Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/b83e47-bc04-492d-9a07-ecdd8174007a/1/NLJB9X1sQZ6wfjAToTJttOPucVE.roa
File: NLJB9X1sQZ6wfjAToTJttOPucVE.roa (raw, json)
Hash identifier: bXRgbCs9YbKGZjfubXqOYBlAtIQIqgPFQKETP3EmPs4=
Subject key identifier: 34:B2:41:F5:7D:6C:41:9E:B0:7E:30:13:A1:32:6D:B4:E3:EE:71:51
Certificate issuer: /CN=bd8f9c03e757f3db514ca38d15ada451fa2e9615
Certificate serial: 01917E4C3E184C8CEF7D009CE2C727EB0A0D
Authority key identifier: BD:8F:9C:03:E7:57:F3:DB:51:4C:A3:8D:15:AD:A4:51:FA:2E:96:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vY-cA-dX89tRTKONFa2kUfoulhU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/b83e47-bc04-492d-9a07-ecdd8174007a/1/NLJB9X1sQZ6wfjAToTJttOPucVE.roa
Signing time: Fri 23 Aug 2024 08:13:31 +0000
ROA not before: Fri 23 Aug 2024 08:13:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 185.109.96.0/22 maxlen: 24
193.3.28.0/24 maxlen: 24
2a04:a0c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 23 Aug 2024 09:12:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:7e:4c:3e:18:4c:8c:ef:7d:00:9c:e2:c7:27:eb:0a:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd8f9c03e757f3db514ca38d15ada451fa2e9615
Validity
Not Before: Aug 23 08:13:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=34b241f57d6c419eb07e3013a1326db4e3ee7151
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:6a:21:b7:45:47:bc:0d:44:d3:b9:bb:80:b0:
e6:df:7e:95:24:4b:a5:42:3f:05:b2:6b:d8:9f:82:
eb:62:df:2c:65:e3:2e:d0:89:4e:88:4c:01:73:5e:
e0:2e:d3:22:a1:20:85:fe:73:5a:80:86:f8:ac:bd:
f9:b2:b7:5d:08:e2:7a:5b:d6:99:63:24:43:83:ee:
88:00:39:12:e2:1d:86:28:3f:0c:0d:55:39:2b:dc:
ae:13:bb:cb:b3:3b:58:29:de:57:ad:0e:24:d5:f3:
d3:a4:fd:6d:90:6a:e7:80:55:8d:e8:58:c0:90:ae:
a1:a1:b7:1f:75:45:07:32:d7:58:62:de:b0:16:14:
e0:b7:3b:22:85:f3:50:19:35:9c:6c:15:da:bc:4f:
5d:4b:7a:57:a7:7b:0b:0b:27:23:58:9a:4b:4c:af:
f3:60:78:94:47:03:85:f6:11:ea:a4:12:92:8a:46:
92:41:33:b0:e8:46:8b:7a:7d:15:43:62:31:5e:02:
fb:4f:43:e2:2c:46:db:38:65:b7:63:6a:45:d1:63:
9a:7e:52:bd:61:f4:b8:5b:19:92:09:41:52:41:68:
c1:8e:19:cc:8b:2b:a5:fe:32:c3:82:3c:22:02:f6:
c4:26:e7:fc:e0:b3:3b:c7:dd:23:81:89:66:12:12:
e4:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:B2:41:F5:7D:6C:41:9E:B0:7E:30:13:A1:32:6D:B4:E3:EE:71:51
X509v3 Authority Key Identifier:
keyid:BD:8F:9C:03:E7:57:F3:DB:51:4C:A3:8D:15:AD:A4:51:FA:2E:96:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vY-cA-dX89tRTKONFa2kUfoulhU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/b83e47-bc04-492d-9a07-ecdd8174007a/1/NLJB9X1sQZ6wfjAToTJttOPucVE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/b83e47-bc04-492d-9a07-ecdd8174007a/1/vY-cA-dX89tRTKONFa2kUfoulhU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.109.96.0/22
193.3.28.0/24
IPv6:
2a04:a0c0::/29
Signature Algorithm: sha256WithRSAEncryption
22:b8:25:eb:c1:57:91:fb:6d:9f:0a:7f:ff:20:bb:91:7e:27:
f6:d9:22:8e:d3:36:5c:0e:46:05:19:7c:60:fc:45:40:b7:35:
81:b3:b1:3e:7e:53:f0:78:15:67:b0:87:56:24:47:6a:f7:c5:
2b:b7:2e:c4:16:e3:e8:39:5a:4a:c4:42:17:2e:28:6a:95:2b:
2c:48:b2:d8:7c:13:f3:dc:20:c7:48:63:18:15:f3:b5:e0:b6:
cd:6e:69:6f:08:10:7e:0e:5f:8e:a9:07:7a:8a:c7:39:21:d4:
a9:e4:e9:09:bb:a1:19:fa:56:4a:53:5e:b1:b0:22:b4:b3:a7:
93:e0:c2:84:aa:eb:76:b5:fd:dd:b9:47:79:f6:67:f4:37:b7:
84:48:91:d8:24:c6:74:a6:e4:9a:67:4e:21:d8:84:d9:d6:d4:
f3:0a:6d:b8:f8:6f:89:f4:2c:e4:ee:69:b3:d9:a1:5c:2b:2d:
7c:32:9a:6e:0c:e3:be:63:11:19:5c:05:f3:10:89:2a:19:af:
b8:9c:41:3d:93:e9:be:98:15:98:63:c2:16:9d:f9:83:5f:d4:
22:e3:7c:0f:af:ab:a0:96:b9:83:85:94:68:78:cd:85:89:d3:
05:f6:d6:3c:02:1b:27:5b:d2:8d:dc:6c:ae:17:5e:bb:d0:e8:
48:c1:33:8f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZF+TD4YTIzvfQCc4scn6woNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkOGY5YzAzZTc1N2YzZGI1MTRjYTM4ZDE1YWRhNDUxZmEy
ZTk2MTUwHhcNMjQwODIzMDgxMzMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGIyNDFmNTdkNmM0MTllYjA3ZTMwMTNhMTMyNmRiNGUzZWU3MTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsmoht0VHvA1E07m7gLDm336VJEul
Qj8FsmvYn4LrYt8sZeMu0IlOiEwBc17gLtMioSCF/nNagIb4rL35srddCOJ6W9aZ
YyRDg+6IADkS4h2GKD8MDVU5K9yuE7vLsztYKd5XrQ4k1fPTpP1tkGrngFWN6FjA
kK6hobcfdUUHMtdYYt6wFhTgtzsihfNQGTWcbBXavE9dS3pXp3sLCycjWJpLTK/z
YHiURwOF9hHqpBKSikaSQTOw6EaLen0VQ2IxXgL7T0PiLEbbOGW3Y2pF0WOaflK9
YfS4WxmSCUFSQWjBjhnMiyul/jLDgjwiAvbEJuf84LM7x90jgYlmEhLkhQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDSyQfV9bEGesH4wE6EybbTj7nFRMB8GA1UdIwQY
MBaAFL2PnAPnV/PbUUyjjRWtpFH6LpYVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlktY0EtZFg4OXRSVEtPTkZhMmtVZm91bGhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9iODNlNDctYmMwNC00OTJkLTlhMDct
ZWNkZDgxNzQwMDdhLzEvTkxKQjlYMXNRWjZ3ZmpBVG9USnR0T1B1Y1ZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9iODNlNDctYmMwNC00OTJkLTlhMDctZWNkZDgxNzQwMDdh
LzEvdlktY0EtZFg4OXRSVEtPTkZhMmtVZm91bGhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuW1gAwQA
wQMcMA0EAgACMAcDBQMqBKDAMA0GCSqGSIb3DQEBCwUAA4IBAQAiuCXrwVeR+22f
Cn//ILuRfif22SKO0zZcDkYFGXxg/EVAtzWBs7E+flPweBVnsIdWJEdq98Urty7E
FuPoOVpKxEIXLihqlSssSLLYfBPz3CDHSGMYFfO14LbNbmlvCBB+Dl+OqQd6isc5
IdSp5OkJu6EZ+lZKU16xsCK0s6eT4MKEqut2tf3duUd59mf0N7eESJHYJMZ0puSa
Z04h2ITZ1tTzCm24+G+J9Czk7mmz2aFcKy18MppuDOO+YxEZXAXzEIkqGa+4nEE9
k+m+mBWYY8IWnfmDX9Qi43wPr6uglrmDhZRoeM2FidMF9tY8AhsnW9KN3GyuF167
0OhIwTOP
-----END CERTIFICATE-----
Generated at Mon Apr 28 06:08:54 2025 by rpki-client