Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/4786c2-11a1-48a4-ba80-7944976599d8/1/NYxEc6cp4nGBnJmF66oXuxyYZns.roa
File: NYxEc6cp4nGBnJmF66oXuxyYZns.roa (raw, json)
Hash identifier: BURyhzV5jK/sXIquFVysSedoJfERFhQOVB+DfBvPU24=
Subject key identifier: 35:8C:44:73:A7:29:E2:71:81:9C:99:85:EB:AA:17:BB:1C:98:66:7B
Certificate issuer: /CN=614ca0d09bbd05f4b8a8ac30a329f6715110758c
Certificate serial: 019363946560D2D22731165BD03D5A5059D6
Authority key identifier: 61:4C:A0:D0:9B:BD:05:F4:B8:A8:AC:30:A3:29:F6:71:51:10:75:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YUyg0Ju9BfS4qKwwoyn2cVEQdYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/4786c2-11a1-48a4-ba80-7944976599d8/1/NYxEc6cp4nGBnJmF66oXuxyYZns.roa
Signing time: Mon 25 Nov 2024 13:48:09 +0000
ROA not before: Mon 25 Nov 2024 13:48:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210513
IP address blocks: 62.3.56.0/24 maxlen: 24
185.65.255.0/24 maxlen: 24
2a12:100::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 30 Nov 2024 14:52:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:63:94:65:60:d2:d2:27:31:16:5b:d0:3d:5a:50:59:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=614ca0d09bbd05f4b8a8ac30a329f6715110758c
Validity
Not Before: Nov 25 13:48:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=358c4473a729e271819c9985ebaa17bb1c98667b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:a7:a8:9b:9c:d7:ee:85:22:d1:99:18:2e:a0:
ca:c4:50:17:1a:fa:c5:db:0d:2c:8b:3b:e7:0b:f1:
40:92:69:9a:25:61:51:35:5e:dc:ae:31:1a:32:3c:
3c:4d:fa:d3:16:69:6d:ea:85:d4:23:99:51:3e:dc:
eb:fd:3e:b6:90:8e:3e:c7:9a:d2:f4:fc:7e:74:91:
a1:54:d6:16:c3:ac:25:3b:32:f6:3a:8e:ce:84:04:
02:f4:ad:13:25:03:3c:5f:06:8b:a6:df:27:d4:14:
91:e1:46:ce:f3:2f:d5:33:63:80:41:36:60:66:c9:
70:34:b3:21:25:a4:5f:42:71:27:60:62:15:f8:36:
0b:1c:3c:44:99:0e:1f:fb:64:ab:70:3b:5a:54:8f:
a2:65:e3:1f:a3:9d:a6:2d:52:ea:e1:87:93:58:9a:
61:96:34:cf:5c:07:26:4b:93:39:d6:d7:5c:ff:db:
88:42:ee:c3:07:fb:99:1d:0b:62:45:03:15:3e:a3:
f0:05:06:f5:d4:98:1a:6b:53:dd:0f:b8:c0:ac:38:
82:db:3c:a4:b9:bd:45:18:47:e9:e5:7e:14:c1:49:
44:0a:81:22:20:37:f1:94:06:93:7b:06:a0:70:eb:
ab:2a:10:61:5e:6d:62:56:b3:98:52:0f:e9:3a:a5:
c1:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:8C:44:73:A7:29:E2:71:81:9C:99:85:EB:AA:17:BB:1C:98:66:7B
X509v3 Authority Key Identifier:
keyid:61:4C:A0:D0:9B:BD:05:F4:B8:A8:AC:30:A3:29:F6:71:51:10:75:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YUyg0Ju9BfS4qKwwoyn2cVEQdYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/4786c2-11a1-48a4-ba80-7944976599d8/1/NYxEc6cp4nGBnJmF66oXuxyYZns.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/4786c2-11a1-48a4-ba80-7944976599d8/1/YUyg0Ju9BfS4qKwwoyn2cVEQdYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.3.56.0/24
185.65.255.0/24
IPv6:
2a12:100::/29
Signature Algorithm: sha256WithRSAEncryption
9c:60:31:80:69:9b:82:76:00:c0:66:ba:ce:5d:c6:3f:07:4f:
38:68:68:f4:b6:a4:5c:a6:82:be:86:77:01:89:1c:6b:70:1f:
43:8e:0c:32:1f:9d:2e:bb:94:d7:cb:c8:bb:1f:31:56:88:73:
b2:06:8b:35:e2:ff:fc:bb:a7:8c:a8:a8:09:c1:9a:d7:b4:ce:
e6:e4:40:42:9f:ab:eb:28:d7:d4:2a:54:62:dc:db:c6:47:42:
7b:63:56:a5:e0:9e:2d:21:c7:f5:17:a7:7b:ea:a1:f9:59:7b:
d5:4d:bf:cd:4a:e2:9b:a8:5f:9d:c8:8b:f7:be:c0:28:f5:96:
6c:a6:d8:58:b2:25:f1:39:df:fa:a1:15:de:10:e5:9c:cb:00:
4a:b8:75:dd:d6:da:9c:f5:95:04:61:f0:b7:e1:71:7c:49:a9:
40:91:05:6c:13:d1:a5:33:26:6c:88:21:fe:22:41:bd:86:ee:
1f:ef:22:67:4c:0d:28:92:e3:33:a4:9b:77:31:85:b8:d7:1b:
ff:e0:00:a9:2d:10:1d:e6:c4:33:b6:5f:ab:1e:79:82:f8:fc:
d4:a1:58:6e:c5:d9:2b:29:70:de:35:75:16:aa:c1:1e:c9:4f:
4f:7f:22:4b:69:d5:ea:8c:3c:5e:76:1d:5a:1c:ae:8f:72:4a:
f8:28:9a:67
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZNjlGVg0tInMRZb0D1aUFnWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxNGNhMGQwOWJiZDA1ZjRiOGE4YWMzMGEzMjlmNjcxNTEx
MDc1OGMwHhcNMjQxMTI1MTM0ODA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNThjNDQ3M2E3MjllMjcxODE5Yzk5ODVlYmFhMTdiYjFjOTg2NjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvKeom5zX7oUi0ZkYLqDKxFAXGvrF
2w0sizvnC/FAkmmaJWFRNV7crjEaMjw8TfrTFmlt6oXUI5lRPtzr/T62kI4+x5rS
9Px+dJGhVNYWw6wlOzL2Oo7OhAQC9K0TJQM8XwaLpt8n1BSR4UbO8y/VM2OAQTZg
ZslwNLMhJaRfQnEnYGIV+DYLHDxEmQ4f+2SrcDtaVI+iZeMfo52mLVLq4YeTWJph
ljTPXAcmS5M51tdc/9uIQu7DB/uZHQtiRQMVPqPwBQb11Jgaa1PdD7jArDiC2zyk
ub1FGEfp5X4UwUlECoEiIDfxlAaTewagcOurKhBhXm1iVrOYUg/pOqXBSwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDWMRHOnKeJxgZyZheuqF7scmGZ7MB8GA1UdIwQY
MBaAFGFMoNCbvQX0uKisMKMp9nFREHWMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVV5ZzBKdTlCZlM0cUt3d295bjJjVkVRZFl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS80Nzg2YzItMTFhMS00OGE0LWJhODAt
Nzk0NDk3NjU5OWQ4LzEvTll4RWM2Y3A0bkdCbkptRjY2b1h1eHlZWm5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS80Nzg2YzItMTFhMS00OGE0LWJhODAtNzk0NDk3NjU5OWQ4
LzEvWVV5ZzBKdTlCZlM0cUt3d295bjJjVkVRZFl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAPgM4AwQA
uUH/MA0EAgACMAcDBQMqEgEAMA0GCSqGSIb3DQEBCwUAA4IBAQCcYDGAaZuCdgDA
ZrrOXcY/B084aGj0tqRcpoK+hncBiRxrcB9DjgwyH50uu5TXy8i7HzFWiHOyBos1
4v/8u6eMqKgJwZrXtM7m5EBCn6vrKNfUKlRi3NvGR0J7Y1al4J4tIcf1F6d76qH5
WXvVTb/NSuKbqF+dyIv3vsAo9ZZspthYsiXxOd/6oRXeEOWcywBKuHXd1tqc9ZUE
YfC34XF8SalAkQVsE9GlMyZsiCH+IkG9hu4f7yJnTA0okuMzpJt3MYW41xv/4ACp
LRAd5sQztl+rHnmC+PzUoVhuxdkrKXDeNXUWqsEeyU9PfyJLadXqjDxedh1aHK6P
ckr4KJpn
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:54:46 2025 by rpki-client