Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/NXGES9zupLS-ex45HYFojoyQDVo.roa
File: NXGES9zupLS-ex45HYFojoyQDVo.roa (raw, json)
Hash identifier: D46dZx334N+wyKID0h3HewvIfa3+xTr4/gAYBdCJko4=
Subject key identifier: 35:71:84:4B:DC:EE:A4:B4:BE:7B:1E:39:1D:81:68:8E:8C:90:0D:5A
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 0196F40D4B5F2FC27239D7AAD7AF6296E509
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/NXGES9zupLS-ex45HYFojoyQDVo.roa
Signing time: Wed 21 May 2025 18:13:54 +0000
ROA not before: Wed 21 May 2025 18:13:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:ed5d:8c28/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 21 May 2025 20:04:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f4:0d:4b:5f:2f:c2:72:39:d7:aa:d7:af:62:96:e5:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 21 18:13:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3571844bdceea4b4be7b1e391d81688e8c900d5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:f7:b4:fc:6b:d2:c2:06:47:c1:df:7d:25:88:
10:f3:ad:ad:29:b1:f8:76:c1:61:fa:11:de:93:de:
92:2c:a6:d4:fe:d9:89:39:7a:02:9a:e5:e9:66:91:
22:bc:5d:3e:2a:aa:3d:5d:e6:be:7c:a4:63:ba:8a:
59:49:de:05:23:7e:f3:78:a5:f8:b9:c6:2e:d5:17:
7d:88:a2:65:da:1b:81:56:9c:28:6a:12:b6:f5:ff:
a2:91:bc:54:e9:fe:c5:eb:2d:65:f1:45:81:0a:38:
f9:ab:01:1d:08:56:99:69:91:37:60:3f:1a:0e:80:
b6:d3:c2:4e:18:e1:86:0d:b6:82:a4:f4:da:63:bc:
b2:61:45:6c:a3:80:33:b4:f0:c3:4b:b4:bf:25:82:
dc:97:b3:74:ca:21:0e:91:66:6f:0f:93:87:9d:c7:
b2:bc:bb:44:fb:69:92:93:fe:2f:a6:95:3c:84:2e:
8f:af:8e:07:eb:bc:cd:6f:c3:e3:5b:75:88:b7:f2:
fc:54:a1:b3:9d:61:69:25:16:3c:59:5e:8c:e5:97:
80:63:fb:8a:b5:77:e2:dc:7a:57:cc:bb:97:66:72:
62:be:ba:cb:e7:1d:92:c9:9a:f8:6d:cc:40:9f:2e:
38:a5:3b:eb:af:6a:f5:1c:f2:28:59:b4:0f:57:40:
68:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:71:84:4B:DC:EE:A4:B4:BE:7B:1E:39:1D:81:68:8E:8C:90:0D:5A
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/NXGES9zupLS-ex45HYFojoyQDVo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:ed5d:8c28/128
Signature Algorithm: sha256WithRSAEncryption
7b:ae:18:1d:fc:f0:a9:7d:61:af:16:8d:80:ff:22:ac:17:82:
19:b7:60:8a:0d:d7:a7:e4:6f:b4:ae:e9:f5:66:f7:8c:1d:d6:
67:cf:9b:75:88:60:cb:94:d4:7f:12:14:1c:93:6c:fd:7e:0f:
d5:d6:02:ca:bc:d5:e0:1e:f1:6a:aa:f2:80:21:21:ba:11:9a:
44:54:11:d7:c7:ff:b0:57:bf:70:70:24:64:02:52:f7:2c:8e:
06:c2:15:8e:bc:1b:32:75:f4:b9:7f:27:86:ea:a8:e3:06:2e:
24:e0:04:cf:ec:94:ed:55:5c:d8:88:ee:2e:bf:45:25:3d:3b:
e3:b5:05:c9:cc:eb:93:7b:d0:3a:65:bc:bd:58:cc:62:e3:d0:
5a:61:5d:3d:5f:14:3c:84:94:53:80:29:dd:eb:7f:04:ff:b1:
04:c2:32:75:05:d5:41:33:7a:27:73:83:9a:a1:fe:78:22:1b:
ed:ac:40:9c:04:4c:8a:8f:35:00:3d:46:30:5c:d3:f4:40:74:
95:a1:3a:19:f9:92:cf:53:58:ed:0f:5a:67:1e:1a:ed:6a:a7:
6f:11:db:80:27:e3:17:c2:33:df:98:a4:29:57:a0:55:62:34:
90:9a:df:5f:82:59:b5:81:1e:74:bc:78:a7:c3:2b:80:29:9a:
05:fc:bb:4b
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZb0DUtfL8JyOdeq169iluUJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTIxMTgxMzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTcxODQ0YmRjZWVhNGI0YmU3YjFlMzkxZDgxNjg4ZThjOTAwZDVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmve0/GvSwgZHwd99JYgQ862tKbH4
dsFh+hHek96SLKbU/tmJOXoCmuXpZpEivF0+Kqo9Xea+fKRjuopZSd4FI37zeKX4
ucYu1Rd9iKJl2huBVpwoahK29f+ikbxU6f7F6y1l8UWBCjj5qwEdCFaZaZE3YD8a
DoC208JOGOGGDbaCpPTaY7yyYUVso4AztPDDS7S/JYLcl7N0yiEOkWZvD5OHncey
vLtE+2mSk/4vppU8hC6Pr44H67zNb8PjW3WIt/L8VKGznWFpJRY8WV6M5ZeAY/uK
tXfi3HpXzLuXZnJivrrL5x2SyZr4bcxAny44pTvrr2r1HPIoWbQPV0BoRwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFDVxhEvc7qS0vnseOR2BaI6MkA1aMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvTlhHRVM5enVwTFMtZXg0NUhZRm9qb3lRRFZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGW7V2MKDANBgkqhkiG9w0BAQsFAAOCAQEAe64YHfzwqX1hrxaNgP8irBeC
Gbdgig3Xp+RvtK7p9Wb3jB3WZ8+bdYhgy5TUfxIUHJNs/X4P1dYCyrzV4B7xaqry
gCEhuhGaRFQR18f/sFe/cHAkZAJS9yyOBsIVjrwbMnX0uX8nhuqo4wYuJOAEz+yU
7VVc2IjuLr9FJT0747UFyczrk3vQOmW8vVjMYuPQWmFdPV8UPISUU4Ap3et/BP+x
BMIydQXVQTN6J3ODmqH+eCIb7axAnARMio81AD1GMFzT9EB0laE6GfmSz1NY7Q9a
Zx4a7WqnbxHbgCfjF8Iz35ikKVegVWI0kJrfX4JZtYEedLx4p8MrgCmaBfy7Sw==
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:49:41 2025 by rpki-client