Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/8791a1-e679-4663-a2da-1a513df069fc/1/nx1j_HVt-v7wmD8yySrpglcZV8Q.roa
File: nx1j_HVt-v7wmD8yySrpglcZV8Q.roa (raw, json)
Hash identifier: B0eKTspKjGxI7FQ4pBkpa4dxCu/yP8gJ+0nRbROttlo=
Subject key identifier: 9F:1D:63:FC:75:6D:FA:FE:F0:98:3F:32:C9:2A:E9:82:57:19:57:C4
Certificate issuer: /CN=e4f2a866202f4b8cbc33382d6e82d81d8964c80e
Certificate serial: 0192243DE5403DD6C59B522324ADE44E552B
Authority key identifier: E4:F2:A8:66:20:2F:4B:8C:BC:33:38:2D:6E:82:D8:1D:89:64:C8:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5PKoZiAvS4y8MzgtboLYHYlkyA4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/8791a1-e679-4663-a2da-1a513df069fc/1/nx1j_HVt-v7wmD8yySrpglcZV8Q.roa
Signing time: Tue 24 Sep 2024 13:34:48 +0000
ROA not before: Tue 24 Sep 2024 13:34:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48807
IP address blocks: 185.90.144.0/22 maxlen: 30
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:49:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:24:3d:e5:40:3d:d6:c5:9b:52:23:24:ad:e4:4e:55:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4f2a866202f4b8cbc33382d6e82d81d8964c80e
Validity
Not Before: Sep 24 13:34:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9f1d63fc756dfafef0983f32c92ae982571957c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:9c:fd:82:df:ea:50:d3:ce:2b:99:bd:6e:51:
1f:ad:d6:eb:79:4f:51:c8:71:48:21:51:40:ba:58:
55:d0:e6:8b:6a:32:67:59:8d:87:b9:1f:a1:54:8d:
77:3a:86:70:84:29:06:a2:1b:00:51:36:60:45:56:
50:3a:4a:23:54:73:c0:fa:88:f4:96:86:19:2c:b7:
b9:e2:60:97:ff:92:5d:67:92:05:17:cc:6c:4b:76:
2f:1a:97:70:02:d8:4b:f6:f5:f7:7f:90:e5:70:e2:
dd:4b:07:a0:0d:e9:6b:5e:ae:ed:24:1a:c5:03:0e:
57:02:74:aa:fd:24:88:e9:8b:e7:c1:42:4a:ac:00:
58:ba:e0:7a:6e:ca:81:98:58:4b:e1:5f:a8:91:7f:
bc:ca:39:fa:97:bc:b6:ed:d3:f4:aa:eb:d3:ee:a3:
fc:94:cb:70:8b:d8:a7:1e:80:6e:03:b0:72:5b:7e:
cc:8e:bc:64:9b:63:52:38:68:92:2e:61:81:7e:fa:
45:f8:7f:3f:84:dc:d3:fd:66:ee:38:e0:d6:01:c0:
70:64:3e:c3:c7:eb:47:50:10:46:b1:fb:67:5b:82:
a3:67:1a:97:9a:11:2a:12:68:de:4a:26:86:07:b6:
f8:b0:97:91:50:30:fd:5c:ca:3d:da:0b:f4:7c:ba:
ea:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:1D:63:FC:75:6D:FA:FE:F0:98:3F:32:C9:2A:E9:82:57:19:57:C4
X509v3 Authority Key Identifier:
keyid:E4:F2:A8:66:20:2F:4B:8C:BC:33:38:2D:6E:82:D8:1D:89:64:C8:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5PKoZiAvS4y8MzgtboLYHYlkyA4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/8791a1-e679-4663-a2da-1a513df069fc/1/nx1j_HVt-v7wmD8yySrpglcZV8Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/8791a1-e679-4663-a2da-1a513df069fc/1/5PKoZiAvS4y8MzgtboLYHYlkyA4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.90.144.0/22
Signature Algorithm: sha256WithRSAEncryption
84:8d:03:d6:be:9e:0a:dd:5f:12:0b:0d:16:02:18:9e:79:b0:
a4:ae:3d:0e:f7:96:5c:e4:c3:00:60:a6:ea:b9:8b:7f:8a:5f:
c8:eb:00:9f:38:17:ef:3a:75:87:17:d5:96:ac:6a:ca:87:b1:
cd:ef:26:ef:79:a3:7e:4f:44:f5:f1:09:28:62:c2:64:0d:5a:
62:58:86:fe:d3:0c:e1:54:eb:c5:c9:b0:49:7e:f8:14:cb:56:
e9:b4:e0:a5:83:80:5e:06:22:b4:43:b2:8f:93:8f:78:86:32:
24:70:ca:c5:d3:06:eb:ff:28:89:9c:ef:fb:37:8d:6c:8a:4e:
78:ab:6d:66:17:c2:b2:b7:09:f1:99:0c:76:e7:98:d7:37:d8:
c7:b7:cf:56:64:e3:67:fe:24:87:71:d6:4a:09:14:54:d3:a5:
d9:ef:45:ef:b4:37:cc:08:7f:81:72:d9:fa:c7:33:9b:c6:ca:
54:1f:78:1c:69:2c:31:73:1d:e9:23:91:07:0c:44:f5:83:54:
36:aa:18:39:98:e6:8e:08:81:2f:58:3f:1f:fd:5c:89:4d:a5:
03:ab:5e:44:b9:66:43:0a:dc:41:09:ef:7f:e5:bc:62:f3:46:
6a:ad:62:9c:6c:08:0b:82:2e:2c:98:f9:b3:95:0e:05:59:94:
25:47:06:03
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZIkPeVAPdbFm1IjJK3kTlUrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0ZjJhODY2MjAyZjRiOGNiYzMzMzgyZDZlODJkODFkODk2
NGM4MGUwHhcNMjQwOTI0MTMzNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjFkNjNmYzc1NmRmYWZlZjA5ODNmMzJjOTJhZTk4MjU3MTk1N2M0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwpz9gt/qUNPOK5m9blEfrdbreU9R
yHFIIVFAulhV0OaLajJnWY2HuR+hVI13OoZwhCkGohsAUTZgRVZQOkojVHPA+oj0
loYZLLe54mCX/5JdZ5IFF8xsS3YvGpdwAthL9vX3f5DlcOLdSwegDelrXq7tJBrF
Aw5XAnSq/SSI6YvnwUJKrABYuuB6bsqBmFhL4V+okX+8yjn6l7y27dP0quvT7qP8
lMtwi9inHoBuA7ByW37Mjrxkm2NSOGiSLmGBfvpF+H8/hNzT/WbuOODWAcBwZD7D
x+tHUBBGsftnW4KjZxqXmhEqEmjeSiaGB7b4sJeRUDD9XMo92gv0fLrqBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ8dY/x1bfr+8Jg/Mskq6YJXGVfEMB8GA1UdIwQY
MBaAFOTyqGYgL0uMvDM4LW6C2B2JZMgOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVBLb1ppQXZTNHk4TXpndGJvTFlIWWxreUE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy84NzkxYTEtZTY3OS00NjYzLWEyZGEt
MWE1MTNkZjA2OWZjLzEvbngxal9IVnQtdjd3bUQ4eXlTcnBnbGNaVjhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy84NzkxYTEtZTY3OS00NjYzLWEyZGEtMWE1MTNkZjA2OWZj
LzEvNVBLb1ppQXZTNHk4TXpndGJvTFlIWWxreUE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVqQMA0G
CSqGSIb3DQEBCwUAA4IBAQCEjQPWvp4K3V8SCw0WAhieebCkrj0O95Zc5MMAYKbq
uYt/il/I6wCfOBfvOnWHF9WWrGrKh7HN7ybveaN+T0T18QkoYsJkDVpiWIb+0wzh
VOvFybBJfvgUy1bptOClg4BeBiK0Q7KPk494hjIkcMrF0wbr/yiJnO/7N41sik54
q21mF8KytwnxmQx255jXN9jHt89WZONn/iSHcdZKCRRU06XZ70XvtDfMCH+Bctn6
xzObxspUH3gcaSwxcx3pI5EHDET1g1Q2qhg5mOaOCIEvWD8f/VyJTaUDq15EuWZD
CtxBCe9/5bxi80ZqrWKcbAgLgi4smPmzlQ4FWZQlRwYD
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:13 2025 by rpki-client