Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/nr3RkBMc-RZt7mk30GuCOLzXsXI.roa
File: nr3RkBMc-RZt7mk30GuCOLzXsXI.roa (raw, json)
Hash identifier: 5aXTJ1wteboEnkhmfxOLTuf1XBE67NrgVWyB1tLi0XA=
Subject key identifier: 9E:BD:D1:90:13:1C:F9:16:6D:EE:69:37:D0:6B:82:38:BC:D7:B1:72
Certificate issuer: /CN=abbad3de831da94222c1add104caf4c3247689ac
Certificate serial: 0191F082C9A3BB87CA8538FF7C5C1694FE68
Authority key identifier: AB:BA:D3:DE:83:1D:A9:42:22:C1:AD:D1:04:CA:F4:C3:24:76:89:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q7rT3oMdqUIiwa3RBMr0wyR2iaw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/nr3RkBMc-RZt7mk30GuCOLzXsXI.roa
Signing time: Sat 14 Sep 2024 12:29:48 +0000
ROA not before: Sat 14 Sep 2024 12:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7029
IP address blocks: 212.68.164.0/22 maxlen: 22
212.68.164.0/24 maxlen: 24
212.68.165.0/24 maxlen: 24
212.68.166.0/24 maxlen: 24
212.68.167.0/24 maxlen: 24
212.68.168.0/22 maxlen: 22
212.68.168.0/24 maxlen: 24
212.68.169.0/24 maxlen: 24
212.68.170.0/24 maxlen: 24
212.68.171.0/24 maxlen: 24
212.68.184.0/22 maxlen: 22
212.68.184.0/24 maxlen: 24
212.68.185.0/24 maxlen: 24
212.68.186.0/24 maxlen: 24
212.68.187.0/24 maxlen: 24
212.68.188.0/22 maxlen: 22
212.68.188.0/24 maxlen: 24
212.68.189.0/24 maxlen: 24
212.68.190.0/24 maxlen: 24
212.68.191.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:53:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:f0:82:c9:a3:bb:87:ca:85:38:ff:7c:5c:16:94:fe:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=abbad3de831da94222c1add104caf4c3247689ac
Validity
Not Before: Sep 14 12:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9ebdd190131cf9166dee6937d06b8238bcd7b172
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:2b:fd:1f:c2:77:2a:2b:9b:48:f0:a5:ca:7c:
05:d1:55:3a:b1:92:bd:63:4a:15:b0:ca:5d:30:f9:
da:ad:a7:af:71:b9:b3:43:37:c6:6e:ad:93:0b:fc:
9d:ac:97:f6:29:85:84:25:b4:97:25:01:23:30:34:
4d:50:8f:d6:77:8b:fc:58:12:99:eb:83:d2:69:4e:
fb:0d:cb:f6:6c:97:d2:3c:de:f3:45:08:6b:0f:53:
bb:92:c8:22:c1:ca:92:c9:78:d3:1d:cf:0f:7c:00:
74:6d:3a:72:ac:78:18:65:4f:8d:68:ef:2d:6f:3d:
40:28:0e:ff:b4:ba:78:18:88:bc:83:d0:83:d6:71:
b1:39:cb:dd:ef:5b:42:3e:0e:bd:ad:82:0d:fa:ba:
b5:34:e3:75:0e:1e:1b:6b:f7:25:4c:ff:71:51:06:
af:14:48:36:7e:ec:70:c1:50:cf:c2:59:2e:7f:31:
ae:85:e3:81:6c:d2:f7:70:ed:99:24:62:60:18:63:
5a:66:c0:32:fa:93:e3:9e:0b:9e:d6:5f:1d:02:b3:
80:05:ba:0a:10:2e:fe:e8:77:a5:0f:96:2f:45:a0:
46:c0:ff:0b:97:c1:e2:a9:ca:e5:d1:30:76:15:69:
f8:5d:9b:7d:07:ad:0a:1c:45:c0:cf:ac:a6:80:bf:
e3:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:BD:D1:90:13:1C:F9:16:6D:EE:69:37:D0:6B:82:38:BC:D7:B1:72
X509v3 Authority Key Identifier:
keyid:AB:BA:D3:DE:83:1D:A9:42:22:C1:AD:D1:04:CA:F4:C3:24:76:89:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q7rT3oMdqUIiwa3RBMr0wyR2iaw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/nr3RkBMc-RZt7mk30GuCOLzXsXI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/q7rT3oMdqUIiwa3RBMr0wyR2iaw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.68.164.0-212.68.171.255
212.68.184.0/21
Signature Algorithm: sha256WithRSAEncryption
0e:0a:db:3e:f8:4e:9f:4e:9a:1b:a0:46:f9:b5:24:ba:ee:cb:
a7:e8:17:c5:88:d5:4d:74:8a:e1:dc:b5:ec:70:42:9f:1e:b4:
a7:ba:2a:ff:25:30:e0:8e:61:b9:d6:ae:ea:5d:e3:5d:69:6c:
e9:fd:6a:c3:77:3a:08:bb:72:4e:fd:ee:89:29:07:85:e6:ca:
d4:1b:12:5c:1b:e8:27:a4:25:2e:b7:12:f5:ab:84:00:33:25:
02:3a:86:b3:48:40:ea:1f:53:63:77:09:ea:c1:78:42:17:a7:
75:41:b9:64:04:76:6c:68:a7:44:93:3f:e1:96:a9:f9:fd:6a:
bd:43:04:ff:69:e1:fd:74:75:9c:fe:4a:a9:9d:62:cd:a3:ff:
15:c2:ad:4b:23:1f:a4:62:4b:e6:5e:bc:40:8a:c0:b5:05:84:
25:30:93:c7:30:ba:d6:aa:a6:9a:d7:34:c5:cf:8d:db:8e:9c:
e7:0c:24:17:79:f7:59:a2:4e:78:d1:f1:57:0a:30:49:dd:f2:
81:81:b0:0e:67:e6:56:f8:69:a8:b7:ec:7a:83:a3:83:88:e4:
58:e7:22:6a:e6:71:03:cf:ba:31:8d:cd:b1:06:be:b5:d8:72:
43:e3:a4:a9:18:69:7a:ea:4c:41:76:03:de:2b:6f:22:b0:74:
58:28:53:f6
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZHwgsmju4fKhTj/fFwWlP5oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiYmFkM2RlODMxZGE5NDIyMmMxYWRkMTA0Y2FmNGMzMjQ3
Njg5YWMwHhcNMjQwOTE0MTIyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWJkZDE5MDEzMWNmOTE2NmRlZTY5MzdkMDZiODIzOGJjZDdiMTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuyv9H8J3KiubSPClynwF0VU6sZK9
Y0oVsMpdMPnaraevcbmzQzfGbq2TC/ydrJf2KYWEJbSXJQEjMDRNUI/Wd4v8WBKZ
64PSaU77Dcv2bJfSPN7zRQhrD1O7ksgiwcqSyXjTHc8PfAB0bTpyrHgYZU+NaO8t
bz1AKA7/tLp4GIi8g9CD1nGxOcvd71tCPg69rYIN+rq1NON1Dh4ba/clTP9xUQav
FEg2fuxwwVDPwlkufzGuheOBbNL3cO2ZJGJgGGNaZsAy+pPjngue1l8dArOABboK
EC7+6HelD5YvRaBGwP8Ll8Hiqcrl0TB2FWn4XZt9B60KHEXAz6ymgL/jywIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFJ690ZATHPkWbe5pN9Brgji817FyMB8GA1UdIwQY
MBaAFKu6096DHalCIsGt0QTK9MMkdomsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTdyVDNvTWRxVUlpd2EzUkJNcjB3eVIyaWF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZTgxNDktZDUzYy00OTkyLWJkMDct
NTVjNDM0ZWVjOTZjLzEvbnIzUmtCTWMtUlp0N21rMzBHdUNPTHpYc1hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZTgxNDktZDUzYy00OTkyLWJkMDctNTVjNDM0ZWVjOTZj
LzEvcTdyVDNvTWRxVUlpd2EzUkJNcjB3eVIyaWF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBALURKQD
BALURKgDBAPURLgwDQYJKoZIhvcNAQELBQADggEBAA4K2z74Tp9OmhugRvm1JLru
y6foF8WI1U10iuHctexwQp8etKe6Kv8lMOCOYbnWrupd411pbOn9asN3Ogi7ck79
7okpB4XmytQbElwb6CekJS63EvWrhAAzJQI6hrNIQOofU2N3CerBeEIXp3VBuWQE
dmxop0STP+GWqfn9ar1DBP9p4f10dZz+SqmdYs2j/xXCrUsjH6RiS+ZevECKwLUF
hCUwk8cwutaqpprXNMXPjduOnOcMJBd591miTnjR8VcKMEnd8oGBsA5n5lb4aai3
7HqDo4OI5FjnImrmcQPPujGNzbEGvrXYckPjpKkYaXrqTEF2A94rbyKwdFgoU/Y=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:23:04 2025 by rpki-client