Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/nISSQM7V4MCRNdDJ5wAnnYnrXuY.roa
File: nISSQM7V4MCRNdDJ5wAnnYnrXuY.roa (raw, json)
Hash identifier: eDOHnZdg3zPNCHpfDutizrfPx1zlpw13obeJElt7GtQ=
Subject key identifier: 9C:84:92:40:CE:D5:E0:C0:91:35:D0:C9:E7:00:27:9D:89:EB:5E:E6
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0195CDB119CCCDAADA51D0F036B948B86AAB
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/nISSQM7V4MCRNdDJ5wAnnYnrXuY.roa
Signing time: Tue 25 Mar 2025 14:24:50 +0000
ROA not before: Tue 25 Mar 2025 14:24:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214645
IP address blocks: 2a0e:97c0:3b0::/48 maxlen: 48
2a0e:97c0:3b1::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 31 Mar 2025 07:21:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:cd:b1:19:cc:cd:aa:da:51:d0:f0:36:b9:48:b8:6a:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Mar 25 14:24:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9c849240ced5e0c09135d0c9e700279d89eb5ee6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:50:b8:47:34:77:d9:47:3b:e2:d3:87:fc:45:
f2:52:fa:d9:bb:30:fc:e3:e3:ee:d1:f1:c0:b4:da:
f2:20:50:5f:2e:c6:fb:26:a7:bc:07:91:20:93:c1:
26:42:f1:4c:c1:83:41:cc:df:d9:f8:14:6f:d0:f5:
d1:06:0e:cd:c4:42:f0:9c:0c:03:c2:ee:fb:0f:76:
5e:ea:1c:ef:01:ac:3b:de:15:e6:18:24:07:55:92:
0c:b8:f3:27:45:63:5c:d4:a3:62:38:db:32:e8:5c:
8d:bb:e8:dd:7a:1f:52:d6:9a:a4:42:db:6f:dc:43:
50:50:44:bf:82:d1:8e:9a:6b:2d:ad:e4:c4:a5:a3:
50:9d:f5:cc:ce:a2:bd:6d:51:4e:80:a5:10:90:64:
92:f1:b9:d8:6f:a9:c1:77:9a:19:1b:d8:8c:84:5c:
31:8e:47:15:cd:12:2b:bf:70:06:ab:86:c3:cc:73:
98:71:8f:80:1a:6c:0e:7e:d8:ea:29:37:f8:33:9c:
48:cb:d3:a3:64:15:f8:c9:bc:18:d8:5d:ae:1e:8e:
81:3a:50:d9:47:52:ba:0e:72:2a:65:3a:7c:08:01:
2c:a6:1a:4f:ca:1a:8f:6d:44:e4:fc:13:4c:55:a8:
fc:d0:12:9f:2d:ee:0f:9c:60:96:bc:bf:9d:ce:5b:
23:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:84:92:40:CE:D5:E0:C0:91:35:D0:C9:E7:00:27:9D:89:EB:5E:E6
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/nISSQM7V4MCRNdDJ5wAnnYnrXuY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:3b0::/47
Signature Algorithm: sha256WithRSAEncryption
41:b3:64:0c:a9:01:aa:41:8b:2e:99:5e:cc:93:4c:46:00:e0:
68:2f:f7:74:9a:a5:6a:25:00:ab:65:a8:9a:75:78:ed:62:42:
39:45:6f:b2:08:f2:d4:a8:e1:e8:1d:5e:ba:5f:27:5e:e6:45:
f3:3a:4e:ce:1c:df:0e:bf:b0:85:20:ba:c7:9d:a3:6f:7a:60:
ea:f4:e8:dd:18:b9:a6:d1:86:94:1c:49:b8:df:de:20:3b:6b:
2a:37:0b:50:73:24:c0:29:9d:d4:26:ac:71:7b:06:4b:09:49:
6d:3c:ad:8e:09:cb:84:82:cc:6f:cc:fd:07:3f:77:e0:38:7e:
78:20:e8:69:c1:e1:80:e9:06:2e:e1:15:13:0b:9e:0d:f6:fe:
5f:78:50:7d:80:0b:54:cf:03:dc:c3:f2:14:a7:bd:c7:86:29:
c7:b5:7c:e6:39:75:0d:ad:d3:dc:cc:60:3e:e3:c2:51:d4:92:
9a:f2:4e:48:4a:c5:43:8c:69:b8:0c:60:39:2f:93:35:12:54:
9a:ce:7d:03:17:a9:db:72:4d:d3:99:58:8b:33:96:4e:7c:66:
1b:73:54:13:dd:d1:2b:b0:d5:39:34:a4:49:14:ad:e4:95:f5:
98:3f:65:47:9e:02:55:c5:b5:54:f5:78:61:70:20:15:fa:ee:
0b:38:39:e8
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZXNsRnMzaraUdDwNrlIuGqrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMzI1MTQyNDUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Yzg0OTI0MGNlZDVlMGMwOTEzNWQwYzllNzAwMjc5ZDg5ZWI1ZWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArFC4RzR32Uc74tOH/EXyUvrZuzD8
4+Pu0fHAtNryIFBfLsb7Jqe8B5Egk8EmQvFMwYNBzN/Z+BRv0PXRBg7NxELwnAwD
wu77D3Ze6hzvAaw73hXmGCQHVZIMuPMnRWNc1KNiONsy6FyNu+jdeh9S1pqkQttv
3ENQUES/gtGOmmstreTEpaNQnfXMzqK9bVFOgKUQkGSS8bnYb6nBd5oZG9iMhFwx
jkcVzRIrv3AGq4bDzHOYcY+AGmwOftjqKTf4M5xIy9OjZBX4ybwY2F2uHo6BOlDZ
R1K6DnIqZTp8CAEsphpPyhqPbUTk/BNMVaj80BKfLe4PnGCWvL+dzlsjhwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJyEkkDO1eDAkTXQyecAJ52J617mMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvbklTU1FNN1Y0TUNSTmRESjV3QW5uWW5yWHVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcBKg6XwAOw
MA0GCSqGSIb3DQEBCwUAA4IBAQBBs2QMqQGqQYsumV7Mk0xGAOBoL/d0mqVqJQCr
ZaiadXjtYkI5RW+yCPLUqOHoHV66Xyde5kXzOk7OHN8Ov7CFILrHnaNvemDq9Ojd
GLmm0YaUHEm4394gO2sqNwtQcyTAKZ3UJqxxewZLCUltPK2OCcuEgsxvzP0HP3fg
OH54IOhpweGA6QYu4RUTC54N9v5feFB9gAtUzwPcw/IUp73HhinHtXzmOXUNrdPc
zGA+48JR1JKa8k5ISsVDjGm4DGA5L5M1ElSazn0DF6nbck3TmViLM5ZOfGYbc1QT
3dErsNU5NKRJFK3klfWYP2VHngJVxbVU9XhhcCAV+u4LODno
-----END CERTIFICATE-----
Generated at Fri Apr 18 10:45:07 2025 by rpki-client