Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/NQ35YMJ51vinDzddGPq36PvUW00.roa
File: NQ35YMJ51vinDzddGPq36PvUW00.roa (raw, json)
Hash identifier: TFiJ5GzD+z4iy6+GP4+wzbM600J5egKFrA/IEsUOfg8=
Subject key identifier: 35:0D:F9:60:C2:79:D6:F8:A7:0F:37:5D:18:FA:B7:E8:FB:D4:5B:4D
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 019474F6006D25AC1FE3C7D02C2AE6FB4EAB
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/NQ35YMJ51vinDzddGPq36PvUW00.roa
Signing time: Fri 17 Jan 2025 15:51:06 +0000
ROA not before: Fri 17 Jan 2025 15:51:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16276
IP address blocks: 89.251.22.0/24 maxlen: 24
91.226.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 05 Feb 2025 17:59:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:74:f6:00:6d:25:ac:1f:e3:c7:d0:2c:2a:e6:fb:4e:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Jan 17 15:51:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=350df960c279d6f8a70f375d18fab7e8fbd45b4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:85:06:8f:bb:23:70:7c:51:09:da:2e:02:6c:
b3:20:7e:3e:76:0e:94:49:b5:95:e7:36:68:78:d9:
f8:34:6a:4e:bc:62:59:50:0f:ec:e3:53:0b:62:0a:
ba:1e:91:ec:15:d3:3b:ad:33:04:fa:7a:53:2f:24:
40:95:d0:2f:85:de:7d:77:f4:6b:e5:98:51:ab:68:
f6:09:77:90:1b:1c:6c:df:e4:90:28:f1:e0:b8:8b:
74:ea:e7:a1:9e:29:c6:a7:99:57:2b:c4:e4:4d:b1:
99:d0:9f:8d:c9:2f:fd:2b:03:54:56:6b:5d:f5:b6:
0e:14:1a:2f:92:77:90:e7:db:4d:37:f3:75:db:71:
33:17:1c:93:99:9c:4d:de:ca:31:0a:95:bf:fc:26:
52:2b:39:92:bf:eb:51:a9:b6:d9:b3:88:05:09:42:
77:b2:9e:8b:4c:89:3f:74:4e:9b:b0:28:aa:40:e4:
6c:da:83:24:dc:8c:d8:e3:e2:fb:b0:d2:12:72:e3:
9b:c9:c3:e8:a7:f4:a4:89:8c:93:1e:c8:6e:32:99:
de:fa:e4:28:9b:74:23:16:7d:87:c6:6e:c8:d4:6d:
cd:9f:1f:79:15:56:0f:09:3c:c7:94:e6:bc:02:30:
96:22:a0:dc:a7:cf:ff:8b:9a:d0:ab:1d:c6:30:dc:
cd:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:0D:F9:60:C2:79:D6:F8:A7:0F:37:5D:18:FA:B7:E8:FB:D4:5B:4D
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/NQ35YMJ51vinDzddGPq36PvUW00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.22.0/24
91.226.59.0/24
Signature Algorithm: sha256WithRSAEncryption
60:1c:9c:b4:6a:96:db:ba:a9:a6:26:7f:5f:ce:51:fc:67:b5:
66:d8:84:9d:e4:11:23:ad:4d:32:ac:a2:88:94:4e:49:7f:85:
fe:a1:2c:9d:82:95:22:41:91:e7:8e:e0:9a:6f:3e:ee:7f:a9:
37:91:7e:23:c6:34:a7:da:10:62:98:27:ea:36:c2:1f:6b:d7:
30:61:87:97:aa:d9:13:19:06:29:79:73:51:77:10:cd:9b:99:
d5:ef:75:ec:1f:fd:ee:66:a4:5b:64:82:6e:4d:17:84:59:9c:
a2:5c:3e:d4:ce:0d:1f:ed:24:d4:d8:e1:58:6b:76:65:ad:40:
d3:aa:ab:e3:00:79:30:0d:33:3e:b4:2c:c2:86:75:f5:eb:4c:
5c:98:62:f7:7f:39:32:9b:a0:a3:23:7f:fe:8e:d8:2a:24:75:
75:a6:d8:91:96:c4:84:b2:c0:75:db:82:58:b8:71:e3:6c:35:
10:46:40:d9:95:ab:bd:42:58:41:bc:69:18:fc:77:a9:6b:7f:
fd:a3:93:3c:9d:ea:e1:f4:b8:15:ea:06:13:f1:aa:20:1c:69:
27:ed:45:b4:49:75:67:a5:13:b8:5a:a5:a4:02:87:b6:0b:59:
66:38:67:a3:b7:71:44:14:9b:34:4b:fc:c7:ed:14:88:48:cf:
5c:f0:09:40
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZR09gBtJawf48fQLCrm+06rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjUwMTE3MTU1MTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTBkZjk2MGMyNzlkNmY4YTcwZjM3NWQxOGZhYjdlOGZiZDQ1YjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyIUGj7sjcHxRCdouAmyzIH4+dg6U
SbWV5zZoeNn4NGpOvGJZUA/s41MLYgq6HpHsFdM7rTME+npTLyRAldAvhd59d/Rr
5ZhRq2j2CXeQGxxs3+SQKPHguIt06uehninGp5lXK8TkTbGZ0J+NyS/9KwNUVmtd
9bYOFBovkneQ59tNN/N123EzFxyTmZxN3soxCpW//CZSKzmSv+tRqbbZs4gFCUJ3
sp6LTIk/dE6bsCiqQORs2oMk3IzY4+L7sNIScuObycPop/SkiYyTHshuMpne+uQo
m3QjFn2Hxm7I1G3Nnx95FVYPCTzHlOa8AjCWIqDcp8//i5rQqx3GMNzNKwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDUN+WDCedb4pw83XRj6t+j71FtNMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvTlEzNVlNSjUxdmluRHpkZEdQcTM2UHZVVzAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWfsWAwQA
W+I7MA0GCSqGSIb3DQEBCwUAA4IBAQBgHJy0apbbuqmmJn9fzlH8Z7Vm2ISd5BEj
rU0yrKKIlE5Jf4X+oSydgpUiQZHnjuCabz7uf6k3kX4jxjSn2hBimCfqNsIfa9cw
YYeXqtkTGQYpeXNRdxDNm5nV73XsH/3uZqRbZIJuTReEWZyiXD7Uzg0f7STU2OFY
a3ZlrUDTqqvjAHkwDTM+tCzChnX160xcmGL3fzkym6CjI3/+jtgqJHV1ptiRlsSE
ssB124JYuHHjbDUQRkDZlau9QlhBvGkY/Hepa3/9o5M8nerh9LgV6gYT8aogHGkn
7UW0SXVnpRO4WqWkAoe2C1lmOGejt3FEFJs0S/zH7RSISM9c8AlA
-----END CERTIFICATE-----
Generated at Thu Apr 17 21:54:55 2025 by rpki-client