Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/3c8da5-a8e9-4a4f-8168-3ce611cb6799/1/NXEQx5J8SpVcSGhs4i5jZkWZ3Wo.roa
File: NXEQx5J8SpVcSGhs4i5jZkWZ3Wo.roa (raw, json)
Hash identifier: 8D4QwYnUULhRC2wXTbiqdNL2xCcYqXNz4TplxBg2cZU=
Subject key identifier: 35:71:10:C7:92:7C:4A:95:5C:48:68:6C:E2:2E:63:66:45:99:DD:6A
Certificate issuer: /CN=4f030205fa365e9f49ff4ea7506df912d5ed8360
Certificate serial: 018CC6B9035F94D5319AE9B7D7A733B50AA8
Authority key identifier: 4F:03:02:05:FA:36:5E:9F:49:FF:4E:A7:50:6D:F9:12:D5:ED:83:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TwMCBfo2Xp9J_06nUG35EtXtg2A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/3c8da5-a8e9-4a4f-8168-3ce611cb6799/1/NXEQx5J8SpVcSGhs4i5jZkWZ3Wo.roa
Signing time: Mon 01 Jan 2024 20:31:02 +0000
ROA not before: Mon 01 Jan 2024 20:31:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35667
IP address blocks: 94.143.216.0/21 maxlen: 21
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:47:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:03:5f:94:d5:31:9a:e9:b7:d7:a7:33:b5:0a:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f030205fa365e9f49ff4ea7506df912d5ed8360
Validity
Not Before: Jan 1 20:31:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=357110c7927c4a955c48686ce22e63664599dd6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:7f:e7:d1:32:0f:35:a3:3f:45:0b:2b:65:bb:
2f:6e:5d:87:33:e8:20:5e:9f:26:3a:ac:7c:f2:b0:
58:c7:4c:5b:9b:4a:f8:01:72:b9:16:d7:4c:05:14:
97:fa:d4:5d:1c:6a:63:42:2a:a1:6d:4b:85:d3:24:
75:89:ae:60:8c:6a:b5:e6:8e:21:73:80:54:bd:18:
ac:72:65:61:5f:2c:e5:e5:99:a7:45:7d:e1:3e:62:
11:10:23:4b:24:ae:3b:5b:6d:ac:51:76:66:e8:6b:
e5:18:86:1f:86:3c:15:7c:59:2f:82:1f:e6:4e:96:
f7:de:a9:d9:51:9b:13:fc:b0:0b:54:9e:9e:c8:f5:
62:30:0c:bb:e5:ce:df:ea:05:e0:90:cb:36:85:5c:
0e:68:33:02:c6:ce:e3:ae:c1:4e:22:05:05:d9:ee:
68:80:c1:6a:35:7c:56:64:68:c2:99:05:7e:d9:e1:
66:b5:e3:8b:26:6c:ae:1a:02:95:4a:e9:66:9a:de:
2a:9d:5d:fe:56:56:76:0f:1f:15:68:f1:98:7a:84:
30:1b:5d:d8:72:d9:03:ef:b6:18:11:09:59:c9:d4:
b2:72:21:aa:7f:ea:f1:6a:38:0a:b5:a1:4b:d9:13:
e5:2f:5b:11:8d:c2:de:e5:c9:39:f7:e9:20:a7:73:
0a:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:71:10:C7:92:7C:4A:95:5C:48:68:6C:E2:2E:63:66:45:99:DD:6A
X509v3 Authority Key Identifier:
keyid:4F:03:02:05:FA:36:5E:9F:49:FF:4E:A7:50:6D:F9:12:D5:ED:83:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TwMCBfo2Xp9J_06nUG35EtXtg2A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/3c8da5-a8e9-4a4f-8168-3ce611cb6799/1/NXEQx5J8SpVcSGhs4i5jZkWZ3Wo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/3c8da5-a8e9-4a4f-8168-3ce611cb6799/1/TwMCBfo2Xp9J_06nUG35EtXtg2A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.143.216.0/21
Signature Algorithm: sha256WithRSAEncryption
08:09:8a:96:30:35:fc:2a:1c:b1:89:e9:3e:26:7a:b7:59:d3:
a9:68:9f:88:78:f8:41:19:ae:e7:27:8b:75:a7:62:d2:7d:b7:
b8:c0:3d:ee:53:37:08:f5:b6:09:ff:e2:ae:fa:cb:96:f3:f6:
d1:04:55:a5:9c:ba:f6:79:18:0b:64:f8:8f:cb:a1:dc:f7:b3:
0d:a4:a2:93:33:fa:ed:b0:ae:8f:67:c5:1d:85:19:32:c4:07:
9c:7e:6d:3f:97:0b:75:52:87:72:e0:f1:7b:34:d4:b5:c7:97:
95:9e:a4:36:2c:3a:dc:8b:b6:22:55:50:dd:c3:00:80:a3:49:
48:84:0f:12:7e:b1:0e:ce:6a:c7:37:22:d6:04:37:1b:f7:19:
67:c4:c4:10:4e:bd:04:2d:1d:7e:e0:6e:c3:00:47:fa:59:19:
e4:92:38:75:17:79:be:bc:7d:fd:3e:ef:e4:66:f6:d9:d0:37:
f9:cc:57:b2:46:5f:d7:7f:4a:f3:5f:3e:e2:48:0b:98:47:97:
8d:23:3c:32:ee:b8:a3:a2:0d:f1:e6:32:e4:03:b9:14:6e:0f:
01:95:a1:19:7d:3a:ac:ad:63:f9:96:51:e8:db:b8:8f:5c:30:
00:44:f0:13:86:a2:14:41:2c:53:53:16:45:f7:1b:c4:ea:ec:
84:76:5f:32
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGuQNflNUxmum316cztQqoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMDMwMjA1ZmEzNjVlOWY0OWZmNGVhNzUwNmRmOTEyZDVl
ZDgzNjAwHhcNMjQwMTAxMjAzMTAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTcxMTBjNzkyN2M0YTk1NWM0ODY4NmNlMjJlNjM2NjQ1OTlkZDZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0H/n0TIPNaM/RQsrZbsvbl2HM+gg
Xp8mOqx88rBYx0xbm0r4AXK5FtdMBRSX+tRdHGpjQiqhbUuF0yR1ia5gjGq15o4h
c4BUvRiscmVhXyzl5ZmnRX3hPmIRECNLJK47W22sUXZm6GvlGIYfhjwVfFkvgh/m
Tpb33qnZUZsT/LALVJ6eyPViMAy75c7f6gXgkMs2hVwOaDMCxs7jrsFOIgUF2e5o
gMFqNXxWZGjCmQV+2eFmteOLJmyuGgKVSulmmt4qnV3+VlZ2Dx8VaPGYeoQwG13Y
ctkD77YYEQlZydSyciGqf+rxajgKtaFL2RPlL1sRjcLe5ck59+kgp3MKzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDVxEMeSfEqVXEhobOIuY2ZFmd1qMB8GA1UdIwQY
MBaAFE8DAgX6Nl6fSf9Op1Bt+RLV7YNgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHdNQ0JmbzJYcDlKXzA2blVHMzVFdFh0ZzJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS8zYzhkYTUtYThlOS00YTRmLTgxNjgt
M2NlNjExY2I2Nzk5LzEvTlhFUXg1SjhTcFZjU0doczRpNWpaa1daM1dvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS8zYzhkYTUtYThlOS00YTRmLTgxNjgtM2NlNjExY2I2Nzk5
LzEvVHdNQ0JmbzJYcDlKXzA2blVHMzVFdFh0ZzJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDXo/YMA0G
CSqGSIb3DQEBCwUAA4IBAQAICYqWMDX8Khyxiek+Jnq3WdOpaJ+IePhBGa7nJ4t1
p2LSfbe4wD3uUzcI9bYJ/+Ku+suW8/bRBFWlnLr2eRgLZPiPy6Hc97MNpKKTM/rt
sK6PZ8UdhRkyxAecfm0/lwt1Uody4PF7NNS1x5eVnqQ2LDrci7YiVVDdwwCAo0lI
hA8SfrEOzmrHNyLWBDcb9xlnxMQQTr0ELR1+4G7DAEf6WRnkkjh1F3m+vH39Pu/k
ZvbZ0Df5zFeyRl/Xf0rzXz7iSAuYR5eNIzwy7rijog3x5jLkA7kUbg8BlaEZfTqs
rWP5llHo27iPXDAARPAThqIUQSxTUxZF9xvE6uyEdl8y
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:21:56 2025 by rpki-client