Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/b14193-f569-434a-aea4-f5deaa9bf0f7/1/NICoLiIMVHlwY-zeyNSjx5bdBBE.roa
File: NICoLiIMVHlwY-zeyNSjx5bdBBE.roa (raw, json)
Hash identifier: HWiQwCmtsQdlTJN7KftsjYeUyFXkZCMEzYWRyu+1Rwg=
Subject key identifier: 34:80:A8:2E:22:0C:54:79:70:63:EC:DE:C8:D4:A3:C7:96:DD:04:11
Certificate issuer: /CN=7afa135b2072dfcc4ef3b541c136bc8001ef4307
Certificate serial: 01966C2E4597E63F5072E0AA8B28C25DAC7C
Authority key identifier: 7A:FA:13:5B:20:72:DF:CC:4E:F3:B5:41:C1:36:BC:80:01:EF:43:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/evoTWyBy38xO87VBwTa8gAHvQwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/b14193-f569-434a-aea4-f5deaa9bf0f7/1/NICoLiIMVHlwY-zeyNSjx5bdBBE.roa
Signing time: Fri 25 Apr 2025 09:01:33 +0000
ROA not before: Fri 25 Apr 2025 09:01:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58193
IP address blocks: 178.251.124.0/24 maxlen: 24
178.251.125.0/24 maxlen: 24
185.154.86.0/24 maxlen: 24
194.48.100.0/22 maxlen: 24
2a02:fae0::/29 maxlen: 29
2a02:fae0::/40 maxlen: 40
2a02:fae0:100::/40 maxlen: 40
2a02:fae0:200::/40 maxlen: 40
2a02:fae0:300::/40 maxlen: 40
Validation: Failed, certificate revoked on Fri 25 Apr 2025 09:03:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:6c:2e:45:97:e6:3f:50:72:e0:aa:8b:28:c2:5d:ac:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7afa135b2072dfcc4ef3b541c136bc8001ef4307
Validity
Not Before: Apr 25 09:01:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3480a82e220c54797063ecdec8d4a3c796dd0411
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:f1:f2:a6:98:20:db:46:d9:cf:d1:ff:38:fa:
2e:a2:25:9f:15:01:7d:86:10:9b:1b:7d:cd:4d:66:
cf:8f:1a:14:10:0d:9c:06:50:92:23:58:fc:12:ec:
07:04:f1:6a:1f:9f:b1:29:49:da:5c:f8:71:8f:03:
cd:b6:b1:99:6e:6a:71:0b:b5:6c:cc:cf:02:98:d3:
5b:ef:91:c6:82:83:0f:ac:ae:5d:ce:5a:dd:5d:70:
75:2c:c4:87:10:01:e5:ec:1f:7a:27:e8:70:9a:0a:
bb:31:50:e1:65:d0:6e:52:ad:90:e6:1b:48:9a:4f:
35:65:10:85:77:9b:ca:51:03:48:4d:06:2e:7c:5d:
65:ec:33:0d:11:e3:8f:c9:1d:18:5e:37:7c:db:0c:
32:9b:57:62:ed:ea:16:45:d8:7d:74:57:c3:87:49:
dc:c2:7d:0f:6e:49:5e:5f:c2:6c:9c:69:d5:8a:e4:
89:32:a3:ba:d3:07:75:69:3b:ad:f7:3c:95:c0:b9:
8a:05:7a:0f:f5:0d:23:2b:fc:98:15:e1:db:e7:b2:
2f:c3:a5:74:48:78:56:44:73:fc:bf:49:03:ee:95:
58:d7:e5:8d:c8:a8:88:97:51:97:58:14:d6:9b:ae:
4f:a1:e7:71:b6:2e:15:e2:e1:c7:ed:d3:fa:cb:84:
50:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:80:A8:2E:22:0C:54:79:70:63:EC:DE:C8:D4:A3:C7:96:DD:04:11
X509v3 Authority Key Identifier:
keyid:7A:FA:13:5B:20:72:DF:CC:4E:F3:B5:41:C1:36:BC:80:01:EF:43:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/evoTWyBy38xO87VBwTa8gAHvQwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/b14193-f569-434a-aea4-f5deaa9bf0f7/1/NICoLiIMVHlwY-zeyNSjx5bdBBE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/b14193-f569-434a-aea4-f5deaa9bf0f7/1/evoTWyBy38xO87VBwTa8gAHvQwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.251.124.0/23
185.154.86.0/24
194.48.100.0/22
IPv6:
2a02:fae0::/29
Signature Algorithm: sha256WithRSAEncryption
95:c3:af:21:a9:19:15:e2:78:b4:68:c6:1e:69:36:fc:1d:62:
7a:27:97:c1:4f:80:f6:15:e5:29:45:a4:c8:40:34:95:4c:bf:
95:a6:76:a9:50:59:44:8e:88:7f:72:33:c0:af:c2:ba:eb:8b:
b5:ca:6a:16:05:55:4a:e9:c6:21:b8:89:df:be:9c:5c:3f:6e:
a3:38:59:e3:34:e8:bc:18:63:4c:20:37:8a:74:95:29:32:64:
f5:31:ff:e8:2a:19:04:7b:6b:b4:3f:53:ee:3c:2b:b6:a0:5b:
f1:cb:04:fc:8d:9b:de:8c:97:41:d6:ce:0d:3f:53:69:a3:61:
2e:0a:82:55:03:77:ab:01:4a:2b:a5:39:7b:b0:97:4b:59:7f:
a1:7a:05:4b:79:af:66:9d:7c:89:ea:72:51:bd:f8:7f:bf:fe:
62:95:45:26:82:7a:c8:01:36:fb:6e:98:53:cf:c5:6d:cf:f2:
06:30:81:b7:e7:e8:87:02:7e:c4:d0:5b:f7:29:b0:81:93:32:
07:02:37:17:4c:7f:3a:c9:b1:4e:74:82:22:a3:65:85:69:57:
3a:1c:81:15:32:d6:22:74:af:1b:67:68:d6:e8:b7:25:a9:26:
9d:5f:cb:a4:10:1a:e7:d5:4a:b2:63:de:a6:18:f2:b6:11:5c:
34:b1:d2:cc
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZZsLkWX5j9QcuCqiyjCXax8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhZmExMzViMjA3MmRmY2M0ZWYzYjU0MWMxMzZiYzgwMDFl
ZjQzMDcwHhcNMjUwNDI1MDkwMTMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDgwYTgyZTIyMGM1NDc5NzA2M2VjZGVjOGQ0YTNjNzk2ZGQwNDExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/Hyppgg20bZz9H/OPouoiWfFQF9
hhCbG33NTWbPjxoUEA2cBlCSI1j8EuwHBPFqH5+xKUnaXPhxjwPNtrGZbmpxC7Vs
zM8CmNNb75HGgoMPrK5dzlrdXXB1LMSHEAHl7B96J+hwmgq7MVDhZdBuUq2Q5htI
mk81ZRCFd5vKUQNITQYufF1l7DMNEeOPyR0YXjd82wwym1di7eoWRdh9dFfDh0nc
wn0PbkleX8JsnGnViuSJMqO60wd1aTut9zyVwLmKBXoP9Q0jK/yYFeHb57Ivw6V0
SHhWRHP8v0kD7pVY1+WNyKiIl1GXWBTWm65Poedxti4V4uHH7dP6y4RQdwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFDSAqC4iDFR5cGPs3sjUo8eW3QQRMB8GA1UdIwQY
MBaAFHr6E1sgct/MTvO1QcE2vIAB70MHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXZvVFd5QnkzOHhPODdWQndUYThnQUh2UXdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9iMTQxOTMtZjU2OS00MzRhLWFlYTQt
ZjVkZWFhOWJmMGY3LzEvTklDb0xpSU1WSGx3WS16ZXlOU2p4NWJkQkJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9iMTQxOTMtZjU2OS00MzRhLWFlYTQtZjVkZWFhOWJmMGY3
LzEvZXZvVFd5QnkzOHhPODdWQndUYThnQUh2UXdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBsvt8AwQA
uZpWAwQCwjBkMA0EAgACMAcDBQMqAvrgMA0GCSqGSIb3DQEBCwUAA4IBAQCVw68h
qRkV4ni0aMYeaTb8HWJ6J5fBT4D2FeUpRaTIQDSVTL+VpnapUFlEjoh/cjPAr8K6
64u1ymoWBVVK6cYhuInfvpxcP26jOFnjNOi8GGNMIDeKdJUpMmT1Mf/oKhkEe2u0
P1PuPCu2oFvxywT8jZvejJdB1s4NP1Npo2EuCoJVA3erAUorpTl7sJdLWX+hegVL
ea9mnXyJ6nJRvfh/v/5ilUUmgnrIATb7bphTz8Vtz/IGMIG35+iHAn7E0Fv3KbCB
kzIHAjcXTH86ybFOdIIio2WFaVc6HIEVMtYidK8bZ2jW6LclqSadX8ukEBrn1Uqy
Y96mGPK2EVw0sdLM
-----END CERTIFICATE-----
Generated at Sun May 11 04:28:57 2025 by rpki-client