Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/NSHXZYndIFkg4MTTYIEDTfAZfIA.roa
File: NSHXZYndIFkg4MTTYIEDTfAZfIA.roa (raw, json)
Hash identifier: 3fb1FdvpEN50yB90x2aDsoIuaZcUORsvI920OnITx4k=
Subject key identifier: 35:21:D7:65:89:DD:20:59:20:E0:C4:D3:60:81:03:4D:F0:19:7C:80
Certificate issuer: /CN=051f29462e7a7da7eb5f45da7873f14e403fe3ab
Certificate serial: 019590096593992D8FFF38D38CF91ADC07AD
Authority key identifier: 05:1F:29:46:2E:7A:7D:A7:EB:5F:45:DA:78:73:F1:4E:40:3F:E3:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BR8pRi56fafrX0XaeHPxTkA_46s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/NSHXZYndIFkg4MTTYIEDTfAZfIA.roa
Signing time: Thu 13 Mar 2025 15:04:49 +0000
ROA not before: Thu 13 Mar 2025 15:04:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61317
IP address blocks: 45.65.113.0/24 maxlen: 24
194.15.98.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 14 Mar 2025 06:25:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:90:09:65:93:99:2d:8f:ff:38:d3:8c:f9:1a:dc:07:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=051f29462e7a7da7eb5f45da7873f14e403fe3ab
Validity
Not Before: Mar 13 15:04:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3521d76589dd205920e0c4d36081034df0197c80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:77:b2:3c:5c:37:06:17:ba:c9:2d:ed:d3:0c:
b8:04:09:8a:fe:cd:8b:0c:d7:ea:42:ac:7e:13:e1:
14:dc:de:92:18:3e:42:f3:64:0e:2e:df:e6:c4:c4:
06:de:35:0f:cc:8c:24:7c:c5:27:97:fb:c9:c1:73:
d1:d1:57:38:f2:15:29:e1:9e:37:f8:4b:a9:27:97:
d1:b6:b4:9d:18:57:70:6b:bc:82:9b:3f:61:45:0b:
a6:fc:50:40:df:76:f7:55:15:de:0e:61:36:1d:d7:
fc:46:9a:ae:46:59:ac:85:18:59:af:3a:e1:c7:d2:
83:ab:74:62:90:8d:a4:de:fa:0d:02:08:06:8b:6c:
d9:a0:59:cc:11:fc:20:17:bd:1a:15:a8:f6:11:22:
4a:d7:12:42:63:77:75:49:62:b1:a4:67:7f:6c:26:
60:7f:84:90:b8:44:cf:23:18:d5:94:b8:df:67:dc:
99:2c:c3:5d:8c:a9:09:ab:1a:9b:d9:be:37:32:5a:
9e:df:51:e6:67:75:9f:d9:80:ae:ad:df:60:91:34:
84:e8:24:0d:35:e2:33:cd:8b:ba:42:55:5d:5f:3e:
ea:0e:61:09:84:99:07:f7:d5:47:da:2b:e3:9b:7f:
17:63:22:c9:d3:04:c0:a3:0c:fb:b7:cd:e9:68:3e:
ec:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:21:D7:65:89:DD:20:59:20:E0:C4:D3:60:81:03:4D:F0:19:7C:80
X509v3 Authority Key Identifier:
keyid:05:1F:29:46:2E:7A:7D:A7:EB:5F:45:DA:78:73:F1:4E:40:3F:E3:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BR8pRi56fafrX0XaeHPxTkA_46s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/NSHXZYndIFkg4MTTYIEDTfAZfIA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/BR8pRi56fafrX0XaeHPxTkA_46s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.65.113.0/24
194.15.98.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:26:59:b3:72:11:0f:cb:d1:a9:d3:41:be:2c:5e:c1:2e:92:
d6:c1:35:70:cf:e5:34:f9:67:e6:58:bf:06:5d:7a:59:05:b0:
d6:ef:3f:cb:42:13:c5:9b:40:0c:62:a7:ff:e3:45:27:6c:99:
e2:7c:a5:2c:c3:06:d2:ca:f9:8f:6d:d3:91:4b:c8:c6:7b:bf:
3e:99:4b:f5:5f:b0:a7:7f:be:1f:f9:6b:bf:2a:6c:4a:8f:2f:
84:9d:9c:a0:a3:d2:90:47:db:95:20:aa:1d:80:21:55:cc:25:
d6:8e:69:d1:f6:6c:15:9e:5b:dc:59:45:48:62:77:2c:63:d7:
bf:f3:69:56:a9:d7:96:61:a0:62:7c:28:c9:d8:7b:53:1b:3e:
7e:79:49:8d:eb:c5:c1:43:e9:bb:a2:64:0b:70:e0:91:04:67:
fa:31:ce:f9:dd:0b:1c:d2:75:99:82:45:d5:81:68:1a:6a:db:
40:f8:93:de:b2:75:47:86:d7:e6:d7:95:8c:42:c0:b4:dc:db:
e6:4f:08:a3:bd:4d:37:87:c8:20:77:2a:52:71:20:20:b4:c0:
fa:b9:6d:22:26:33:9a:91:cc:9a:1a:1e:c0:00:d5:0d:5e:58:
25:af:5e:47:4c:b7:c0:26:64:3f:2f:09:71:02:39:95:c0:64:
b0:04:52:81
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZWQCWWTmS2P/zjTjPka3AetMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MWYyOTQ2MmU3YTdkYTdlYjVmNDVkYTc4NzNmMTRlNDAz
ZmUzYWIwHhcNMjUwMzEzMTUwNDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTIxZDc2NTg5ZGQyMDU5MjBlMGM0ZDM2MDgxMDM0ZGYwMTk3YzgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnXeyPFw3Bhe6yS3t0wy4BAmK/s2L
DNfqQqx+E+EU3N6SGD5C82QOLt/mxMQG3jUPzIwkfMUnl/vJwXPR0Vc48hUp4Z43
+EupJ5fRtrSdGFdwa7yCmz9hRQum/FBA33b3VRXeDmE2Hdf8RpquRlmshRhZrzrh
x9KDq3RikI2k3voNAggGi2zZoFnMEfwgF70aFaj2ESJK1xJCY3d1SWKxpGd/bCZg
f4SQuETPIxjVlLjfZ9yZLMNdjKkJqxqb2b43Mlqe31HmZ3Wf2YCurd9gkTSE6CQN
NeIzzYu6QlVdXz7qDmEJhJkH99VH2ivjm38XYyLJ0wTAowz7t83paD7s+wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDUh12WJ3SBZIODE02CBA03wGXyAMB8GA1UdIwQY
MBaAFAUfKUYuen2n619F2nhz8U5AP+OrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlI4cFJpNTZmYWZyWDBYYWVIUHhUa0FfNDZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8zOTUzMjgtZjQ2MS00NGI3LWIwMzEt
M2Y4YjU1ZGExYWM0LzEvTlNIWFpZbmRJRmtnNE1UVFlJRURUZkFaZklBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8zOTUzMjgtZjQ2MS00NGI3LWIwMzEtM2Y4YjU1ZGExYWM0
LzEvQlI4cFJpNTZmYWZyWDBYYWVIUHhUa0FfNDZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALUFxAwQA
wg9iMA0GCSqGSIb3DQEBCwUAA4IBAQAvJlmzchEPy9Gp00G+LF7BLpLWwTVwz+U0
+WfmWL8GXXpZBbDW7z/LQhPFm0AMYqf/40UnbJnifKUswwbSyvmPbdORS8jGe78+
mUv1X7Cnf74f+Wu/KmxKjy+EnZygo9KQR9uVIKodgCFVzCXWjmnR9mwVnlvcWUVI
YncsY9e/82lWqdeWYaBifCjJ2HtTGz5+eUmN68XBQ+m7omQLcOCRBGf6Mc753Qsc
0nWZgkXVgWgaattA+JPesnVHhtfm15WMQsC03NvmTwijvU03h8ggdypScSAgtMD6
uW0iJjOakcyaGh7AANUNXlglr15HTLfAJmQ/LwlxAjmVwGSwBFKB
-----END CERTIFICATE-----
Generated at Mon Apr 28 08:28:47 2025 by rpki-client