Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/nvj0qlK6oe7ZBqioQptmaDPPXVo.roa
File: nvj0qlK6oe7ZBqioQptmaDPPXVo.roa (raw, json)
Hash identifier: GGBBD0UVr5rPb4xVxr5mL0jB/b388ZU21VFjlLDj71o=
Subject key identifier: 9E:F8:F4:AA:52:BA:A1:EE:D9:06:A8:A8:42:9B:66:68:33:CF:5D:5A
Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Certificate serial: 019456BEC9B5D79B34229AAA05F722234C47
Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/nvj0qlK6oe7ZBqioQptmaDPPXVo.roa
Signing time: Sat 11 Jan 2025 19:02:11 +0000
ROA not before: Sat 11 Jan 2025 19:02:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 152565
IP address blocks: 2a12:bec4:1170::/44 maxlen: 44
Validation: Failed, certificate revoked on Thu 23 Jan 2025 14:06:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:56:be:c9:b5:d7:9b:34:22:9a:aa:05:f7:22:23:4c:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Validity
Not Before: Jan 11 19:02:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9ef8f4aa52baa1eed906a8a8429b666833cf5d5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:5d:99:37:66:f9:ce:fa:52:6c:28:9c:48:db:
f4:2b:bd:c5:fe:d8:db:a8:15:04:1e:1b:a8:39:c0:
26:97:b1:14:01:04:53:85:a7:c2:ea:d4:b0:0e:4e:
e4:70:68:81:43:3e:6d:04:6c:de:36:3b:1d:93:50:
9d:76:8d:6e:18:3e:d0:29:c2:f4:f5:97:0d:bb:5e:
aa:48:63:d7:4e:20:20:5f:13:70:60:e2:d6:50:85:
2b:94:30:db:f1:b6:b5:5e:ad:68:63:1b:eb:7d:50:
a6:d3:34:c7:35:ae:f5:7c:50:73:03:3a:07:b1:8a:
1c:30:8d:ff:c9:19:01:2c:a4:b1:82:65:46:87:92:
a7:c6:f7:2c:2a:95:a6:7c:e6:ac:cc:e6:9d:81:c5:
08:6a:98:1e:ba:aa:ac:ed:89:87:63:0e:05:f3:18:
58:62:fc:56:2f:8e:ea:56:8e:15:40:59:84:61:1e:
4d:91:7e:02:fd:11:fa:1c:7c:78:84:5f:01:6d:1c:
47:fe:d4:a6:e7:34:17:c2:4c:1f:fc:9b:ef:84:03:
c2:69:f3:10:03:65:86:96:8d:3a:dc:46:02:05:65:
20:6c:f2:19:4c:e7:4e:69:ea:89:20:66:2b:fa:a8:
eb:dc:35:e6:62:79:dd:e9:51:d0:39:eb:31:25:4c:
ef:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:F8:F4:AA:52:BA:A1:EE:D9:06:A8:A8:42:9B:66:68:33:CF:5D:5A
X509v3 Authority Key Identifier:
keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/nvj0qlK6oe7ZBqioQptmaDPPXVo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:bec4:1170::/44
Signature Algorithm: sha256WithRSAEncryption
57:31:c7:55:f2:71:8c:87:b8:02:37:44:4d:fb:00:fe:4e:9d:
93:1e:2b:07:c0:ed:9f:7c:7f:e6:3d:29:17:f3:52:61:0e:01:
ec:b8:00:4e:00:ef:1a:e9:59:39:37:65:12:6a:cb:ac:07:09:
b1:00:4a:dd:c1:8e:cc:c2:21:ae:67:70:56:75:38:59:45:dc:
03:ad:fb:fa:8b:96:35:2f:81:cc:33:6d:9a:a3:d7:bc:81:fc:
b5:59:21:a0:30:17:18:b9:97:6f:0d:6a:89:c6:be:52:57:c6:
01:d5:62:2d:03:b8:e7:70:ab:21:60:5d:19:e2:ca:48:24:b8:
c0:8f:37:d8:dd:9f:cf:6a:47:d9:65:13:2f:65:72:23:6b:66:
18:24:f8:5c:cc:4a:f7:20:90:57:12:ac:2c:06:11:c8:a6:74:
1d:7a:8e:3f:e2:79:f0:66:90:74:86:61:cf:db:57:64:ed:d3:
24:43:73:fe:c4:2e:61:fc:51:7b:82:db:be:e4:96:05:07:36:
25:1e:e6:f7:39:94:5a:17:94:8c:1d:17:47:0c:39:bf:41:ba:
58:89:5b:a7:b7:b7:48:f5:96:6c:c3:93:db:c8:58:c0:b4:f3:
3e:ef:23:52:2a:ab:77:9f:0c:53:bf:1a:38:fc:a4:fe:b2:f1:
8f:28:c4:70
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZRWvsm115s0IpqqBfciI0xHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj
M2Q2NmYwHhcNMjUwMTExMTkwMjExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWY4ZjRhYTUyYmFhMWVlZDkwNmE4YTg0MjliNjY2ODMzY2Y1ZDVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArV2ZN2b5zvpSbCicSNv0K73F/tjb
qBUEHhuoOcAml7EUAQRThafC6tSwDk7kcGiBQz5tBGzeNjsdk1Cddo1uGD7QKcL0
9ZcNu16qSGPXTiAgXxNwYOLWUIUrlDDb8ba1Xq1oYxvrfVCm0zTHNa71fFBzAzoH
sYocMI3/yRkBLKSxgmVGh5KnxvcsKpWmfOaszOadgcUIapgeuqqs7YmHYw4F8xhY
YvxWL47qVo4VQFmEYR5NkX4C/RH6HHx4hF8BbRxH/tSm5zQXwkwf/JvvhAPCafMQ
A2WGlo063EYCBWUgbPIZTOdOaeqJIGYr+qjr3DXmYnnd6VHQOesxJUzvfQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJ749KpSuqHu2QaoqEKbZmgzz11aMB8GA1UdIwQY
MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt
NTUzNjljZjUwN2VlLzEvbnZqMHFsSzZvZTdaQnFpb1FwdG1hRFBQWFZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl
LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhK+xBFw
MA0GCSqGSIb3DQEBCwUAA4IBAQBXMcdV8nGMh7gCN0RN+wD+Tp2THisHwO2ffH/m
PSkX81JhDgHsuABOAO8a6Vk5N2USasusBwmxAErdwY7MwiGuZ3BWdThZRdwDrfv6
i5Y1L4HMM22ao9e8gfy1WSGgMBcYuZdvDWqJxr5SV8YB1WItA7jncKshYF0Z4spI
JLjAjzfY3Z/PakfZZRMvZXIja2YYJPhczEr3IJBXEqwsBhHIpnQdeo4/4nnwZpB0
hmHP21dk7dMkQ3P+xC5h/FF7gtu+5JYFBzYlHub3OZRaF5SMHRdHDDm/QbpYiVun
t7dI9ZZsw5PbyFjAtPM+7yNSKqt3nwxTvxo4/KT+svGPKMRw
-----END CERTIFICATE-----
Generated at Mon Apr 7 04:54:20 2025 by rpki-client