Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/c71636-edd8-4d11-85e8-b834faf6aced/1/nGZyPVTntNUvAfxNVWfzMBZ9BxY.roa
File: nGZyPVTntNUvAfxNVWfzMBZ9BxY.roa (raw, json)
Hash identifier: KfKqJT2DNNS+/ltWGND/YbCxcvL95iTeQfc+dTHsu7Y=
Subject key identifier: 9C:66:72:3D:54:E7:B4:D5:2F:01:FC:4D:55:67:F3:30:16:7D:07:16
Certificate issuer: /CN=be40b3c2be7835d7b37b5826102f8746a5199d49
Certificate serial: 0195C80425480133944B7E6EB4A1054DC807
Authority key identifier: BE:40:B3:C2:BE:78:35:D7:B3:7B:58:26:10:2F:87:46:A5:19:9D:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vkCzwr54Ndeze1gmEC-HRqUZnUk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/c71636-edd8-4d11-85e8-b834faf6aced/1/nGZyPVTntNUvAfxNVWfzMBZ9BxY.roa
Signing time: Mon 24 Mar 2025 11:57:49 +0000
ROA not before: Mon 24 Mar 2025 11:57:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2914
IP address blocks: 185.87.78.0/24 maxlen: 24
185.87.79.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 24 Mar 2025 14:07:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:c8:04:25:48:01:33:94:4b:7e:6e:b4:a1:05:4d:c8:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be40b3c2be7835d7b37b5826102f8746a5199d49
Validity
Not Before: Mar 24 11:57:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9c66723d54e7b4d52f01fc4d5567f330167d0716
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:89:78:e0:1e:80:ec:8a:33:ec:34:d9:43:7a:
44:7a:9e:51:6b:6b:43:2b:f1:1f:a9:31:18:f3:f6:
2e:28:14:60:9a:b7:0a:d6:2b:3e:c4:d3:d8:5f:51:
f6:cb:3f:de:5e:7e:94:ec:7e:8f:60:35:d2:53:88:
97:f7:72:86:ec:8d:5d:c5:be:0c:ec:86:de:d5:3f:
ca:6e:ae:96:2a:d6:7f:48:8e:bb:a8:4f:97:ba:52:
0c:a5:f3:8a:0f:b8:e3:ca:df:f1:92:d4:f9:f1:06:
9f:a3:3b:b6:3c:02:16:d7:b5:51:4d:cb:08:86:0a:
a4:b9:0a:e2:ae:05:fc:06:03:59:dc:d4:58:e4:ca:
f3:72:97:21:e9:2b:99:7b:c4:75:fd:60:0e:b8:a0:
03:e9:5b:c9:5b:a4:23:06:0d:f6:0f:93:60:38:5c:
6c:6a:34:c2:c5:64:38:3c:33:12:95:c2:8e:81:e4:
b7:51:8e:a6:a7:95:f7:4b:1a:31:e1:44:d8:64:79:
51:42:b4:47:89:fd:44:6e:77:e4:db:96:7c:bb:94:
01:1b:8e:8a:79:0d:87:d1:f5:77:38:d8:36:9d:31:
ec:24:c0:cc:c9:08:e6:cb:87:c2:5e:aa:d7:ca:61:
40:54:50:a7:dd:f5:71:3b:e3:8c:6c:ce:3d:58:3d:
65:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:66:72:3D:54:E7:B4:D5:2F:01:FC:4D:55:67:F3:30:16:7D:07:16
X509v3 Authority Key Identifier:
keyid:BE:40:B3:C2:BE:78:35:D7:B3:7B:58:26:10:2F:87:46:A5:19:9D:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vkCzwr54Ndeze1gmEC-HRqUZnUk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/c71636-edd8-4d11-85e8-b834faf6aced/1/nGZyPVTntNUvAfxNVWfzMBZ9BxY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/c71636-edd8-4d11-85e8-b834faf6aced/1/vkCzwr54Ndeze1gmEC-HRqUZnUk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.87.78.0/23
Signature Algorithm: sha256WithRSAEncryption
70:2d:06:2e:04:60:49:08:93:53:2e:d0:39:6c:be:51:a0:6c:
01:3d:0c:65:4b:08:1c:c5:44:2b:3f:2c:2a:f5:51:b8:95:f4:
f6:92:f8:eb:35:c9:eb:cf:e6:a8:82:66:ab:ce:94:dd:85:dc:
29:af:f1:fa:54:e0:3a:0c:d4:8d:c5:1f:a7:c3:76:c0:10:7a:
1c:48:fb:34:49:c4:a8:96:1b:f0:77:8b:7d:23:b5:90:9d:56:
58:28:41:5b:b5:1d:ea:74:70:98:e6:a8:ce:f4:0b:09:c7:5a:
c2:93:a4:51:4f:f1:b7:51:c3:b9:11:d9:74:ac:20:91:47:d5:
c2:22:cd:6c:da:c7:ce:b4:4f:ad:34:24:ac:1c:e0:e7:ae:c7:
5b:bd:7f:d8:bc:2d:d4:4d:5c:ac:7f:1b:31:ba:22:36:7e:6d:
e4:5a:c1:7c:ad:e9:26:00:69:a4:72:23:4d:fc:80:93:0d:33:
45:6a:a0:ac:ae:7e:4b:58:c5:d7:73:70:f5:fa:58:9f:cd:36:
4c:58:aa:bb:62:eb:db:16:d4:64:7e:3b:f8:94:8d:0e:5a:ba:
1b:83:8f:1d:f0:28:50:54:4f:97:24:e0:a1:ef:2e:a2:88:93:
e0:fb:43:6a:4e:9d:43:0f:29:8b:ad:3a:d7:67:81:06:bc:3e:
7a:e6:a4:85
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZXIBCVIATOUS35utKEFTcgHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNDBiM2MyYmU3ODM1ZDdiMzdiNTgyNjEwMmY4NzQ2YTUx
OTlkNDkwHhcNMjUwMzI0MTE1NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzY2NzIzZDU0ZTdiNGQ1MmYwMWZjNGQ1NTY3ZjMzMDE2N2QwNzE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvIl44B6A7Ioz7DTZQ3pEep5Ra2tD
K/EfqTEY8/YuKBRgmrcK1is+xNPYX1H2yz/eXn6U7H6PYDXSU4iX93KG7I1dxb4M
7Ibe1T/Kbq6WKtZ/SI67qE+XulIMpfOKD7jjyt/xktT58Qafozu2PAIW17VRTcsI
hgqkuQrirgX8BgNZ3NRY5Mrzcpch6SuZe8R1/WAOuKAD6VvJW6QjBg32D5NgOFxs
ajTCxWQ4PDMSlcKOgeS3UY6mp5X3Sxox4UTYZHlRQrRHif1Ebnfk25Z8u5QBG46K
eQ2H0fV3ONg2nTHsJMDMyQjmy4fCXqrXymFAVFCn3fVxO+OMbM49WD1lFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJxmcj1U57TVLwH8TVVn8zAWfQcWMB8GA1UdIwQY
MBaAFL5As8K+eDXXs3tYJhAvh0alGZ1JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmtDendyNTROZGV6ZTFnbUVDLUhScVVablVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC9jNzE2MzYtZWRkOC00ZDExLTg1ZTgt
YjgzNGZhZjZhY2VkLzEvbkdaeVBWVG50TlV2QWZ4TlZXZnpNQlo5QnhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC9jNzE2MzYtZWRkOC00ZDExLTg1ZTgtYjgzNGZhZjZhY2Vk
LzEvdmtDendyNTROZGV6ZTFnbUVDLUhScVVablVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuVdOMA0G
CSqGSIb3DQEBCwUAA4IBAQBwLQYuBGBJCJNTLtA5bL5RoGwBPQxlSwgcxUQrPywq
9VG4lfT2kvjrNcnrz+aogmarzpTdhdwpr/H6VOA6DNSNxR+nw3bAEHocSPs0ScSo
lhvwd4t9I7WQnVZYKEFbtR3qdHCY5qjO9AsJx1rCk6RRT/G3UcO5Edl0rCCRR9XC
Is1s2sfOtE+tNCSsHODnrsdbvX/YvC3UTVysfxsxuiI2fm3kWsF8rekmAGmkciNN
/ICTDTNFaqCsrn5LWMXXc3D1+lifzTZMWKq7YuvbFtRkfjv4lI0OWrobg48d8ChQ
VE+XJOCh7y6iiJPg+0NqTp1DDymLrTrXZ4EGvD565qSF
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:50:04 2025 by rpki-client