Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/3cb147-a7c3-44e9-adc8-9cd662bc8320/1/NN1cd2iJG4iA-Sgj7ULt14MKMuk.roa
File: NN1cd2iJG4iA-Sgj7ULt14MKMuk.roa (raw, json)
Hash identifier: m64daGVuU+ITPisctVvuqeSgJlwjwiPSgCn0UAv8NK4=
Subject key identifier: 34:DD:5C:77:68:89:1B:88:80:F9:28:23:ED:42:ED:D7:83:0A:32:E9
Certificate issuer: /CN=eb349af2af111361b29fcfef2e043d5be75e3f98
Certificate serial: 0197B054E2CC51F03C9BC3D1A0E8625148D3
Authority key identifier: EB:34:9A:F2:AF:11:13:61:B2:9F:CF:EF:2E:04:3D:5B:E7:5E:3F:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6zSa8q8RE2Gyn8_vLgQ9W-deP5g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/3cb147-a7c3-44e9-adc8-9cd662bc8320/1/NN1cd2iJG4iA-Sgj7ULt14MKMuk.roa
Signing time: Fri 27 Jun 2025 07:40:42 +0000
ROA not before: Fri 27 Jun 2025 07:40:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 5.56.29.0/24 maxlen: 24
109.122.61.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 29 Jun 2025 07:53:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b0:54:e2:cc:51:f0:3c:9b:c3:d1:a0:e8:62:51:48:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eb349af2af111361b29fcfef2e043d5be75e3f98
Validity
Not Before: Jun 27 07:40:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=34dd5c7768891b8880f92823ed42edd7830a32e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:fc:77:55:b4:d3:ed:88:b7:8d:f8:75:57:64:
6c:b3:fb:4a:36:79:ea:34:e9:be:98:43:dc:24:b7:
82:72:9c:2d:a0:35:ea:5b:bb:ce:c8:9b:39:b0:c4:
d7:6f:7b:f3:61:90:9e:a0:a4:fd:85:a4:ac:4f:e4:
a8:93:0c:40:94:5a:ec:2a:4d:1e:cf:ae:3d:ea:7e:
31:8a:ca:4b:df:04:f7:9e:bf:3f:40:0c:ed:b1:36:
e8:d3:54:34:7e:41:cd:19:c3:d1:a1:45:13:c3:f2:
dd:3a:ac:e7:ed:e0:1f:0a:68:19:a8:89:cf:bc:01:
d6:4a:57:9c:54:15:13:e5:28:7d:df:97:b3:56:91:
c3:db:de:21:99:fc:f3:85:19:c5:75:fe:7c:8e:3e:
54:86:87:14:dd:93:1e:e9:04:ab:27:de:03:40:82:
86:1a:8d:da:7a:03:52:95:a9:80:77:41:bd:36:39:
2e:aa:42:73:f5:78:67:bc:b7:10:32:40:8c:f4:4f:
d2:10:96:29:f4:89:f4:0c:1a:55:64:ee:a0:99:f5:
5a:41:e8:06:71:0a:91:cf:27:05:f7:5c:71:5a:c9:
0c:db:9f:f9:74:64:7a:ed:c7:04:32:90:aa:3a:8f:
f2:c3:29:7c:1c:11:17:2a:0c:35:3b:6f:80:23:b6:
79:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:DD:5C:77:68:89:1B:88:80:F9:28:23:ED:42:ED:D7:83:0A:32:E9
X509v3 Authority Key Identifier:
keyid:EB:34:9A:F2:AF:11:13:61:B2:9F:CF:EF:2E:04:3D:5B:E7:5E:3F:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6zSa8q8RE2Gyn8_vLgQ9W-deP5g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/3cb147-a7c3-44e9-adc8-9cd662bc8320/1/NN1cd2iJG4iA-Sgj7ULt14MKMuk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/3cb147-a7c3-44e9-adc8-9cd662bc8320/1/6zSa8q8RE2Gyn8_vLgQ9W-deP5g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.56.29.0/24
109.122.61.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:56:83:09:20:47:60:71:ce:66:ad:93:ed:66:5b:64:61:a9:
35:e5:c7:3b:37:3c:2d:3f:28:1f:e0:77:d3:f0:36:c1:90:d8:
05:66:04:0d:ed:f1:b5:a2:a4:35:aa:59:16:eb:17:eb:e7:53:
5b:35:a8:f8:48:b3:04:64:1f:3d:00:f8:ed:be:00:01:6b:d7:
f6:f1:59:62:d7:37:bd:ee:f9:80:af:5e:7f:e6:cb:03:8e:00:
33:b4:7e:e0:5f:39:a0:da:2f:60:0e:8a:aa:00:ed:01:c1:4f:
85:6b:90:5f:03:7c:ed:83:6e:b4:3f:46:42:8b:b3:f3:81:7a:
73:3c:4d:18:6a:6a:40:aa:90:60:ca:0b:51:2f:fa:55:e9:53:
97:f8:ae:0b:fb:49:96:2d:a3:ac:3d:0d:25:85:b1:ce:e2:4e:
e5:85:e4:ea:35:c6:2b:db:10:5f:f6:f9:60:82:86:e5:89:15:
9e:a8:b2:bd:e9:3c:20:17:fd:da:0b:b0:f1:2c:a9:60:ea:76:
de:14:fe:57:6f:9c:fe:71:bb:35:ec:78:77:20:a8:c9:55:25:
60:79:da:10:6f:04:cc:13:59:bc:1f:46:fb:b8:12:df:5c:ce:
fd:4b:d8:47:b0:cd:ef:73:9e:28:59:02:eb:46:96:3e:92:80:
f0:96:68:b7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZewVOLMUfA8m8PRoOhiUUjTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViMzQ5YWYyYWYxMTEzNjFiMjlmY2ZlZjJlMDQzZDViZTc1
ZTNmOTgwHhcNMjUwNjI3MDc0MDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGRkNWM3NzY4ODkxYjg4ODBmOTI4MjNlZDQyZWRkNzgzMGEzMmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Px3VbTT7Yi3jfh1V2Rss/tKNnnq
NOm+mEPcJLeCcpwtoDXqW7vOyJs5sMTXb3vzYZCeoKT9haSsT+SokwxAlFrsKk0e
z6496n4xispL3wT3nr8/QAztsTbo01Q0fkHNGcPRoUUTw/LdOqzn7eAfCmgZqInP
vAHWSlecVBUT5Sh935ezVpHD294hmfzzhRnFdf58jj5UhocU3ZMe6QSrJ94DQIKG
Go3aegNSlamAd0G9NjkuqkJz9XhnvLcQMkCM9E/SEJYp9In0DBpVZO6gmfVaQegG
cQqRzycF91xxWskM25/5dGR67ccEMpCqOo/ywyl8HBEXKgw1O2+AI7Z5jQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDTdXHdoiRuIgPkoI+1C7deDCjLpMB8GA1UdIwQY
MBaAFOs0mvKvERNhsp/P7y4EPVvnXj+YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnpTYThxOFJFMkd5bjhfdkxnUTlXLWRlUDVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8zY2IxNDctYTdjMy00NGU5LWFkYzgt
OWNkNjYyYmM4MzIwLzEvTk4xY2QyaUpHNGlBLVNnajdVTHQxNE1LTXVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8zY2IxNDctYTdjMy00NGU5LWFkYzgtOWNkNjYyYmM4MzIw
LzEvNnpTYThxOFJFMkd5bjhfdkxnUTlXLWRlUDVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABTgdAwQA
bXo9MA0GCSqGSIb3DQEBCwUAA4IBAQBaVoMJIEdgcc5mrZPtZltkYak15cc7Nzwt
Pygf4HfT8DbBkNgFZgQN7fG1oqQ1qlkW6xfr51NbNaj4SLMEZB89APjtvgABa9f2
8Vli1ze97vmAr15/5ssDjgAztH7gXzmg2i9gDoqqAO0BwU+Fa5BfA3ztg260P0ZC
i7PzgXpzPE0YampAqpBgygtRL/pV6VOX+K4L+0mWLaOsPQ0lhbHO4k7lheTqNcYr
2xBf9vlggobliRWeqLK96TwgF/3aC7DxLKlg6nbeFP5Xb5z+cbs17Hh3IKjJVSVg
edoQbwTME1m8H0b7uBLfXM79S9hHsM3vc54oWQLrRpY+koDwlmi3
-----END CERTIFICATE-----
Generated at Mon Jun 30 16:02:15 2025 by rpki-client