Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/972db6-770f-4462-9fc7-ee9b9517f2ec/1/Nq1tRPEZBO2XudiriIftWnXFeXk.roa
File: Nq1tRPEZBO2XudiriIftWnXFeXk.roa (raw, json)
Hash identifier: aqGNUlT7F5BYv3muwpdkzUWn5AQHlZDpx3tRuSjK774=
Subject key identifier: 36:AD:6D:44:F1:19:04:ED:97:B9:D8:AB:88:87:ED:5A:75:C5:79:79
Certificate issuer: /CN=757cefe36b3fcc68a42c0aff81d144980f32777f
Certificate serial: 018F49077638F881DDD79A3CF3A2CE6E29B6
Authority key identifier: 75:7C:EF:E3:6B:3F:CC:68:A4:2C:0A:FF:81:D1:44:98:0F:32:77:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dXzv42s_zGikLAr_gdFEmA8yd38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/972db6-770f-4462-9fc7-ee9b9517f2ec/1/Nq1tRPEZBO2XudiriIftWnXFeXk.roa
Signing time: Sun 05 May 2024 13:52:56 +0000
ROA not before: Sun 05 May 2024 13:52:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215158
IP address blocks: 2a12:2ec0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 04 Jun 2024 18:17:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:49:07:76:38:f8:81:dd:d7:9a:3c:f3:a2:ce:6e:29:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=757cefe36b3fcc68a42c0aff81d144980f32777f
Validity
Not Before: May 5 13:52:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=36ad6d44f11904ed97b9d8ab8887ed5a75c57979
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:ca:24:13:5c:82:a7:48:61:3e:29:7c:cc:02:
86:30:64:2b:f7:f3:a1:84:e5:c1:4a:ab:b4:0a:bb:
44:0f:83:cf:39:8e:a5:2c:18:4f:9c:5d:48:fa:30:
e8:a0:07:3a:b8:f1:e6:6a:60:9c:f0:c6:10:55:62:
38:04:cb:04:d4:7c:5f:c3:11:62:6c:b5:b5:53:1e:
4c:2e:64:21:d0:2c:c9:b7:5f:79:03:c1:e4:18:ba:
07:11:f3:7f:8c:ac:ff:96:32:81:d9:1e:69:20:47:
e7:42:88:be:7d:6b:d5:84:c5:42:7f:11:2e:93:2d:
61:35:a9:d0:db:e8:89:66:9a:d6:b8:db:e3:3f:e6:
b0:be:01:5e:b9:50:f3:45:19:11:2d:c6:e4:93:cd:
9c:62:80:a0:02:d1:08:4d:5a:47:fc:ea:90:ce:93:
3b:9e:4e:1d:59:75:e1:87:35:a7:91:b1:69:13:ad:
a8:a1:90:eb:9f:c3:96:14:8a:11:87:a8:11:ee:c5:
4c:e7:dd:9b:36:14:7c:6a:15:77:01:1e:62:14:08:
5b:37:bf:ba:e3:9c:b5:92:04:fa:09:94:58:15:64:
70:66:1d:04:29:d4:65:8f:b4:9b:9b:34:d8:6a:5d:
a6:31:9e:31:2b:a8:37:c9:d0:37:e3:67:47:8b:e7:
4b:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:AD:6D:44:F1:19:04:ED:97:B9:D8:AB:88:87:ED:5A:75:C5:79:79
X509v3 Authority Key Identifier:
keyid:75:7C:EF:E3:6B:3F:CC:68:A4:2C:0A:FF:81:D1:44:98:0F:32:77:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dXzv42s_zGikLAr_gdFEmA8yd38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/972db6-770f-4462-9fc7-ee9b9517f2ec/1/Nq1tRPEZBO2XudiriIftWnXFeXk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/972db6-770f-4462-9fc7-ee9b9517f2ec/1/dXzv42s_zGikLAr_gdFEmA8yd38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:2ec0::/29
Signature Algorithm: sha256WithRSAEncryption
40:f7:35:54:31:27:bc:66:4a:2d:b3:47:cb:5d:4c:f6:d0:ca:
58:38:82:cd:fc:f6:5b:40:5d:b7:f0:78:fc:f8:c6:26:69:46:
9e:11:b7:4d:f1:4c:8b:82:63:c8:c2:47:d8:ca:0b:e6:e2:76:
e0:fb:c4:14:45:2a:01:93:ea:0f:e3:4f:7b:c3:f9:79:ab:81:
2d:28:60:b6:a1:e8:83:c7:f6:d2:7f:0c:87:82:8a:f6:ee:29:
b2:b5:a0:65:9a:59:d2:37:48:d5:26:5f:f6:99:cc:97:d7:4a:
1c:d2:21:22:ac:28:e0:04:67:9d:20:96:91:12:9f:2c:30:fb:
06:8b:1c:61:c9:90:91:d6:2f:97:44:8e:16:ac:c7:5b:66:ad:
19:77:62:58:4d:ef:2b:97:90:23:c0:e6:22:b9:7b:63:94:0c:
9c:2d:3a:1b:e7:bc:a1:c2:97:5e:46:39:2f:b3:ef:6f:c2:6b:
04:78:5b:b1:ce:89:fc:9f:8a:91:da:ab:0c:a7:ff:a9:69:4b:
71:e3:c1:e9:ef:3a:f6:55:f1:4b:04:c7:38:93:9f:c6:79:de:
1d:e8:80:16:5c:b6:60:21:af:94:8d:3d:6b:01:1c:97:e7:5c:
70:32:07:89:42:50:aa:96:ea:bd:cd:8e:1a:a3:1a:a2:05:20:
8e:72:f4:7d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY9JB3Y4+IHd15o886LObim2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1N2NlZmUzNmIzZmNjNjhhNDJjMGFmZjgxZDE0NDk4MGYz
Mjc3N2YwHhcNMjQwNTA1MTM1MjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmFkNmQ0NGYxMTkwNGVkOTdiOWQ4YWI4ODg3ZWQ1YTc1YzU3OTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz8okE1yCp0hhPil8zAKGMGQr9/Oh
hOXBSqu0CrtED4PPOY6lLBhPnF1I+jDooAc6uPHmamCc8MYQVWI4BMsE1HxfwxFi
bLW1Ux5MLmQh0CzJt195A8HkGLoHEfN/jKz/ljKB2R5pIEfnQoi+fWvVhMVCfxEu
ky1hNanQ2+iJZprWuNvjP+awvgFeuVDzRRkRLcbkk82cYoCgAtEITVpH/OqQzpM7
nk4dWXXhhzWnkbFpE62ooZDrn8OWFIoRh6gR7sVM592bNhR8ahV3AR5iFAhbN7+6
45y1kgT6CZRYFWRwZh0EKdRlj7SbmzTYal2mMZ4xK6g3ydA342dHi+dLJQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDatbUTxGQTtl7nYq4iH7Vp1xXl5MB8GA1UdIwQY
MBaAFHV87+NrP8xopCwK/4HRRJgPMnd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFh6djQyc196R2lrTEFyX2dkRkVtQTh5ZDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC85NzJkYjYtNzcwZi00NDYyLTlmYzct
ZWU5Yjk1MTdmMmVjLzEvTnExdFJQRVpCTzJYdWRpcmlJZnRXblhGZVhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC85NzJkYjYtNzcwZi00NDYyLTlmYzctZWU5Yjk1MTdmMmVj
LzEvZFh6djQyc196R2lrTEFyX2dkRkVtQTh5ZDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhIuwDAN
BgkqhkiG9w0BAQsFAAOCAQEAQPc1VDEnvGZKLbNHy11M9tDKWDiCzfz2W0Bdt/B4
/PjGJmlGnhG3TfFMi4JjyMJH2MoL5uJ24PvEFEUqAZPqD+NPe8P5eauBLShgtqHo
g8f20n8Mh4KK9u4psrWgZZpZ0jdI1SZf9pnMl9dKHNIhIqwo4ARnnSCWkRKfLDD7
BoscYcmQkdYvl0SOFqzHW2atGXdiWE3vK5eQI8DmIrl7Y5QMnC06G+e8ocKXXkY5
L7Pvb8JrBHhbsc6J/J+KkdqrDKf/qWlLcePB6e869lXxSwTHOJOfxnneHeiAFly2
YCGvlI09awEcl+dccDIHiUJQqpbqvc2OGqMaogUgjnL0fQ==
-----END CERTIFICATE-----
Generated at Fri Apr 18 21:13:39 2025 by rpki-client