Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/0f9eff-b608-41df-91d4-a47eb9329597/1/Nz8EyQ8Ps1pNAoT4Q3OUtVgxLgQ.roa
File: Nz8EyQ8Ps1pNAoT4Q3OUtVgxLgQ.roa (raw, json)
Hash identifier: rPPuaR/jLfdtiHGmSoRV6R73db3u18YTrNgEPcBZK8c=
Subject key identifier: 37:3F:04:C9:0F:0F:B3:5A:4D:02:84:F8:43:73:94:B5:58:31:2E:04
Certificate issuer: /CN=0a8e7dfcd200c85eb3cac66f859b7110ab99b10a
Certificate serial: 0192BAE7A824F26071B792DF1A7648F8C9AF
Authority key identifier: 0A:8E:7D:FC:D2:00:C8:5E:B3:CA:C6:6F:85:9B:71:10:AB:99:B1:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Co59_NIAyF6zysZvhZtxEKuZsQo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/0f9eff-b608-41df-91d4-a47eb9329597/1/Nz8EyQ8Ps1pNAoT4Q3OUtVgxLgQ.roa
Signing time: Wed 23 Oct 2024 19:43:16 +0000
ROA not before: Wed 23 Oct 2024 19:43:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 196740
IP address blocks: 109.207.112.0/20 maxlen: 20
109.207.112.0/24 maxlen: 24
109.207.113.0/24 maxlen: 24
109.207.114.0/24 maxlen: 24
109.207.115.0/24 maxlen: 24
109.207.116.0/24 maxlen: 24
109.207.117.0/24 maxlen: 24
109.207.118.0/24 maxlen: 24
109.207.119.0/24 maxlen: 24
109.207.120.0/24 maxlen: 24
109.207.121.0/24 maxlen: 24
109.207.122.0/24 maxlen: 24
109.207.123.0/24 maxlen: 24
109.207.124.0/24 maxlen: 24
193.53.83.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 24 Oct 2024 06:41:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:ba:e7:a8:24:f2:60:71:b7:92:df:1a:76:48:f8:c9:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a8e7dfcd200c85eb3cac66f859b7110ab99b10a
Validity
Not Before: Oct 23 19:43:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=373f04c90f0fb35a4d0284f8437394b558312e04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:70:7a:6d:87:2a:02:cb:63:86:9e:e2:b1:02:
06:7b:ad:cc:c2:6c:7c:43:d3:45:66:c8:9b:7f:98:
3c:44:bd:6f:8a:f5:04:2f:d9:b3:9e:51:f3:8d:c6:
ac:ad:1d:1b:4e:db:94:0d:9e:cd:60:e3:2e:64:6f:
e3:88:98:52:69:61:06:e4:77:2f:49:37:54:4b:1b:
f5:f2:e8:a0:19:9d:75:b1:a2:33:bb:f1:a3:bf:79:
dc:45:7a:5f:6f:9a:a5:eb:ee:1a:eb:ad:f4:3c:68:
a3:5f:f1:02:9a:60:b9:35:e8:4b:8b:af:1b:62:47:
be:8c:04:3d:1e:fe:3f:b2:b9:3d:78:95:4b:6e:54:
42:2a:05:47:bc:08:fd:b7:f2:0c:7a:4e:ae:59:56:
43:d5:b3:bd:84:d0:da:d5:0b:7f:f6:22:ec:9a:0e:
cf:1f:0c:97:71:ae:3a:ab:12:a3:95:f1:11:b6:cd:
39:14:0a:50:21:16:51:76:dc:73:39:87:02:43:6c:
8f:7e:6b:2c:14:fb:1e:c5:a2:42:1f:3f:b4:35:f5:
72:ca:9f:6d:10:3b:11:c4:2d:4b:c8:2e:96:7b:d2:
96:5d:34:48:30:83:31:3f:04:d2:d7:e5:94:27:5a:
fd:3c:d5:ad:86:e1:88:a2:12:93:3b:21:59:8e:63:
f9:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:3F:04:C9:0F:0F:B3:5A:4D:02:84:F8:43:73:94:B5:58:31:2E:04
X509v3 Authority Key Identifier:
keyid:0A:8E:7D:FC:D2:00:C8:5E:B3:CA:C6:6F:85:9B:71:10:AB:99:B1:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Co59_NIAyF6zysZvhZtxEKuZsQo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/0f9eff-b608-41df-91d4-a47eb9329597/1/Nz8EyQ8Ps1pNAoT4Q3OUtVgxLgQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/0f9eff-b608-41df-91d4-a47eb9329597/1/Co59_NIAyF6zysZvhZtxEKuZsQo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.207.112.0/20
193.53.83.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:0c:e0:ea:b1:40:22:76:22:da:51:93:84:57:ad:09:39:0b:
1a:0f:4c:3a:da:c6:dd:d0:4c:d8:17:6b:13:38:aa:5f:9e:dd:
82:90:2b:06:cf:a1:20:47:24:11:e4:fe:62:41:12:2a:6d:25:
c0:2e:4a:85:32:09:fd:9a:b2:3c:9b:8b:ec:34:01:9c:bd:89:
a9:b1:d9:39:5e:2a:5b:c1:74:20:93:b6:88:75:f1:00:dc:13:
cb:e1:23:7b:f4:e7:98:26:fb:f9:46:0c:f1:a5:23:df:93:0a:
93:a4:87:f9:bc:03:37:17:60:a0:16:9e:fd:05:0e:3b:d5:fa:
0e:43:ae:77:da:b1:7d:ef:44:69:ba:28:f5:dc:61:91:49:bd:
a6:f8:07:00:c3:df:05:ee:22:73:a3:79:2e:89:39:1d:2e:d6:
22:67:9c:30:40:4b:1a:8d:82:fb:e5:1e:13:98:5d:ef:2d:d8:
b3:8c:3c:a6:7b:8d:4c:e4:2e:57:1d:e2:61:7d:da:df:a0:0b:
c1:b7:18:cc:3b:92:58:f2:a9:2a:8e:73:bb:d9:1b:51:47:6d:
44:ef:56:2f:ac:0e:9e:31:4a:72:a9:71:3a:8f:d4:9b:03:7a:
59:9c:38:cd:99:a6:0b:3c:37:95:cb:f7:b5:b0:a5:7e:50:51:
72:3e:96:fa
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZK656gk8mBxt5LfGnZI+MmvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhOGU3ZGZjZDIwMGM4NWViM2NhYzY2Zjg1OWI3MTEwYWI5
OWIxMGEwHhcNMjQxMDIzMTk0MzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzNmMDRjOTBmMGZiMzVhNGQwMjg0Zjg0MzczOTRiNTU4MzEyZTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3B6bYcqAstjhp7isQIGe63Mwmx8
Q9NFZsibf5g8RL1vivUEL9mznlHzjcasrR0bTtuUDZ7NYOMuZG/jiJhSaWEG5Hcv
STdUSxv18uigGZ11saIzu/Gjv3ncRXpfb5ql6+4a6630PGijX/ECmmC5NehLi68b
Yke+jAQ9Hv4/srk9eJVLblRCKgVHvAj9t/IMek6uWVZD1bO9hNDa1Qt/9iLsmg7P
HwyXca46qxKjlfERts05FApQIRZRdtxzOYcCQ2yPfmssFPsexaJCHz+0NfVyyp9t
EDsRxC1LyC6We9KWXTRIMIMxPwTS1+WUJ1r9PNWthuGIohKTOyFZjmP5UQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDc/BMkPD7NaTQKE+ENzlLVYMS4EMB8GA1UdIwQY
MBaAFAqOffzSAMhes8rGb4WbcRCrmbEKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ281OV9OSUF5RjZ6eXNadmhadHhFS3Vac1FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS8wZjllZmYtYjYwOC00MWRmLTkxZDQt
YTQ3ZWI5MzI5NTk3LzEvTno4RXlROFBzMXBOQW9UNFEzT1V0Vmd4TGdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS8wZjllZmYtYjYwOC00MWRmLTkxZDQtYTQ3ZWI5MzI5NTk3
LzEvQ281OV9OSUF5RjZ6eXNadmhadHhFS3Vac1FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEbc9wAwQA
wTVTMA0GCSqGSIb3DQEBCwUAA4IBAQB/DODqsUAidiLaUZOEV60JOQsaD0w62sbd
0EzYF2sTOKpfnt2CkCsGz6EgRyQR5P5iQRIqbSXALkqFMgn9mrI8m4vsNAGcvYmp
sdk5XipbwXQgk7aIdfEA3BPL4SN79OeYJvv5RgzxpSPfkwqTpIf5vAM3F2CgFp79
BQ471foOQ6532rF970Rpuij13GGRSb2m+AcAw98F7iJzo3kuiTkdLtYiZ5wwQEsa
jYL75R4TmF3vLdizjDyme41M5C5XHeJhfdrfoAvBtxjMO5JY8qkqjnO72RtRR21E
71YvrA6eMUpyqXE6j9SbA3pZnDjNmaYLPDeVy/e1sKV+UFFyPpb6
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:17:31 2025 by rpki-client