Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NQuzmAmNNLg2OIlCE6zV6hIgb6g.roa
File: NQuzmAmNNLg2OIlCE6zV6hIgb6g.roa (raw, json)
Hash identifier: /OXrvHJhQzcvr2CMTJoTJ4HbJAuGJ80Rnb0qxtOVrd0=
Subject key identifier: 35:0B:B3:98:09:8D:34:B8:36:38:89:42:13:AC:D5:EA:12:20:6F:A8
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 019471016F41DA3AC53796E4739539DFC26D
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NQuzmAmNNLg2OIlCE6zV6hIgb6g.roa
Signing time: Thu 16 Jan 2025 21:25:06 +0000
ROA not before: Thu 16 Jan 2025 21:25:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8100
IP address blocks: 193.124.227.0/24 maxlen: 24
194.87.53.0/24 maxlen: 24
212.192.247.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 28 Jan 2025 04:17:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:71:01:6f:41:da:3a:c5:37:96:e4:73:95:39:df:c2:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 16 21:25:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=350bb398098d34b83638894213acd5ea12206fa8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:ab:2c:c4:bc:ef:01:f4:11:e7:74:d1:7f:a1:
76:4f:26:37:60:ce:1f:e2:5f:5f:3b:dd:bf:98:78:
68:88:59:12:a3:33:a1:ba:15:51:e0:a5:64:fb:7e:
50:f6:14:c1:79:0c:b4:60:52:20:7a:bc:4c:e0:30:
c0:1f:b6:17:bf:e1:30:a7:ab:5f:be:2e:98:21:8b:
15:7d:77:69:38:9a:23:c6:14:9e:2c:70:43:ee:6e:
c5:79:93:20:20:50:24:66:b3:2d:f5:d6:fb:ec:55:
35:86:5e:3f:9c:4c:57:d6:94:ed:22:14:cb:30:25:
41:e2:7c:ce:4f:b5:a8:da:4b:09:fe:c5:db:9e:3f:
03:7d:5e:78:ca:e4:c4:30:de:e2:44:dc:71:3f:6e:
f4:c4:c8:de:46:ee:fe:b8:4e:7e:44:f1:71:4a:aa:
94:fb:07:44:15:a3:5e:c4:3e:f6:7b:b2:61:01:83:
46:fa:05:6e:dc:fe:6c:09:e8:51:e3:0b:1a:be:b5:
fc:8b:68:bd:c1:1d:38:66:97:11:79:63:fe:44:c2:
d9:1a:30:4e:c6:d8:bb:c8:40:a1:b6:6f:17:85:02:
cd:3e:6a:0a:89:dd:0b:e5:e2:aa:05:f0:be:4c:28:
ee:de:be:4b:5d:19:41:97:6a:b3:17:9e:bf:88:53:
1f:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:0B:B3:98:09:8D:34:B8:36:38:89:42:13:AC:D5:EA:12:20:6F:A8
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NQuzmAmNNLg2OIlCE6zV6hIgb6g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.227.0/24
194.87.53.0/24
212.192.247.0/24
Signature Algorithm: sha256WithRSAEncryption
91:30:96:4a:46:10:70:de:57:35:1c:b7:c5:eb:eb:d5:f6:b1:
54:20:c2:db:2f:0e:7f:3d:ad:fe:98:cf:dc:02:41:9e:64:1f:
4a:84:58:6d:9c:cc:5c:24:98:85:f5:1a:be:be:52:fa:8a:ad:
53:61:c1:66:98:11:ba:5c:ed:1e:7d:75:32:92:c8:ae:2a:f9:
84:a0:77:21:a1:84:8a:3a:f8:c4:fd:c0:5f:77:19:35:c9:69:
fb:90:7b:d8:6e:e2:0c:fe:f8:3c:84:d8:17:5b:83:5b:23:a8:
1a:6b:da:a0:5d:76:fd:1d:a9:c9:6a:5c:e2:50:82:20:0c:04:
7e:d5:97:c5:db:a2:bd:a7:f7:95:8f:94:4d:3c:7d:3d:7f:c5:
2e:00:27:6a:0f:61:14:15:78:bd:ef:c1:8a:34:d6:aa:6b:e2:
8f:07:29:25:38:6d:c6:79:88:0b:dd:11:59:77:f9:45:97:40:
c2:af:5d:f0:3c:ad:7a:7f:de:3c:d1:2c:ba:51:4a:fe:14:71:
be:ea:ae:d4:4d:ef:0e:b6:04:d1:61:3c:e6:f4:c6:93:6d:77:
4c:ca:07:01:74:6b:73:43:3b:c6:78:b6:fa:d8:04:6a:04:42:
6a:29:b5:1c:51:64:1a:6a:c0:8c:7c:d6:f1:c3:c6:fa:db:49:
f0:82:7a:bc
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZRxAW9B2jrFN5bkc5U538JtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUwMTE2MjEyNTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTBiYjM5ODA5OGQzNGI4MzYzODg5NDIxM2FjZDVlYTEyMjA2ZmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxassxLzvAfQR53TRf6F2TyY3YM4f
4l9fO92/mHhoiFkSozOhuhVR4KVk+35Q9hTBeQy0YFIgerxM4DDAH7YXv+Ewp6tf
vi6YIYsVfXdpOJojxhSeLHBD7m7FeZMgIFAkZrMt9db77FU1hl4/nExX1pTtIhTL
MCVB4nzOT7Wo2ksJ/sXbnj8DfV54yuTEMN7iRNxxP270xMjeRu7+uE5+RPFxSqqU
+wdEFaNexD72e7JhAYNG+gVu3P5sCehR4wsavrX8i2i9wR04ZpcReWP+RMLZGjBO
xti7yEChtm8XhQLNPmoKid0L5eKqBfC+TCju3r5LXRlBl2qzF56/iFMfXQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDULs5gJjTS4NjiJQhOs1eoSIG+oMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvTlF1em1BbU5OTGcyT0lsQ0U2elY2aElnYjZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwXzjAwQA
wlc1AwQA1MD3MA0GCSqGSIb3DQEBCwUAA4IBAQCRMJZKRhBw3lc1HLfF6+vV9rFU
IMLbLw5/Pa3+mM/cAkGeZB9KhFhtnMxcJJiF9Rq+vlL6iq1TYcFmmBG6XO0efXUy
ksiuKvmEoHchoYSKOvjE/cBfdxk1yWn7kHvYbuIM/vg8hNgXW4NbI6gaa9qgXXb9
HanJalziUIIgDAR+1ZfF26K9p/eVj5RNPH09f8UuACdqD2EUFXi978GKNNaqa+KP
ByklOG3GeYgL3RFZd/lFl0DCr13wPK16f9480Sy6UUr+FHG+6q7UTe8OtgTRYTzm
9MaTbXdMygcBdGtzQzvGeLb62ARqBEJqKbUcUWQaasCMfNbxw8b620nwgnq8
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:46:11 2025 by rpki-client