Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/NB2eCetZ3ijIQCte4yxOimE5LYU.roa
File: NB2eCetZ3ijIQCte4yxOimE5LYU.roa (raw, json)
Hash identifier: FTkF2QqCHBLYV6U9y6NqbNxo3GhuzrbSINy8i+bAitc=
Subject key identifier: 34:1D:9E:09:EB:59:DE:28:C8:40:2B:5E:E3:2C:4E:8A:61:39:2D:85
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01956C83EC98E8F188FC7F691C9333B7E0DD
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/NB2eCetZ3ijIQCte4yxOimE5LYU.roa
Signing time: Thu 06 Mar 2025 17:32:19 +0000
ROA not before: Thu 06 Mar 2025 17:32:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214734
IP address blocks: 2a0f:1440::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 13 Mar 2025 16:06:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:6c:83:ec:98:e8:f1:88:fc:7f:69:1c:93:33:b7:e0:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Mar 6 17:32:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=341d9e09eb59de28c8402b5ee32c4e8a61392d85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:a6:30:a1:aa:95:91:fe:91:3f:26:2e:ad:c7:
10:b5:e6:81:da:67:4c:63:5c:6f:3e:fc:7d:80:6e:
64:9a:fd:1d:a5:e6:ef:c6:70:7a:73:fe:df:35:67:
3c:0b:14:42:e9:1a:80:18:a5:c4:fe:e6:67:b6:34:
30:ea:74:f4:ae:2b:f5:a9:46:fd:22:07:54:d4:0c:
27:0b:69:dc:5b:a9:37:e0:74:a5:20:48:71:2f:2e:
fd:0d:0b:7c:28:1d:0d:7d:4f:08:7a:05:75:c0:3b:
58:f2:a0:fe:f1:47:d1:2c:40:79:63:5b:e7:fa:01:
9a:eb:db:28:56:70:5e:db:b3:29:a7:69:67:6d:70:
39:6e:72:84:87:e0:0e:cb:a6:d7:50:d3:01:2b:db:
c5:b5:b9:e6:3a:a1:91:3d:1c:a7:1e:32:52:3c:ed:
b0:79:a5:5a:f5:85:74:50:70:57:ea:cb:75:5e:1d:
22:5a:05:f7:39:3d:5c:34:51:88:83:ad:2a:7b:ea:
45:9d:94:45:26:59:3d:c1:3c:da:00:98:7e:6b:8b:
a7:5d:42:9f:3a:83:63:12:46:74:04:54:18:30:12:
7e:0a:f6:02:69:e1:05:1d:7d:61:bd:69:43:77:64:
eb:70:44:e2:e1:7d:61:99:27:5f:79:6e:b1:07:4d:
08:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:1D:9E:09:EB:59:DE:28:C8:40:2B:5E:E3:2C:4E:8A:61:39:2D:85
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/NB2eCetZ3ijIQCte4yxOimE5LYU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1440::/29
Signature Algorithm: sha256WithRSAEncryption
90:ec:1d:ff:9e:18:03:78:ce:3e:a1:9c:e0:1f:19:99:4f:c2:
8c:c4:e3:3a:73:4f:a1:70:c4:47:fd:ab:a8:b9:5d:00:ff:70:
ee:55:8e:e0:bd:4e:b4:ef:45:10:30:49:43:48:34:46:5e:73:
19:16:30:1f:5a:3e:56:bd:c5:45:c5:c2:be:d6:06:2d:ba:da:
42:c9:62:78:96:14:a4:8f:3b:6b:8d:fd:aa:1b:c8:c6:03:ff:
1d:81:ff:a4:f1:29:0b:1c:d0:62:6c:55:5d:bc:50:c5:03:46:
12:00:97:76:70:75:a2:de:42:f4:e9:c4:12:4e:23:1c:9c:a7:
58:2b:fe:fb:07:42:25:af:d8:dc:e7:34:64:c6:71:d7:b6:7f:
a2:03:8a:a8:e4:31:29:e7:ef:8e:32:91:86:14:5b:f4:b1:36:
fe:73:97:8b:10:0a:fd:9a:da:1c:21:95:d5:ff:b1:f4:89:8d:
77:4f:fa:1f:84:5e:0b:55:aa:13:a4:3b:ed:34:95:7a:1a:e7:
90:e3:eb:a1:53:99:af:f3:41:16:31:4d:76:ee:e6:3c:07:bd:
37:a1:8b:22:b8:c1:52:54:5d:5d:fa:63:d6:2a:bc:bd:ee:7d:
52:3f:b6:60:34:28:c3:7c:73:67:e6:13:c9:be:e6:22:79:2a:
0a:06:a5:ba
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZVsg+yY6PGI/H9pHJMzt+DdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwMzA2MTczMjE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDFkOWUwOWViNTlkZTI4Yzg0MDJiNWVlMzJjNGU4YTYxMzkyZDg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu6YwoaqVkf6RPyYurccQteaB2mdM
Y1xvPvx9gG5kmv0dpebvxnB6c/7fNWc8CxRC6RqAGKXE/uZntjQw6nT0riv1qUb9
IgdU1AwnC2ncW6k34HSlIEhxLy79DQt8KB0NfU8IegV1wDtY8qD+8UfRLEB5Y1vn
+gGa69soVnBe27Mpp2lnbXA5bnKEh+AOy6bXUNMBK9vFtbnmOqGRPRynHjJSPO2w
eaVa9YV0UHBX6st1Xh0iWgX3OT1cNFGIg60qe+pFnZRFJlk9wTzaAJh+a4unXUKf
OoNjEkZ0BFQYMBJ+CvYCaeEFHX1hvWlDd2TrcETi4X1hmSdfeW6xB00I6wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDQdngnrWd4oyEArXuMsTophOS2FMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvTkIyZUNldFozaWpJUUN0ZTR5eE9pbUU1TFlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg8UQDAN
BgkqhkiG9w0BAQsFAAOCAQEAkOwd/54YA3jOPqGc4B8ZmU/CjMTjOnNPoXDER/2r
qLldAP9w7lWO4L1OtO9FEDBJQ0g0Rl5zGRYwH1o+Vr3FRcXCvtYGLbraQslieJYU
pI87a439qhvIxgP/HYH/pPEpCxzQYmxVXbxQxQNGEgCXdnB1ot5C9OnEEk4jHJyn
WCv++wdCJa/Y3Oc0ZMZx17Z/ogOKqOQxKefvjjKRhhRb9LE2/nOXixAK/ZraHCGV
1f+x9ImNd0/6H4ReC1WqE6Q77TSVehrnkOProVOZr/NBFjFNdu7mPAe9N6GLIrjB
UlRdXfpj1iq8ve59Uj+2YDQow3xzZ+YTyb7mInkqCgalug==
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:04:58 2025 by rpki-client