Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/b694b8-8211-4c06-9c81-7b35397af2f7/1/NF3ii2wgf3-85qQ76ArV7dgg6a0.roa
File: NF3ii2wgf3-85qQ76ArV7dgg6a0.roa (raw, json)
Hash identifier: pbspeAN3O4BK+yFm9kkD+V/rLV+RT2Tk2xlm4r/g5vo=
Subject key identifier: 34:5D:E2:8B:6C:20:7F:7F:BC:E6:A4:3B:E8:0A:D5:ED:D8:20:E9:AD
Certificate issuer: /CN=a124ccdd70f3ec762cbd65e04dd6f76be236a8a7
Certificate serial: 01948AC88C2526C996F9584D35D6975A034C
Authority key identifier: A1:24:CC:DD:70:F3:EC:76:2C:BD:65:E0:4D:D6:F7:6B:E2:36:A8:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oSTM3XDz7HYsvWXgTdb3a-I2qKc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/b694b8-8211-4c06-9c81-7b35397af2f7/1/NF3ii2wgf3-85qQ76ArV7dgg6a0.roa
Signing time: Tue 21 Jan 2025 21:33:06 +0000
ROA not before: Tue 21 Jan 2025 21:33:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60539
IP address blocks: 2a13:aac6:c300::/40 maxlen: 40
2a13:aac7::/32 maxlen: 48
Validation: Failed, certificate revoked on Thu 23 Jan 2025 15:40:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:8a:c8:8c:25:26:c9:96:f9:58:4d:35:d6:97:5a:03:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a124ccdd70f3ec762cbd65e04dd6f76be236a8a7
Validity
Not Before: Jan 21 21:33:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=345de28b6c207f7fbce6a43be80ad5edd820e9ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:bc:32:18:32:90:55:5a:76:86:7c:d5:22:66:
0e:44:a0:06:b4:0e:1f:0c:3f:f8:96:ce:e5:11:84:
10:0b:99:0d:d2:1b:99:36:eb:de:69:40:f0:b5:7b:
bd:ee:99:05:75:90:dd:b2:f1:1c:01:63:d4:4a:4d:
62:80:28:31:83:2c:3b:2b:64:d6:af:a6:3d:9c:ae:
59:28:06:42:f4:28:80:d0:0b:2f:9a:4d:c3:64:27:
96:60:d1:dd:bd:bd:08:62:ca:c5:be:49:bc:fe:c2:
3e:06:c3:69:3b:e3:5a:35:0e:a9:29:f2:56:11:5b:
ff:aa:19:da:b9:47:74:12:0e:cf:6b:21:ef:83:89:
34:3c:c1:ca:81:45:d1:36:1a:f4:1f:3b:fa:be:28:
4d:54:10:0c:13:07:24:ce:a1:ce:97:9e:35:57:7d:
53:78:6b:7a:35:dd:c1:bd:be:c4:66:c2:0d:26:f1:
7d:d0:5f:f9:19:01:dc:19:17:01:0b:42:ce:f5:28:
87:b3:d7:f9:c3:15:1f:57:8b:27:e2:33:31:a1:6c:
c4:71:fb:1a:0b:2c:79:93:fb:08:50:35:cc:95:b7:
6e:bb:f5:c3:dd:d1:b7:99:0d:f9:7c:7f:89:9f:4e:
18:7b:a6:4b:c0:63:c3:c8:f5:10:00:99:33:c0:5f:
fd:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:5D:E2:8B:6C:20:7F:7F:BC:E6:A4:3B:E8:0A:D5:ED:D8:20:E9:AD
X509v3 Authority Key Identifier:
keyid:A1:24:CC:DD:70:F3:EC:76:2C:BD:65:E0:4D:D6:F7:6B:E2:36:A8:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oSTM3XDz7HYsvWXgTdb3a-I2qKc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/b694b8-8211-4c06-9c81-7b35397af2f7/1/NF3ii2wgf3-85qQ76ArV7dgg6a0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/b694b8-8211-4c06-9c81-7b35397af2f7/1/oSTM3XDz7HYsvWXgTdb3a-I2qKc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:aac6:c300::/40
2a13:aac7::/32
Signature Algorithm: sha256WithRSAEncryption
1e:f4:1b:48:8f:d8:db:fc:b8:ce:d9:f2:77:e0:cf:bc:fe:d4:
b9:d5:26:5f:1a:ab:05:da:50:2b:65:cd:0f:eb:a2:e3:4f:33:
ef:52:7b:a5:c2:cf:59:36:6c:bc:95:cb:14:9a:1d:89:14:10:
cc:6a:69:eb:e2:d9:bb:91:6b:38:55:03:fb:ad:ee:5a:1c:53:
c8:da:43:79:d1:f2:56:07:bf:70:0c:aa:e9:79:26:81:06:2a:
5a:b8:79:74:54:6a:38:49:ac:11:49:c7:3f:f1:78:fb:9d:c9:
a8:ac:48:5e:29:ae:c0:78:17:ba:d8:3c:85:66:b6:d3:3f:80:
45:b9:ed:e3:6e:4a:d9:df:03:4b:3b:a2:05:39:82:da:03:fb:
f3:f7:6e:22:32:40:51:82:20:43:ef:5c:e6:3a:f1:c4:bc:c1:
0d:e3:a3:2d:06:2c:6b:0c:22:d2:d7:46:26:44:e2:56:f1:b1:
9e:29:9e:fa:5e:c9:dc:bc:6f:52:03:b2:8d:9a:9a:bf:01:da:
bd:1e:6f:b7:58:f5:09:46:f8:dd:df:fd:c2:08:a6:84:7c:b1:
1c:bb:e4:13:ae:5d:ba:31:b1:63:4b:9a:03:3f:8e:16:b4:c7:
a3:41:42:21:c3:39:85:aa:e1:bb:83:51:ca:ba:43:35:28:b2:
41:93:00:6c
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgISAZSKyIwlJsmW+VhNNdaXWgNMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExMjRjY2RkNzBmM2VjNzYyY2JkNjVlMDRkZDZmNzZiZTIz
NmE4YTcwHhcNMjUwMTIxMjEzMzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDVkZTI4YjZjMjA3ZjdmYmNlNmE0M2JlODBhZDVlZGQ4MjBlOWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAorwyGDKQVVp2hnzVImYORKAGtA4f
DD/4ls7lEYQQC5kN0huZNuveaUDwtXu97pkFdZDdsvEcAWPUSk1igCgxgyw7K2TW
r6Y9nK5ZKAZC9CiA0Asvmk3DZCeWYNHdvb0IYsrFvkm8/sI+BsNpO+NaNQ6pKfJW
EVv/qhnauUd0Eg7PayHvg4k0PMHKgUXRNhr0Hzv6vihNVBAMEwckzqHOl541V31T
eGt6Nd3Bvb7EZsINJvF90F/5GQHcGRcBC0LO9SiHs9f5wxUfV4sn4jMxoWzEcfsa
Cyx5k/sIUDXMlbduu/XD3dG3mQ35fH+Jn04Ye6ZLwGPDyPUQAJkzwF/93wIDAQAB
o4ICEjCCAg4wHQYDVR0OBBYEFDRd4otsIH9/vOakO+gK1e3YIOmtMB8GA1UdIwQY
MBaAFKEkzN1w8+x2LL1l4E3W92viNqinMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1NUTTNYRHo3SFlzdldYZ1RkYjNhLUkycUtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9iNjk0YjgtODIxMS00YzA2LTljODEt
N2IzNTM5N2FmMmY3LzEvTkYzaWkyd2dmMy04NXFRNzZBclY3ZGdnNmEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9iNjk0YjgtODIxMS00YzA2LTljODEtN2IzNTM5N2FmMmY3
LzEvb1NUTTNYRHo3SFlzdldYZ1RkYjNhLUkycUtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCgGCCsGAQUFBwEHAQH/BBkwFzAVBAIAAjAPAwYAKhOqxsMD
BQAqE6rHMA0GCSqGSIb3DQEBCwUAA4IBAQAe9BtIj9jb/LjO2fJ34M+8/tS51SZf
GqsF2lArZc0P66LjTzPvUnulws9ZNmy8lcsUmh2JFBDMamnr4tm7kWs4VQP7re5a
HFPI2kN50fJWB79wDKrpeSaBBipauHl0VGo4SawRScc/8Xj7ncmorEheKa7AeBe6
2DyFZrbTP4BFue3jbkrZ3wNLO6IFOYLaA/vz924iMkBRgiBD71zmOvHEvMEN46Mt
BixrDCLS10YmROJW8bGeKZ76XsncvG9SA7KNmpq/Adq9Hm+3WPUJRvjd3/3CCKaE
fLEcu+QTrl26MbFjS5oDP44WtMejQUIhwzmFquG7g1HKukM1KLJBkwBs
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:24:37 2025 by rpki-client