Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/926269-cb17-4cc2-8656-87827e571323/1/nfVpLuz-owMoivVwaCYqzXM3pQY.roa
File: nfVpLuz-owMoivVwaCYqzXM3pQY.roa (raw, json)
Hash identifier: psAaEIo/hZ5qIyRO/5JdojrXJ8OC7Cs53W9ugw0NRe4=
Subject key identifier: 9D:F5:69:2E:EC:FE:A3:03:28:8A:F5:70:68:26:2A:CD:73:37:A5:06
Certificate issuer: /CN=77328f3213ea26144eccba90cd5d8344821faf3b
Certificate serial: 018CC2DB1584A515622B31D61194E8A525C1
Authority key identifier: 77:32:8F:32:13:EA:26:14:4E:CC:BA:90:CD:5D:83:44:82:1F:AF:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dzKPMhPqJhROzLqQzV2DRIIfrzs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/926269-cb17-4cc2-8656-87827e571323/1/nfVpLuz-owMoivVwaCYqzXM3pQY.roa
Signing time: Mon 01 Jan 2024 02:29:46 +0000
ROA not before: Mon 01 Jan 2024 02:29:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204342
IP address blocks: 185.251.164.0/22 maxlen: 22
185.251.184.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 06 May 2024 11:35:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:15:84:a5:15:62:2b:31:d6:11:94:e8:a5:25:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77328f3213ea26144eccba90cd5d8344821faf3b
Validity
Not Before: Jan 1 02:29:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9df5692eecfea303288af57068262acd7337a506
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:9d:cb:b2:9d:06:0b:d3:64:d8:f2:ea:a6:97:
62:f1:d4:66:e4:85:7f:ef:9c:e5:56:f8:34:67:60:
87:b7:11:76:c8:eb:b8:3b:48:1d:1c:60:53:8c:4e:
d2:b8:53:a7:af:2b:06:99:18:7d:af:21:93:85:a6:
fb:22:4f:15:df:6e:6a:dc:65:61:7a:54:3b:df:e9:
6e:ec:38:e8:42:e7:71:67:5c:f4:ac:1a:d5:b3:1b:
07:6a:43:0c:ab:13:75:8f:0e:d2:d4:73:55:0a:05:
4b:75:fb:e8:56:ce:28:34:5e:c6:8c:ef:3f:2f:7e:
bb:6b:76:b1:8a:43:11:03:82:b6:74:ad:5a:f6:0f:
73:45:20:fc:70:f0:00:00:17:53:db:e9:85:51:f2:
3f:5c:6f:60:5c:a5:b8:2d:c0:93:18:67:50:05:ed:
96:6a:05:d1:14:3b:73:a4:ab:d3:95:49:ea:36:75:
71:9e:7f:35:2d:f5:a1:04:49:cb:34:7f:70:21:f4:
c3:a2:f4:7a:36:29:ef:ae:ac:e6:98:0b:7d:90:74:
e1:ed:c3:6b:94:b8:4e:bc:08:a9:7e:cb:a3:d0:54:
7f:f8:67:28:c5:cf:18:f8:9a:92:a3:6c:2a:5d:50:
df:e6:9c:7b:47:03:63:dd:e0:30:76:46:3e:9e:d7:
41:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:F5:69:2E:EC:FE:A3:03:28:8A:F5:70:68:26:2A:CD:73:37:A5:06
X509v3 Authority Key Identifier:
keyid:77:32:8F:32:13:EA:26:14:4E:CC:BA:90:CD:5D:83:44:82:1F:AF:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dzKPMhPqJhROzLqQzV2DRIIfrzs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/926269-cb17-4cc2-8656-87827e571323/1/nfVpLuz-owMoivVwaCYqzXM3pQY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/926269-cb17-4cc2-8656-87827e571323/1/dzKPMhPqJhROzLqQzV2DRIIfrzs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.251.164.0/22
185.251.184.0/22
Signature Algorithm: sha256WithRSAEncryption
79:0d:ee:3b:0f:6e:ee:9e:1e:86:49:ca:9e:15:1e:99:89:68:
2f:ea:4c:33:81:b5:11:7e:76:76:a3:b6:62:2c:d5:af:22:4a:
68:81:9b:91:d5:70:17:39:30:48:12:b2:5f:3a:c9:39:86:10:
44:bf:0d:a3:fc:6b:0f:24:c5:ce:99:42:ac:1a:cd:1c:14:86:
42:68:ed:18:41:b9:9d:34:36:d9:77:c8:51:56:51:ea:72:e5:
ad:45:4e:e3:21:b1:7e:fd:e8:b0:f0:d4:06:97:38:71:df:49:
46:e3:27:c3:6a:ee:71:b4:a2:e2:f5:5d:6f:2d:ee:32:24:9d:
63:6c:e1:fc:1b:b3:aa:4b:6b:e6:fb:9c:32:80:43:85:37:d0:
aa:43:b8:7d:70:75:96:9f:5b:88:dd:6e:21:89:25:f3:b4:29:
53:ec:52:02:85:ed:b4:49:1b:41:d6:37:80:49:cf:42:a2:fa:
63:60:a4:1b:ff:c9:d2:ae:19:43:50:d3:d0:c8:7a:00:98:cd:
8a:30:00:02:26:d3:5a:f2:8c:d4:cd:09:7b:3c:84:6a:36:01:
49:e5:47:54:e3:a7:d6:d4:34:9e:52:dc:79:11:3f:32:83:ac:
f9:1b:af:f4:90:20:5e:80:aa:b1:93:8c:c5:11:6b:65:ce:52:
54:7b:bd:bc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzC2xWEpRViKzHWEZTopSXBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3MzI4ZjMyMTNlYTI2MTQ0ZWNjYmE5MGNkNWQ4MzQ0ODIx
ZmFmM2IwHhcNMjQwMTAxMDIyOTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGY1NjkyZWVjZmVhMzAzMjg4YWY1NzA2ODI2MmFjZDczMzdhNTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtp3Lsp0GC9Nk2PLqppdi8dRm5IV/
75zlVvg0Z2CHtxF2yOu4O0gdHGBTjE7SuFOnrysGmRh9ryGThab7Ik8V325q3GVh
elQ73+lu7DjoQudxZ1z0rBrVsxsHakMMqxN1jw7S1HNVCgVLdfvoVs4oNF7GjO8/
L367a3axikMRA4K2dK1a9g9zRSD8cPAAABdT2+mFUfI/XG9gXKW4LcCTGGdQBe2W
agXRFDtzpKvTlUnqNnVxnn81LfWhBEnLNH9wIfTDovR6NinvrqzmmAt9kHTh7cNr
lLhOvAipfsuj0FR/+Gcoxc8Y+JqSo2wqXVDf5px7RwNj3eAwdkY+ntdBMQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJ31aS7s/qMDKIr1cGgmKs1zN6UGMB8GA1UdIwQY
MBaAFHcyjzIT6iYUTsy6kM1dg0SCH687MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHpLUE1oUHFKaFJPekxxUXpWMkRSSUlmcnpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS85MjYyNjktY2IxNy00Y2MyLTg2NTYt
ODc4MjdlNTcxMzIzLzEvbmZWcEx1ei1vd01vaXZWd2FDWXF6WE0zcFFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS85MjYyNjktY2IxNy00Y2MyLTg2NTYtODc4MjdlNTcxMzIz
LzEvZHpLUE1oUHFKaFJPekxxUXpWMkRSSUlmcnpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCufukAwQC
ufu4MA0GCSqGSIb3DQEBCwUAA4IBAQB5De47D27unh6GScqeFR6ZiWgv6kwzgbUR
fnZ2o7ZiLNWvIkpogZuR1XAXOTBIErJfOsk5hhBEvw2j/GsPJMXOmUKsGs0cFIZC
aO0YQbmdNDbZd8hRVlHqcuWtRU7jIbF+/eiw8NQGlzhx30lG4yfDau5xtKLi9V1v
Le4yJJ1jbOH8G7OqS2vm+5wygEOFN9CqQ7h9cHWWn1uI3W4hiSXztClT7FIChe20
SRtB1jeASc9CovpjYKQb/8nSrhlDUNPQyHoAmM2KMAACJtNa8ozUzQl7PIRqNgFJ
5UdU46fW1DSeUtx5ET8yg6z5G6/0kCBegKqxk4zFEWtlzlJUe728
-----END CERTIFICATE-----
Generated at Fri May 2 11:02:24 2025 by rpki-client