Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/nXlLKOpXi-sJyTScZU0PCKJGkFE.roa
File: nXlLKOpXi-sJyTScZU0PCKJGkFE.roa (raw, json)
Hash identifier: hvgv4aTQjVlXz8nwn/MxuT2eA5jAqXBXVi/LOKhCeOE=
Subject key identifier: 9D:79:4B:28:EA:57:8B:EB:09:C9:34:9C:65:4D:0F:08:A2:46:90:51
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 01966C2D212E0E0A99EFB4CAEC0D9A1C4A32
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/nXlLKOpXi-sJyTScZU0PCKJGkFE.roa
Signing time: Fri 25 Apr 2025 09:00:19 +0000
ROA not before: Fri 25 Apr 2025 09:00:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210558
IP address blocks: 124.198.131.0/24 maxlen: 24
124.198.132.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 02 Jun 2025 12:35:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:6c:2d:21:2e:0e:0a:99:ef:b4:ca:ec:0d:9a:1c:4a:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Apr 25 09:00:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9d794b28ea578beb09c9349c654d0f08a2469051
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:d8:01:7d:1d:3d:4a:ca:64:46:58:a9:8b:5b:
66:3a:b9:1b:24:c3:85:20:b5:2e:7e:2a:50:65:17:
5c:ec:d9:19:df:43:86:30:a4:5d:74:09:b6:b3:ec:
ee:a9:50:04:d9:a9:65:9c:90:89:31:c1:20:25:4a:
ba:19:3e:b9:12:97:55:ee:4b:b6:ed:77:76:0f:25:
db:d4:c7:a5:31:47:11:45:ee:65:b4:12:44:33:07:
19:c2:26:bb:f4:e0:ff:f2:0a:7b:d3:6e:de:c7:b5:
b2:20:ed:54:20:ca:22:a6:6b:f5:67:d9:03:20:74:
fd:f6:2a:ae:a0:99:2d:00:b4:49:18:b1:e5:d7:0f:
d4:eb:ae:79:49:17:0f:85:31:fc:98:85:6c:6a:be:
d9:92:6c:ae:5c:cc:e0:9a:2d:72:37:b9:ae:95:06:
9f:6c:e5:4c:d3:73:4f:3e:29:1a:7c:d0:01:d2:49:
f2:dc:71:6f:3c:71:1c:f6:29:4f:07:fa:79:ac:8c:
6d:49:38:92:12:7c:4b:bd:ea:cf:b8:91:bf:d7:7d:
bc:80:31:4e:88:15:75:2e:d0:78:d7:35:c8:8f:1c:
b4:6f:4d:01:ed:e0:48:db:4b:c4:b4:23:90:02:c5:
d9:8a:54:57:3e:cc:a3:0a:4c:60:a9:81:5f:53:b1:
60:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:79:4B:28:EA:57:8B:EB:09:C9:34:9C:65:4D:0F:08:A2:46:90:51
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/nXlLKOpXi-sJyTScZU0PCKJGkFE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
124.198.131.0-124.198.132.255
Signature Algorithm: sha256WithRSAEncryption
83:ff:80:19:60:8d:c1:80:f0:4b:92:69:e9:eb:3d:65:4a:5e:
43:80:d6:83:bb:7c:67:8d:d8:5c:45:55:a5:d3:07:4a:5c:2d:
50:f4:f6:69:15:11:38:56:de:8b:74:85:60:81:fe:16:1a:80:
ae:a3:a2:f7:f3:84:df:b9:32:4f:2e:c6:68:9f:10:a0:8f:0d:
30:54:ee:5e:04:01:15:f2:10:66:29:ae:f0:11:ff:56:eb:7d:
39:ba:ae:a6:bf:4d:e3:a6:d1:2b:d6:cd:0c:69:1e:2c:df:76:
12:ec:ac:3a:28:53:bf:2b:cc:20:75:a0:df:7c:51:1e:e9:8c:
60:b9:25:d4:05:9d:f0:28:10:f4:7f:3c:ed:cc:5a:b6:3b:64:
51:d5:47:01:cb:09:8c:84:e6:31:9b:a9:02:40:ae:08:72:c4:
b2:f7:a7:92:67:12:6f:04:88:6d:f5:3f:6a:7b:ab:40:5c:62:
e5:e5:20:30:ae:34:48:0f:26:7a:3d:95:27:e6:3c:e1:cf:53:
81:5c:24:c3:b8:c4:5c:6e:cc:74:e5:31:a2:05:62:e7:ca:d5:
b4:41:34:6d:42:0a:6f:97:25:50:d2:f2:a5:58:31:cd:09:e9:
cd:e6:a5:b6:70:3a:31:96:17:5c:59:4e:14:e4:a0:4b:f6:53:
95:6e:eb:28
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZZsLSEuDgqZ77TK7A2aHEoyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjUwNDI1MDkwMDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDc5NGIyOGVhNTc4YmViMDljOTM0OWM2NTRkMGYwOGEyNDY5MDUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlNgBfR09SspkRlipi1tmOrkbJMOF
ILUufipQZRdc7NkZ30OGMKRddAm2s+zuqVAE2allnJCJMcEgJUq6GT65EpdV7ku2
7Xd2DyXb1MelMUcRRe5ltBJEMwcZwia79OD/8gp7027ex7WyIO1UIMoipmv1Z9kD
IHT99iquoJktALRJGLHl1w/U6655SRcPhTH8mIVsar7ZkmyuXMzgmi1yN7mulQaf
bOVM03NPPikafNAB0kny3HFvPHEc9ilPB/p5rIxtSTiSEnxLverPuJG/1328gDFO
iBV1LtB41zXIjxy0b00B7eBI20vEtCOQAsXZilRXPsyjCkxgqYFfU7FgiQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJ15SyjqV4vrCck0nGVNDwiiRpBRMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvblhsTEtPcFhpLXNKeVRTY1pVMFBDS0pHa0ZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAB8xoMD
BAB8xoQwDQYJKoZIhvcNAQELBQADggEBAIP/gBlgjcGA8EuSaenrPWVKXkOA1oO7
fGeN2FxFVaXTB0pcLVD09mkVEThW3ot0hWCB/hYagK6jovfzhN+5Mk8uxmifEKCP
DTBU7l4EARXyEGYprvAR/1brfTm6rqa/TeOm0SvWzQxpHizfdhLsrDooU78rzCB1
oN98UR7pjGC5JdQFnfAoEPR/PO3MWrY7ZFHVRwHLCYyE5jGbqQJArghyxLL3p5Jn
Em8EiG31P2p7q0BcYuXlIDCuNEgPJno9lSfmPOHPU4FcJMO4xFxuzHTlMaIFYufK
1bRBNG1CCm+XJVDS8qVYMc0J6c3mpbZwOjGWF1xZThTkoEv2U5Vu6yg=
-----END CERTIFICATE-----
Generated at Sun Jun 8 18:29:01 2025 by rpki-client