Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/NgQjGpkKR2m3N5imIMurx6wggXQ.roa
File: NgQjGpkKR2m3N5imIMurx6wggXQ.roa (raw, json)
Hash identifier: /ok/F2Q83QC3ztpROd2g6i4t6DTF1Etv5R8pPFeQ6sg=
Subject key identifier: 36:04:23:1A:99:0A:47:69:B7:37:98:A6:20:CB:AB:C7:AC:20:81:74
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 01942747D03D3799736F27F2E90C53656912
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/NgQjGpkKR2m3N5imIMurx6wggXQ.roa
Signing time: Thu 02 Jan 2025 13:50:05 +0000
ROA not before: Thu 02 Jan 2025 13:50:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 36352
IP address blocks: 194.31.143.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 09 Apr 2025 09:23:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:d0:3d:37:99:73:6f:27:f2:e9:0c:53:65:69:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 2 13:50:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3604231a990a4769b73798a620cbabc7ac208174
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:97:2e:cf:26:ea:97:80:ec:92:c7:a0:19:77:
53:5d:72:67:8b:4a:35:ac:71:0a:10:8a:63:46:e8:
e6:1c:af:6b:5f:d0:af:14:9c:10:5e:ab:94:5c:0b:
6c:b3:d8:c5:ed:30:83:fa:ce:ae:55:4c:ba:c9:f6:
7a:c7:1e:45:d0:00:5f:bb:9a:62:49:81:66:64:4f:
0c:55:a0:9b:31:c0:21:22:6f:7e:a6:b8:55:f6:65:
5c:40:ec:1f:98:1b:da:55:3f:c4:28:35:d6:c3:4d:
6b:5a:19:a0:41:fc:0a:b6:30:40:57:a4:ca:66:98:
11:23:95:6a:57:b5:6a:0b:95:e0:54:58:9c:c4:ac:
39:d1:3f:47:53:0d:d8:ac:ca:9c:ec:d3:47:fb:3b:
8b:3b:37:25:f4:f0:b2:01:76:7e:5a:23:c3:a6:82:
05:97:d1:19:e5:18:cc:9d:64:ee:45:35:47:78:1b:
b3:2d:77:de:a0:6f:f7:26:4a:6c:9c:25:88:bc:49:
15:71:fa:38:0b:77:f7:1c:42:b0:7f:3d:f6:87:4e:
04:42:9f:66:18:5f:08:9f:41:d4:5d:67:5f:f6:d8:
08:ea:94:ee:99:cb:32:de:e9:f3:99:f9:0a:0f:f2:
16:cc:3c:4c:41:71:74:25:45:50:07:e1:4f:ca:8c:
11:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:04:23:1A:99:0A:47:69:B7:37:98:A6:20:CB:AB:C7:AC:20:81:74
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/NgQjGpkKR2m3N5imIMurx6wggXQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.31.143.0/24
Signature Algorithm: sha256WithRSAEncryption
c9:13:ae:6b:0f:b5:93:89:e2:a2:39:86:90:96:8c:dc:c7:1f:
b9:e1:d8:73:e1:d0:1c:49:76:94:ba:bf:72:65:bf:a1:7e:8e:
1a:6c:10:db:06:2e:43:7f:86:66:35:69:10:26:65:1a:13:89:
f2:86:3a:24:2f:70:6a:3e:99:53:25:1d:d0:6f:dc:1c:c5:04:
b0:62:6d:ce:97:69:94:40:3b:53:8d:66:d7:c3:43:8e:61:e7:
66:cf:39:0d:fb:64:4a:fd:f7:6c:67:82:fa:43:72:8f:95:95:
1b:62:b6:1e:1c:70:56:0e:65:be:51:a8:4e:9d:cb:80:d4:10:
d1:63:05:4c:f5:8a:b7:79:60:df:e9:e1:5d:5f:44:b9:b4:ea:
3e:64:1e:f5:2f:4a:0c:3c:d7:ea:f6:7a:8b:9f:e9:01:14:4d:
bd:1d:97:d9:f8:32:34:2a:cf:a4:28:d2:73:29:fd:a8:fb:a9:
10:af:a4:d8:cb:5a:7a:e3:39:30:8e:57:c0:90:33:f7:0b:8e:
ba:a2:b2:2a:87:86:ff:6c:19:01:a1:0d:40:83:3a:24:fc:9f:
6e:2d:f0:3a:e4:73:6a:56:5d:12:2f:99:b8:3d:e0:68:0c:69:
1e:c5:2c:74:45:8c:bf:87:59:46:56:ee:c8:66:12:7f:6d:a3:
21:1e:e7:71
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnR9A9N5lzbyfy6QxTZWkSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjUwMTAyMTM1MDA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjA0MjMxYTk5MGE0NzY5YjczNzk4YTYyMGNiYWJjN2FjMjA4MTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAupcuzybql4DsksegGXdTXXJni0o1
rHEKEIpjRujmHK9rX9CvFJwQXquUXAtss9jF7TCD+s6uVUy6yfZ6xx5F0ABfu5pi
SYFmZE8MVaCbMcAhIm9+prhV9mVcQOwfmBvaVT/EKDXWw01rWhmgQfwKtjBAV6TK
ZpgRI5VqV7VqC5XgVFicxKw50T9HUw3YrMqc7NNH+zuLOzcl9PCyAXZ+WiPDpoIF
l9EZ5RjMnWTuRTVHeBuzLXfeoG/3JkpsnCWIvEkVcfo4C3f3HEKwfz32h04EQp9m
GF8In0HUXWdf9tgI6pTumcsy3unzmfkKD/IWzDxMQXF0JUVQB+FPyowRqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDYEIxqZCkdptzeYpiDLq8esIIF0MB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvTmdRakdwa0tSMm0zTjVpbUlNdXJ4NndnZ1hRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwh+PMA0G
CSqGSIb3DQEBCwUAA4IBAQDJE65rD7WTieKiOYaQlozcxx+54dhz4dAcSXaUur9y
Zb+hfo4abBDbBi5Df4ZmNWkQJmUaE4nyhjokL3BqPplTJR3Qb9wcxQSwYm3Ol2mU
QDtTjWbXw0OOYedmzzkN+2RK/fdsZ4L6Q3KPlZUbYrYeHHBWDmW+UahOncuA1BDR
YwVM9Yq3eWDf6eFdX0S5tOo+ZB71L0oMPNfq9nqLn+kBFE29HZfZ+DI0Ks+kKNJz
Kf2o+6kQr6TYy1p64zkwjlfAkDP3C466orIqh4b/bBkBoQ1Agzok/J9uLfA65HNq
Vl0SL5m4PeBoDGkexSx0RYy/h1lGVu7IZhJ/baMhHudx
-----END CERTIFICATE-----
Generated at Thu Apr 10 22:05:42 2025 by rpki-client