Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/NKfjFGowrXeJpjVgu_-1M97tono.roa
File: NKfjFGowrXeJpjVgu_-1M97tono.roa (raw, json)
Hash identifier: E7gBTQJxI+PV4dFyhd1PhnIKQ/3OvYjdijcyjbMmD+0=
Subject key identifier: 34:A7:E3:14:6A:30:AD:77:89:A6:35:60:BB:FF:B5:33:DE:ED:A2:7A
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0196DC713C6EA0FE48BD7926F2B12469968C
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/NKfjFGowrXeJpjVgu_-1M97tono.roa
Signing time: Sat 17 May 2025 04:12:10 +0000
ROA not before: Sat 17 May 2025 04:12:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211301
IP address blocks: 77.90.57.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 17 May 2025 06:23:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:dc:71:3c:6e:a0:fe:48:bd:79:26:f2:b1:24:69:96:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: May 17 04:12:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=34a7e3146a30ad7789a63560bbffb533deeda27a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:5d:db:7b:ee:3c:e5:9d:3d:70:ef:20:53:77:
23:67:60:81:8e:29:91:d6:45:51:63:dc:f8:79:ee:
1e:c4:b3:bb:a6:36:fa:79:77:64:85:a7:46:b6:bf:
57:69:d3:e8:8b:1d:ec:57:33:1a:8d:6d:c2:06:a4:
19:a9:67:35:fe:bd:bd:37:28:47:55:b3:aa:7a:f1:
c5:f3:01:ff:a2:cb:82:43:54:f5:4d:ca:9f:44:d1:
56:22:ff:62:67:9e:cd:e1:1c:61:0e:46:89:f4:62:
f8:6d:fb:b4:d2:38:3c:24:4c:10:78:ef:be:8f:61:
0d:1d:ee:b5:55:36:7b:41:bf:5c:09:73:52:13:08:
0d:c6:e2:20:47:32:2b:29:1c:6e:c3:2c:a8:d4:91:
91:c6:c3:e5:f5:ae:27:38:1f:14:9d:14:e8:74:c4:
59:27:99:ab:56:ae:b2:07:f9:02:d1:05:ee:e9:8b:
1e:c3:c4:6f:c3:6d:5c:f4:30:4c:09:30:31:d3:fa:
52:0a:88:49:07:e1:4b:94:6a:44:6d:e4:2b:99:f2:
db:99:40:b0:3e:94:65:88:ca:7e:80:21:b3:77:e4:
2b:f0:15:3b:6c:2f:55:1b:8e:b6:5a:85:d7:b7:5b:
e8:05:aa:35:11:df:6f:49:2e:60:60:7b:bf:20:b5:
c3:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:A7:E3:14:6A:30:AD:77:89:A6:35:60:BB:FF:B5:33:DE:ED:A2:7A
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/NKfjFGowrXeJpjVgu_-1M97tono.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.57.0/24
Signature Algorithm: sha256WithRSAEncryption
10:d0:0b:ae:17:e7:da:f3:72:4c:c0:a6:1d:78:0b:5b:69:ae:
05:a6:8a:f9:4f:ce:61:23:f8:91:ef:b8:a1:b2:bc:a7:75:d7:
5d:0a:5e:a5:34:75:1e:7b:f7:33:77:89:bf:80:18:2f:25:0f:
7a:e6:40:41:a4:a9:36:c0:a2:2e:11:06:fc:5f:50:33:25:8a:
13:ca:7a:4d:98:3e:78:df:cc:4b:a4:ce:46:c1:5f:08:89:03:
0e:ee:3f:02:66:bd:c1:3d:5a:a2:23:29:fc:9c:2f:1b:77:2a:
02:b7:e5:42:ab:3c:71:83:bb:e3:7b:b9:09:f5:e4:cd:e6:de:
5b:dd:8e:25:34:f9:0e:99:7f:65:ca:5b:66:d5:6a:ac:0f:e4:
b3:a0:61:ce:33:b0:65:e9:c0:7a:bf:f1:f0:eb:2e:aa:a2:f3:
f2:69:3a:e1:4e:6e:a9:0b:55:b3:80:b0:9a:60:4a:a8:03:b1:
bc:c3:3b:d4:5d:1d:14:fe:ea:75:8f:f6:1e:12:ec:4d:8e:dc:
d7:d8:e0:08:10:03:7a:6f:33:57:b5:00:af:68:99:99:a8:f0:
8b:d2:6a:fb:bf:8b:09:49:bc:49:c7:8a:43:82:f6:4a:55:ba:
25:b4:3b:84:50:ac:57:e4:0a:1e:94:ab:36:08:78:72:ce:14:
db:29:f1:c2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZbccTxuoP5IvXkm8rEkaZaMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwNTE3MDQxMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGE3ZTMxNDZhMzBhZDc3ODlhNjM1NjBiYmZmYjUzM2RlZWRhMjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoF3be+485Z09cO8gU3cjZ2CBjimR
1kVRY9z4ee4exLO7pjb6eXdkhadGtr9XadPoix3sVzMajW3CBqQZqWc1/r29NyhH
VbOqevHF8wH/osuCQ1T1TcqfRNFWIv9iZ57N4RxhDkaJ9GL4bfu00jg8JEwQeO++
j2ENHe61VTZ7Qb9cCXNSEwgNxuIgRzIrKRxuwyyo1JGRxsPl9a4nOB8UnRTodMRZ
J5mrVq6yB/kC0QXu6Ysew8Rvw21c9DBMCTAx0/pSCohJB+FLlGpEbeQrmfLbmUCw
PpRliMp+gCGzd+Qr8BU7bC9VG462WoXXt1voBao1Ed9vSS5gYHu/ILXD6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDSn4xRqMK13iaY1YLv/tTPe7aJ6MB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvTktmakZHb3dyWGVKcGpWZ3VfLTFNOTd0b25vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATVo5MA0G
CSqGSIb3DQEBCwUAA4IBAQAQ0AuuF+fa83JMwKYdeAtbaa4Fpor5T85hI/iR77ih
srynddddCl6lNHUee/czd4m/gBgvJQ965kBBpKk2wKIuEQb8X1AzJYoTynpNmD54
38xLpM5GwV8IiQMO7j8CZr3BPVqiIyn8nC8bdyoCt+VCqzxxg7vje7kJ9eTN5t5b
3Y4lNPkOmX9lyltm1WqsD+SzoGHOM7Bl6cB6v/Hw6y6qovPyaTrhTm6pC1WzgLCa
YEqoA7G8wzvUXR0U/up1j/YeEuxNjtzX2OAIEAN6bzNXtQCvaJmZqPCL0mr7v4sJ
SbxJx4pDgvZKVboltDuEUKxX5AoelKs2CHhyzhTbKfHC
-----END CERTIFICATE-----
Generated at Tue Jun 17 23:36:24 2025 by rpki-client