Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/nfKr8Dk5mUj9Qe9vm-qYlnazLs0.roa
File: nfKr8Dk5mUj9Qe9vm-qYlnazLs0.roa (raw, json)
Hash identifier: 4Vgs1JD5kf3j41WC7Pp8Gf04zRHx4UNLEUsbvLn92io=
Subject key identifier: 9D:F2:AB:F0:39:39:99:48:FD:41:EF:6F:9B:EA:98:96:76:B3:2E:CD
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 019368AF0DF46145938D80BC33936059D506
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/nfKr8Dk5mUj9Qe9vm-qYlnazLs0.roa
Signing time: Tue 26 Nov 2024 13:35:23 +0000
ROA not before: Tue 26 Nov 2024 13:35:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 396826
IP address blocks: 81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
185.100.0.53/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:68:af:0d:f4:61:45:93:8d:80:bc:33:93:60:59:d5:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Nov 26 13:35:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9df2abf039399948fd41ef6f9bea989676b32ecd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:b6:cb:13:6b:9f:a0:99:1d:44:1b:dd:c2:c1:
a4:1b:e3:42:c6:df:96:6c:78:a8:e6:af:c9:35:dd:
13:2c:5d:cb:d8:06:fd:b4:fd:39:85:e1:65:96:fb:
8d:57:db:90:2c:57:1e:ce:5b:f3:84:2c:81:8b:7e:
2b:b0:1f:4c:25:17:dd:63:be:2e:1f:ed:10:2a:7a:
d6:5e:f1:01:04:ef:a8:ee:4f:0e:d7:21:70:ba:1c:
25:b2:03:4d:13:56:28:a5:46:ff:6e:21:f6:b1:f2:
ac:8f:84:fd:b4:97:9b:dc:e7:08:69:ba:22:51:5e:
60:73:ba:65:0b:c5:3c:8c:2b:5a:ce:89:fe:d4:e0:
0d:1b:14:4a:5f:33:dd:70:bf:79:5b:c7:1c:a5:72:
8e:8d:a8:b6:49:ab:18:aa:1d:84:00:21:9a:ef:2f:
22:17:14:9a:b0:e8:36:eb:b8:23:cf:2a:ce:81:d1:
ad:15:c6:23:2e:09:3c:e8:bf:7d:b0:fa:b2:37:f7:
3b:07:64:7c:c1:02:c5:ff:90:50:ea:aa:15:81:06:
59:75:ae:80:6f:cc:59:c2:94:8b:6c:27:2e:65:6f:
54:40:a5:0e:dc:21:7c:97:ea:46:62:11:eb:5b:00:
d7:99:3a:07:7f:ad:d3:a3:6f:be:3f:8b:3c:db:49:
ed:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:F2:AB:F0:39:39:99:48:FD:41:EF:6F:9B:EA:98:96:76:B3:2E:CD
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/nfKr8Dk5mUj9Qe9vm-qYlnazLs0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.195.30/31
185.100.0.53/32
Signature Algorithm: sha256WithRSAEncryption
6f:c7:9e:f2:f8:68:b0:70:25:20:0d:b7:e7:a1:33:be:17:33:
1d:c1:1f:9c:8f:de:08:ff:6e:fe:7d:5a:c4:cb:b7:eb:8b:b0:
1d:53:3e:13:4d:e7:b3:e8:a6:35:36:55:84:7b:da:08:20:30:
63:7e:fc:35:bd:12:ce:c2:54:48:93:02:5b:f9:73:3f:cb:3b:
99:a0:c3:55:63:7a:31:3e:25:fa:0a:e2:29:f0:7a:c6:d3:c4:
f6:89:d0:04:af:82:82:70:db:de:8c:55:dc:e2:e9:ce:8a:54:
5c:3f:4d:e4:87:99:1f:cc:69:8c:1d:05:5a:f8:70:ae:91:c9:
23:2c:5b:ea:1c:92:ce:7a:41:63:48:6e:36:f6:b4:b5:27:2d:
92:6e:52:a9:4d:44:fe:c6:c0:20:1c:27:77:ea:dd:3a:a3:82:
39:3f:b1:fd:2c:3d:58:40:df:cf:a8:da:1a:c8:5c:7d:c1:d3:
b5:d1:ef:c8:c5:ba:58:66:65:5a:36:ce:f3:c5:19:8b:1e:3f:
43:8b:65:be:bb:40:95:8d:39:dc:c5:3c:f7:42:50:45:c1:e4:
22:99:e5:32:29:d0:7b:83:b1:5e:32:30:6c:29:c5:0b:1b:7d:
2e:93:c2:48:ba:7e:68:6b:7f:1e:5e:12:39:88:50:ef:3b:2d:
a4:02:5d:60
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZNorw30YUWTjYC8M5NgWdUGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjQxMTI2MTMzNTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGYyYWJmMDM5Mzk5OTQ4ZmQ0MWVmNmY5YmVhOTg5Njc2YjMyZWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1rbLE2ufoJkdRBvdwsGkG+NCxt+W
bHio5q/JNd0TLF3L2Ab9tP05heFllvuNV9uQLFcezlvzhCyBi34rsB9MJRfdY74u
H+0QKnrWXvEBBO+o7k8O1yFwuhwlsgNNE1YopUb/biH2sfKsj4T9tJeb3OcIaboi
UV5gc7plC8U8jCtazon+1OANGxRKXzPdcL95W8ccpXKOjai2SasYqh2EACGa7y8i
FxSasOg267gjzyrOgdGtFcYjLgk86L99sPqyN/c7B2R8wQLF/5BQ6qoVgQZZda6A
b8xZwpSLbCcuZW9UQKUO3CF8l+pGYhHrWwDXmToHf63To2++P4s820ntxwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJ3yq/A5OZlI/UHvb5vqmJZ2sy7NMB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvbmZLcjhEazVtVWo5UWU5dm0tcVlsbmF6THMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOAwUBURPDHgMF
ALlkADUwDQYJKoZIhvcNAQELBQADggEBAG/HnvL4aLBwJSANt+ehM74XMx3BH5yP
3gj/bv59WsTLt+uLsB1TPhNN57PopjU2VYR72gggMGN+/DW9Es7CVEiTAlv5cz/L
O5mgw1VjejE+JfoK4inwesbTxPaJ0ASvgoJw296MVdzi6c6KVFw/TeSHmR/MaYwd
BVr4cK6RySMsW+ocks56QWNIbjb2tLUnLZJuUqlNRP7GwCAcJ3fq3Tqjgjk/sf0s
PVhA38+o2hrIXH3B07XR78jFulhmZVo2zvPFGYseP0OLZb67QJWNOdzFPPdCUEXB
5CKZ5TIp0HuDsV4yMGwpxQsbfS6Twki6fmhrfx5eEjmIUO87LaQCXWA=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:19:57 2025 by rpki-client