1PlVro
-----END CERTIFICATE-----
Generated at Thu Apr 17 17:50:32 2025 by rpki-client