Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/N_mFghCegbyDtOWC9ncJdlWN1-g.roa
File: N_mFghCegbyDtOWC9ncJdlWN1-g.roa (raw, json)
Hash identifier: D//okV97QMO8/1UwXRdkRpNw3pHLuZiHbG5i3L2uqNc=
Subject key identifier: 37:F9:85:82:10:9E:81:BC:83:B4:E5:82:F6:77:09:76:55:8D:D7:E8
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 01955D8226D46C809A82339C6F0746D60A79
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/N_mFghCegbyDtOWC9ncJdlWN1-g.roa
Signing time: Mon 03 Mar 2025 19:36:05 +0000
ROA not before: Mon 03 Mar 2025 19:36:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204490
IP address blocks: 2a0e:4bc0::/32 maxlen: 32
2a0e:5640::/32 maxlen: 32
2a0e:b1c1::/32 maxlen: 32
2a0e:b1c4::/32 maxlen: 32
2a0e:ffc5::/32 maxlen: 32
2a0f:4347::/32 maxlen: 32
2a0f:6fc0::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 12 Mar 2025 15:56:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:5d:82:26:d4:6c:80:9a:82:33:9c:6f:07:46:d6:0a:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Mar 3 19:36:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=37f98582109e81bc83b4e582f6770976558dd7e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:8a:f8:d9:3f:29:a1:99:39:b5:4c:de:0f:7f:
e9:47:85:8c:aa:e5:ec:c2:bb:1c:ed:14:b7:e9:9c:
1e:16:36:03:4c:20:fa:2e:d1:0e:69:f1:3e:69:49:
81:8b:69:72:b0:90:fa:96:d9:bc:f2:fa:42:1b:d3:
70:38:bb:97:41:fe:8e:2b:48:8a:ae:c4:85:05:68:
d9:23:72:0d:74:28:66:3e:06:2f:1c:45:3b:1e:9c:
76:d2:5f:d2:94:03:fd:7b:e8:1c:3f:16:69:50:11:
63:f2:48:4a:d8:a5:bb:60:4c:ac:67:60:da:dc:e1:
09:fc:5e:da:03:0b:96:6b:07:5a:e0:ec:c1:c4:ae:
5c:8d:61:23:00:a3:35:d5:3e:83:36:1a:6d:25:59:
08:04:19:5c:50:6b:68:77:83:4f:51:28:77:2a:0e:
46:27:41:70:1f:39:8c:80:a3:4a:2e:df:60:73:c7:
45:49:d8:24:d7:39:1b:51:7b:24:f1:43:ba:ba:cb:
09:4a:83:ae:62:a6:28:59:47:a9:c4:2d:c6:54:7a:
e5:fc:3f:15:14:ce:d1:49:2e:a2:93:fe:98:02:a7:
e2:c8:95:09:b6:9d:d3:a5:d3:ce:c7:71:19:89:f4:
86:3d:50:17:f5:2f:22:56:62:a7:3a:05:8a:d0:9d:
b5:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:F9:85:82:10:9E:81:BC:83:B4:E5:82:F6:77:09:76:55:8D:D7:E8
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/N_mFghCegbyDtOWC9ncJdlWN1-g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:4bc0::/32
2a0e:5640::/32
2a0e:b1c1::/32
2a0e:b1c4::/32
2a0e:ffc5::/32
2a0f:4347::/32
2a0f:6fc0::/32
Signature Algorithm: sha256WithRSAEncryption
79:99:20:2d:58:fd:62:61:31:91:5c:60:c7:6c:eb:7b:24:6b:
1b:dc:ef:ba:43:f5:af:77:83:6d:82:d3:f5:d5:20:a3:d0:4a:
22:55:67:12:3f:f8:05:1b:60:e6:e0:c8:06:0a:53:68:fa:db:
eb:ec:46:1f:33:3e:9e:a3:0d:3e:11:7d:f1:33:0a:df:bf:ee:
b5:15:d9:65:ae:4a:e8:53:7b:32:b5:2a:63:c2:8e:9a:c4:a0:
b5:0c:c9:29:19:0b:87:0a:bf:b3:26:1f:ca:1e:44:ec:90:7d:
80:3a:f3:58:74:eb:16:90:c6:9e:1b:07:a6:c1:fc:1e:0f:44:
91:f4:37:69:5d:07:13:40:2a:c0:73:d6:2e:53:e4:d5:d7:84:
0b:ec:6f:94:96:78:b4:5e:96:77:db:93:a2:30:d1:4d:6a:14:
d3:6f:46:8e:5a:b9:96:4d:79:2e:80:4c:0c:94:83:f4:47:d2:
d7:8e:57:f4:19:02:cc:c8:6e:3c:fe:ff:78:2a:c1:50:85:00:
8c:16:ab:1b:97:2d:d3:c6:74:b0:88:c0:74:a1:26:c0:3f:5d:
f7:f1:cc:b3:2f:37:ae:5f:b5:c9:36:c3:81:cb:8e:53:49:9b:
df:80:7b:53:c6:a6:7d:c1:58:93:a6:f1:02:9a:a3:de:2c:a2:
da:60:9c:55
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAZVdgibUbICagjOcbwdG1gp5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjUwMzAzMTkzNjA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2Y5ODU4MjEwOWU4MWJjODNiNGU1ODJmNjc3MDk3NjU1OGRkN2U4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwor42T8poZk5tUzeD3/pR4WMquXs
wrsc7RS36ZweFjYDTCD6LtEOafE+aUmBi2lysJD6ltm88vpCG9NwOLuXQf6OK0iK
rsSFBWjZI3INdChmPgYvHEU7Hpx20l/SlAP9e+gcPxZpUBFj8khK2KW7YEysZ2Da
3OEJ/F7aAwuWawda4OzBxK5cjWEjAKM11T6DNhptJVkIBBlcUGtod4NPUSh3Kg5G
J0FwHzmMgKNKLt9gc8dFSdgk1zkbUXsk8UO6ussJSoOuYqYoWUepxC3GVHrl/D8V
FM7RSS6ik/6YAqfiyJUJtp3TpdPOx3EZifSGPVAX9S8iVmKnOgWK0J21fQIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFDf5hYIQnoG8g7TlgvZ3CXZVjdfoMB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvTl9tRmdoQ2VnYnlEdE9XQzluY0pkbFdOMS1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTA3BAIAAjAxAwUAKg5LwAMF
ACoOVkADBQAqDrHBAwUAKg6xxAMFACoO/8UDBQAqD0NHAwUAKg9vwDANBgkqhkiG
9w0BAQsFAAOCAQEAeZkgLVj9YmExkVxgx2zreyRrG9zvukP1r3eDbYLT9dUgo9BK
IlVnEj/4BRtg5uDIBgpTaPrb6+xGHzM+nqMNPhF98TMK37/utRXZZa5K6FN7MrUq
Y8KOmsSgtQzJKRkLhwq/syYfyh5E7JB9gDrzWHTrFpDGnhsHpsH8Hg9EkfQ3aV0H
E0AqwHPWLlPk1deEC+xvlJZ4tF6Wd9uTojDRTWoU029Gjlq5lk15LoBMDJSD9EfS
145X9BkCzMhuPP7/eCrBUIUAjBarG5ct08Z0sIjAdKEmwD9d9/HMsy83rl+1yTbD
gcuOU0mb34B7U8amfcFYk6bxApqj3iyi2mCcVQ==
-----END CERTIFICATE-----
Generated at Thu Apr 17 13:28:20 2025 by rpki-client