Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/NH9MLRicU7ys3LzGp5GCXCkgeqk.roa
File: NH9MLRicU7ys3LzGp5GCXCkgeqk.roa (raw, json)
Hash identifier: HXoZV31GtPpxxmIkf1nlw3Qk/G1alPaYH8G8/1sN/cY=
Subject key identifier: 34:7F:4C:2D:18:9C:53:BC:AC:DC:BC:C6:A7:91:82:5C:29:20:7A:A9
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 0194F65265C0F657AF60F75FDE6D0ABD0A58
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/NH9MLRicU7ys3LzGp5GCXCkgeqk.roa
Signing time: Tue 11 Feb 2025 18:43:02 +0000
ROA not before: Tue 11 Feb 2025 18:43:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209641
IP address blocks: 2a0e:5643::/32 maxlen: 32
2a0e:5645::/32 maxlen: 32
2a0e:5647::/32 maxlen: 32
2a0e:5905::/32 maxlen: 32
2a0e:8084::/32 maxlen: 32
2a0e:ccc4::/32 maxlen: 32
2a0f:6fc3::/32 maxlen: 32
2a0f:b4c2::/32 maxlen: 32
2a0f:c085::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 14 Feb 2025 08:04:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:f6:52:65:c0:f6:57:af:60:f7:5f:de:6d:0a:bd:0a:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Feb 11 18:43:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=347f4c2d189c53bcacdcbcc6a791825c29207aa9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:f4:d5:01:11:db:0a:6f:72:c6:be:e7:b9:c2:
a1:d6:68:f8:8a:15:93:7e:55:63:0e:64:da:42:56:
05:0a:94:4d:15:d7:11:f4:1a:4f:1a:45:b7:91:f8:
6e:4f:85:53:f6:6a:d5:f8:14:0f:32:cd:2d:cb:1c:
81:71:cd:5d:2b:d9:9c:25:5f:5b:71:d5:ed:15:84:
6f:a7:af:ee:93:81:e6:73:9b:7c:16:6a:3b:8d:5b:
25:d8:f2:c5:7b:83:f9:02:58:d9:d7:77:7d:18:4d:
21:eb:af:7d:3f:8c:a9:b9:0e:6e:cd:3c:ed:31:b1:
00:16:66:d8:c5:4c:69:67:98:76:89:fd:b4:2e:4d:
54:0f:5a:27:8a:5a:ca:0c:04:d5:0c:4c:76:8f:43:
00:12:67:45:76:3c:1b:f3:fa:41:b0:61:1f:18:ec:
be:fd:5a:0c:6c:ea:3d:ab:a8:60:29:bc:5c:7a:d4:
6d:a5:06:61:6b:67:4d:f5:7c:5c:01:da:ed:07:f0:
6d:50:7f:f7:41:c5:41:9f:4d:7d:83:86:0b:e4:50:
91:d0:1f:fe:dd:3d:43:79:fc:e8:a0:cf:f2:52:e7:
e8:77:d6:27:e1:59:0e:24:9b:f8:b8:eb:5e:d6:5f:
a4:b3:40:68:86:c4:f8:5c:cc:36:98:bf:b0:d3:24:
54:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:7F:4C:2D:18:9C:53:BC:AC:DC:BC:C6:A7:91:82:5C:29:20:7A:A9
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/NH9MLRicU7ys3LzGp5GCXCkgeqk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:5643::/32
2a0e:5645::/32
2a0e:5647::/32
2a0e:5905::/32
2a0e:8084::/32
2a0e:ccc4::/32
2a0f:6fc3::/32
2a0f:b4c2::/32
2a0f:c085::/32
Signature Algorithm: sha256WithRSAEncryption
31:2d:e3:29:44:23:0e:e7:57:79:77:b5:64:ff:60:6e:fc:55:
91:29:13:86:88:9b:53:3d:4b:39:b7:c3:f9:e9:17:88:a6:1a:
df:68:25:0b:41:d3:18:71:2b:c8:fa:eb:4c:c6:7b:1f:d8:50:
70:65:b5:fb:c9:02:f6:a9:b1:4a:76:8f:2f:52:0c:6a:f9:6b:
4b:1f:3e:a2:d5:4b:b5:98:56:f6:ab:67:da:b4:19:92:c9:61:
41:56:50:69:98:c8:12:de:9c:54:bb:39:9b:87:7d:45:23:47:
9f:18:61:d9:2f:29:b8:f8:5c:1f:6d:ae:a0:f0:5c:a8:1e:67:
6d:bc:85:7b:e9:de:dc:d6:3c:67:63:10:93:69:15:cd:e2:d6:
ff:aa:d1:62:8f:9d:6f:ff:13:b3:3d:13:dd:e1:44:5b:cf:45:
0c:3d:65:a9:bc:91:3b:80:5a:fd:1e:5f:c3:84:ac:46:a7:e3:
04:93:12:70:3a:96:91:cd:3b:01:88:6f:70:a8:11:3d:10:9a:
14:1f:8f:6c:32:55:05:74:6f:b1:37:7a:02:d9:bb:01:89:40:
5d:bb:38:ae:9b:df:16:f8:bf:2e:f0:ee:91:46:57:65:13:6c:
c5:91:3c:8f:76:d5:14:e0:d5:88:8e:36:c8:66:1c:f2:c9:46:
df:89:af:3e
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZT2UmXA9levYPdf3m0KvQpYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjUwMjExMTg0MzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDdmNGMyZDE4OWM1M2JjYWNkY2JjYzZhNzkxODI1YzI5MjA3YWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy/TVARHbCm9yxr7nucKh1mj4ihWT
flVjDmTaQlYFCpRNFdcR9BpPGkW3kfhuT4VT9mrV+BQPMs0tyxyBcc1dK9mcJV9b
cdXtFYRvp6/uk4Hmc5t8Fmo7jVsl2PLFe4P5AljZ13d9GE0h6699P4ypuQ5uzTzt
MbEAFmbYxUxpZ5h2if20Lk1UD1onilrKDATVDEx2j0MAEmdFdjwb8/pBsGEfGOy+
/VoMbOo9q6hgKbxcetRtpQZha2dN9XxcAdrtB/BtUH/3QcVBn019g4YL5FCR0B/+
3T1DefzooM/yUufod9Yn4VkOJJv4uOte1l+ks0BohsT4XMw2mL+w0yRU6QIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFDR/TC0YnFO8rNy8xqeRglwpIHqpMB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvTkg5TUxSaWNVN3lzM0x6R3A1R0NYQ2tnZXFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzBFBAIAAjA/AwUAKg5WQwMF
ACoOVkUDBQAqDlZHAwUAKg5ZBQMFACoOgIQDBQAqDszEAwUAKg9vwwMFACoPtMID
BQAqD8CFMA0GCSqGSIb3DQEBCwUAA4IBAQAxLeMpRCMO51d5d7Vk/2Bu/FWRKROG
iJtTPUs5t8P56ReIphrfaCULQdMYcSvI+utMxnsf2FBwZbX7yQL2qbFKdo8vUgxq
+WtLHz6i1Uu1mFb2q2fatBmSyWFBVlBpmMgS3pxUuzmbh31FI0efGGHZLym4+Fwf
ba6g8FyoHmdtvIV76d7c1jxnYxCTaRXN4tb/qtFij51v/xOzPRPd4URbz0UMPWWp
vJE7gFr9Hl/DhKxGp+MEkxJwOpaRzTsBiG9wqBE9EJoUH49sMlUFdG+xN3oC2bsB
iUBduzium98W+L8u8O6RRldlE2zFkTyPdtUU4NWIjjbIZhzyyUbfia8+
-----END CERTIFICATE-----
Generated at Thu Apr 17 13:32:26 2025 by rpki-client