Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/NfkfMCxniQ3C2WXv8e1nGqIK8iA.roa
File: NfkfMCxniQ3C2WXv8e1nGqIK8iA.roa (raw, json)
Hash identifier: dmJcz6Vk3njCy+APlJB2vgntyYDw+XvjACCp5KyAr2Q=
Subject key identifier: 35:F9:1F:30:2C:67:89:0D:C2:D9:65:EF:F1:ED:67:1A:A2:0A:F2:20
Certificate issuer: /CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Certificate serial: 0195A82E1FDCFB641FF8A13D9D4D1D88E390
Authority key identifier: 17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/NfkfMCxniQ3C2WXv8e1nGqIK8iA.roa
Signing time: Tue 18 Mar 2025 07:35:49 +0000
ROA not before: Tue 18 Mar 2025 07:35:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 153656
IP address blocks: 45.135.237.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 18 Mar 2025 07:40:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a8:2e:1f:dc:fb:64:1f:f8:a1:3d:9d:4d:1d:88:e3:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Validity
Not Before: Mar 18 07:35:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=35f91f302c67890dc2d965eff1ed671aa20af220
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:dc:35:74:e4:dd:ec:56:0c:5e:b2:41:90:ae:
7e:76:57:9f:d3:cf:80:2b:14:87:bf:ca:b3:b5:6e:
c3:d2:d6:8f:d9:1f:14:95:4a:f9:27:8b:c9:87:2a:
68:36:d5:a4:b7:4d:3e:99:ba:7e:c6:d7:76:57:b5:
2d:94:f9:3f:82:6a:46:dc:16:c3:72:2e:79:4d:88:
5d:27:a4:f2:e1:d7:71:d1:54:15:17:47:ec:c6:d5:
13:56:76:f2:54:da:ee:64:04:cf:de:17:02:c4:cd:
f3:22:ac:39:01:b6:69:57:67:28:29:5c:01:8f:3a:
42:e5:f8:ac:42:ae:13:de:42:07:40:05:f7:12:e3:
ee:90:86:41:72:1a:f2:d9:3a:8a:4b:45:7b:ac:50:
40:95:96:d3:71:61:a0:f3:0c:83:cf:51:1c:09:3d:
86:7c:c8:b4:f1:f2:44:aa:17:40:3a:1e:23:63:06:
75:48:11:a7:cb:47:78:b0:f0:24:82:31:d6:64:8c:
1c:af:03:fb:e9:be:c6:09:e8:eb:0a:d5:70:39:c1:
3b:90:ba:07:15:fe:02:c4:9b:e3:47:46:a4:d2:6b:
85:1f:24:e2:8c:73:dc:85:17:9f:49:e2:94:76:e0:
7a:bf:b6:d4:11:b4:2b:6a:4f:4b:2a:2c:98:e4:66:
98:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:F9:1F:30:2C:67:89:0D:C2:D9:65:EF:F1:ED:67:1A:A2:0A:F2:20
X509v3 Authority Key Identifier:
keyid:17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/NfkfMCxniQ3C2WXv8e1nGqIK8iA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.237.0/24
Signature Algorithm: sha256WithRSAEncryption
28:da:29:89:1e:c7:dc:7e:62:35:92:1a:51:61:c8:34:5a:5e:
60:9c:d0:c3:d5:5f:93:b3:1b:ef:4c:5a:af:44:b9:79:fc:3e:
25:50:3c:c2:36:17:57:fc:76:80:a2:80:5b:85:8b:6a:c9:2c:
9e:6e:d7:c6:c8:5f:8d:c1:a7:fe:19:5f:8f:07:03:bb:92:1a:
82:b0:02:ec:71:95:24:a4:c3:a4:34:6e:13:7e:06:01:1f:7c:
96:29:33:44:55:56:48:14:f1:c6:79:56:5a:7a:68:47:86:14:
f6:60:be:84:19:1a:1e:4f:8d:36:53:6f:ca:a1:ae:01:90:39:
bc:05:b1:6a:d0:78:3a:82:a8:74:80:9d:92:5e:c6:84:9d:e7:
2b:60:c9:6a:55:ad:c0:c8:24:a8:6a:84:5b:a2:71:99:3c:6f:
6e:f7:35:17:69:18:7c:94:a4:68:87:57:fb:42:67:ad:76:4f:
a7:44:38:23:33:2d:98:6b:74:fe:b4:12:7a:89:cb:25:35:9e:
80:05:e2:73:a1:e5:1f:0e:23:42:34:4c:e1:73:06:8d:84:82:
ac:d7:6a:46:f7:e3:76:5e:35:09:58:27:dd:18:cd:8c:76:8e:
b0:2f:b5:75:fb:f3:55:98:fa:2a:ea:b1:42:76:d0:77:68:11:
91:44:54:60
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZWoLh/c+2Qf+KE9nU0diOOQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZDAzZjI5ODE4MGNjMTA5ZjE5ZDRiMTk5MmM3ZDcxYzU2
YzhkY2MwHhcNMjUwMzE4MDczNTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWY5MWYzMDJjNjc4OTBkYzJkOTY1ZWZmMWVkNjcxYWEyMGFmMjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs9w1dOTd7FYMXrJBkK5+dlef08+A
KxSHv8qztW7D0taP2R8UlUr5J4vJhypoNtWkt00+mbp+xtd2V7UtlPk/gmpG3BbD
ci55TYhdJ6Ty4ddx0VQVF0fsxtUTVnbyVNruZATP3hcCxM3zIqw5AbZpV2coKVwB
jzpC5fisQq4T3kIHQAX3EuPukIZBchry2TqKS0V7rFBAlZbTcWGg8wyDz1EcCT2G
fMi08fJEqhdAOh4jYwZ1SBGny0d4sPAkgjHWZIwcrwP76b7GCejrCtVwOcE7kLoH
Ff4CxJvjR0ak0muFHyTijHPchRefSeKUduB6v7bUEbQrak9LKiyY5GaYgQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDX5HzAsZ4kNwtll7/HtZxqiCvIgMB8GA1UdIwQY
MBaAFBfQPymBgMwQnxnUsZksfXHFbI3MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUt
OTE4YWM2NDYyNjc5LzEvTmZrZk1DeG5pUTNDMldYdjhlMW5HcUlLOGlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUtOTE4YWM2NDYyNjc5
LzEvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYftMA0G
CSqGSIb3DQEBCwUAA4IBAQAo2imJHsfcfmI1khpRYcg0Wl5gnNDD1V+TsxvvTFqv
RLl5/D4lUDzCNhdX/HaAooBbhYtqySyebtfGyF+Nwaf+GV+PBwO7khqCsALscZUk
pMOkNG4TfgYBH3yWKTNEVVZIFPHGeVZaemhHhhT2YL6EGRoeT402U2/Koa4BkDm8
BbFq0Hg6gqh0gJ2SXsaEnecrYMlqVa3AyCSoaoRbonGZPG9u9zUXaRh8lKRoh1f7
Qmetdk+nRDgjMy2Ya3T+tBJ6icslNZ6ABeJzoeUfDiNCNEzhcwaNhIKs12pG9+N2
XjUJWCfdGM2Mdo6wL7V1+/NVmPoq6rFCdtB3aBGRRFRg
-----END CERTIFICATE-----
Generated at Sat Jun 14 08:55:26 2025 by rpki-client