Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/76c8b4-387e-4c04-8f35-c04ee05a7953/1/nrvP1MWg-0PoF_ZM_fu6IBwRKnw.roa
File: nrvP1MWg-0PoF_ZM_fu6IBwRKnw.roa (raw, json)
Hash identifier: SFY+/bOEurloX1AKKyiupTLkXVVuX1N6FAKgtfVZvSo=
Subject key identifier: 9E:BB:CF:D4:C5:A0:FB:43:E8:17:F6:4C:FD:FB:BA:20:1C:11:2A:7C
Certificate issuer: /CN=a9d78ce7a21c841d8735424776eb7ff587ad04d1
Certificate serial: 018CC4938730EF02620AE8D03D3DAA25B77F
Authority key identifier: A9:D7:8C:E7:A2:1C:84:1D:87:35:42:47:76:EB:7F:F5:87:AD:04:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qdeM56IchB2HNUJHdut_9YetBNE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/76c8b4-387e-4c04-8f35-c04ee05a7953/1/nrvP1MWg-0PoF_ZM_fu6IBwRKnw.roa
Signing time: Mon 01 Jan 2024 10:30:51 +0000
ROA not before: Mon 01 Jan 2024 10:30:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21171
IP address blocks: 185.227.124.0/22 maxlen: 22
80.91.32.0/20 maxlen: 20
2a01:9900::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:87:30:ef:02:62:0a:e8:d0:3d:3d:aa:25:b7:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9d78ce7a21c841d8735424776eb7ff587ad04d1
Validity
Not Before: Jan 1 10:30:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9ebbcfd4c5a0fb43e817f64cfdfbba201c112a7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:ba:34:bb:7b:72:2e:c5:af:12:f6:05:05:5a:
93:c0:e9:34:a3:d8:8d:63:3b:61:e3:59:0b:88:0d:
94:9a:1b:d3:45:43:b4:2a:fc:04:0f:d8:34:f1:70:
20:4f:3c:e4:9f:56:d8:60:6f:6b:56:ce:10:87:e8:
72:c1:00:bb:3a:02:89:17:8b:af:b7:be:e6:52:7a:
58:bf:f3:27:b9:11:14:a7:c6:2d:76:6e:6a:9e:6f:
8e:ce:50:c6:03:58:49:ab:d3:9d:ef:20:3a:dd:24:
05:c1:71:05:26:ef:b3:77:4d:c5:e5:2f:65:46:18:
7f:91:56:07:03:91:d5:90:d7:74:39:09:c7:68:79:
eb:2e:d1:07:35:7f:53:12:8a:df:97:ab:e3:02:06:
0a:24:02:59:1f:32:3e:ba:80:ef:91:fc:84:a3:a3:
08:c5:f5:fd:c4:0c:51:0c:f1:f1:ee:9f:82:27:5d:
cd:a1:28:78:c7:ab:f3:0a:9a:b3:5a:d0:a9:31:19:
ce:fe:e6:c6:08:27:9c:3e:5a:b1:45:4e:02:26:04:
0a:c3:36:4e:b1:a7:84:f5:6e:77:43:9a:9f:7e:18:
09:4e:a7:19:1c:50:1c:05:98:4a:4d:56:e8:6d:12:
ba:1c:91:6e:51:c8:55:99:e6:c1:fa:0f:6a:2c:3d:
dc:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:BB:CF:D4:C5:A0:FB:43:E8:17:F6:4C:FD:FB:BA:20:1C:11:2A:7C
X509v3 Authority Key Identifier:
keyid:A9:D7:8C:E7:A2:1C:84:1D:87:35:42:47:76:EB:7F:F5:87:AD:04:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qdeM56IchB2HNUJHdut_9YetBNE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/76c8b4-387e-4c04-8f35-c04ee05a7953/1/nrvP1MWg-0PoF_ZM_fu6IBwRKnw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/76c8b4-387e-4c04-8f35-c04ee05a7953/1/qdeM56IchB2HNUJHdut_9YetBNE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.91.32.0/20
185.227.124.0/22
IPv6:
2a01:9900::/32
Signature Algorithm: sha256WithRSAEncryption
4a:00:14:f9:d8:1d:84:b9:d7:9f:9d:f9:ae:d7:7d:16:dc:69:
ea:fe:9e:72:6b:1c:44:98:9b:f7:35:c9:43:c0:3c:5b:67:ca:
cd:6a:27:1c:a9:02:84:71:77:94:8b:9c:6a:d2:c4:f0:10:50:
27:ff:d3:11:04:7c:2b:7d:ef:47:fb:8a:5c:44:d3:a4:b4:77:
da:a1:8b:98:6e:75:49:99:45:19:2f:0b:98:34:3b:d4:0e:2c:
2e:ff:33:81:6e:66:28:09:ba:13:38:2a:9e:29:e9:36:c6:72:
c1:ca:47:06:f4:61:9f:b6:4c:e3:cf:89:31:f0:ac:60:5e:74:
2a:f6:28:fb:86:ba:a9:6d:96:a3:bd:02:76:e6:77:15:a3:28:
0c:01:2d:5a:d3:ee:0e:73:e7:b4:c3:22:a2:3f:bd:c4:21:75:
ce:5b:32:d0:9f:fb:51:dc:3c:a3:fa:76:77:2c:11:27:e3:ef:
62:b5:c4:a9:07:34:ac:3a:96:15:da:b6:e1:93:d1:32:52:1d:
0a:f8:91:74:e5:89:57:15:dd:32:ff:3a:d5:2a:5a:75:23:b9:
36:c1:8c:dc:06:dd:0e:34:68:ac:f6:e8:29:d1:f7:70:0a:01:
15:33:f6:cf:a7:ad:71:1c:4d:f3:8d:50:e3:b7:c5:fc:72:71:
36:08:38:16
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzEk4cw7wJiCujQPT2qJbd/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5ZDc4Y2U3YTIxYzg0MWQ4NzM1NDI0Nzc2ZWI3ZmY1ODdh
ZDA0ZDEwHhcNMjQwMTAxMTAzMDUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWJiY2ZkNGM1YTBmYjQzZTgxN2Y2NGNmZGZiYmEyMDFjMTEyYTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuLo0u3tyLsWvEvYFBVqTwOk0o9iN
Yzth41kLiA2UmhvTRUO0KvwED9g08XAgTzzkn1bYYG9rVs4Qh+hywQC7OgKJF4uv
t77mUnpYv/MnuREUp8Ytdm5qnm+OzlDGA1hJq9Od7yA63SQFwXEFJu+zd03F5S9l
Rhh/kVYHA5HVkNd0OQnHaHnrLtEHNX9TEorfl6vjAgYKJAJZHzI+uoDvkfyEo6MI
xfX9xAxRDPHx7p+CJ13NoSh4x6vzCpqzWtCpMRnO/ubGCCecPlqxRU4CJgQKwzZO
saeE9W53Q5qffhgJTqcZHFAcBZhKTVbobRK6HJFuUchVmebB+g9qLD3cRwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJ67z9TFoPtD6Bf2TP37uiAcESp8MB8GA1UdIwQY
MBaAFKnXjOeiHIQdhzVCR3brf/WHrQTRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWRlTTU2SWNoQjJITlVKSGR1dF85WWV0Qk5FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi83NmM4YjQtMzg3ZS00YzA0LThmMzUt
YzA0ZWUwNWE3OTUzLzEvbnJ2UDFNV2ctMFBvRl9aTV9mdTZJQndSS253LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi83NmM4YjQtMzg3ZS00YzA0LThmMzUtYzA0ZWUwNWE3OTUz
LzEvcWRlTTU2SWNoQjJITlVKSGR1dF85WWV0Qk5FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEUFsgAwQC
ueN8MA0EAgACMAcDBQAqAZkAMA0GCSqGSIb3DQEBCwUAA4IBAQBKABT52B2Eudef
nfmu130W3Gnq/p5yaxxEmJv3NclDwDxbZ8rNaiccqQKEcXeUi5xq0sTwEFAn/9MR
BHwrfe9H+4pcRNOktHfaoYuYbnVJmUUZLwuYNDvUDiwu/zOBbmYoCboTOCqeKek2
xnLBykcG9GGftkzjz4kx8KxgXnQq9ij7hrqpbZajvQJ25ncVoygMAS1a0+4Oc+e0
wyKiP73EIXXOWzLQn/tR3Dyj+nZ3LBEn4+9itcSpBzSsOpYV2rbhk9EyUh0K+JF0
5YlXFd0y/zrVKlp1I7k2wYzcBt0ONGis9ugp0fdwCgEVM/bPp61xHE3zjVDjt8X8
cnE2CDgW
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:10:33 2025 by rpki-client