Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/nWKoFa85avL6XMp7w-qLbPVYGJ0.roa
File: nWKoFa85avL6XMp7w-qLbPVYGJ0.roa (raw, json)
Hash identifier: YkyxqWiUxdVzff0hoUuJeilJK0TVnF/GfbrcfG+8+xQ=
Subject key identifier: 9D:62:A8:15:AF:39:6A:F2:FA:5C:CA:7B:C3:EA:8B:6C:F5:58:18:9D
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 018FE34B34889434E68BC426A016F3918968
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/nWKoFa85avL6XMp7w-qLbPVYGJ0.roa
Signing time: Tue 04 Jun 2024 12:48:27 +0000
ROA not before: Tue 04 Jun 2024 12:48:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204916
IP address blocks: 2a10:4100::/32 maxlen: 32
2a10:4102::/32 maxlen: 32
2a10:4102::/36 maxlen: 36
2a10:4102:1000::/36 maxlen: 36
2a10:4102:2000::/36 maxlen: 36
2a10:4102:3000::/36 maxlen: 36
2a10:4102:4000::/36 maxlen: 36
2a10:4102:5000::/36 maxlen: 36
2a10:4102:6000::/36 maxlen: 36
2a10:4102:7000::/36 maxlen: 36
2a10:4102:8000::/36 maxlen: 36
2a10:4102:9000::/36 maxlen: 36
2a10:4102:a000::/36 maxlen: 36
2a10:4102:b000::/36 maxlen: 36
2a10:4102:c000::/36 maxlen: 36
2a10:4102:d000::/36 maxlen: 36
2a10:4102:e000::/36 maxlen: 36
2a10:4102:f000::/36 maxlen: 36
2a12:a345::/32 maxlen: 32
Validation: Failed, certificate revoked on Sat 02 Nov 2024 09:47:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e3:4b:34:88:94:34:e6:8b:c4:26:a0:16:f3:91:89:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Jun 4 12:48:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9d62a815af396af2fa5cca7bc3ea8b6cf558189d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:27:0f:4c:04:5a:47:06:ca:67:a1:3b:8d:55:
4c:78:21:92:a3:66:62:02:0f:a9:37:04:aa:f6:8c:
dc:29:1d:74:c9:ea:77:6d:b9:b6:c7:9e:c1:30:5c:
8b:ae:b2:cf:8b:e2:33:56:34:53:ce:3b:5a:d2:fe:
5b:81:21:41:81:d1:39:f1:e8:bb:05:f6:dc:ee:38:
4c:ef:a6:27:f9:77:ae:5e:46:f8:4d:57:0a:fa:e4:
36:e0:22:ee:2e:b7:b1:7b:9f:99:c8:0a:2d:5e:e3:
0c:f5:94:ea:1c:3f:20:ba:2a:1e:41:08:37:d6:19:
cb:ff:ba:bb:78:e2:e8:33:b1:95:73:00:68:26:38:
c3:59:ca:80:92:a3:76:d9:54:14:df:d7:16:6f:90:
98:e8:b1:25:93:e5:eb:21:2d:8f:14:80:ec:e8:f4:
6d:56:2c:58:8e:f7:7e:3b:71:3e:17:96:be:7c:b2:
c5:9f:d1:e7:43:84:29:b6:d5:7c:32:39:3b:d9:31:
89:b5:07:7c:ad:fc:d3:59:f2:a5:98:ad:13:3a:8c:
e1:19:2d:8b:9b:d9:06:86:9a:5c:ce:92:23:86:48:
0b:09:7c:e3:ea:a9:58:2e:3f:99:2d:6b:48:26:c7:
d7:e1:a8:41:b4:3b:9e:2e:7e:81:a9:0c:7c:d1:a0:
85:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:62:A8:15:AF:39:6A:F2:FA:5C:CA:7B:C3:EA:8B:6C:F5:58:18:9D
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/nWKoFa85avL6XMp7w-qLbPVYGJ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:4100::/32
2a10:4102::/32
2a12:a345::/32
Signature Algorithm: sha256WithRSAEncryption
78:6a:2e:75:c1:c9:99:8a:67:21:d4:b5:17:4e:f7:aa:6a:08:
87:6b:42:68:1a:b9:2d:07:69:e7:9b:90:bc:d0:e3:49:88:ab:
7e:53:5f:66:6b:8b:50:a4:4f:e4:57:81:bd:e7:95:1f:38:95:
42:0c:39:d4:e4:c6:80:ba:44:6d:1b:f5:90:cb:c9:42:2e:a0:
6b:0b:a6:75:97:f9:04:73:5a:a9:2c:df:cb:a7:34:ea:b9:13:
c1:79:5e:0d:35:63:2e:6c:0a:fe:30:81:94:6e:50:79:e2:6c:
42:af:8d:24:6f:d1:a7:83:36:98:94:8d:de:b4:28:da:a3:37:
51:ce:3e:9b:40:b9:93:e7:a4:d4:a5:10:da:eb:77:c6:f5:d7:
f2:bc:31:44:d3:14:14:75:c2:7b:e4:71:17:26:63:39:35:fa:
b5:a1:23:06:17:6c:8d:49:cb:48:e1:da:46:35:57:fd:1f:01:
e7:7c:0a:43:e4:66:cf:6c:0b:ad:f9:49:87:6c:c0:10:36:36:
64:dc:d8:06:b1:52:36:56:5a:5e:f8:84:ef:22:79:92:34:c2:
3d:38:01:59:cc:0a:a3:36:b4:9c:ab:2d:be:2a:bc:ef:d6:70:
98:9e:bf:f7:8f:45:1e:65:64:51:84:4c:f8:ac:de:f6:58:00:
ef:8c:56:14
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY/jSzSIlDTmi8QmoBbzkYloMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjQwNjA0MTI0ODI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDYyYTgxNWFmMzk2YWYyZmE1Y2NhN2JjM2VhOGI2Y2Y1NTgxODlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9icPTARaRwbKZ6E7jVVMeCGSo2Zi
Ag+pNwSq9ozcKR10yep3bbm2x57BMFyLrrLPi+IzVjRTzjta0v5bgSFBgdE58ei7
Bfbc7jhM76Yn+XeuXkb4TVcK+uQ24CLuLrexe5+ZyAotXuMM9ZTqHD8guioeQQg3
1hnL/7q7eOLoM7GVcwBoJjjDWcqAkqN22VQU39cWb5CY6LElk+XrIS2PFIDs6PRt
VixYjvd+O3E+F5a+fLLFn9HnQ4QpttV8Mjk72TGJtQd8rfzTWfKlmK0TOozhGS2L
m9kGhppczpIjhkgLCXzj6qlYLj+ZLWtIJsfX4ahBtDueLn6BqQx80aCFTQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJ1iqBWvOWry+lzKe8Pqi2z1WBidMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvbldLb0ZhODVhdkw2WE1wN3ctcUxiUFZZR0owLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUAKhBBAAMF
ACoQQQIDBQAqEqNFMA0GCSqGSIb3DQEBCwUAA4IBAQB4ai51wcmZimch1LUXTveq
agiHa0JoGrktB2nnm5C80ONJiKt+U19ma4tQpE/kV4G955UfOJVCDDnU5MaAukRt
G/WQy8lCLqBrC6Z1l/kEc1qpLN/LpzTquRPBeV4NNWMubAr+MIGUblB54mxCr40k
b9GngzaYlI3etCjaozdRzj6bQLmT56TUpRDa63fG9dfyvDFE0xQUdcJ75HEXJmM5
Nfq1oSMGF2yNSctI4dpGNVf9HwHnfApD5GbPbAut+UmHbMAQNjZk3NgGsVI2Vlpe
+ITvInmSNMI9OAFZzAqjNrScqy2+Krzv1nCYnr/3j0UeZWRRhEz4rN72WADvjFYU
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:08:46 2025 by rpki-client