Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/n5CGS-pAO7YTBlLg1MbjVQHG81I.roa
File: n5CGS-pAO7YTBlLg1MbjVQHG81I.roa (raw, json)
Hash identifier: eLxL/qQyyG+L52cb0BRjHhpAgNgZPbrvOUH5oK0UJpE=
Subject key identifier: 9F:90:86:4B:EA:40:3B:B6:13:06:52:E0:D4:C6:E3:55:01:C6:F3:52
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01918EAE23F5DF1DCCB2C5B16CFC95C44EB0
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/n5CGS-pAO7YTBlLg1MbjVQHG81I.roa
Signing time: Mon 26 Aug 2024 12:34:22 +0000
ROA not before: Mon 26 Aug 2024 12:34:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 194.87.246.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 26 Aug 2024 13:35:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:8e:ae:23:f5:df:1d:cc:b2:c5:b1:6c:fc:95:c4:4e:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 26 12:34:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9f90864bea403bb6130652e0d4c6e35501c6f352
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:fd:c4:1f:ec:a0:e0:a2:be:79:38:4a:59:df:
79:3f:03:08:36:14:d2:b2:e4:ca:4f:87:5e:b9:af:
d1:2f:81:fe:55:e5:dd:83:57:be:b9:c2:e4:5d:8f:
82:ba:c7:ec:87:1d:e9:e4:bc:31:57:97:0f:9c:af:
1f:a7:7f:b6:d8:60:69:4e:f8:1a:19:9f:65:c0:ab:
8c:e3:92:c0:86:f3:f9:74:25:f3:aa:d4:b1:f3:38:
fd:f5:aa:11:27:a7:2d:75:d5:4c:74:bb:2a:d7:57:
06:51:c8:0d:10:44:89:05:28:49:5f:16:d8:90:9a:
a8:2b:99:4a:a6:44:01:f4:d6:53:89:f7:5d:c8:77:
6d:8e:05:eb:6d:40:38:d0:70:8b:34:1b:c7:b2:62:
79:29:e8:fc:98:39:07:11:44:75:93:ca:03:92:78:
f4:8d:e1:92:30:59:45:90:25:80:81:bc:be:79:c7:
d8:c2:9e:42:fa:9a:66:ae:ae:da:9a:94:3b:07:bd:
87:e6:11:08:0a:ad:c8:23:e6:a3:85:cb:3d:0e:d7:
88:fb:a0:c2:58:86:ba:8f:6f:64:a3:aa:42:c1:ef:
79:6d:41:a5:4c:46:27:c5:ef:fb:c6:fa:89:37:b2:
32:f1:02:fe:25:4f:1d:53:bd:28:ea:e3:0f:14:4f:
82:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:90:86:4B:EA:40:3B:B6:13:06:52:E0:D4:C6:E3:55:01:C6:F3:52
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/n5CGS-pAO7YTBlLg1MbjVQHG81I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.246.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:2e:8f:c7:3f:eb:02:32:93:3e:e3:bf:70:de:9e:5e:d4:8d:
8e:22:7e:07:73:11:5c:11:3c:7f:56:86:e6:2e:dd:56:a0:c4:
26:2a:6d:6d:2e:d7:53:9d:63:30:96:75:56:aa:bd:d8:b0:a5:
a4:d5:4b:77:aa:2e:21:90:6d:f3:52:22:4e:b1:d8:80:e4:5d:
5f:9a:01:0d:67:05:53:38:a5:df:f6:56:62:4c:bd:5e:ab:95:
ba:ea:81:41:fd:58:77:54:5d:89:04:09:0e:7d:78:4a:00:93:
47:d5:37:6f:25:93:c8:8e:04:6b:c0:df:dc:53:41:2f:0c:11:
31:2e:da:06:ce:48:c3:42:7d:97:e9:4a:ad:33:98:de:1c:fb:
cc:e6:7c:7a:05:88:66:db:f1:cd:ef:13:b3:29:4e:49:16:be:
49:5c:a4:23:1a:8f:64:5e:bc:e0:21:83:47:08:bc:7f:b7:f2:
f6:df:f0:80:a1:e7:59:98:af:a2:47:e3:1b:70:24:a3:1d:17:
15:b9:5d:a4:3f:3e:f4:33:26:fa:60:b9:cc:6d:56:e5:99:a2:
44:78:0f:f2:21:69:8c:06:aa:0f:e3:75:3e:4f:73:ae:0d:28:
79:c7:50:ef:e3:7e:03:3b:38:05:10:54:e3:b1:bd:1f:18:c7:
4c:fe:a2:24
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZGOriP13x3MssWxbPyVxE6wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwODI2MTIzNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjkwODY0YmVhNDAzYmI2MTMwNjUyZTBkNGM2ZTM1NTAxYzZmMzUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxf3EH+yg4KK+eThKWd95PwMINhTS
suTKT4deua/RL4H+VeXdg1e+ucLkXY+Cusfshx3p5LwxV5cPnK8fp3+22GBpTvga
GZ9lwKuM45LAhvP5dCXzqtSx8zj99aoRJ6ctddVMdLsq11cGUcgNEESJBShJXxbY
kJqoK5lKpkQB9NZTifddyHdtjgXrbUA40HCLNBvHsmJ5Kej8mDkHEUR1k8oDknj0
jeGSMFlFkCWAgby+ecfYwp5C+ppmrq7ampQ7B72H5hEICq3II+ajhcs9DteI+6DC
WIa6j29ko6pCwe95bUGlTEYnxe/7xvqJN7Iy8QL+JU8dU70o6uMPFE+C7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ+QhkvqQDu2EwZS4NTG41UBxvNSMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvbjVDR1MtcEFPN1lUQmxMZzFNYmpWUUhHODFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwlf2MA0G
CSqGSIb3DQEBCwUAA4IBAQAOLo/HP+sCMpM+479w3p5e1I2OIn4HcxFcETx/Vobm
Lt1WoMQmKm1tLtdTnWMwlnVWqr3YsKWk1Ut3qi4hkG3zUiJOsdiA5F1fmgENZwVT
OKXf9lZiTL1eq5W66oFB/Vh3VF2JBAkOfXhKAJNH1TdvJZPIjgRrwN/cU0EvDBEx
LtoGzkjDQn2X6UqtM5jeHPvM5nx6BYhm2/HN7xOzKU5JFr5JXKQjGo9kXrzgIYNH
CLx/t/L23/CAoedZmK+iR+MbcCSjHRcVuV2kPz70Myb6YLnMbVblmaJEeA/yIWmM
BqoP43U+T3OuDSh5x1Dv434DOzgFEFTjsb0fGMdM/qIk
-----END CERTIFICATE-----
Generated at Mon Jun 16 15:49:34 2025 by rpki-client