Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/NDdIZTu2cO-2MSwcME7e6z5035A.roa
File: NDdIZTu2cO-2MSwcME7e6z5035A.roa (raw, json)
Hash identifier: HWUwyXODVIxpS68jzNDkQgPerIYoek/cS4msL56qyTA=
Subject key identifier: 34:37:48:65:3B:B6:70:EF:B6:31:2C:1C:30:4E:DE:EB:3E:74:DF:90
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 0197353A3C092247A95A16749F88B4E66534
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/NDdIZTu2cO-2MSwcME7e6z5035A.roa
Signing time: Tue 03 Jun 2025 09:58:18 +0000
ROA not before: Tue 03 Jun 2025 09:58:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204765
IP address blocks: 62.60.176.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 06 Jun 2025 10:17:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:35:3a:3c:09:22:47:a9:5a:16:74:9f:88:b4:e6:65:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Jun 3 09:58:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=343748653bb670efb6312c1c304edeeb3e74df90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:42:dd:7f:4a:4f:ea:4b:e9:54:23:47:a5:32:
cf:af:6c:c2:35:6d:3e:72:2e:8f:13:8b:eb:cd:ed:
bc:a6:d9:93:11:c2:7d:e1:ef:23:d6:7d:49:5c:f4:
80:87:d8:e6:a7:ef:19:ef:6d:95:22:42:57:60:af:
3a:cc:d3:99:c8:db:24:4a:c9:0f:68:af:b6:00:ae:
71:ea:6b:7b:f5:0a:bb:30:02:86:53:9e:1a:b4:1a:
71:a3:d1:ad:c6:d2:7c:2c:d9:03:aa:df:8f:63:ed:
e9:1e:d2:7a:73:7e:fd:2a:52:50:fa:d2:d6:47:4b:
7a:ea:35:ab:c6:db:fc:af:7c:f0:3a:e8:30:49:c6:
9c:8d:3d:f5:82:6d:95:31:df:3a:fb:24:c0:0e:75:
8a:58:83:d2:78:04:6c:65:c8:da:e7:43:b8:a3:ff:
ec:36:e5:c4:b9:b4:1e:15:f8:60:14:a1:a1:35:37:
e7:3c:39:25:53:d7:01:e0:a1:30:c7:4c:e1:23:76:
1f:b0:49:d2:09:38:e0:4c:3c:40:73:91:01:bb:4d:
84:6d:34:4a:15:b2:e6:d2:6d:31:24:5a:04:52:97:
8f:f5:c8:e3:95:5a:df:cd:c9:a8:89:3a:ea:3e:90:
da:f2:3c:10:2a:d0:b2:52:d2:73:ae:e4:04:21:55:
5d:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:37:48:65:3B:B6:70:EF:B6:31:2C:1C:30:4E:DE:EB:3E:74:DF:90
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/NDdIZTu2cO-2MSwcME7e6z5035A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.60.176.0/22
Signature Algorithm: sha256WithRSAEncryption
03:35:8b:88:67:0e:dc:ac:8d:e2:92:38:08:d4:45:22:20:46:
d3:15:24:db:4e:2d:00:9f:9d:97:77:e0:ed:21:bf:ce:80:47:
1b:e3:da:ab:bd:2e:14:c0:b2:dd:bc:8f:f7:e0:99:5b:56:52:
03:91:c8:5d:34:9d:28:df:74:e2:ac:1a:c1:77:1a:3b:0a:24:
a4:05:9a:53:04:ed:bf:e4:8e:64:92:62:f3:4e:37:24:7f:6d:
19:c2:20:cd:d7:ea:76:a4:61:2f:0a:d3:78:52:6d:8d:2e:7f:
d9:7f:d2:b4:6a:2d:d8:f8:09:91:7d:3c:a5:c8:8f:bd:46:38:
e3:a8:10:c4:c5:62:56:77:21:64:d4:24:df:52:e4:f3:a3:38:
8d:2c:4b:6c:77:2a:72:7d:aa:e4:bf:a5:95:43:a9:ec:32:cb:
78:72:6a:39:72:02:a5:e5:17:ad:28:d9:01:0e:ac:43:86:74:
8e:ef:0a:ca:a2:be:27:6d:0b:6e:e1:3e:e3:69:8a:b3:2f:49:
43:10:e5:68:53:67:11:67:97:88:b9:9c:0e:63:68:1f:ed:3e:
6a:15:c5:ab:45:45:14:14:ad:55:90:31:4a:c8:c2:16:cf:8a:
e6:0c:cc:29:3c:29:04:61:f7:88:40:db:32:41:d1:8e:0a:5a:
13:03:27:13
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZc1OjwJIkepWhZ0n4i05mU0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjUwNjAzMDk1ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDM3NDg2NTNiYjY3MGVmYjYzMTJjMWMzMDRlZGVlYjNlNzRkZjkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnELdf0pP6kvpVCNHpTLPr2zCNW0+
ci6PE4vrze28ptmTEcJ94e8j1n1JXPSAh9jmp+8Z722VIkJXYK86zNOZyNskSskP
aK+2AK5x6mt79Qq7MAKGU54atBpxo9GtxtJ8LNkDqt+PY+3pHtJ6c379KlJQ+tLW
R0t66jWrxtv8r3zwOugwScacjT31gm2VMd86+yTADnWKWIPSeARsZcja50O4o//s
NuXEubQeFfhgFKGhNTfnPDklU9cB4KEwx0zhI3YfsEnSCTjgTDxAc5EBu02EbTRK
FbLm0m0xJFoEUpeP9cjjlVrfzcmoiTrqPpDa8jwQKtCyUtJzruQEIVVdKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDQ3SGU7tnDvtjEsHDBO3us+dN+QMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvTkRkSVpUdTJjTy0yTVN3Y01FN2U2ejUwMzVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCPjywMA0G
CSqGSIb3DQEBCwUAA4IBAQADNYuIZw7crI3ikjgI1EUiIEbTFSTbTi0An52Xd+Dt
Ib/OgEcb49qrvS4UwLLdvI/34JlbVlIDkchdNJ0o33TirBrBdxo7CiSkBZpTBO2/
5I5kkmLzTjckf20ZwiDN1+p2pGEvCtN4Um2NLn/Zf9K0ai3Y+AmRfTylyI+9Rjjj
qBDExWJWdyFk1CTfUuTzoziNLEtsdypyfarkv6WVQ6nsMst4cmo5cgKl5RetKNkB
DqxDhnSO7wrKor4nbQtu4T7jaYqzL0lDEOVoU2cRZ5eIuZwOY2gf7T5qFcWrRUUU
FK1VkDFKyMIWz4rmDMwpPCkEYfeIQNsyQdGOCloTAycT
-----END CERTIFICATE-----
Generated at Sat Jun 7 04:18:32 2025 by rpki-client