Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/ncpaSSjHZ7dzz2yX6ESGTyZcI3Y.roa
File: ncpaSSjHZ7dzz2yX6ESGTyZcI3Y.roa (raw, json)
Hash identifier: z6Iwi6zh7LZIJRnFWNrE12QO9O6+8SWXU2jqbkKE70w=
Subject key identifier: 9D:CA:5A:49:28:C7:67:B7:73:CF:6C:97:E8:44:86:4F:26:5C:23:76
Certificate issuer: /CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Certificate serial: 01951FB137FE9CF5F3B6C5F8E284798566DF
Authority key identifier: 56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/ncpaSSjHZ7dzz2yX6ESGTyZcI3Y.roa
Signing time: Wed 19 Feb 2025 19:31:02 +0000
ROA not before: Wed 19 Feb 2025 19:31:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 28753
IP address blocks: 2a13:de40::/29 maxlen: 29
Validation: Failed, certificate revoked on Sun 30 Mar 2025 19:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:1f:b1:37:fe:9c:f5:f3:b6:c5:f8:e2:84:79:85:66:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Validity
Not Before: Feb 19 19:31:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9dca5a4928c767b773cf6c97e844864f265c2376
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ce:3c:ca:57:93:b1:fa:4e:f7:5d:2e:a0:5b:
c0:dc:48:65:0e:a8:1f:fa:0d:43:52:e1:2d:a7:6e:
5e:0c:c7:36:fb:fa:98:ad:8e:cc:95:52:e2:20:05:
f2:1e:dd:f1:d5:c8:8a:2b:c2:84:fd:8c:55:21:d9:
5e:8b:30:66:78:0b:15:11:95:50:b2:47:15:cf:3d:
a2:4e:fc:06:07:8f:d5:1d:b1:e0:83:09:57:61:e1:
56:eb:d4:a0:15:ad:10:2b:c6:1d:98:4b:7a:be:29:
56:ec:25:f6:a4:d5:85:0e:bf:fc:17:c4:43:27:15:
af:2e:f6:d3:d5:97:7c:e2:3d:05:e7:e0:65:79:90:
79:2e:d3:0e:67:3b:5a:b0:27:57:a5:a9:eb:1b:fc:
f8:07:90:f4:34:77:8f:87:69:93:29:34:6b:46:cb:
fc:9d:25:ff:82:4c:d7:93:e4:7d:ba:86:6b:c7:4f:
4a:07:bf:6a:fa:2a:c3:11:6a:b7:ba:8d:e1:14:f4:
60:c1:8e:7a:42:c6:dd:9e:34:a4:ee:74:d8:74:94:
6a:54:e0:39:b7:bd:b9:5b:c6:4e:0a:15:33:d8:36:
81:a6:a5:8d:8f:87:00:f6:c7:76:05:df:9e:14:2f:
9c:39:5d:35:c5:db:52:a7:bb:30:59:e4:f7:04:b7:
b3:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:CA:5A:49:28:C7:67:B7:73:CF:6C:97:E8:44:86:4F:26:5C:23:76
X509v3 Authority Key Identifier:
keyid:56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/ncpaSSjHZ7dzz2yX6ESGTyZcI3Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:de40::/29
Signature Algorithm: sha256WithRSAEncryption
4f:82:85:a2:c3:71:2f:8d:00:fc:2b:55:c0:fd:1f:81:d6:37:
ca:71:1f:3e:39:65:e4:0f:80:e8:f8:29:1e:84:7c:f1:8e:9e:
1f:5e:4c:d7:8c:b0:c1:eb:ec:fb:cb:e2:5f:35:96:33:5d:77:
75:91:1e:91:29:80:50:72:74:89:48:76:8d:e6:b0:fc:92:a6:
b2:a8:ae:72:90:de:99:97:73:44:7a:0a:1c:9f:88:79:80:24:
bc:64:98:38:99:07:b1:0e:c6:62:80:45:fa:0c:fe:5f:b6:83:
05:a5:65:30:0d:46:25:14:c2:d7:d4:3f:ae:8e:04:a9:20:ef:
65:5c:65:cc:62:7e:db:29:9c:ad:99:ae:fb:3f:67:ae:2a:d4:
16:78:34:48:5e:ab:94:d7:d7:d7:41:19:1b:bc:8c:18:3b:42:
df:82:73:cc:47:1c:eb:0f:13:e4:cd:77:f0:85:09:c6:4c:8b:
05:0c:c9:9a:58:7b:7b:ff:96:f6:2c:c8:a0:fe:0b:72:cd:a8:
08:4f:eb:ba:7e:c6:8f:71:f5:2a:3f:90:08:2c:76:81:fe:73:
da:3f:83:82:54:cd:77:67:6c:0c:f2:71:15:6b:62:b7:5c:55:
ee:c9:03:d7:40:89:51:af:a5:b5:f8:db:f9:ee:8a:78:4c:b3:
92:71:e7:f2
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZUfsTf+nPXztsX44oR5hWbfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2Yjk4ZjgzY2NiZGE3YzE5ZjAwNDE1MWM5OGI1N2M1OWQy
NjhmNTQwHhcNMjUwMjE5MTkzMTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGNhNWE0OTI4Yzc2N2I3NzNjZjZjOTdlODQ0ODY0ZjI2NWMyMzc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr848yleTsfpO910uoFvA3EhlDqgf
+g1DUuEtp25eDMc2+/qYrY7MlVLiIAXyHt3x1ciKK8KE/YxVIdleizBmeAsVEZVQ
skcVzz2iTvwGB4/VHbHggwlXYeFW69SgFa0QK8YdmEt6vilW7CX2pNWFDr/8F8RD
JxWvLvbT1Zd84j0F5+BleZB5LtMOZztasCdXpanrG/z4B5D0NHePh2mTKTRrRsv8
nSX/gkzXk+R9uoZrx09KB79q+irDEWq3uo3hFPRgwY56QsbdnjSk7nTYdJRqVOA5
t725W8ZOChUz2DaBpqWNj4cA9sd2Bd+eFC+cOV01xdtSp7swWeT3BLezWQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJ3KWkkox2e3c89sl+hEhk8mXCN2MB8GA1UdIwQY
MBaAFFa5j4PMvafBnwBBUcmLV8WdJo9UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2Yt
N2FhN2ZjMzU5NjU1LzEvbmNwYVNTakhaN2R6ejJ5WDZFU0dUeVpjSTNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2YtN2FhN2ZjMzU5NjU1
LzEvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhPeQDAN
BgkqhkiG9w0BAQsFAAOCAQEAT4KFosNxL40A/CtVwP0fgdY3ynEfPjll5A+A6Pgp
HoR88Y6eH15M14ywwevs+8viXzWWM113dZEekSmAUHJ0iUh2jeaw/JKmsqiucpDe
mZdzRHoKHJ+IeYAkvGSYOJkHsQ7GYoBF+gz+X7aDBaVlMA1GJRTC19Q/ro4EqSDv
ZVxlzGJ+2ymcrZmu+z9nrirUFng0SF6rlNfX10EZG7yMGDtC34JzzEcc6w8T5M13
8IUJxkyLBQzJmlh7e/+W9izIoP4Lcs2oCE/run7Gj3H1Kj+QCCx2gf5z2j+DglTN
d2dsDPJxFWtit1xV7skD10CJUa+ltfjb+e6KeEyzknHn8g==
-----END CERTIFICATE-----
Generated at Mon Apr 7 00:07:31 2025 by rpki-client