Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/b0b6e7-3e23-4426-8c84-fab83d403558/1/nhv3AxOS2hT56nddRX0Rqq786v4.roa
File: nhv3AxOS2hT56nddRX0Rqq786v4.roa (raw, json)
Hash identifier: kx26YIONs0EPo0xRhrd+b0oqKnAPvCd/zKT7412sbas=
Subject key identifier: 9E:1B:F7:03:13:92:DA:14:F9:EA:77:5D:45:7D:11:AA:AE:FC:EA:FE
Certificate issuer: /CN=d6dbaa1b52f3a73289ff768acb7baa7f387f955f
Certificate serial: 018CC94E3FA6CDB931531F939087B67F2AE8
Authority key identifier: D6:DB:AA:1B:52:F3:A7:32:89:FF:76:8A:CB:7B:AA:7F:38:7F:95:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1tuqG1LzpzKJ_3aKy3uqfzh_lV8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/b0b6e7-3e23-4426-8c84-fab83d403558/1/nhv3AxOS2hT56nddRX0Rqq786v4.roa
Signing time: Tue 02 Jan 2024 08:33:17 +0000
ROA not before: Tue 02 Jan 2024 08:33:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 91.208.21.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:49:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:3f:a6:cd:b9:31:53:1f:93:90:87:b6:7f:2a:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d6dbaa1b52f3a73289ff768acb7baa7f387f955f
Validity
Not Before: Jan 2 08:33:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9e1bf7031392da14f9ea775d457d11aaaefceafe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:6a:38:6e:de:3a:76:98:81:eb:18:16:e8:b8:
d3:c0:3a:b5:0b:01:cb:f4:09:8b:6b:f8:a9:03:c2:
f9:0b:20:23:5e:4a:93:18:49:0c:21:31:3f:d0:97:
e8:e2:08:f9:22:42:f2:c1:41:12:b7:b9:3f:0c:20:
d7:7a:bb:ec:24:01:45:1b:05:6f:a3:a3:f6:fa:bc:
60:e7:b0:19:50:71:69:6c:b3:6f:ed:8b:22:16:67:
03:69:56:88:c4:56:81:9f:89:47:a8:aa:56:f6:18:
de:e0:f6:9a:92:eb:90:48:8f:4a:e7:63:02:c3:70:
e8:e6:d2:71:47:f8:40:3a:5d:a3:9b:c6:72:10:6f:
ae:fe:51:fd:93:61:52:02:13:0c:e0:a8:c2:ca:dc:
c1:57:c7:10:63:38:6f:da:26:26:d4:34:20:86:1f:
fa:f4:dd:c1:4e:c1:7d:52:e1:66:81:ee:be:85:e5:
d7:c2:1f:ef:1a:e6:fa:63:fe:6d:1c:dd:da:50:96:
61:c0:1b:2b:1e:3f:d5:16:50:bf:07:ac:4b:02:b5:
9e:cd:32:05:5d:c8:fc:29:d1:30:a0:e5:43:2a:07:
ee:0b:df:89:ae:83:eb:71:86:76:db:40:c7:0f:4a:
37:a5:8c:2b:20:e9:a4:71:3e:a0:3b:e7:51:28:44:
1d:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:1B:F7:03:13:92:DA:14:F9:EA:77:5D:45:7D:11:AA:AE:FC:EA:FE
X509v3 Authority Key Identifier:
keyid:D6:DB:AA:1B:52:F3:A7:32:89:FF:76:8A:CB:7B:AA:7F:38:7F:95:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1tuqG1LzpzKJ_3aKy3uqfzh_lV8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/b0b6e7-3e23-4426-8c84-fab83d403558/1/nhv3AxOS2hT56nddRX0Rqq786v4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/b0b6e7-3e23-4426-8c84-fab83d403558/1/1tuqG1LzpzKJ_3aKy3uqfzh_lV8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.21.0/24
Signature Algorithm: sha256WithRSAEncryption
54:26:e3:69:62:68:32:e6:92:7a:a7:f4:f0:7d:71:5b:58:3b:
1c:cc:94:36:99:c3:17:e4:1f:c5:57:ec:d3:4c:db:96:94:0c:
99:b2:31:db:b3:ad:0b:57:b1:53:6a:59:54:e3:3b:f6:f3:b0:
6d:ff:e7:a0:32:86:23:47:53:7d:44:54:84:70:5c:34:38:63:
ec:86:e6:5f:65:09:9e:25:ed:31:7c:45:56:df:45:17:92:ac:
7c:ae:86:0f:a4:c2:90:32:40:01:6f:a6:0e:1a:82:3a:62:f2:
60:d7:1d:bf:27:dc:2b:6b:84:07:64:33:f0:f4:d7:f1:5f:11:
af:f4:5d:01:df:59:a1:48:30:8f:05:da:60:54:c8:c2:ec:18:
8a:c1:ba:38:8b:a5:95:6d:d3:14:a4:92:7f:4c:b6:c7:94:19:
3e:c7:b0:63:59:4a:50:6a:13:a2:9c:c9:d4:79:41:ef:70:25:
ae:5a:f8:79:49:a6:03:2f:18:cd:03:81:7f:96:92:fd:4d:3e:
65:3f:bf:f2:e9:c0:10:96:68:86:b8:05:eb:38:20:3c:d8:40:
b9:c2:5f:01:5f:8d:ef:da:b5:df:b6:5a:a3:18:1b:48:ae:1f:
8b:35:f3:a8:ac:fd:93:87:36:a1:1f:7c:0c:98:ec:4b:43:34:
be:2a:63:70
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTj+mzbkxUx+TkIe2fyroMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2ZGJhYTFiNTJmM2E3MzI4OWZmNzY4YWNiN2JhYTdmMzg3
Zjk1NWYwHhcNMjQwMTAyMDgzMzE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTFiZjcwMzEzOTJkYTE0ZjllYTc3NWQ0NTdkMTFhYWFlZmNlYWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGo4bt46dpiB6xgW6LjTwDq1CwHL
9AmLa/ipA8L5CyAjXkqTGEkMITE/0Jfo4gj5IkLywUESt7k/DCDXervsJAFFGwVv
o6P2+rxg57AZUHFpbLNv7YsiFmcDaVaIxFaBn4lHqKpW9hje4PaakuuQSI9K52MC
w3Do5tJxR/hAOl2jm8ZyEG+u/lH9k2FSAhMM4KjCytzBV8cQYzhv2iYm1DQghh/6
9N3BTsF9UuFmge6+heXXwh/vGub6Y/5tHN3aUJZhwBsrHj/VFlC/B6xLArWezTIF
Xcj8KdEwoOVDKgfuC9+JroPrcYZ220DHD0o3pYwrIOmkcT6gO+dRKEQdZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ4b9wMTktoU+ep3XUV9Eaqu/Or+MB8GA1UdIwQY
MBaAFNbbqhtS86cyif92ist7qn84f5VfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXR1cUcxTHpwektKXzNhS3kzdXFmemhfbFY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9iMGI2ZTctM2UyMy00NDI2LThjODQt
ZmFiODNkNDAzNTU4LzEvbmh2M0F4T1MyaFQ1Nm5kZFJYMFJxcTc4NnY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9iMGI2ZTctM2UyMy00NDI2LThjODQtZmFiODNkNDAzNTU4
LzEvMXR1cUcxTHpwektKXzNhS3kzdXFmemhfbFY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9AVMA0G
CSqGSIb3DQEBCwUAA4IBAQBUJuNpYmgy5pJ6p/TwfXFbWDsczJQ2mcMX5B/FV+zT
TNuWlAyZsjHbs60LV7FTallU4zv287Bt/+egMoYjR1N9RFSEcFw0OGPshuZfZQme
Je0xfEVW30UXkqx8roYPpMKQMkABb6YOGoI6YvJg1x2/J9wra4QHZDPw9NfxXxGv
9F0B31mhSDCPBdpgVMjC7BiKwbo4i6WVbdMUpJJ/TLbHlBk+x7BjWUpQahOinMnU
eUHvcCWuWvh5SaYDLxjNA4F/lpL9TT5lP7/y6cAQlmiGuAXrOCA82EC5wl8BX43v
2rXftlqjGBtIrh+LNfOorP2ThzahH3wMmOxLQzS+KmNw
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:33:52 2025 by rpki-client