Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/Nkq1Ey2Nm7_MohrIvVTv7S5CU0M.roa
File: Nkq1Ey2Nm7_MohrIvVTv7S5CU0M.roa (raw, json)
Hash identifier: GnF1Y2xidLSTX8KZDAYDIIM8ERgP1zZ31Ibo0hyE1N0=
Subject key identifier: 36:4A:B5:13:2D:8D:9B:BF:CC:A2:1A:C8:BD:54:EF:ED:2E:42:53:43
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 0194D55DDFB01387AD60E158C55028389638
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/Nkq1Ey2Nm7_MohrIvVTv7S5CU0M.roa
Signing time: Wed 05 Feb 2025 09:08:06 +0000
ROA not before: Wed 05 Feb 2025 09:08:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34918
IP address blocks: 212.80.29.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 22 Feb 2025 12:03:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:d5:5d:df:b0:13:87:ad:60:e1:58:c5:50:28:38:96:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Feb 5 09:08:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=364ab5132d8d9bbfcca21ac8bd54efed2e425343
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:74:0f:51:0d:85:a4:bf:01:f6:64:59:2e:cb:
c3:5f:87:96:c8:25:07:9c:c2:e4:70:ac:d7:2c:de:
fb:bf:4d:d6:8c:c7:72:30:a9:bd:d2:bf:34:8d:0e:
2b:61:86:70:81:3e:fc:09:f8:eb:8a:92:08:3d:e2:
d0:2e:90:d2:65:13:1a:6f:8c:3a:15:ba:bc:86:e9:
0b:38:e6:1f:26:02:c2:f2:59:58:fb:e8:f9:57:37:
2b:98:74:d0:43:b9:a0:da:e8:61:e1:fb:69:22:07:
d6:ab:fe:32:3f:ce:16:ef:8e:d3:0b:bb:6e:4a:8a:
f8:8f:9a:0b:16:82:a7:3d:f0:6b:8d:79:55:49:d1:
8e:3a:01:ab:9c:78:7c:9c:a9:4f:af:c9:37:91:b4:
0b:70:c7:bc:d3:83:5d:72:10:43:8d:4f:a7:6f:93:
57:e9:52:bd:dd:7f:51:1a:cf:2b:fc:85:ed:a6:76:
f8:95:db:76:c9:a0:ef:64:fb:97:92:6d:ac:70:43:
6d:9e:1c:06:aa:fc:35:47:36:5d:00:dc:18:eb:f4:
22:ed:9b:e3:e2:e8:6e:a3:06:ea:fe:76:a9:d7:16:
be:63:73:67:25:18:3e:6a:38:98:5d:8e:b2:95:64:
64:cb:e4:05:ca:a0:7d:fe:e2:1f:b9:43:af:a2:06:
11:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:4A:B5:13:2D:8D:9B:BF:CC:A2:1A:C8:BD:54:EF:ED:2E:42:53:43
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/Nkq1Ey2Nm7_MohrIvVTv7S5CU0M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.80.29.0/24
Signature Algorithm: sha256WithRSAEncryption
07:99:83:7d:cd:0d:b5:60:c8:66:3b:7a:ed:38:e3:49:31:38:
f8:40:3a:3c:aa:28:ff:ca:b6:38:60:fd:d9:15:f6:93:9f:4a:
af:0b:ec:cf:82:45:14:d9:ee:01:0d:fa:b9:25:40:c9:b6:7d:
87:55:08:02:84:f2:db:d0:50:21:70:93:6b:d4:2b:24:de:6e:
56:7f:57:39:08:0c:2f:5b:f0:50:11:44:a2:38:ce:ca:17:52:
0d:53:b8:d2:5d:e3:a3:0c:df:84:ad:89:29:64:9e:e7:0a:34:
70:bb:ba:ef:aa:ca:e9:c0:16:f2:d6:53:d7:12:1f:2c:83:f1:
41:d5:45:7a:12:1c:5e:92:65:92:9b:a7:9f:a0:9f:80:e5:a4:
9e:59:e8:a7:f3:8b:fb:29:68:cf:83:7c:71:c1:14:ca:91:d9:
ef:63:e9:ca:ec:5e:ce:3a:e7:c6:2d:d6:86:41:5c:53:ec:25:
c3:f8:3a:e9:62:94:26:c5:51:4b:26:0b:07:7b:85:9d:b6:9d:
4a:af:48:6b:60:93:a3:47:9e:24:98:28:ef:1e:f0:00:83:a5:
1c:bb:4b:da:3f:bb:f4:d6:bb:54:20:8e:59:6a:5d:4f:6c:fb:
8d:5d:6b:21:4e:3e:8d:60:fe:79:a7:1b:97:df:ec:a2:78:46:
fb:29:4c:a4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZTVXd+wE4etYOFYxVAoOJY4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjUwMjA1MDkwODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjRhYjUxMzJkOGQ5YmJmY2NhMjFhYzhiZDU0ZWZlZDJlNDI1MzQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyXQPUQ2FpL8B9mRZLsvDX4eWyCUH
nMLkcKzXLN77v03WjMdyMKm90r80jQ4rYYZwgT78CfjripIIPeLQLpDSZRMab4w6
Fbq8hukLOOYfJgLC8llY++j5VzcrmHTQQ7mg2uhh4ftpIgfWq/4yP84W747TC7tu
Sor4j5oLFoKnPfBrjXlVSdGOOgGrnHh8nKlPr8k3kbQLcMe804NdchBDjU+nb5NX
6VK93X9RGs8r/IXtpnb4ldt2yaDvZPuXkm2scENtnhwGqvw1RzZdANwY6/Qi7Zvj
4uhuowbq/nap1xa+Y3NnJRg+ajiYXY6ylWRky+QFyqB9/uIfuUOvogYRKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDZKtRMtjZu/zKIayL1U7+0uQlNDMB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvTmtxMUV5Mk5tN19Nb2hySXZWVHY3UzVDVTBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1FAdMA0G
CSqGSIb3DQEBCwUAA4IBAQAHmYN9zQ21YMhmO3rtOONJMTj4QDo8qij/yrY4YP3Z
FfaTn0qvC+zPgkUU2e4BDfq5JUDJtn2HVQgChPLb0FAhcJNr1Csk3m5Wf1c5CAwv
W/BQEUSiOM7KF1INU7jSXeOjDN+ErYkpZJ7nCjRwu7rvqsrpwBby1lPXEh8sg/FB
1UV6EhxekmWSm6efoJ+A5aSeWein84v7KWjPg3xxwRTKkdnvY+nK7F7OOufGLdaG
QVxT7CXD+DrpYpQmxVFLJgsHe4Wdtp1Kr0hrYJOjR54kmCjvHvAAg6Ucu0vaP7v0
1rtUII5Zal1PbPuNXWshTj6NYP55pxuX3+yieEb7KUyk
-----END CERTIFICATE-----
Generated at Mon Apr 28 15:04:18 2025 by rpki-client