Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/ncxLDl05IGSrH6Us20jUsU6nfGk.roa
File: ncxLDl05IGSrH6Us20jUsU6nfGk.roa (raw, json)
Hash identifier: sgkaP6qI8UY0jCtYPQC3+z1Di97hes4NfebQC36ea1I=
Subject key identifier: 9D:CC:4B:0E:5D:39:20:64:AB:1F:A5:2C:DB:48:D4:B1:4E:A7:7C:69
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 01977FB06B8BA292CFD7FF68DC4C7D0BDC82
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/ncxLDl05IGSrH6Us20jUsU6nfGk.roa
Signing time: Tue 17 Jun 2025 20:59:17 +0000
ROA not before: Tue 17 Jun 2025 20:59:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 109.111.32.0/20 maxlen: 24
109.111.36.0/22 maxlen: 24
109.111.42.0/23 maxlen: 24
109.111.44.0/22 maxlen: 24
109.111.48.0/22 maxlen: 24
109.111.56.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 27 Jun 2025 23:56:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:7f:b0:6b:8b:a2:92:cf:d7:ff:68:dc:4c:7d:0b:dc:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: Jun 17 20:59:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9dcc4b0e5d392064ab1fa52cdb48d4b14ea77c69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:e7:13:2d:78:4b:84:f6:c9:2a:1b:8b:d0:d6:
27:7d:db:29:27:4e:16:7e:51:85:a7:42:be:53:4d:
45:25:d5:48:60:1b:7c:7b:05:83:7c:70:90:c1:5f:
85:04:30:fc:e8:21:ad:57:17:2c:b9:84:30:54:0a:
5f:09:bd:ae:21:e4:fc:f9:a8:e9:ab:af:0a:3b:d3:
51:15:9e:bd:33:c6:90:fb:14:8e:99:72:81:d8:79:
27:80:86:eb:00:d3:01:87:b7:b7:46:6f:be:b7:02:
5e:ed:f3:84:94:49:a5:9f:bb:58:8a:fa:94:a2:a0:
43:c0:b6:ca:f8:fe:45:0d:89:67:3b:60:b0:53:32:
a4:ae:d1:50:56:9d:16:0a:59:b6:70:43:55:67:12:
da:af:ba:28:84:dc:60:c0:a4:77:a9:72:ae:d8:ae:
44:61:21:6f:d5:af:fa:28:c8:af:e3:b9:7a:18:51:
c5:29:52:2c:82:87:fd:f4:f4:77:7b:42:fb:fb:b9:
81:f7:77:ca:ca:83:1f:de:66:a3:d9:85:c6:c0:78:
d6:fe:96:18:16:88:e5:be:6b:33:60:10:84:75:90:
cc:83:cf:8d:98:14:5d:a1:09:89:09:f2:63:5f:0c:
02:29:67:2c:0a:1a:a4:69:29:f0:8d:c3:08:9b:2d:
51:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:CC:4B:0E:5D:39:20:64:AB:1F:A5:2C:DB:48:D4:B1:4E:A7:7C:69
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/ncxLDl05IGSrH6Us20jUsU6nfGk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.111.32.0-109.111.51.255
109.111.56.0/22
Signature Algorithm: sha256WithRSAEncryption
63:9a:90:2d:57:92:6a:8b:07:b4:00:2b:5b:d2:76:3f:35:71:
4d:35:22:27:22:d1:df:00:c0:b3:9c:1a:e9:23:22:d2:bf:a1:
96:0c:e3:ad:be:4f:46:22:0f:41:cc:49:18:af:66:99:be:8d:
1f:e6:b4:eb:1d:95:84:49:4c:25:0f:58:64:47:3e:36:a3:ee:
5f:52:5e:cd:e2:6a:8c:14:d1:50:ce:f7:03:2b:fb:60:d4:fc:
45:0e:b5:ef:30:90:9e:08:b2:08:1c:81:88:c2:a2:0f:12:4a:
8c:83:fa:3c:e1:bb:33:ba:fb:2b:8a:cd:e9:3d:25:b9:da:2b:
e6:f2:d6:60:2c:b8:ad:e6:93:4a:f1:00:be:cb:29:5a:aa:40:
0f:33:ec:ba:5a:6b:6e:82:de:9f:d6:8f:9d:6f:c3:1e:5d:e4:
37:36:db:ab:cf:a2:5a:05:f1:97:c3:c2:c6:d3:19:54:29:bf:
a7:22:36:d1:77:83:9e:ee:c4:ef:cb:27:a6:d4:9e:ad:11:21:
f3:84:ee:fd:d0:03:54:70:88:82:0d:34:9e:24:ea:39:6f:fb:
34:9d:13:53:51:23:39:94:8e:91:e2:fd:46:7a:44:32:75:be:
24:8e:47:41:a6:e3:3c:19:e5:d1:f8:e5:5c:6b:56:e6:65:f8:
b2:58:2d:b0
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZd/sGuLopLP1/9o3Ex9C9yCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjUwNjE3MjA1OTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGNjNGIwZTVkMzkyMDY0YWIxZmE1MmNkYjQ4ZDRiMTRlYTc3YzY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoecTLXhLhPbJKhuL0NYnfdspJ04W
flGFp0K+U01FJdVIYBt8ewWDfHCQwV+FBDD86CGtVxcsuYQwVApfCb2uIeT8+ajp
q68KO9NRFZ69M8aQ+xSOmXKB2HkngIbrANMBh7e3Rm++twJe7fOElEmln7tYivqU
oqBDwLbK+P5FDYlnO2CwUzKkrtFQVp0WClm2cENVZxLar7oohNxgwKR3qXKu2K5E
YSFv1a/6KMiv47l6GFHFKVIsgof99PR3e0L7+7mB93fKyoMf3maj2YXGwHjW/pYY
FojlvmszYBCEdZDMg8+NmBRdoQmJCfJjXwwCKWcsChqkaSnwjcMImy1RkwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFJ3MSw5dOSBkqx+lLNtI1LFOp3xpMB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvbmN4TERsMDVJR1NySDZVczIwalVzVTZuZkdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAVtbyAD
BAJtbzADBAJtbzgwDQYJKoZIhvcNAQELBQADggEBAGOakC1XkmqLB7QAK1vSdj81
cU01Iici0d8AwLOcGukjItK/oZYM462+T0YiD0HMSRivZpm+jR/mtOsdlYRJTCUP
WGRHPjaj7l9SXs3iaowU0VDO9wMr+2DU/EUOte8wkJ4IsggcgYjCog8SSoyD+jzh
uzO6+yuKzek9JbnaK+by1mAsuK3mk0rxAL7LKVqqQA8z7Lpaa26C3p/Wj51vwx5d
5Dc226vPoloF8ZfDwsbTGVQpv6ciNtF3g57uxO/LJ6bUnq0RIfOE7v3QA1RwiIIN
NJ4k6jlv+zSdE1NRIzmUjpHi/UZ6RDJ1viSOR0Gm4zwZ5dH45VxrVuZl+LJYLbA=
-----END CERTIFICATE-----
Generated at Sat Jul 26 11:14:16 2025 by rpki-client