Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/NadKAcTCTxgk2TRDX8SfkmL2PJ0.roa
File: NadKAcTCTxgk2TRDX8SfkmL2PJ0.roa (raw, json)
Hash identifier: rSe+jgjZCGCYQonp/kiAkXRfgO9xl3VU69HzN7mA3NM=
Subject key identifier: 35:A7:4A:01:C4:C2:4F:18:24:D9:34:43:5F:C4:9F:92:62:F6:3C:9D
Certificate issuer: /CN=6d6fbfa9753db8d846433db5351d9a9ec07c96bd
Certificate serial: 01988C
Authority key identifier: 6D:6F:BF:A9:75:3D:B8:D8:46:43:3D:B5:35:1D:9A:9E:C0:7C:96:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bW-_qXU9uNhGQz21NR2ansB8lr0.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/NadKAcTCTxgk2TRDX8SfkmL2PJ0.roa
Signing time: Fri 18 Apr 2025 22:53:14 +0000
ROA not before: Fri 18 Apr 2025 22:53:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 4128
IP address blocks: 198.180.152.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 20 Apr 2025 17:37:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 104588 (0x1988c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d6fbfa9753db8d846433db5351d9a9ec07c96bd
Validity
Not Before: Apr 18 22:53:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=35A74A01C4C24F1824D934435FC49F9262F63C9D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:bb:37:d4:45:76:aa:58:27:65:f7:13:18:bc:
f6:05:b5:a9:ee:25:ca:e1:b9:5c:54:9d:47:f4:b5:
ad:4a:fc:6d:c9:eb:69:f2:38:f4:50:73:64:e1:e4:
83:2a:88:eb:59:9a:39:91:a4:bb:8e:b4:89:54:c3:
da:9d:26:16:b2:41:1a:72:61:9e:26:b8:50:06:bf:
da:bb:8e:d9:07:4e:1d:6b:82:7f:56:8c:45:60:ca:
0c:d8:7e:5c:3b:55:d3:82:77:98:d2:93:0b:ef:a7:
70:ea:d4:55:53:4a:13:11:4f:a5:81:97:2b:fa:59:
18:bb:df:13:48:a9:27:c3:f9:d9:69:2b:a5:d0:46:
ea:16:76:95:1a:e5:44:cc:3e:e7:26:3e:98:18:a5:
1c:cb:b5:48:ad:1b:ca:2c:1e:da:d7:19:fd:19:a7:
d1:31:70:37:c4:58:31:36:00:45:b2:ce:67:bb:86:
07:93:96:19:65:5b:31:2b:9f:2f:15:a2:f3:9b:e4:
f9:68:3c:ce:60:b3:62:ac:cb:fb:47:96:9a:a4:d7:
f5:aa:8e:46:f8:52:c4:20:a3:3b:c7:56:ad:da:75:
0a:e8:6b:ba:09:c8:01:42:9b:53:9a:99:65:d4:15:
5a:ac:7c:9d:ff:f4:e6:77:b3:41:d0:96:ab:a0:0e:
99:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:A7:4A:01:C4:C2:4F:18:24:D9:34:43:5F:C4:9F:92:62:F6:3C:9D
X509v3 Authority Key Identifier:
keyid:6D:6F:BF:A9:75:3D:B8:D8:46:43:3D:B5:35:1D:9A:9E:C0:7C:96:BD
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/bW-_qXU9uNhGQz21NR2ansB8lr0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bW-_qXU9uNhGQz21NR2ansB8lr0.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/NadKAcTCTxgk2TRDX8SfkmL2PJ0.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
198.180.152.0/24
Signature Algorithm: sha256WithRSAEncryption
40:8b:ab:4b:04:c7:a0:e2:91:6d:b1:fb:33:ad:34:d9:95:df:
54:be:e0:40:d5:7b:e1:1e:7b:e1:6b:18:1d:40:55:07:43:42:
15:d0:2e:58:99:4f:e5:c8:35:17:9e:59:53:9e:a0:06:87:12:
92:a0:fa:d3:7c:b8:29:55:e3:d6:39:86:93:ee:b2:df:17:f4:
54:1d:ed:9d:ab:b9:c7:5d:a3:99:c6:1d:40:c8:95:c2:35:45:
8e:e1:fa:5e:13:49:2c:66:a7:22:d6:d1:53:53:db:48:f7:47:
5f:05:ed:9c:1e:5d:6c:98:c7:51:8f:60:76:53:c1:67:f6:8c:
52:81:ee:52:13:fb:e7:b9:89:d6:35:05:97:72:db:ba:17:1b:
83:33:8e:38:0c:02:1c:7c:e0:e4:70:4b:bb:be:fe:07:89:80:
42:94:06:8f:53:4c:c9:bd:3f:c2:cb:0e:59:31:cb:58:db:c3:
cb:dc:94:9d:f0:cc:91:51:75:27:10:c3:7f:ba:c7:5c:98:c2:
87:9f:73:56:5e:0c:4f:67:b4:e5:7b:23:00:d7:22:80:e6:2b:
44:3f:99:d3:83:f7:74:d9:9d:7f:f1:59:fd:cd:b7:b8:c8:60:
da:56:6e:51:f8:d3:27:b0:82:aa:d4:2b:41:92:30:62:16:ac:
04:c2:d7:18
-----BEGIN CERTIFICATE-----
MIIEuTCCA6GgAwIBAgIDAZiMMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDZk
NmZiZmE5NzUzZGI4ZDg0NjQzM2RiNTM1MWQ5YTllYzA3Yzk2YmQwHhcNMjUwNDE4
MjI1MzE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygzNUE3NEEwMUM0QzI0
RjE4MjREOTM0NDM1RkM0OUY5MjYyRjYzQzlEMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEArrs31EV2qlgnZfcTGLz2BbWp7iXK4blcVJ1H9LWtSvxtyetp
8jj0UHNk4eSDKojrWZo5kaS7jrSJVMPanSYWskEacmGeJrhQBr/au47ZB04da4J/
VoxFYMoM2H5cO1XTgneY0pML76dw6tRVU0oTEU+lgZcr+lkYu98TSKknw/nZaSul
0EbqFnaVGuVEzD7nJj6YGKUcy7VIrRvKLB7a1xn9GafRMXA3xFgxNgBFss5nu4YH
k5YZZVsxK58vFaLzm+T5aDzOYLNirMv7R5aapNf1qo5G+FLEIKM7x1at2nUK6Gu6
CcgBQptTmpll1BVarHyd//Tmd7NB0JaroA6ZJwIDAQABo4IB1DCCAdAwHQYDVR0O
BBYEFDWnSgHEwk8YJNk0Q1/En5Ji9jydMB8GA1UdIwQYMBaAFG1vv6l1PbjYRkM9
tTUdmp7AfJa9MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwUAYDVR0fBEkwRzBF
oEOgQYY/cnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9SR25ldC1PVS9iVy1fcVhVOXVO
aEdRejIxTlIyYW5zQjhscjAuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggrBgEFBQcw
AoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iVy1f
cVhVOXVOaEdRejIxTlIyYW5zQjhscjAuY2VyMA4GA1UdDwEB/wQEAwIHgDCBigYI
KwYBBQUHAQsEfjB8MEsGCCsGAQUFBzALhj9yc3luYzovL2NhLnJnLm5ldC9ycGtp
L1JHbmV0LU9VL05hZEtBY1RDVHhnazJUUkRYOFNma21MMlBKMC5yb2EwLQYIKwYB
BQUHMA2GIWh0dHBzOi8vY2EucmcubmV0L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEF
BQcBBwEB/wQQMA4wDAQCAAEwBgMEAMa0mDANBgkqhkiG9w0BAQsFAAOCAQEAQIur
SwTHoOKRbbH7M6002ZXfVL7gQNV74R574WsYHUBVB0NCFdAuWJlP5cg1F55ZU56g
BocSkqD603y4KVXj1jmGk+6y3xf0VB3tnau5x12jmcYdQMiVwjVFjuH6XhNJLGan
ItbRU1PbSPdHXwXtnB5dbJjHUY9gdlPBZ/aMUoHuUhP757mJ1jUFl3LbuhcbgzOO
OAwCHHzg5HBLu77+B4mAQpQGj1NMyb0/wssOWTHLWNvDy9yUnfDMkVF1JxDDf7rH
XJjCh59zVl4MT2e05XsjANcigOYrRD+Z04P3dNmdf/FZ/c23uMhg2lZuUfjTJ7CC
qtQrQZIwYhasBMLXGA==
-----END CERTIFICATE-----
Generated at Tue May 13 06:44:12 2025 by rpki-client