Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/0fc5c9-4ec6-4df6-82c4-d87e4047f853/1/brNjPqKG6Bk0szy5FYlf6Ovki-0.roa
File: brNjPqKG6Bk0szy5FYlf6Ovki-0.roa (raw, json)
Hash identifier: qX0qvYHpN2AeaMFoWDlqt8EyL9p/KS0UAcw7H6+2E34=
Subject key identifier: 6E:B3:63:3E:A2:86:E8:19:34:B3:3C:B9:15:89:5F:E8:EB:E4:8B:ED
Certificate issuer: /CN=34f47b73ee8fbedd25f41b3b17b2be08f5bf6563
Certificate serial: 01936E3E8019F5DC2B6AF1BB276C8233FE18
Authority key identifier: 34:F4:7B:73:EE:8F:BE:DD:25:F4:1B:3B:17:B2:BE:08:F5:BF:65:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NPR7c-6Pvt0l9Bs7F7K-CPW_ZWM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/0fc5c9-4ec6-4df6-82c4-d87e4047f853/1/brNjPqKG6Bk0szy5FYlf6Ovki-0.roa
Signing time: Wed 27 Nov 2024 15:30:09 +0000
ROA not before: Wed 27 Nov 2024 15:30:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15734
IP address blocks: 217.149.156.0/24 maxlen: 24
217.149.157.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 27 Nov 2024 15:36:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:6e:3e:80:19:f5:dc:2b:6a:f1:bb:27:6c:82:33:fe:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34f47b73ee8fbedd25f41b3b17b2be08f5bf6563
Validity
Not Before: Nov 27 15:30:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6eb3633ea286e81934b33cb915895fe8ebe48bed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:24:0d:71:cf:89:ce:2c:cc:b8:12:37:e8:64:
b6:93:80:22:dd:9e:b8:cc:de:96:fc:3b:5d:ba:51:
3e:4e:f6:a9:41:f9:a6:bd:9c:cc:06:66:37:d0:96:
12:4c:02:7d:62:4b:11:32:0d:5e:54:3a:41:36:8d:
e3:cc:23:93:14:db:d6:db:9f:df:ce:b1:95:2b:c0:
54:6e:5b:49:d2:5a:aa:ef:0c:e2:1c:93:6c:07:33:
1a:67:90:87:f0:b0:54:78:82:cf:7e:8a:10:c8:09:
6b:d9:74:9d:e9:e3:df:96:49:5c:d8:54:ef:5c:ae:
fb:29:3a:76:ec:3e:0b:57:00:96:42:22:53:ec:c1:
13:5c:c7:1a:3b:fc:03:90:f9:c8:0b:73:53:5e:99:
c3:cb:7d:e9:38:30:82:56:a5:61:23:16:2b:49:87:
55:78:13:ab:3f:72:b4:17:ef:a5:97:12:57:1c:94:
4a:be:c6:b2:9d:b1:62:a1:82:31:8b:ff:6b:cf:b9:
13:4c:47:06:c7:97:71:3f:49:23:e4:05:a8:21:91:
6b:9b:8e:2e:24:01:44:84:8e:12:53:df:f7:22:f9:
de:c2:3b:cc:5d:e3:15:59:c0:0b:86:3c:0a:da:05:
41:b2:c2:50:2e:d2:a4:ee:5b:67:24:1f:c0:d1:e9:
81:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:B3:63:3E:A2:86:E8:19:34:B3:3C:B9:15:89:5F:E8:EB:E4:8B:ED
X509v3 Authority Key Identifier:
keyid:34:F4:7B:73:EE:8F:BE:DD:25:F4:1B:3B:17:B2:BE:08:F5:BF:65:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NPR7c-6Pvt0l9Bs7F7K-CPW_ZWM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/0fc5c9-4ec6-4df6-82c4-d87e4047f853/1/brNjPqKG6Bk0szy5FYlf6Ovki-0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/0fc5c9-4ec6-4df6-82c4-d87e4047f853/1/NPR7c-6Pvt0l9Bs7F7K-CPW_ZWM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.149.156.0/23
Signature Algorithm: sha256WithRSAEncryption
c0:62:95:33:fe:39:14:2f:37:3f:64:6e:5a:35:e6:67:75:0b:
30:74:c1:5a:cc:4b:39:5a:65:d4:1a:70:43:3b:ba:7f:42:ae:
89:b7:e5:b4:c8:d0:cf:47:d9:d4:8b:16:d8:da:93:68:82:bb:
42:2e:c0:c6:21:1a:c1:8f:29:db:f9:86:c1:8d:e7:7c:97:71:
47:bb:51:94:22:d5:2d:89:88:d5:72:c4:9e:17:2a:46:8d:bd:
fd:7b:6a:2d:fc:27:d3:b1:75:f3:9e:71:97:78:b6:a0:ec:61:
6f:96:36:52:ba:79:73:50:99:b4:cc:39:86:12:ac:42:d5:9e:
ad:1d:31:e8:aa:c1:4f:a6:19:0c:ea:8c:b6:db:dd:b5:60:d5:
b7:50:a4:b9:d7:18:00:d4:d5:a7:98:6f:ef:2d:c8:dd:88:15:
19:87:6e:46:0d:be:1f:72:8f:02:0f:fe:c7:cb:46:73:9c:b0:
97:ee:1e:ab:ac:0d:8c:02:16:93:07:cb:07:6a:fb:a4:26:df:
b6:5e:5c:50:bf:d4:de:17:63:e2:41:49:48:3e:83:c6:77:55:
b9:bb:be:93:f4:1a:73:94:bc:bf:7a:c3:86:1a:68:8f:54:13:
8f:d3:3c:f7:44:32:4c:0a:90:0b:8f:d5:8f:e9:d5:e9:1f:f7:
d5:73:05:be
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZNuPoAZ9dwravG7J2yCM/4YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0ZjQ3YjczZWU4ZmJlZGQyNWY0MWIzYjE3YjJiZTA4ZjVi
ZjY1NjMwHhcNMjQxMTI3MTUzMDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWIzNjMzZWEyODZlODE5MzRiMzNjYjkxNTg5NWZlOGViZTQ4YmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAySQNcc+JzizMuBI36GS2k4Ai3Z64
zN6W/DtdulE+TvapQfmmvZzMBmY30JYSTAJ9YksRMg1eVDpBNo3jzCOTFNvW25/f
zrGVK8BUbltJ0lqq7wziHJNsBzMaZ5CH8LBUeILPfooQyAlr2XSd6ePflklc2FTv
XK77KTp27D4LVwCWQiJT7METXMcaO/wDkPnIC3NTXpnDy33pODCCVqVhIxYrSYdV
eBOrP3K0F++llxJXHJRKvsaynbFioYIxi/9rz7kTTEcGx5dxP0kj5AWoIZFrm44u
JAFEhI4SU9/3IvnewjvMXeMVWcALhjwK2gVBssJQLtKk7ltnJB/A0emB9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG6zYz6ihugZNLM8uRWJX+jr5IvtMB8GA1UdIwQY
MBaAFDT0e3Puj77dJfQbOxeyvgj1v2VjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlBSN2MtNlB2dDBsOUJzN0Y3Sy1DUFdfWldNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS8wZmM1YzktNGVjNi00ZGY2LTgyYzQt
ZDg3ZTQwNDdmODUzLzEvYnJOalBxS0c2Qmswc3p5NUZZbGY2T3ZraS0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS8wZmM1YzktNGVjNi00ZGY2LTgyYzQtZDg3ZTQwNDdmODUz
LzEvTlBSN2MtNlB2dDBsOUJzN0Y3Sy1DUFdfWldNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB2ZWcMA0G
CSqGSIb3DQEBCwUAA4IBAQDAYpUz/jkULzc/ZG5aNeZndQswdMFazEs5WmXUGnBD
O7p/Qq6Jt+W0yNDPR9nUixbY2pNogrtCLsDGIRrBjynb+YbBjed8l3FHu1GUItUt
iYjVcsSeFypGjb39e2ot/CfTsXXznnGXeLag7GFvljZSunlzUJm0zDmGEqxC1Z6t
HTHoqsFPphkM6oy22921YNW3UKS51xgA1NWnmG/vLcjdiBUZh25GDb4fco8CD/7H
y0ZznLCX7h6rrA2MAhaTB8sHavukJt+2XlxQv9TeF2PiQUlIPoPGd1W5u76T9Bpz
lLy/esOGGmiPVBOP0zz3RDJMCpALj9WP6dXpH/fVcwW+
-----END CERTIFICATE-----
Generated at Sun Jun 15 16:58:31 2025 by rpki-client