Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/288416-a46e-49c3-9337-249ce0c312b3/1/nocAhMNCW6F2iP1M-F5ZZjEotrk.roa
File: nocAhMNCW6F2iP1M-F5ZZjEotrk.roa (raw, json)
Hash identifier: IUSiFxRdpEtI3QA8Xo2J3MoxQFQVK+dAqK3ItQcNTGk=
Subject key identifier: 9E:87:00:84:C3:42:5B:A1:76:88:FD:4C:F8:5E:59:66:31:28:B6:B9
Certificate issuer: /CN=bfaea358aeeeb7d0b9e0f93d23f67d29a7ec62c8
Certificate serial: 019427B3FED97F656349023868160A023719
Authority key identifier: BF:AE:A3:58:AE:EE:B7:D0:B9:E0:F9:3D:23:F6:7D:29:A7:EC:62:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v66jWK7ut9C54Pk9I_Z9KafsYsg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/288416-a46e-49c3-9337-249ce0c312b3/1/nocAhMNCW6F2iP1M-F5ZZjEotrk.roa
Signing time: Thu 02 Jan 2025 15:48:15 +0000
ROA not before: Thu 02 Jan 2025 15:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24685
IP address blocks: 146.19.54.0/24 maxlen: 32
Validation: Failed, certificate revoked on Wed 15 Jan 2025 13:36:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b3:fe:d9:7f:65:63:49:02:38:68:16:0a:02:37:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfaea358aeeeb7d0b9e0f93d23f67d29a7ec62c8
Validity
Not Before: Jan 2 15:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9e870084c3425ba17688fd4cf85e59663128b6b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:e0:e2:e7:2d:2e:eb:6e:89:69:39:fb:78:0b:
49:67:ce:bc:7c:cb:e0:1d:fa:ed:67:d2:1d:7f:f1:
f9:a9:f9:6d:1c:aa:52:bf:19:e3:66:ba:95:11:97:
e8:64:e5:7f:e2:82:86:77:be:9f:1d:7e:aa:4a:f6:
ab:3c:50:9d:80:fe:32:71:5e:df:cc:b0:69:2d:df:
47:45:db:69:00:5c:14:95:63:20:99:8b:66:96:6c:
7d:74:8b:fb:bd:7a:de:21:58:b0:c9:e6:df:d4:3a:
73:b1:c2:b2:0f:d2:c5:8e:fb:f2:1a:48:31:a3:2e:
d6:3a:f3:2b:30:8f:07:bc:40:25:84:47:14:ce:d4:
79:4e:56:22:24:a6:a2:ea:e2:44:71:5d:43:db:38:
5a:31:49:8f:21:55:d1:61:7e:f1:62:af:a8:50:18:
3e:de:e5:de:b7:17:d8:60:2f:b8:fe:e6:3f:e8:17:
94:ae:ee:d2:79:d1:78:34:22:f2:e9:47:f9:14:bb:
5b:55:d5:75:b4:a9:88:1d:50:c3:df:5c:b9:db:be:
f0:8a:6b:4a:57:ae:c1:e3:bf:0f:27:c6:20:11:6b:
48:f6:80:69:ce:29:6a:64:33:63:49:9b:95:4c:e4:
bc:1e:ef:3b:56:3e:03:6f:ec:2d:a9:76:9f:fc:df:
3b:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:87:00:84:C3:42:5B:A1:76:88:FD:4C:F8:5E:59:66:31:28:B6:B9
X509v3 Authority Key Identifier:
keyid:BF:AE:A3:58:AE:EE:B7:D0:B9:E0:F9:3D:23:F6:7D:29:A7:EC:62:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v66jWK7ut9C54Pk9I_Z9KafsYsg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/288416-a46e-49c3-9337-249ce0c312b3/1/nocAhMNCW6F2iP1M-F5ZZjEotrk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/288416-a46e-49c3-9337-249ce0c312b3/1/v66jWK7ut9C54Pk9I_Z9KafsYsg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.54.0/24
Signature Algorithm: sha256WithRSAEncryption
34:c9:97:c1:2a:b9:4a:e3:04:b4:df:c2:72:25:8e:0f:35:c9:
ae:32:f4:f1:94:77:b1:fb:58:61:d1:46:74:c0:1f:55:a6:15:
32:a4:51:73:91:d2:b7:31:ce:1b:7b:65:cf:4e:67:e6:43:93:
1e:29:75:17:c5:66:14:04:14:2b:ac:dd:59:6b:58:be:25:e6:
7a:48:5b:fb:af:ad:ee:b6:11:18:01:32:70:0d:ac:e1:b9:25:
ab:29:15:88:8d:f6:90:17:77:75:52:86:b2:51:bb:5a:bf:01:
a5:b6:43:b1:4a:ec:2a:2b:38:58:d2:ec:1b:a6:f5:ca:dc:41:
20:5f:bc:87:06:63:fe:4f:e7:c0:04:9a:7c:11:d8:e9:f2:60:
b5:9f:db:16:c8:9f:76:7a:f5:22:37:2d:73:cc:9d:d5:7f:e0:
39:e5:c9:7d:cf:2b:20:4d:3a:01:c8:b6:3c:8d:cc:54:77:67:
6c:31:57:b5:93:74:c6:bd:e0:e5:15:ff:f7:aa:24:2e:33:6d:
e6:07:79:e9:7b:8c:db:ef:d6:1b:cd:8a:93:9f:34:78:69:95:
c7:b9:95:6f:9f:8e:9c:ba:0d:f1:b3:b6:3c:a2:b5:0f:70:45:
20:b9:e2:fb:fd:98:d1:fd:b7:d1:40:6b:f8:1d:3d:95:d2:97:
77:4d:47:a1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQns/7Zf2VjSQI4aBYKAjcZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmYWVhMzU4YWVlZWI3ZDBiOWUwZjkzZDIzZjY3ZDI5YTdl
YzYyYzgwHhcNMjUwMTAyMTU0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTg3MDA4NGMzNDI1YmExNzY4OGZkNGNmODVlNTk2NjMxMjhiNmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqeDi5y0u626JaTn7eAtJZ868fMvg
HfrtZ9Idf/H5qfltHKpSvxnjZrqVEZfoZOV/4oKGd76fHX6qSvarPFCdgP4ycV7f
zLBpLd9HRdtpAFwUlWMgmYtmlmx9dIv7vXreIViwyebf1DpzscKyD9LFjvvyGkgx
oy7WOvMrMI8HvEAlhEcUztR5TlYiJKai6uJEcV1D2zhaMUmPIVXRYX7xYq+oUBg+
3uXetxfYYC+4/uY/6BeUru7SedF4NCLy6Uf5FLtbVdV1tKmIHVDD31y5277wimtK
V67B478PJ8YgEWtI9oBpzilqZDNjSZuVTOS8Hu87Vj4Db+wtqXaf/N87LwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ6HAITDQluhdoj9TPheWWYxKLa5MB8GA1UdIwQY
MBaAFL+uo1iu7rfQueD5PSP2fSmn7GLIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjY2aldLN3V0OUM1NFBrOUlfWjlLYWZzWXNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC8yODg0MTYtYTQ2ZS00OWMzLTkzMzct
MjQ5Y2UwYzMxMmIzLzEvbm9jQWhNTkNXNkYyaVAxTS1GNVpaakVvdHJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC8yODg0MTYtYTQ2ZS00OWMzLTkzMzctMjQ5Y2UwYzMxMmIz
LzEvdjY2aldLN3V0OUM1NFBrOUlfWjlLYWZzWXNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkhM2MA0G
CSqGSIb3DQEBCwUAA4IBAQA0yZfBKrlK4wS038JyJY4PNcmuMvTxlHex+1hh0UZ0
wB9VphUypFFzkdK3Mc4be2XPTmfmQ5MeKXUXxWYUBBQrrN1Za1i+JeZ6SFv7r63u
thEYATJwDazhuSWrKRWIjfaQF3d1UoayUbtavwGltkOxSuwqKzhY0uwbpvXK3EEg
X7yHBmP+T+fABJp8Edjp8mC1n9sWyJ92evUiNy1zzJ3Vf+A55cl9zysgTToByLY8
jcxUd2dsMVe1k3TGveDlFf/3qiQuM23mB3npe4zb79YbzYqTnzR4aZXHuZVvn46c
ug3xs7Y8orUPcEUgueL7/ZjR/bfRQGv4HT2V0pd3TUeh
-----END CERTIFICATE-----
Generated at Sun Jun 8 02:46:57 2025 by rpki-client