Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/0512df-7d0c-463b-8724-82531e9c7804/1/NerKkAYErTmyul9FJqaRfTLA6b0.roa
File: NerKkAYErTmyul9FJqaRfTLA6b0.roa (raw, json)
Hash identifier: W2LiymEyaHeNvyn2LEgGSua4O58ls5S4HsSGE3423zo=
Subject key identifier: 35:EA:CA:90:06:04:AD:39:B2:BA:5F:45:26:A6:91:7D:32:C0:E9:BD
Certificate issuer: /CN=ef55459645979c413d0bc6f7454f0d36e40e99f9
Certificate serial: 0196DDDBC788B88B3D42767E50B30F11631D
Authority key identifier: EF:55:45:96:45:97:9C:41:3D:0B:C6:F7:45:4F:0D:36:E4:0E:99:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/71VFlkWXnEE9C8b3RU8NNuQOmfk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/0512df-7d0c-463b-8724-82531e9c7804/1/NerKkAYErTmyul9FJqaRfTLA6b0.roa
Signing time: Sat 17 May 2025 10:48:10 +0000
ROA not before: Sat 17 May 2025 10:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209874
IP address blocks: 2a14:47c0:e0fe::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 22 May 2025 19:13:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:dd:db:c7:88:b8:8b:3d:42:76:7e:50:b3:0f:11:63:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef55459645979c413d0bc6f7454f0d36e40e99f9
Validity
Not Before: May 17 10:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=35eaca900604ad39b2ba5f4526a6917d32c0e9bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:dd:ee:83:96:95:74:9b:01:ca:7c:c5:4f:5b:
d9:d9:86:11:e2:12:2a:e8:4f:ea:88:d0:c8:86:67:
33:13:47:b1:4d:cd:8c:be:25:7f:67:31:80:e1:c0:
14:bd:b8:90:b0:5e:34:2c:be:c6:07:04:0f:d7:89:
9a:51:52:a0:cb:d0:a5:11:d0:93:e8:71:c6:ac:93:
5e:92:12:5f:47:77:03:1e:98:29:fc:20:f0:1c:48:
7b:a6:aa:b8:13:3b:ca:8b:8f:b3:29:90:44:fe:aa:
3d:bf:8c:bb:65:a2:e2:bd:8b:4d:e2:1f:b1:db:f8:
f4:e7:a7:59:8f:1a:4e:21:70:ce:25:16:5f:3d:f4:
41:c3:dc:74:46:67:74:1f:27:a5:5f:5a:a5:13:76:
e2:6f:32:96:b9:24:9c:15:55:06:58:98:a2:36:b9:
d6:0e:c5:50:d4:2d:17:e7:ae:0c:48:da:e5:c1:9e:
99:ff:b1:9e:7f:bc:85:f2:e8:59:b8:76:bc:e5:e1:
3b:7f:af:bb:fe:1c:78:9d:eb:ea:f4:aa:4a:be:84:
00:7c:a7:ae:6d:73:f0:46:f6:21:82:4c:b6:73:66:
68:6d:1d:09:65:93:7a:0e:b2:33:0f:bf:07:e2:9d:
29:2c:53:f9:e3:17:a0:1f:fa:dd:8b:ff:3c:3e:f1:
9d:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:EA:CA:90:06:04:AD:39:B2:BA:5F:45:26:A6:91:7D:32:C0:E9:BD
X509v3 Authority Key Identifier:
keyid:EF:55:45:96:45:97:9C:41:3D:0B:C6:F7:45:4F:0D:36:E4:0E:99:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/71VFlkWXnEE9C8b3RU8NNuQOmfk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/0512df-7d0c-463b-8724-82531e9c7804/1/NerKkAYErTmyul9FJqaRfTLA6b0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/0512df-7d0c-463b-8724-82531e9c7804/1/71VFlkWXnEE9C8b3RU8NNuQOmfk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:47c0:e0fe::/48
Signature Algorithm: sha256WithRSAEncryption
83:3f:49:84:d8:d3:30:6e:3b:45:c6:54:22:cd:6f:f5:c5:71:
0e:e4:2f:c5:ad:76:dd:56:18:17:53:06:cc:31:5e:7a:ce:42:
ca:3d:73:5c:bb:23:40:33:33:de:b2:fc:56:17:85:55:fe:7d:
22:4b:ab:b3:af:91:e5:a4:3a:82:b6:04:7c:b8:7e:b5:83:85:
9b:c0:77:48:37:75:37:23:75:6b:8a:7d:91:b2:b7:6f:7b:86:
8e:aa:b6:5c:a5:00:0c:76:75:bc:3b:88:42:b5:59:c0:45:11:
09:ec:59:0e:af:12:9b:fa:8f:29:89:c7:21:d1:8e:62:e2:99:
95:23:e1:91:b9:ca:bf:aa:9c:b7:be:b1:6b:9e:4b:ea:1d:c9:
d4:ae:96:8f:4e:8e:9f:23:3a:d9:dd:1c:9b:bd:06:0c:9f:a9:
08:df:5b:8f:17:e7:cc:49:3f:64:1a:52:ea:a0:d1:fd:ea:02:
9d:24:91:53:84:fd:f6:ee:fa:d3:da:9e:5a:4b:dd:3c:4d:b4:
c4:48:e3:36:3b:e2:e0:c4:a3:12:8d:85:1d:19:90:7f:e6:69:
b9:ad:3f:5d:f6:a5:7f:80:fb:ce:16:92:d5:e6:b2:c0:69:41:
27:92:a0:7f:72:1a:f6:f2:d3:27:de:52:d6:f1:19:4f:6a:85:
3a:88:83:ba
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZbd28eIuIs9QnZ+ULMPEWMdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNTU0NTk2NDU5NzljNDEzZDBiYzZmNzQ1NGYwZDM2ZTQw
ZTk5ZjkwHhcNMjUwNTE3MTA0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWVhY2E5MDA2MDRhZDM5YjJiYTVmNDUyNmE2OTE3ZDMyYzBlOWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxd3ug5aVdJsBynzFT1vZ2YYR4hIq
6E/qiNDIhmczE0exTc2MviV/ZzGA4cAUvbiQsF40LL7GBwQP14maUVKgy9ClEdCT
6HHGrJNekhJfR3cDHpgp/CDwHEh7pqq4EzvKi4+zKZBE/qo9v4y7ZaLivYtN4h+x
2/j056dZjxpOIXDOJRZfPfRBw9x0Rmd0HyelX1qlE3bibzKWuSScFVUGWJiiNrnW
DsVQ1C0X564MSNrlwZ6Z/7Gef7yF8uhZuHa85eE7f6+7/hx4nevq9KpKvoQAfKeu
bXPwRvYhgky2c2ZobR0JZZN6DrIzD78H4p0pLFP54xegH/rdi/88PvGd4wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDXqypAGBK05srpfRSamkX0ywOm9MB8GA1UdIwQY
MBaAFO9VRZZFl5xBPQvG90VPDTbkDpn5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzFWRmxrV1huRUU5QzhiM1JVOE5OdVFPbWZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8wNTEyZGYtN2QwYy00NjNiLTg3MjQt
ODI1MzFlOWM3ODA0LzEvTmVyS2tBWUVyVG15dWw5RkpxYVJmVExBNmIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8wNTEyZGYtN2QwYy00NjNiLTg3MjQtODI1MzFlOWM3ODA0
LzEvNzFWRmxrV1huRUU5QzhiM1JVOE5OdVFPbWZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhRHwOD+
MA0GCSqGSIb3DQEBCwUAA4IBAQCDP0mE2NMwbjtFxlQizW/1xXEO5C/FrXbdVhgX
UwbMMV56zkLKPXNcuyNAMzPesvxWF4VV/n0iS6uzr5HlpDqCtgR8uH61g4WbwHdI
N3U3I3Vrin2Rsrdve4aOqrZcpQAMdnW8O4hCtVnARREJ7FkOrxKb+o8picch0Y5i
4pmVI+GRucq/qpy3vrFrnkvqHcnUrpaPTo6fIzrZ3RybvQYMn6kI31uPF+fMST9k
GlLqoNH96gKdJJFThP327vrT2p5aS908TbTESOM2O+LgxKMSjYUdGZB/5mm5rT9d
9qV/gPvOFpLV5rLAaUEnkqB/chr28tMn3lLW8RlPaoU6iIO6
-----END CERTIFICATE-----
Generated at Sun Jun 8 00:17:27 2025 by rpki-client