Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/6c3d9f-8a4f-4a6c-8579-e92ece4d3cb3/1/ntkgPOeEhw1w8c7pIB8Qn_gxjKw.roa
File: ntkgPOeEhw1w8c7pIB8Qn_gxjKw.roa (raw, json)
Hash identifier: TKEJwJ9PAXtRm0KGNnCXuwbzZuFfd3ZcTzQOFPw6XVA=
Subject key identifier: 9E:D9:20:3C:E7:84:87:0D:70:F1:CE:E9:20:1F:10:9F:F8:31:8C:AC
Certificate issuer: /CN=21a00080cd2cb1bb073903b32b25ad660a366486
Certificate serial: 018CC80155655A9E8ECF76C03ED17148DCC2
Authority key identifier: 21:A0:00:80:CD:2C:B1:BB:07:39:03:B3:2B:25:AD:66:0A:36:64:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IaAAgM0ssbsHOQOzKyWtZgo2ZIY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/6c3d9f-8a4f-4a6c-8579-e92ece4d3cb3/1/ntkgPOeEhw1w8c7pIB8Qn_gxjKw.roa
Signing time: Tue 02 Jan 2024 02:29:39 +0000
ROA not before: Tue 02 Jan 2024 02:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 213.109.76.0/23 maxlen: 23
91.239.43.0/24 maxlen: 24
195.191.65.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:48:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:55:65:5a:9e:8e:cf:76:c0:3e:d1:71:48:dc:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21a00080cd2cb1bb073903b32b25ad660a366486
Validity
Not Before: Jan 2 02:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9ed9203ce784870d70f1cee9201f109ff8318cac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:b2:23:a4:45:2b:1f:92:4c:b7:94:c2:16:71:
36:06:b2:13:c3:c1:60:a3:3a:1d:af:69:11:b3:5e:
e0:b8:c6:64:ce:01:0a:8f:50:e4:38:e0:52:37:9b:
4c:d8:58:2e:21:40:15:40:d6:70:91:35:7b:64:5c:
59:02:f3:47:4b:96:92:6c:34:96:a5:64:e7:ee:c4:
49:87:49:95:53:5e:1a:e8:85:fa:b2:b0:58:8c:b6:
ae:07:56:71:c6:7c:3e:a6:8f:25:bc:9f:19:8e:5a:
65:1e:f9:a6:af:58:da:0b:b2:c3:d3:3d:aa:99:e0:
48:95:60:cd:6d:56:92:cb:7d:76:9a:39:20:37:92:
52:bb:d3:3a:21:ca:3c:aa:45:e3:45:a3:23:01:c3:
3f:ef:74:bd:04:10:d8:a2:13:89:e0:e8:a9:e6:01:
cc:c4:a4:5f:82:fb:a1:14:d3:2b:f2:6d:a9:60:73:
d3:80:d3:28:40:fc:4a:f0:51:c5:ac:47:9c:89:12:
e9:31:7c:9a:42:14:17:2d:c8:83:e9:43:5a:b5:fb:
df:e1:7b:56:77:27:8d:33:87:be:2b:a9:a5:bb:c2:
0e:8e:cc:02:8e:ce:41:27:4a:a0:db:1a:e5:84:d2:
3a:f9:06:cc:7b:2d:83:69:5b:97:b6:b2:9e:00:af:
eb:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:D9:20:3C:E7:84:87:0D:70:F1:CE:E9:20:1F:10:9F:F8:31:8C:AC
X509v3 Authority Key Identifier:
keyid:21:A0:00:80:CD:2C:B1:BB:07:39:03:B3:2B:25:AD:66:0A:36:64:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IaAAgM0ssbsHOQOzKyWtZgo2ZIY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/6c3d9f-8a4f-4a6c-8579-e92ece4d3cb3/1/ntkgPOeEhw1w8c7pIB8Qn_gxjKw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/6c3d9f-8a4f-4a6c-8579-e92ece4d3cb3/1/IaAAgM0ssbsHOQOzKyWtZgo2ZIY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.43.0/24
195.191.65.0/24
213.109.76.0/23
Signature Algorithm: sha256WithRSAEncryption
62:1f:4c:96:c2:e0:13:0d:b8:d0:31:76:6d:f4:ce:4a:e7:97:
c8:d7:c2:16:f7:25:dc:66:5c:6f:e1:e6:2e:4e:ef:d8:9a:2d:
9c:e9:ac:fa:8d:ef:8e:6c:d3:14:2f:63:39:32:44:4a:c7:30:
4d:a4:6b:99:56:da:b1:45:0e:bc:b1:5c:68:81:8f:73:65:52:
46:c9:24:f8:e0:12:07:9b:37:02:e0:4f:89:40:db:ed:0e:6b:
db:c8:ec:49:13:1c:59:10:b8:a1:44:32:d2:8e:24:54:d6:87:
98:29:8c:a5:b1:8f:58:1a:00:79:be:06:1b:ba:8d:25:dd:f2:
8e:b6:46:22:6f:cd:40:a1:22:51:12:e5:36:ef:20:9e:1b:ee:
5d:6e:2e:d3:a3:ad:10:80:67:b0:01:d4:ec:00:6d:87:2b:bc:
7c:b6:92:64:2b:02:cf:4a:91:eb:1e:75:a0:c0:04:9e:aa:72:
08:a4:ec:3e:2e:33:e7:6a:5a:3a:5e:10:d9:ec:45:b6:59:c7:
9a:3e:aa:ce:25:8d:e8:2c:e4:70:04:a4:0a:e9:e0:18:b9:46:
08:17:ee:5f:cb:d6:13:a7:c9:ce:36:67:a5:93:a9:f9:8b:f2:
8f:f1:61:14:77:d7:fd:cd:da:20:32:5c:54:1c:f5:8b:c3:03:
d7:a4:e2:76
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzIAVVlWp6Oz3bAPtFxSNzCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYTAwMDgwY2QyY2IxYmIwNzM5MDNiMzJiMjVhZDY2MGEz
NjY0ODYwHhcNMjQwMTAyMDIyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWQ5MjAzY2U3ODQ4NzBkNzBmMWNlZTkyMDFmMTA5ZmY4MzE4Y2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnrIjpEUrH5JMt5TCFnE2BrITw8Fg
ozodr2kRs17guMZkzgEKj1DkOOBSN5tM2FguIUAVQNZwkTV7ZFxZAvNHS5aSbDSW
pWTn7sRJh0mVU14a6IX6srBYjLauB1Zxxnw+po8lvJ8ZjlplHvmmr1jaC7LD0z2q
meBIlWDNbVaSy312mjkgN5JSu9M6Ico8qkXjRaMjAcM/73S9BBDYohOJ4Oip5gHM
xKRfgvuhFNMr8m2pYHPTgNMoQPxK8FHFrEeciRLpMXyaQhQXLciD6UNatfvf4XtW
dyeNM4e+K6mlu8IOjswCjs5BJ0qg2xrlhNI6+QbMey2DaVuXtrKeAK/rYwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJ7ZIDznhIcNcPHO6SAfEJ/4MYysMB8GA1UdIwQY
MBaAFCGgAIDNLLG7BzkDsyslrWYKNmSGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWFBQWdNMHNzYnNIT1FPekt5V3RaZ28yWklZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy82YzNkOWYtOGE0Zi00YTZjLTg1Nzkt
ZTkyZWNlNGQzY2IzLzEvbnRrZ1BPZUVodzF3OGM3cElCOFFuX2d4akt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy82YzNkOWYtOGE0Zi00YTZjLTg1NzktZTkyZWNlNGQzY2Iz
LzEvSWFBQWdNMHNzYnNIT1FPekt5V3RaZ28yWklZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW+8rAwQA
w79BAwQB1W1MMA0GCSqGSIb3DQEBCwUAA4IBAQBiH0yWwuATDbjQMXZt9M5K55fI
18IW9yXcZlxv4eYuTu/Ymi2c6az6je+ObNMUL2M5MkRKxzBNpGuZVtqxRQ68sVxo
gY9zZVJGyST44BIHmzcC4E+JQNvtDmvbyOxJExxZELihRDLSjiRU1oeYKYylsY9Y
GgB5vgYbuo0l3fKOtkYib81AoSJREuU27yCeG+5dbi7To60QgGewAdTsAG2HK7x8
tpJkKwLPSpHrHnWgwASeqnIIpOw+LjPnalo6XhDZ7EW2WceaPqrOJY3oLORwBKQK
6eAYuUYIF+5fy9YTp8nONmelk6n5i/KP8WEUd9f9zdogMlxUHPWLwwPXpOJ2
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:31:40 2025 by rpki-client