Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/4ba5ff-562e-4354-9600-f762929f1f08/1/N5LrPqOvg76OG_hYaXerBvCcuuM.roa
File: N5LrPqOvg76OG_hYaXerBvCcuuM.roa (raw, json)
Hash identifier: hCRkbgJDNJRwUgUTxta1NtVvQnxgGv7m0Lrro3nbptg=
Subject key identifier: 37:92:EB:3E:A3:AF:83:BE:8E:1B:F8:58:69:77:AB:06:F0:9C:BA:E3
Certificate issuer: /CN=80fab550d827a2def0d4d2616061425c2f694c84
Certificate serial: 0195D31789AD985AB10BD9634674AF6F17F2
Authority key identifier: 80:FA:B5:50:D8:27:A2:DE:F0:D4:D2:61:60:61:42:5C:2F:69:4C:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gPq1UNgnot7w1NJhYGFCXC9pTIQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/4ba5ff-562e-4354-9600-f762929f1f08/1/N5LrPqOvg76OG_hYaXerBvCcuuM.roa
Signing time: Wed 26 Mar 2025 15:34:49 +0000
ROA not before: Wed 26 Mar 2025 15:34:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13335
IP address blocks: 46.255.29.0/24 maxlen: 24
2a13:bb87::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 31 Mar 2025 19:02:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:d3:17:89:ad:98:5a:b1:0b:d9:63:46:74:af:6f:17:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=80fab550d827a2def0d4d2616061425c2f694c84
Validity
Not Before: Mar 26 15:34:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3792eb3ea3af83be8e1bf8586977ab06f09cbae3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:b2:04:b2:08:a0:b3:97:de:5e:28:6b:54:e8:
cb:67:20:b8:c9:26:26:da:5c:d8:63:a0:8a:06:23:
91:03:a1:d7:89:c2:01:94:0a:cd:1a:5a:7a:76:3e:
a7:7a:cb:9b:f7:94:c8:81:36:4e:31:38:e3:b6:63:
74:0a:fe:94:c3:44:ec:e5:5b:89:b1:f7:da:e5:41:
a1:71:5a:1e:1c:06:05:3b:32:0c:96:89:56:f3:75:
a9:ae:51:89:c2:72:9f:c0:da:50:84:b2:3a:aa:a5:
9d:3e:04:30:c5:c2:23:90:ba:9c:32:d5:56:c3:e4:
e1:2d:be:6a:4b:a9:12:e4:5d:a4:bf:ed:d7:8b:7d:
ae:28:0a:ca:c5:9d:60:93:9d:36:fc:5a:c8:f3:64:
3b:92:b0:a8:ed:0d:5c:c0:fb:f1:e8:40:86:81:65:
19:e1:65:59:e1:7e:6e:bb:7f:a2:c2:c1:07:37:b9:
c3:46:f4:4b:64:fd:b1:77:3f:9e:4f:c7:ae:a1:3c:
87:c0:20:9e:11:43:b3:b4:b1:d6:65:e7:1b:99:94:
a1:eb:f2:cd:90:03:49:15:90:7c:c9:d2:27:89:e0:
f9:80:12:e0:1c:0d:55:e9:43:7a:1f:a1:7e:c4:60:
b5:d5:a3:0a:c6:e6:d7:6b:c6:7f:0a:35:b8:80:4a:
c8:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:92:EB:3E:A3:AF:83:BE:8E:1B:F8:58:69:77:AB:06:F0:9C:BA:E3
X509v3 Authority Key Identifier:
keyid:80:FA:B5:50:D8:27:A2:DE:F0:D4:D2:61:60:61:42:5C:2F:69:4C:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gPq1UNgnot7w1NJhYGFCXC9pTIQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/4ba5ff-562e-4354-9600-f762929f1f08/1/N5LrPqOvg76OG_hYaXerBvCcuuM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/4ba5ff-562e-4354-9600-f762929f1f08/1/gPq1UNgnot7w1NJhYGFCXC9pTIQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.255.29.0/24
IPv6:
2a13:bb87::/48
Signature Algorithm: sha256WithRSAEncryption
31:70:2e:ea:bd:82:9d:5f:0f:af:50:f1:39:75:e3:da:83:10:
b8:9e:c5:27:78:46:71:db:b8:bf:f8:e0:33:6f:fe:6b:5d:c6:
3e:ad:1f:41:7a:3a:28:2f:7e:6a:6c:e7:91:c1:4b:54:7b:4c:
fe:e1:dc:71:38:fc:18:c0:c7:3f:ae:34:74:6f:b0:f8:f0:fc:
e8:b7:69:14:0e:0d:d9:b1:8d:67:93:63:db:17:1f:e9:68:dc:
b2:20:85:52:be:af:dc:80:8d:76:0b:a4:94:cd:61:46:2c:a7:
b8:03:60:2b:32:56:e2:f7:b8:64:8b:df:9c:28:41:9a:75:62:
ce:8f:28:1e:84:70:98:ce:8f:95:3e:bf:20:46:5f:6b:87:c9:
59:2c:c3:5e:b2:cc:a2:c6:a0:4b:9b:cb:5e:04:66:9f:e0:12:
4b:1e:39:c5:d6:f7:41:f2:88:01:aa:34:e2:81:ca:cb:0f:d7:
c5:fe:32:d8:1c:19:7a:53:8a:44:ae:99:15:8c:37:5e:78:cf:
76:60:ee:f9:4a:52:bf:9f:91:ec:25:eb:46:ba:40:bf:af:f1:
86:38:e5:d0:bf:0d:d5:82:8c:f5:4a:c7:dd:da:ec:15:90:ec:
59:d1:a5:2f:0c:09:63:96:cb:75:11:16:0e:05:ff:4a:1c:c3:
99:7d:56:bd
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZXTF4mtmFqxC9ljRnSvbxfyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwZmFiNTUwZDgyN2EyZGVmMGQ0ZDI2MTYwNjE0MjVjMmY2
OTRjODQwHhcNMjUwMzI2MTUzNDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzkyZWIzZWEzYWY4M2JlOGUxYmY4NTg2OTc3YWIwNmYwOWNiYWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo7IEsgigs5feXihrVOjLZyC4ySYm
2lzYY6CKBiORA6HXicIBlArNGlp6dj6nesub95TIgTZOMTjjtmN0Cv6Uw0Ts5VuJ
sffa5UGhcVoeHAYFOzIMlolW83WprlGJwnKfwNpQhLI6qqWdPgQwxcIjkLqcMtVW
w+ThLb5qS6kS5F2kv+3Xi32uKArKxZ1gk502/FrI82Q7krCo7Q1cwPvx6ECGgWUZ
4WVZ4X5uu3+iwsEHN7nDRvRLZP2xdz+eT8euoTyHwCCeEUOztLHWZecbmZSh6/LN
kANJFZB8ydInieD5gBLgHA1V6UN6H6F+xGC11aMKxubXa8Z/CjW4gErI/QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDeS6z6jr4O+jhv4WGl3qwbwnLrjMB8GA1UdIwQY
MBaAFID6tVDYJ6Le8NTSYWBhQlwvaUyEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1BxMVVOZ25vdDd3MU5KaFlHRkNYQzlwVElRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS80YmE1ZmYtNTYyZS00MzU0LTk2MDAt
Zjc2MjkyOWYxZjA4LzEvTjVMclBxT3ZnNzZPR19oWWFYZXJCdkNjdXVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS80YmE1ZmYtNTYyZS00MzU0LTk2MDAtZjc2MjkyOWYxZjA4
LzEvZ1BxMVVOZ25vdDd3MU5KaFlHRkNYQzlwVElRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQALv8dMA8E
AgACMAkDBwAqE7uHAAAwDQYJKoZIhvcNAQELBQADggEBADFwLuq9gp1fD69Q8Tl1
49qDELiexSd4RnHbuL/44DNv/mtdxj6tH0F6Oigvfmps55HBS1R7TP7h3HE4/BjA
xz+uNHRvsPjw/Oi3aRQODdmxjWeTY9sXH+lo3LIghVK+r9yAjXYLpJTNYUYsp7gD
YCsyVuL3uGSL35woQZp1Ys6PKB6EcJjOj5U+vyBGX2uHyVksw16yzKLGoEuby14E
Zp/gEkseOcXW90HyiAGqNOKByssP18X+MtgcGXpTikSumRWMN154z3Zg7vlKUr+f
kewl60a6QL+v8YY45dC/DdWCjPVKx93a7BWQ7FnRpS8MCWOWy3URFg4F/0ocw5l9
Vr0=
-----END CERTIFICATE-----
Generated at Wed Apr 9 00:55:19 2025 by rpki-client