Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/62df36-fd36-4baf-9d2e-118afed7a5ae/1/NjqVwsZm4jeDC34zSEAaynDCJtE.roa
File: NjqVwsZm4jeDC34zSEAaynDCJtE.roa (raw, json)
Hash identifier: FACRPaPAhFiAobZ2uWDfWV/Avnzc3vg378X+ZGOfI/s=
Subject key identifier: 36:3A:95:C2:C6:66:E2:37:83:0B:7E:33:48:40:1A:CA:70:C2:26:D1
Certificate issuer: /CN=34fe6b9d0cc1e7f6e16b2a46b42ca5e01c700346
Certificate serial: 019422FBEB9995CD185547270BAAEE573083
Authority key identifier: 34:FE:6B:9D:0C:C1:E7:F6:E1:6B:2A:46:B4:2C:A5:E0:1C:70:03:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NP5rnQzB5_bhaypGtCyl4BxwA0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/62df36-fd36-4baf-9d2e-118afed7a5ae/1/NjqVwsZm4jeDC34zSEAaynDCJtE.roa
Signing time: Wed 01 Jan 2025 17:48:42 +0000
ROA not before: Wed 01 Jan 2025 17:48:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8851
IP address blocks: 185.156.16.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 25 Mar 2025 09:57:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:eb:99:95:cd:18:55:47:27:0b:aa:ee:57:30:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34fe6b9d0cc1e7f6e16b2a46b42ca5e01c700346
Validity
Not Before: Jan 1 17:48:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=363a95c2c666e237830b7e3348401aca70c226d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:96:42:9c:4f:c5:b4:7a:6a:7d:05:d9:1e:81:
aa:a1:d7:35:fd:39:30:fb:e1:23:4f:3b:09:42:c0:
9d:b5:9c:02:2f:59:84:7d:4f:8d:5a:9f:61:6a:c5:
8b:31:6f:e7:9a:70:3c:a4:6b:bf:7e:2e:6f:48:64:
c5:ab:a3:e7:bd:1e:73:f0:e0:34:54:fc:cb:d4:b2:
a0:d7:9f:8a:15:24:24:cf:1e:16:2a:31:07:c5:f3:
fb:ef:dd:9f:af:56:b3:dc:06:d5:21:fb:46:85:f9:
ed:ce:bd:3d:65:6e:03:11:9e:c3:2f:c3:04:a4:38:
d7:ac:a0:81:ae:67:69:8d:77:51:2d:64:a0:62:48:
34:10:93:c6:3e:e3:c8:24:d5:a0:12:7b:45:59:aa:
32:08:a7:87:f7:16:2e:e0:94:2d:87:1a:ae:fc:d6:
54:aa:ed:0c:99:94:67:48:b7:56:83:fe:65:30:6e:
41:5d:76:9c:c2:d8:29:04:e3:b5:2d:48:fa:0f:be:
42:57:90:a0:3f:c0:56:d9:71:ef:2d:e0:35:e9:78:
5d:13:84:20:25:da:43:c1:c5:78:81:87:08:a0:72:
78:28:4e:03:9e:80:e0:73:4d:a4:26:2d:51:5d:28:
92:b7:3a:36:70:50:67:4b:9b:5a:08:18:84:d7:da:
4b:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:3A:95:C2:C6:66:E2:37:83:0B:7E:33:48:40:1A:CA:70:C2:26:D1
X509v3 Authority Key Identifier:
keyid:34:FE:6B:9D:0C:C1:E7:F6:E1:6B:2A:46:B4:2C:A5:E0:1C:70:03:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NP5rnQzB5_bhaypGtCyl4BxwA0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/62df36-fd36-4baf-9d2e-118afed7a5ae/1/NjqVwsZm4jeDC34zSEAaynDCJtE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/62df36-fd36-4baf-9d2e-118afed7a5ae/1/NP5rnQzB5_bhaypGtCyl4BxwA0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.156.16.0/22
Signature Algorithm: sha256WithRSAEncryption
87:cf:ea:18:68:59:c1:85:bd:ce:08:aa:f0:6b:fd:6a:49:c8:
df:7c:5c:82:a0:a0:1c:a9:e7:e0:44:cf:35:16:17:62:99:24:
a6:20:e0:d5:63:aa:8e:3f:db:95:f5:e5:4a:10:66:45:bb:b5:
ae:54:6b:39:83:f1:82:6d:3d:f2:02:d1:8c:0b:2e:5f:4b:68:
e3:f7:05:38:f8:57:4e:4a:c9:92:2d:b0:e6:98:63:29:4f:3a:
7d:cb:f7:d0:7e:95:a2:79:60:53:71:51:f2:1e:1e:6a:6f:ea:
38:2d:d6:3a:a3:05:fc:70:41:05:9e:72:8b:c8:5f:19:6f:54:
b3:c1:0c:3b:26:6a:b5:55:ef:3b:51:ef:21:7d:b7:d4:b5:7e:
66:63:97:fd:72:c6:c0:9b:79:b2:11:58:dd:b2:26:ee:53:c0:
1a:33:f3:bf:20:76:58:f4:42:6c:ab:9f:9f:89:dc:1d:d5:21:
af:76:89:c4:2a:f2:97:08:fb:77:07:51:01:b8:bc:e8:22:9c:
fa:b8:eb:5b:bc:51:97:22:78:81:ff:dc:e5:e6:64:a3:b9:2a:
3a:9f:f0:aa:1b:ff:45:44:1b:20:ac:a1:46:1e:31:f7:f7:1e:
76:56:42:c1:91:c0:a5:20:b5:de:b3:cd:9d:b6:f4:23:67:82:
69:10:87:8d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi++uZlc0YVUcnC6ruVzCDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0ZmU2YjlkMGNjMWU3ZjZlMTZiMmE0NmI0MmNhNWUwMWM3
MDAzNDYwHhcNMjUwMTAxMTc0ODQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjNhOTVjMmM2NjZlMjM3ODMwYjdlMzM0ODQwMWFjYTcwYzIyNmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5ZZCnE/FtHpqfQXZHoGqodc1/Tkw
++EjTzsJQsCdtZwCL1mEfU+NWp9hasWLMW/nmnA8pGu/fi5vSGTFq6PnvR5z8OA0
VPzL1LKg15+KFSQkzx4WKjEHxfP7792fr1az3AbVIftGhfntzr09ZW4DEZ7DL8ME
pDjXrKCBrmdpjXdRLWSgYkg0EJPGPuPIJNWgEntFWaoyCKeH9xYu4JQthxqu/NZU
qu0MmZRnSLdWg/5lMG5BXXacwtgpBOO1LUj6D75CV5CgP8BW2XHvLeA16XhdE4Qg
JdpDwcV4gYcIoHJ4KE4DnoDgc02kJi1RXSiStzo2cFBnS5taCBiE19pLbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDY6lcLGZuI3gwt+M0hAGspwwibRMB8GA1UdIwQY
MBaAFDT+a50Mwef24WsqRrQspeAccANGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlA1cm5RekI1X2JoYXlwR3RDeWw0Qnh3QTBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC82MmRmMzYtZmQzNi00YmFmLTlkMmUt
MTE4YWZlZDdhNWFlLzEvTmpxVndzWm00amVEQzM0elNFQWF5bkRDSnRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC82MmRmMzYtZmQzNi00YmFmLTlkMmUtMTE4YWZlZDdhNWFl
LzEvTlA1cm5RekI1X2JoYXlwR3RDeWw0Qnh3QTBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZwQMA0G
CSqGSIb3DQEBCwUAA4IBAQCHz+oYaFnBhb3OCKrwa/1qScjffFyCoKAcqefgRM81
FhdimSSmIODVY6qOP9uV9eVKEGZFu7WuVGs5g/GCbT3yAtGMCy5fS2jj9wU4+FdO
SsmSLbDmmGMpTzp9y/fQfpWieWBTcVHyHh5qb+o4LdY6owX8cEEFnnKLyF8Zb1Sz
wQw7Jmq1Ve87Ue8hfbfUtX5mY5f9csbAm3myEVjdsibuU8AaM/O/IHZY9EJsq5+f
idwd1SGvdonEKvKXCPt3B1EBuLzoIpz6uOtbvFGXIniB/9zl5mSjuSo6n/CqG/9F
RBsgrKFGHjH39x52VkLBkcClILXes82dtvQjZ4JpEIeN
-----END CERTIFICATE-----
Generated at Sun Apr 6 21:05:14 2025 by rpki-client