Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NAqIziarA5uuZ40_VCAD8CLy8Ks.roa
File: NAqIziarA5uuZ40_VCAD8CLy8Ks.roa (raw, json)
Hash identifier: FuSE1KXaeZ44G05TC+xo2+Tjenw8/KSl4eLFUqfC2UI=
Subject key identifier: 34:0A:88:CE:26:AB:03:9B:AE:67:8D:3F:54:20:03:F0:22:F2:F0:AB
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01953CE829DAA43F5A8D7E0DF6060522AF43
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NAqIziarA5uuZ40_VCAD8CLy8Ks.roa
Signing time: Tue 25 Feb 2025 11:40:02 +0000
ROA not before: Tue 25 Feb 2025 11:40:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44547
IP address blocks: 62.76.230.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 26 Feb 2025 08:39:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:3c:e8:29:da:a4:3f:5a:8d:7e:0d:f6:06:05:22:af:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Feb 25 11:40:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=340a88ce26ab039bae678d3f542003f022f2f0ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:72:09:b2:25:bf:48:c0:e1:e9:eb:c2:31:c9:
0f:4e:e4:cc:f1:c1:21:80:bd:b2:e4:5f:c3:91:61:
b2:19:74:63:2e:ee:7b:2c:71:59:7f:b7:53:d1:a6:
75:33:da:06:4d:16:23:c5:9f:74:1b:8d:c4:ad:23:
b1:d8:60:e0:ca:69:8f:06:9d:6e:d2:b9:b6:fb:9c:
c2:a1:a8:f5:09:05:b5:79:52:04:c1:da:a0:7c:32:
5c:f8:d0:8e:d6:c2:66:38:d0:b2:bb:d1:eb:a1:73:
80:e2:db:31:d8:61:a5:c3:96:58:79:e5:35:03:e1:
9d:ea:fe:e3:65:59:bd:8c:11:ea:25:fb:86:9e:aa:
71:01:d1:a0:f4:78:b4:40:ec:e9:ea:c6:63:ad:39:
2c:f3:d4:3c:19:9a:0d:70:3f:4d:85:60:81:ce:2e:
ba:bf:3a:0c:1d:2a:71:9c:5f:7d:ce:63:5e:52:30:
ea:b0:25:5a:62:4e:74:0a:1d:f8:5c:6f:65:8c:fe:
c3:02:c6:6d:09:90:d5:35:6b:8a:ac:95:12:d9:f3:
43:d2:bc:47:6c:14:f2:d5:ef:8c:bd:e4:50:a8:84:
51:e6:98:8d:23:2f:c8:8d:3a:e4:99:99:66:0b:6d:
be:87:22:58:1c:17:ad:2f:20:87:6d:cb:08:09:a1:
c9:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:0A:88:CE:26:AB:03:9B:AE:67:8D:3F:54:20:03:F0:22:F2:F0:AB
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NAqIziarA5uuZ40_VCAD8CLy8Ks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.230.0/24
Signature Algorithm: sha256WithRSAEncryption
65:a9:d9:0d:80:d4:28:39:9c:20:1e:5d:16:0d:71:bd:a8:c6:
28:36:59:35:2c:45:d4:c8:96:4c:29:41:01:a5:ed:05:b7:2b:
47:8c:77:e0:fc:0e:b4:7b:77:8a:1d:ed:2f:77:9d:d2:77:55:
8d:72:c9:9b:b9:d9:47:e6:fb:55:28:df:3c:66:5a:e4:b9:56:
73:99:fb:e1:df:84:2b:3b:de:72:d3:6c:be:05:54:35:c7:51:
66:e5:e4:05:75:32:53:42:7e:70:a1:c1:ee:e0:98:75:98:b7:
5c:11:73:66:e9:55:a9:e7:b9:84:49:aa:3b:81:91:02:75:43:
4f:5c:85:91:66:a9:c9:1e:5c:23:f6:ee:3f:63:1b:c7:62:fb:
c4:69:de:49:d2:4c:3f:a1:af:4d:3a:7f:ed:de:98:0f:84:1b:
80:71:7c:03:27:0b:cc:e7:32:0d:a3:20:e8:1f:0e:f2:08:12:
88:62:d1:ba:c7:f2:6c:48:80:9e:4f:84:35:8a:6d:2f:1a:e7:
cb:b1:3d:e7:e9:8a:1e:8b:76:c8:4d:59:c8:f8:7f:13:1f:12:
d1:0f:a5:2a:3c:85:67:60:91:35:ae:7b:b5:53:1c:c8:05:b5:
ee:0b:4c:88:49:b5:e5:92:7a:5b:1e:af:f4:8b:32:8f:91:24:
b0:52:06:f2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZU86CnapD9ajX4N9gYFIq9DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUwMjI1MTE0MDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDBhODhjZTI2YWIwMzliYWU2NzhkM2Y1NDIwMDNmMDIyZjJmMGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqnIJsiW/SMDh6evCMckPTuTM8cEh
gL2y5F/DkWGyGXRjLu57LHFZf7dT0aZ1M9oGTRYjxZ90G43ErSOx2GDgymmPBp1u
0rm2+5zCoaj1CQW1eVIEwdqgfDJc+NCO1sJmONCyu9HroXOA4tsx2GGlw5ZYeeU1
A+Gd6v7jZVm9jBHqJfuGnqpxAdGg9Hi0QOzp6sZjrTks89Q8GZoNcD9NhWCBzi66
vzoMHSpxnF99zmNeUjDqsCVaYk50Ch34XG9ljP7DAsZtCZDVNWuKrJUS2fND0rxH
bBTy1e+MveRQqIRR5piNIy/IjTrkmZlmC22+hyJYHBetLyCHbcsICaHJkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDQKiM4mqwObrmeNP1QgA/Ai8vCrMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvTkFxSXppYXJBNXV1WjQwX1ZDQUQ4Q0x5OEtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPkzmMA0G
CSqGSIb3DQEBCwUAA4IBAQBlqdkNgNQoOZwgHl0WDXG9qMYoNlk1LEXUyJZMKUEB
pe0FtytHjHfg/A60e3eKHe0vd53Sd1WNcsmbudlH5vtVKN88ZlrkuVZzmfvh34Qr
O95y02y+BVQ1x1Fm5eQFdTJTQn5wocHu4Jh1mLdcEXNm6VWp57mESao7gZECdUNP
XIWRZqnJHlwj9u4/YxvHYvvEad5J0kw/oa9NOn/t3pgPhBuAcXwDJwvM5zINoyDo
Hw7yCBKIYtG6x/JsSICeT4Q1im0vGufLsT3n6Yoei3bITVnI+H8THxLRD6UqPIVn
YJE1rnu1UxzIBbXuC0yISbXlknpbHq/0izKPkSSwUgby
-----END CERTIFICATE-----
Generated at Fri Apr 18 20:17:40 2025 by rpki-client