Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/nzO6H1TReaHMEEtp75rmSZnbWho.roa
File: nzO6H1TReaHMEEtp75rmSZnbWho.roa (raw, json)
Hash identifier: +dpbtmJ/5u57coi29QPZD5Lyf0QgTSOmUeeHXNboTDk=
Subject key identifier: 9F:33:BA:1F:54:D1:79:A1:CC:10:4B:69:EF:9A:E6:49:99:DB:5A:1A
Certificate issuer: /CN=9799140b42db6cb6bf8c6dd413747fcf4a6fd9b5
Certificate serial: 01954C02B227D8B1D306E1341FA49114BCF3
Authority key identifier: 97:99:14:0B:42:DB:6C:B6:BF:8C:6D:D4:13:74:7F:CF:4A:6F:D9:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l5kUC0LbbLa_jG3UE3R_z0pv2bU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/nzO6H1TReaHMEEtp75rmSZnbWho.roa
Signing time: Fri 28 Feb 2025 10:03:19 +0000
ROA not before: Fri 28 Feb 2025 10:03:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7029
IP address blocks: 82.206.48.0/21 maxlen: 24
82.206.112.0/21 maxlen: 24
82.206.120.0/21 maxlen: 24
Validation: Failed, certificate revoked on Mon 03 Mar 2025 17:40:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:4c:02:b2:27:d8:b1:d3:06:e1:34:1f:a4:91:14:bc:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9799140b42db6cb6bf8c6dd413747fcf4a6fd9b5
Validity
Not Before: Feb 28 10:03:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9f33ba1f54d179a1cc104b69ef9ae64999db5a1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:73:e9:59:62:45:76:43:36:b7:77:a2:98:38:
aa:48:a1:8d:6a:e2:42:46:04:f0:6b:c3:a4:c2:d2:
60:dd:60:c6:e8:33:03:16:f3:4e:57:f9:41:e9:e5:
25:e5:53:69:2b:1a:8d:23:56:05:05:31:36:ba:7b:
69:d4:06:55:d3:17:d3:bd:6e:70:de:6d:66:bc:8c:
b4:14:0f:cd:0f:4d:21:70:4c:b0:90:f1:eb:00:9e:
51:25:12:f2:42:fe:fa:77:9d:82:5b:04:e9:ca:f5:
ce:96:95:27:9d:91:72:14:fa:1e:a9:12:a0:f2:6b:
ac:d3:b1:1d:7c:fd:d6:0d:ad:b8:8b:88:2a:c0:b0:
0d:14:20:aa:cd:f9:85:e7:d0:09:6b:6e:88:9d:9d:
07:10:f8:81:5e:1d:9d:38:09:b0:65:11:fa:98:40:
e6:08:72:7b:7f:96:7a:53:d1:86:3a:34:b3:2c:51:
85:f9:9a:7d:9b:0d:d9:42:f7:15:9a:b3:63:df:43:
9e:a3:46:39:fe:a0:2e:30:16:34:63:65:08:dd:93:
52:2b:1a:e3:ce:2a:8c:b4:68:e4:8b:3f:83:03:64:
91:c8:19:1b:85:89:54:e6:9c:17:e6:a1:41:46:56:
97:07:1a:d8:13:17:7d:d4:60:43:53:f8:4c:99:b2:
30:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:33:BA:1F:54:D1:79:A1:CC:10:4B:69:EF:9A:E6:49:99:DB:5A:1A
X509v3 Authority Key Identifier:
keyid:97:99:14:0B:42:DB:6C:B6:BF:8C:6D:D4:13:74:7F:CF:4A:6F:D9:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l5kUC0LbbLa_jG3UE3R_z0pv2bU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/nzO6H1TReaHMEEtp75rmSZnbWho.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/l5kUC0LbbLa_jG3UE3R_z0pv2bU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.206.48.0/21
82.206.112.0/20
Signature Algorithm: sha256WithRSAEncryption
48:d0:ee:7a:31:4b:27:02:88:b2:7a:8c:85:a5:b2:57:ca:5b:
24:26:3e:fd:67:de:ef:ce:9c:90:b6:45:96:2d:b0:c2:fd:9b:
ae:d0:8a:27:0d:e6:1d:e9:ae:2b:ca:91:ce:2d:25:24:54:e3:
73:17:d4:c6:6d:35:80:6c:51:88:9c:5d:2b:32:82:df:bd:ce:
b9:a2:22:46:ca:31:2c:bd:f3:33:2e:bb:47:c9:7c:34:69:d0:
2b:dd:e1:c9:bc:b6:a4:25:ec:af:a2:e9:5f:2f:9d:f5:4a:8a:
8d:0a:0e:2e:80:66:f8:97:9b:83:38:4e:56:36:17:6a:57:73:
8f:b6:f3:47:c2:c4:04:88:b7:51:5c:95:ff:f4:6c:ed:1b:c2:
25:4c:ef:72:5c:48:b9:a8:d8:91:d1:84:66:4c:c8:ea:10:a4:
15:30:be:ad:91:b1:a8:02:e1:d5:ec:38:c2:4e:7e:d7:ac:da:
27:36:fd:e6:55:ca:23:06:db:6c:c6:55:f6:49:d9:53:de:cb:
a5:f1:0b:15:6e:76:d0:53:c9:79:12:9a:b5:79:48:df:76:8c:
47:1f:57:30:5d:42:af:da:20:67:79:74:cf:a3:ff:ee:e7:59:
09:55:d3:52:51:a6:b5:66:e4:21:2a:71:fc:65:81:cf:b5:ce:
24:96:eb:1c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZVMArIn2LHTBuE0H6SRFLzzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3OTkxNDBiNDJkYjZjYjZiZjhjNmRkNDEzNzQ3ZmNmNGE2
ZmQ5YjUwHhcNMjUwMjI4MTAwMzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjMzYmExZjU0ZDE3OWExY2MxMDRiNjllZjlhZTY0OTk5ZGI1YTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw3PpWWJFdkM2t3eimDiqSKGNauJC
RgTwa8OkwtJg3WDG6DMDFvNOV/lB6eUl5VNpKxqNI1YFBTE2untp1AZV0xfTvW5w
3m1mvIy0FA/ND00hcEywkPHrAJ5RJRLyQv76d52CWwTpyvXOlpUnnZFyFPoeqRKg
8mus07EdfP3WDa24i4gqwLANFCCqzfmF59AJa26InZ0HEPiBXh2dOAmwZRH6mEDm
CHJ7f5Z6U9GGOjSzLFGF+Zp9mw3ZQvcVmrNj30Oeo0Y5/qAuMBY0Y2UI3ZNSKxrj
ziqMtGjkiz+DA2SRyBkbhYlU5pwX5qFBRlaXBxrYExd91GBDU/hMmbIwFwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJ8zuh9U0XmhzBBLae+a5kmZ21oaMB8GA1UdIwQY
MBaAFJeZFAtC22y2v4xt1BN0f89Kb9m1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDVrVUMwTGJiTGFfakczVUUzUl96MHB2MmJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS80ZWVmMDMtOTFmZS00NDVhLWE3Y2Qt
NTk1OTE5YmUwZjUyLzEvbnpPNkgxVFJlYUhNRUV0cDc1cm1TWm5iV2hvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS80ZWVmMDMtOTFmZS00NDVhLWE3Y2QtNTk1OTE5YmUwZjUy
LzEvbDVrVUMwTGJiTGFfakczVUUzUl96MHB2MmJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDUs4wAwQE
Us5wMA0GCSqGSIb3DQEBCwUAA4IBAQBI0O56MUsnAoiyeoyFpbJXylskJj79Z97v
zpyQtkWWLbDC/Zuu0IonDeYd6a4rypHOLSUkVONzF9TGbTWAbFGInF0rMoLfvc65
oiJGyjEsvfMzLrtHyXw0adAr3eHJvLakJeyvoulfL531SoqNCg4ugGb4l5uDOE5W
NhdqV3OPtvNHwsQEiLdRXJX/9GztG8IlTO9yXEi5qNiR0YRmTMjqEKQVML6tkbGo
AuHV7DjCTn7XrNonNv3mVcojBttsxlX2SdlT3sul8QsVbnbQU8l5Epq1eUjfdoxH
H1cwXUKv2iBneXTPo//u51kJVdNSUaa1ZuQhKnH8ZYHPtc4klusc
-----END CERTIFICATE-----
Generated at Tue May 6 16:15:09 2025 by rpki-client