Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/NDIYpcU27UbLl17R_i27nqI9crg.roa
File: NDIYpcU27UbLl17R_i27nqI9crg.roa (raw, json)
Hash identifier: 0m9u8KS4K26s7QygPAo2+djBZiX4ZYN7eedz1d5FUvc=
Subject key identifier: 34:32:18:A5:C5:36:ED:46:CB:97:5E:D1:FE:2D:BB:9E:A2:3D:72:B8
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 019515272862120B0D3876AE405B5C2F2247
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/NDIYpcU27UbLl17R_i27nqI9crg.roa
Signing time: Mon 17 Feb 2025 18:24:02 +0000
ROA not before: Mon 17 Feb 2025 18:24:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200019
IP address blocks: 2a0e:5646::/32 maxlen: 32
2a0e:5902::/32 maxlen: 32
2a0f:c080::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 21 Feb 2025 13:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:15:27:28:62:12:0b:0d:38:76:ae:40:5b:5c:2f:22:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Feb 17 18:24:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=343218a5c536ed46cb975ed1fe2dbb9ea23d72b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:cc:01:b9:56:c1:6c:e3:29:25:04:24:8c:3d:
e0:88:24:d6:84:4e:8e:63:b3:92:d2:18:10:20:e8:
0f:31:b1:6d:9e:1d:b4:68:91:7d:20:b0:02:a1:fb:
25:71:b0:86:31:cc:d6:65:ca:04:01:52:99:44:e1:
c3:95:02:ff:43:24:4e:1f:67:17:b7:48:d8:2e:a8:
cb:ac:01:bf:f0:65:32:b9:00:7a:43:9f:67:e4:37:
ba:89:36:0f:4c:2d:14:ba:c7:40:0a:6a:e9:9b:2c:
c1:76:4c:8c:91:c5:ae:b7:56:36:a4:0d:92:a2:1c:
92:98:68:35:bf:00:18:65:c3:8f:98:f5:0b:5e:6a:
44:e4:75:27:51:21:47:94:12:f8:eb:9c:e8:92:18:
5f:e7:c7:59:3b:fc:b1:1e:54:e9:5b:fc:e4:2c:f7:
16:92:ab:37:ea:d4:9d:bd:6a:b3:11:63:37:6e:f1:
b4:54:7b:e5:fc:df:b0:42:bc:ea:e3:36:e5:52:cc:
1a:08:8d:be:2d:bd:aa:b6:ab:79:ce:0e:d8:ce:c6:
51:a1:67:24:b9:48:0d:33:7e:3a:e5:72:fc:01:b2:
2d:e8:0b:3f:11:88:37:7b:8c:76:9b:5c:b3:ee:95:
0b:5f:8a:29:45:02:ae:1f:00:97:d0:ee:4e:99:86:
fe:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:32:18:A5:C5:36:ED:46:CB:97:5E:D1:FE:2D:BB:9E:A2:3D:72:B8
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/NDIYpcU27UbLl17R_i27nqI9crg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:5646::/32
2a0e:5902::/32
2a0f:c080::/32
Signature Algorithm: sha256WithRSAEncryption
3d:ce:4a:41:c0:90:23:2e:9f:54:cb:ce:8a:82:2d:94:ee:4e:
0a:dd:a6:5f:08:a3:c5:d0:15:42:b0:4a:b2:9f:fd:47:0d:77:
96:c2:8e:b0:09:1a:80:a2:78:d0:3e:be:8b:a5:f9:1a:8b:22:
d0:60:1a:23:6d:9b:c7:da:25:1c:79:1e:9b:63:80:72:13:e8:
3b:ba:1e:91:af:c9:b3:40:f9:0b:0e:fb:97:8b:89:5a:55:34:
8b:95:0f:b2:4e:93:8b:16:6e:02:e4:fc:73:56:df:86:8b:2e:
3b:38:14:7e:c9:d5:3c:3e:37:70:c6:db:ff:7f:c5:3d:d3:00:
49:5e:5c:88:d2:5f:ab:1d:66:d1:11:a8:1d:30:3a:bd:fd:30:
6d:df:46:53:3e:00:a2:e5:46:72:30:58:03:53:8d:9f:9e:70:
2a:e4:0e:87:87:73:9f:32:da:e5:86:a5:cb:18:3c:3c:4a:00:
05:da:d5:78:02:4f:fa:e9:61:66:d7:68:38:8c:9b:c7:0f:1c:
be:ec:79:86:0a:ba:ad:a8:e6:62:93:ae:e1:98:e9:42:27:e0:
fc:ec:d4:39:f9:ca:b8:ac:22:ce:a5:9d:68:4e:f7:d8:38:7b:
77:12:c5:9b:bc:d6:0e:d9:23:29:b6:95:c9:89:06:a3:2f:11:
ec:08:c9:5c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZUVJyhiEgsNOHauQFtcLyJHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjUwMjE3MTgyNDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDMyMThhNWM1MzZlZDQ2Y2I5NzVlZDFmZTJkYmI5ZWEyM2Q3MmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuswBuVbBbOMpJQQkjD3giCTWhE6O
Y7OS0hgQIOgPMbFtnh20aJF9ILACofslcbCGMczWZcoEAVKZROHDlQL/QyROH2cX
t0jYLqjLrAG/8GUyuQB6Q59n5De6iTYPTC0UusdACmrpmyzBdkyMkcWut1Y2pA2S
ohySmGg1vwAYZcOPmPULXmpE5HUnUSFHlBL465zokhhf58dZO/yxHlTpW/zkLPcW
kqs36tSdvWqzEWM3bvG0VHvl/N+wQrzq4zblUswaCI2+Lb2qtqt5zg7YzsZRoWck
uUgNM3465XL8AbIt6As/EYg3e4x2m1yz7pULX4opRQKuHwCX0O5OmYb+xQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDQyGKXFNu1Gy5de0f4tu56iPXK4MB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvTkRJWXBjVTI3VWJMbDE3Ul9pMjducUk5Y3JnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUAKg5WRgMF
ACoOWQIDBQAqD8CAMA0GCSqGSIb3DQEBCwUAA4IBAQA9zkpBwJAjLp9Uy86Kgi2U
7k4K3aZfCKPF0BVCsEqyn/1HDXeWwo6wCRqAonjQPr6LpfkaiyLQYBojbZvH2iUc
eR6bY4ByE+g7uh6Rr8mzQPkLDvuXi4laVTSLlQ+yTpOLFm4C5PxzVt+Giy47OBR+
ydU8Pjdwxtv/f8U90wBJXlyI0l+rHWbREagdMDq9/TBt30ZTPgCi5UZyMFgDU42f
nnAq5A6Hh3OfMtrlhqXLGDw8SgAF2tV4Ak/66WFm12g4jJvHDxy+7HmGCrqtqOZi
k67hmOlCJ+D87NQ5+cq4rCLOpZ1oTvfYOHt3EsWbvNYO2SMptpXJiQajLxHsCMlc
-----END CERTIFICATE-----
Generated at Thu Apr 17 13:24:32 2025 by rpki-client