Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/NQ48Lotixig6Z54DZgAgIOSDl1A.roa
File: NQ48Lotixig6Z54DZgAgIOSDl1A.roa (raw, json)
Hash identifier: nk8RHrOR+XI9GbO3mVAdrVLw5Aq4iYKNRqWb4ZZekxs=
Subject key identifier: 35:0E:3C:2E:8B:62:C6:28:3A:67:9E:03:66:00:20:20:E4:83:97:50
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0195A9BA8C406B7E75E881AFC3C9B5B0A6D8
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/NQ48Lotixig6Z54DZgAgIOSDl1A.roa
Signing time: Tue 18 Mar 2025 14:48:49 +0000
ROA not before: Tue 18 Mar 2025 14:48:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 54852
IP address blocks: 2a0f:1fc0::/29 maxlen: 29
2a0f:e600::/29 maxlen: 29
2a10:7100::/29 maxlen: 29
2a11:3f80::/29 maxlen: 29
2a11:4e80::/29 maxlen: 29
2a13:8f00::/29 maxlen: 29
2a13:c500::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 19 Mar 2025 15:19:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a9:ba:8c:40:6b:7e:75:e8:81:af:c3:c9:b5:b0:a6:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Mar 18 14:48:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=350e3c2e8b62c6283a679e0366002020e4839750
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:53:7f:44:07:ad:09:76:f3:0c:0b:37:d7:1d:
b4:e3:bb:71:7d:4c:5b:69:f9:be:d1:1f:c8:59:9e:
3c:58:0d:3c:23:a3:31:3a:45:f5:22:64:82:d1:10:
45:95:bc:f6:a7:6c:89:96:d3:8a:e3:66:c8:3c:24:
6f:af:16:0e:5e:bc:65:82:32:1a:c7:41:2e:ac:a0:
a8:8e:f7:aa:72:50:18:5e:d5:60:cd:ef:96:cf:c2:
5b:d9:5d:31:4b:7f:b3:58:34:72:cc:f3:ce:2b:0b:
4b:84:d5:d4:39:ed:19:23:bd:68:f9:21:bf:9e:63:
92:f8:62:88:c0:0c:ea:4f:97:9f:51:3f:bf:10:4b:
50:cb:1a:9b:59:dd:aa:79:6d:79:81:17:23:38:63:
be:91:b6:37:b4:af:d5:42:de:ab:ab:b2:fb:b6:cd:
75:45:72:10:9f:e4:c5:cb:d8:a9:d8:e2:94:71:33:
ca:c6:c2:d0:c3:70:77:1a:10:a6:d6:7d:80:40:68:
9d:93:81:ef:41:c8:2d:4a:d8:b5:b1:a7:82:8c:76:
f5:35:66:58:46:e0:a5:6e:6c:df:bb:44:f9:01:ff:
ad:18:cf:07:cb:84:05:3a:88:7f:a2:d5:3e:49:e7:
4a:7e:3b:00:a4:4c:71:76:74:f6:8b:fb:18:a7:62:
24:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:0E:3C:2E:8B:62:C6:28:3A:67:9E:03:66:00:20:20:E4:83:97:50
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/NQ48Lotixig6Z54DZgAgIOSDl1A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1fc0::/29
2a0f:e600::/29
2a10:7100::/29
2a11:3f80::/29
2a11:4e80::/29
2a13:8f00::/29
2a13:c500::/29
Signature Algorithm: sha256WithRSAEncryption
32:cd:4a:37:20:7d:3e:01:73:01:34:bc:4a:a9:19:8e:65:3e:
9d:f0:a9:3d:a2:1c:08:98:95:e3:ce:60:f6:f3:33:ca:22:b5:
df:21:8d:b1:b0:eb:6b:17:14:32:95:50:f4:a7:a2:a3:bd:a3:
c8:c2:c0:6b:8a:74:82:79:2f:46:6b:c3:6a:08:c4:21:ae:df:
8d:ab:a6:c4:41:1f:10:cc:c5:58:bf:54:b8:d4:ff:6c:01:54:
d9:d6:5c:d6:70:73:db:9a:a7:2f:fc:29:aa:2a:7d:a2:e2:d4:
04:a5:8e:e3:db:3d:a1:03:f6:62:33:59:cc:e8:88:2b:d5:29:
9b:87:98:6f:ed:45:8a:4c:23:f0:88:bc:83:15:b8:4c:c1:8e:
d7:5d:e9:4d:c5:b9:af:b2:e2:93:1c:d7:ba:dd:d0:22:0c:82:
f5:c8:be:01:78:13:f5:04:50:53:be:c3:bc:a9:ba:91:ff:7d:
eb:75:70:61:5c:ad:4d:bf:57:51:cf:8a:80:5a:1e:48:6c:9a:
43:3e:e6:04:78:33:f8:f8:43:7c:01:1f:4e:14:c0:e3:fb:34:
e4:86:95:dc:14:50:55:47:93:43:9a:6b:0b:a1:1c:94:0a:ed:
63:3a:04:42:4a:7e:af:17:2b:fc:0d:7c:d6:e7:b3:84:a3:20:
c2:e2:3c:4c
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAZWpuoxAa3516IGvw8m1sKbYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwMzE4MTQ0ODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTBlM2MyZThiNjJjNjI4M2E2NzllMDM2NjAwMjAyMGU0ODM5NzUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm1N/RAetCXbzDAs31x2047txfUxb
afm+0R/IWZ48WA08I6MxOkX1ImSC0RBFlbz2p2yJltOK42bIPCRvrxYOXrxlgjIa
x0EurKCojveqclAYXtVgze+Wz8Jb2V0xS3+zWDRyzPPOKwtLhNXUOe0ZI71o+SG/
nmOS+GKIwAzqT5efUT+/EEtQyxqbWd2qeW15gRcjOGO+kbY3tK/VQt6rq7L7ts11
RXIQn+TFy9ip2OKUcTPKxsLQw3B3GhCm1n2AQGidk4HvQcgtSti1saeCjHb1NWZY
RuClbmzfu0T5Af+tGM8Hy4QFOoh/otU+SedKfjsApExxdnT2i/sYp2IkNQIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFDUOPC6LYsYoOmeeA2YAICDkg5dQMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvTlE0OExvdGl4aWc2WjU0RFpnQWdJT1NEbDFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTA3BAIAAjAxAwUDKg8fwAMF
AyoP5gADBQMqEHEAAwUDKhE/gAMFAyoRToADBQMqE48AAwUDKhPFADANBgkqhkiG
9w0BAQsFAAOCAQEAMs1KNyB9PgFzATS8SqkZjmU+nfCpPaIcCJiV485g9vMzyiK1
3yGNsbDraxcUMpVQ9Keio72jyMLAa4p0gnkvRmvDagjEIa7fjaumxEEfEMzFWL9U
uNT/bAFU2dZc1nBz25qnL/wpqip9ouLUBKWO49s9oQP2YjNZzOiIK9Upm4eYb+1F
ikwj8Ii8gxW4TMGO113pTcW5r7LikxzXut3QIgyC9ci+AXgT9QRQU77DvKm6kf99
63VwYVytTb9XUc+KgFoeSGyaQz7mBHgz+PhDfAEfThTA4/s05IaV3BRQVUeTQ5pr
C6EclArtYzoEQkp+rxcr/A181uezhKMgwuI8TA==
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:14:53 2025 by rpki-client