Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/NwRc3nCEhqPRAeUCQe1EC05v1WM.roa
File: NwRc3nCEhqPRAeUCQe1EC05v1WM.roa (raw, json)
Hash identifier: qvjrWHUpfTP/s8at7veTcv2Rs9AvfRXcQADg9kQBx2Y=
Subject key identifier: 37:04:5C:DE:70:84:86:A3:D1:01:E5:02:41:ED:44:0B:4E:6F:D5:63
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 019566281E432C48308D254E8B5E55E661C1
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/NwRc3nCEhqPRAeUCQe1EC05v1WM.roa
Signing time: Wed 05 Mar 2025 11:54:20 +0000
ROA not before: Wed 05 Mar 2025 11:54:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214580
IP address blocks: 77.90.21.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 05 Apr 2025 04:12:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:66:28:1e:43:2c:48:30:8d:25:4e:8b:5e:55:e6:61:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Mar 5 11:54:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=37045cde708486a3d101e50241ed440b4e6fd563
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:21:3a:2a:79:64:29:da:7b:ef:99:c6:77:f5:
22:3b:53:33:6d:46:7b:06:1b:8a:a7:a6:36:d4:6a:
50:6a:ac:cd:51:04:c7:59:64:4d:3e:8c:ec:b2:93:
4c:31:b4:8a:e8:c1:66:e3:1c:d4:44:f3:70:5f:66:
83:0b:f5:0b:e6:99:40:73:bb:e8:57:91:ac:82:7f:
dc:8c:fc:f3:85:83:1d:f1:26:51:e6:aa:38:93:db:
85:aa:bd:ba:5c:c1:af:30:db:78:84:d6:9d:4e:d4:
42:ea:8f:cd:38:2e:94:3c:0d:e2:38:62:36:fa:38:
79:d7:31:c3:76:8e:f0:1c:83:cc:93:da:0f:e6:d2:
20:d0:29:27:b3:41:c8:4c:89:39:b9:21:73:73:42:
cb:03:3e:87:99:97:b1:f5:cc:32:a0:26:32:d0:e7:
e7:55:cf:dd:20:6e:fc:52:d9:ca:04:f5:ce:86:fa:
77:28:e8:a6:ac:6b:81:f8:da:23:35:ca:97:a6:02:
ce:9e:a5:d7:42:f8:26:80:da:b8:0e:3b:ce:48:7e:
14:94:db:76:dc:1b:ae:1f:60:8d:27:37:e0:0b:7d:
07:86:bc:88:93:b9:8a:74:51:52:1e:e4:c8:e8:91:
85:6b:9b:9a:1e:85:ce:08:6f:88:83:2f:15:b9:b3:
14:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:04:5C:DE:70:84:86:A3:D1:01:E5:02:41:ED:44:0B:4E:6F:D5:63
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/NwRc3nCEhqPRAeUCQe1EC05v1WM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.21.0/24
Signature Algorithm: sha256WithRSAEncryption
bf:67:3d:0d:5e:00:74:9f:f9:e8:93:65:3e:1a:0a:6f:11:6d:
39:72:5d:9a:38:1e:9d:d6:b0:52:cb:31:9c:3f:6e:32:d9:3b:
6e:c2:2b:68:5d:23:b9:9c:8c:cd:a4:76:d1:21:64:47:06:12:
76:4b:c4:f6:49:47:c9:f9:38:7a:b4:57:ee:a7:4a:55:bb:7d:
f5:b6:4f:94:89:0c:e7:85:15:47:58:72:ac:80:7e:73:c0:ae:
46:de:05:55:70:ab:85:cf:96:6b:f0:b6:c1:79:63:37:f8:88:
f2:df:76:6e:a0:5c:44:53:ce:39:07:5a:ce:e1:05:5f:86:9f:
59:6e:48:d6:c1:79:f6:1c:09:1e:0a:ea:96:66:d5:f6:05:e2:
56:09:9c:27:ea:ee:17:f3:89:0c:f8:65:b7:2a:10:5e:f6:a1:
d6:a1:05:33:e6:cc:a3:b0:07:a0:c1:0e:fb:af:fb:d5:75:d9:
4f:f7:b0:a3:6c:68:50:b8:ba:cb:d5:0d:c1:1b:96:c8:2b:d6:
b4:67:78:4e:18:8d:62:4c:b3:03:1a:e8:00:a6:8a:83:b2:3f:
67:57:70:e9:65:36:92:cb:1a:6e:29:e4:22:87:f1:48:8d:c0:
92:f4:b5:f8:13:e1:61:e7:22:c6:ae:26:c1:b3:b8:49:f2:49:
13:95:2c:01
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZVmKB5DLEgwjSVOi15V5mHBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwMzA1MTE1NDIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzA0NWNkZTcwODQ4NmEzZDEwMWU1MDI0MWVkNDQwYjRlNmZkNTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4iE6KnlkKdp775nGd/UiO1MzbUZ7
BhuKp6Y21GpQaqzNUQTHWWRNPozsspNMMbSK6MFm4xzURPNwX2aDC/UL5plAc7vo
V5Gsgn/cjPzzhYMd8SZR5qo4k9uFqr26XMGvMNt4hNadTtRC6o/NOC6UPA3iOGI2
+jh51zHDdo7wHIPMk9oP5tIg0Ckns0HITIk5uSFzc0LLAz6HmZex9cwyoCYy0Ofn
Vc/dIG78UtnKBPXOhvp3KOimrGuB+NojNcqXpgLOnqXXQvgmgNq4DjvOSH4UlNt2
3BuuH2CNJzfgC30HhryIk7mKdFFSHuTI6JGFa5uaHoXOCG+Igy8VubMUlQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDcEXN5whIaj0QHlAkHtRAtOb9VjMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvTndSYzNuQ0VocVBSQWVVQ1FlMUVDMDV2MVdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATVoVMA0G
CSqGSIb3DQEBCwUAA4IBAQC/Zz0NXgB0n/nok2U+GgpvEW05cl2aOB6d1rBSyzGc
P24y2TtuwitoXSO5nIzNpHbRIWRHBhJ2S8T2SUfJ+Th6tFfup0pVu331tk+UiQzn
hRVHWHKsgH5zwK5G3gVVcKuFz5Zr8LbBeWM3+Ijy33ZuoFxEU845B1rO4QVfhp9Z
bkjWwXn2HAkeCuqWZtX2BeJWCZwn6u4X84kM+GW3KhBe9qHWoQUz5syjsAegwQ77
r/vVddlP97CjbGhQuLrL1Q3BG5bIK9a0Z3hOGI1iTLMDGugApoqDsj9nV3DpZTaS
yxpuKeQih/FIjcCS9LX4E+Fh5yLGribBs7hJ8kkTlSwB
-----END CERTIFICATE-----
Generated at Sat Apr 12 02:26:47 2025 by rpki-client