Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/NqoAUCjLfn-V5QA--sgB2omYi0k.roa
File: NqoAUCjLfn-V5QA--sgB2omYi0k.roa (raw, json)
Hash identifier: AAg0PK9ZTeF9crlEuPpcizNKDjV61rZ1NY+jslZaEvA=
Subject key identifier: 36:AA:00:50:28:CB:7E:7F:95:E5:00:3E:FA:C8:01:DA:89:98:8B:49
Certificate issuer: /CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Certificate serial: 0196C5065C0DF84D052A0E88F5F557610102
Authority key identifier: 7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/NqoAUCjLfn-V5QA--sgB2omYi0k.roa
Signing time: Mon 12 May 2025 15:04:10 +0000
ROA not before: Mon 12 May 2025 15:04:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:196:c506:3e41/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 12 May 2025 15:12:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c5:06:5c:0d:f8:4d:05:2a:0e:88:f5:f5:57:61:01:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acd817f25893e7f88b3f3affa9152c66d6b6702
Validity
Not Before: May 12 15:04:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=36aa005028cb7e7f95e5003efac801da89988b49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:bf:be:76:3c:0b:fd:35:82:29:ab:74:e9:a5:
60:70:a1:08:63:54:4d:f6:61:33:be:c5:8e:e9:91:
bc:3c:01:ed:1b:fc:61:64:dc:4d:44:f0:5d:cc:c7:
1b:07:bb:a4:b9:6b:60:7f:0b:99:40:bd:b1:6a:bd:
96:c8:a1:97:75:f0:10:cb:b9:c5:26:08:fc:7b:58:
68:33:34:d4:48:65:e0:14:16:c5:0a:79:b8:5d:37:
de:4e:54:00:3f:a1:7d:a1:86:f1:e8:b7:58:b0:b5:
4f:5a:ae:36:83:cb:2e:85:08:a2:74:60:9d:dd:bf:
11:83:fb:20:66:8d:a6:76:c7:07:46:ed:4c:a6:5a:
66:fd:f5:cb:e1:0d:da:ab:cf:15:4b:f5:65:8e:c6:
89:b4:fc:67:f4:c2:90:1a:b1:84:34:5e:2a:68:ec:
6c:43:46:8f:d3:3d:f0:d7:c0:a8:17:05:9a:2c:72:
01:80:52:98:e2:63:ea:d8:ae:fe:4f:fa:70:83:78:
47:de:bc:90:2d:2c:5b:59:3c:b5:17:e2:d8:58:f7:
85:b1:71:c6:63:d8:7e:95:25:ce:14:22:10:df:2b:
a3:9e:86:df:dc:74:3c:2c:2b:4d:81:ca:d1:09:bf:
98:5a:a8:19:3b:cc:04:41:01:07:ea:49:70:70:b6:
95:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:AA:00:50:28:CB:7E:7F:95:E5:00:3E:FA:C8:01:DA:89:98:8B:49
X509v3 Authority Key Identifier:
keyid:7A:CD:81:7F:25:89:3E:7F:88:B3:F3:AF:FA:91:52:C6:6D:6B:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es2BfyWJPn-Is_Ov-pFSxm1rZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/NqoAUCjLfn-V5QA--sgB2omYi0k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/c56a1e-326d-4c67-a0b2-90eb95109d89/1/es2BfyWJPn-Is_Ov-pFSxm1rZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:196:c506:3e41/128
Signature Algorithm: sha256WithRSAEncryption
0a:10:93:a4:b1:93:97:ea:fe:83:cc:13:df:00:1e:96:f6:08:
ea:e2:63:02:c7:39:7c:7b:05:00:39:a3:84:1b:a2:6e:55:16:
53:b2:17:18:7f:f0:f7:e9:65:e7:4a:29:d1:61:08:cb:11:28:
cc:82:14:a6:fe:4d:ae:7e:87:30:09:6b:a3:98:ba:f2:b6:87:
ca:bf:69:d1:cf:e3:d1:bf:a2:e2:38:c1:12:dd:32:ac:54:31:
f6:a0:77:30:f6:24:e1:63:70:90:2f:41:f1:12:37:9f:16:b4:
76:96:c1:fa:e4:20:0d:b3:6b:56:6a:e9:8f:d5:88:11:ac:9a:
76:ab:73:fc:49:6c:21:b2:d3:02:6c:81:53:0f:ec:3f:50:01:
95:00:2f:be:3d:d2:10:41:1e:53:23:c7:99:8c:f3:b5:53:5f:
dc:c2:c4:e2:b9:2c:0b:05:7a:54:6e:1b:e3:70:fb:d2:f6:eb:
6a:a8:4c:7f:bf:71:c3:42:6a:30:6e:2a:42:31:5e:5c:52:dd:
55:c2:7e:45:99:68:b7:5e:5b:30:3e:1e:d0:11:55:7d:a2:0a:
0e:13:a4:35:13:a6:27:da:a3:e8:10:d7:33:1b:07:ad:6b:68:
1a:ab:0f:1e:9c:00:ad:a9:21:ca:b2:4c:f6:31:72:4b:4c:23:
82:28:c1:b6
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZbFBlwN+E0FKg6I9fVXYQECMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2Q4MTdmMjU4OTNlN2Y4OGIzZjNhZmZhOTE1MmM2NmQ2
YjY3MDIwHhcNMjUwNTEyMTUwNDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmFhMDA1MDI4Y2I3ZTdmOTVlNTAwM2VmYWM4MDFkYTg5OTg4YjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArL++djwL/TWCKat06aVgcKEIY1RN
9mEzvsWO6ZG8PAHtG/xhZNxNRPBdzMcbB7ukuWtgfwuZQL2xar2WyKGXdfAQy7nF
Jgj8e1hoMzTUSGXgFBbFCnm4XTfeTlQAP6F9oYbx6LdYsLVPWq42g8suhQiidGCd
3b8Rg/sgZo2mdscHRu1Mplpm/fXL4Q3aq88VS/VljsaJtPxn9MKQGrGENF4qaOxs
Q0aP0z3w18CoFwWaLHIBgFKY4mPq2K7+T/pwg3hH3ryQLSxbWTy1F+LYWPeFsXHG
Y9h+lSXOFCIQ3yujnobf3HQ8LCtNgcrRCb+YWqgZO8wEQQEH6klwcLaV5wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFDaqAFAoy35/leUAPvrIAdqJmItJMB8GA1UdIwQY
MBaAFHrNgX8liT5/iLPzr/qRUsZta2cCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjIt
OTBlYjk1MTA5ZDg5LzEvTnFvQVVDakxmbi1WNVFBLS1zZ0Iyb21ZaTBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9jNTZhMWUtMzI2ZC00YzY3LWEwYjItOTBlYjk1MTA5ZDg5
LzEvZXMyQmZ5V0pQbi1Jc19Pdi1wRlN4bTFyWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGWxQY+QTANBgkqhkiG9w0BAQsFAAOCAQEAChCTpLGTl+r+g8wT3wAelvYI
6uJjAsc5fHsFADmjhBuiblUWU7IXGH/w9+ll50op0WEIyxEozIIUpv5Nrn6HMAlr
o5i68raHyr9p0c/j0b+i4jjBEt0yrFQx9qB3MPYk4WNwkC9B8RI3nxa0dpbB+uQg
DbNrVmrpj9WIEayadqtz/ElsIbLTAmyBUw/sP1ABlQAvvj3SEEEeUyPHmYzztVNf
3MLE4rksCwV6VG4b43D70vbraqhMf79xw0JqMG4qQjFeXFLdVcJ+RZlot15bMD4e
0BFVfaIKDhOkNROmJ9qj6BDXMxsHrWtoGqsPHpwArakhyrJM9jFyS0wjgijBtg==
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:45:14 2025 by rpki-client