Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/31fd16-6d00-4d09-a8d4-c1d6c8f319c1/1/NejJPmR8vfCX6-wOQNnDDFXN06M.roa
File: NejJPmR8vfCX6-wOQNnDDFXN06M.roa (raw, json)
Hash identifier: Kh2viwA44EWh+FMgQJVTPmWoTDov4vDwBMUyD8EZVz4=
Subject key identifier: 35:E8:C9:3E:64:7C:BD:F0:97:EB:EC:0E:40:D9:C3:0C:55:CD:D3:A3
Certificate issuer: /CN=510ce781db0dc7e4f9f494145a295e4ccb121cae
Certificate serial: 0195619E4F40444E785930D1581970F44F83
Authority key identifier: 51:0C:E7:81:DB:0D:C7:E4:F9:F4:94:14:5A:29:5E:4C:CB:12:1C:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UQzngdsNx-T59JQUWileTMsSHK4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/31fd16-6d00-4d09-a8d4-c1d6c8f319c1/1/NejJPmR8vfCX6-wOQNnDDFXN06M.roa
Signing time: Tue 04 Mar 2025 14:45:19 +0000
ROA not before: Tue 04 Mar 2025 14:45:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21469
IP address blocks: 80.252.192.0/20 maxlen: 20
80.252.192.0/23 maxlen: 23
80.252.194.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 04 Mar 2025 14:52:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:61:9e:4f:40:44:4e:78:59:30:d1:58:19:70:f4:4f:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=510ce781db0dc7e4f9f494145a295e4ccb121cae
Validity
Not Before: Mar 4 14:45:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=35e8c93e647cbdf097ebec0e40d9c30c55cdd3a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:2f:de:cc:48:09:ba:25:96:75:98:28:53:a1:
6b:7b:65:f2:78:d3:ae:3b:33:61:97:2c:9d:53:53:
7a:ba:c4:8b:d4:ef:56:77:51:b2:af:f9:83:09:34:
3f:dd:55:f6:f5:0c:61:5c:df:f7:8c:3f:4a:39:0b:
5f:e0:68:e3:58:0c:95:51:d6:10:e5:8e:c0:35:c2:
53:b3:b7:9d:98:93:89:5f:02:c3:2b:6d:92:55:2d:
97:b6:2b:1d:d5:6d:93:12:8f:f9:f7:ec:5e:1d:a0:
7b:e5:ee:ac:eb:d9:5e:aa:6e:ac:22:e0:cf:15:c9:
c1:0c:ee:c5:fc:aa:05:78:d2:9d:44:ee:11:03:b9:
c7:cf:23:17:93:f1:a5:a9:69:53:31:70:90:40:b1:
c3:09:aa:ea:48:64:8d:cd:44:d0:a8:03:59:7e:2f:
4b:99:b2:36:a3:3d:ab:cc:37:d2:21:08:89:ed:49:
b2:87:77:b2:2a:11:dc:fd:60:1e:a7:06:ca:e2:b3:
dd:fd:7d:84:38:32:50:36:ff:ab:89:7f:8b:4b:76:
6b:3c:32:ee:91:3e:97:e6:e1:cd:3d:54:34:b5:b1:
a2:1b:0b:66:83:6a:23:ad:d3:aa:76:2b:5e:12:74:
9d:fa:04:75:c4:00:12:ed:33:4d:3a:0d:e3:97:06:
00:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:E8:C9:3E:64:7C:BD:F0:97:EB:EC:0E:40:D9:C3:0C:55:CD:D3:A3
X509v3 Authority Key Identifier:
keyid:51:0C:E7:81:DB:0D:C7:E4:F9:F4:94:14:5A:29:5E:4C:CB:12:1C:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UQzngdsNx-T59JQUWileTMsSHK4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/31fd16-6d00-4d09-a8d4-c1d6c8f319c1/1/NejJPmR8vfCX6-wOQNnDDFXN06M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/31fd16-6d00-4d09-a8d4-c1d6c8f319c1/1/UQzngdsNx-T59JQUWileTMsSHK4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.252.192.0/20
Signature Algorithm: sha256WithRSAEncryption
4f:71:76:42:a3:47:4e:37:9e:d9:53:e4:c2:7a:b0:a6:01:b4:
d7:43:c9:eb:df:29:50:27:d5:07:5d:14:09:0f:38:fb:2b:1d:
1e:0a:33:97:73:98:0a:8d:7e:0d:2f:92:d4:b6:bf:c3:81:48:
02:cb:26:56:ab:b7:c3:6f:d7:f8:15:35:53:7c:fe:04:23:51:
98:76:a2:33:64:11:3b:c1:5b:bf:58:2f:3f:df:54:34:b3:2f:
92:9b:e5:70:bb:a9:75:d3:e1:76:32:ac:62:2e:08:0f:88:26:
49:bc:79:e9:4c:60:ba:1c:1e:a6:3f:a0:5b:75:6b:ec:d9:12:
57:70:db:72:77:81:02:9a:34:8b:01:f2:06:17:bf:16:34:6a:
f4:79:f6:bf:81:bc:86:73:ad:c9:b2:d5:22:a9:a5:b1:53:f9:
57:f9:ef:38:c3:d5:db:51:38:64:03:21:af:b4:b0:86:05:c2:
20:00:e1:70:a3:f8:d1:09:7b:b7:b8:8c:ef:81:a9:7a:04:bc:
f2:4d:d3:cf:d6:b8:25:a4:0a:39:dd:40:27:8d:c6:a4:48:b2:
87:4d:3d:76:b7:e6:8c:e8:d7:eb:ee:52:9b:51:d0:41:7d:26:
ef:b0:2d:27:b8:a6:bc:52:69:bb:be:7c:b0:90:8b:f4:87:30:
30:fa:65:ac
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZVhnk9ARE54WTDRWBlw9E+DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMGNlNzgxZGIwZGM3ZTRmOWY0OTQxNDVhMjk1ZTRjY2Ix
MjFjYWUwHhcNMjUwMzA0MTQ0NTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWU4YzkzZTY0N2NiZGYwOTdlYmVjMGU0MGQ5YzMwYzU1Y2RkM2EzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6i/ezEgJuiWWdZgoU6Fre2XyeNOu
OzNhlyydU1N6usSL1O9Wd1Gyr/mDCTQ/3VX29QxhXN/3jD9KOQtf4GjjWAyVUdYQ
5Y7ANcJTs7edmJOJXwLDK22SVS2Xtisd1W2TEo/59+xeHaB75e6s69leqm6sIuDP
FcnBDO7F/KoFeNKdRO4RA7nHzyMXk/GlqWlTMXCQQLHDCarqSGSNzUTQqANZfi9L
mbI2oz2rzDfSIQiJ7Umyh3eyKhHc/WAepwbK4rPd/X2EODJQNv+riX+LS3ZrPDLu
kT6X5uHNPVQ0tbGiGwtmg2ojrdOqditeEnSd+gR1xAAS7TNNOg3jlwYAnQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDXoyT5kfL3wl+vsDkDZwwxVzdOjMB8GA1UdIwQY
MBaAFFEM54HbDcfk+fSUFFopXkzLEhyuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVF6bmdkc054LVQ1OUpRVVdpbGVUTXNTSEs0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi8zMWZkMTYtNmQwMC00ZDA5LWE4ZDQt
YzFkNmM4ZjMxOWMxLzEvTmVqSlBtUjh2ZkNYNi13T1FObkRERlhOMDZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi8zMWZkMTYtNmQwMC00ZDA5LWE4ZDQtYzFkNmM4ZjMxOWMx
LzEvVVF6bmdkc054LVQ1OUpRVVdpbGVUTXNTSEs0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEUPzAMA0G
CSqGSIb3DQEBCwUAA4IBAQBPcXZCo0dON57ZU+TCerCmAbTXQ8nr3ylQJ9UHXRQJ
Dzj7Kx0eCjOXc5gKjX4NL5LUtr/DgUgCyyZWq7fDb9f4FTVTfP4EI1GYdqIzZBE7
wVu/WC8/31Q0sy+Sm+Vwu6l10+F2MqxiLggPiCZJvHnpTGC6HB6mP6BbdWvs2RJX
cNtyd4ECmjSLAfIGF78WNGr0efa/gbyGc63JstUiqaWxU/lX+e84w9XbUThkAyGv
tLCGBcIgAOFwo/jRCXu3uIzvgal6BLzyTdPP1rglpAo53UAnjcakSLKHTT12t+aM
6Nfr7lKbUdBBfSbvsC0nuKa8Umm7vnywkIv0hzAw+mWs
-----END CERTIFICATE-----
Generated at Mon Apr 28 12:42:45 2025 by rpki-client