Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/ef9f0d-d840-4371-adc4-75840661eaf5/1/NthHOuboDG0fJ6GTtmC0J-d53dg.roa
File: NthHOuboDG0fJ6GTtmC0J-d53dg.roa (raw, json)
Hash identifier: oIjVxJTUhDeIcmvlDX0eGFbwWYuI5NerqORnD3XnOUU=
Subject key identifier: 36:D8:47:3A:E6:E8:0C:6D:1F:27:A1:93:B6:60:B4:27:E7:79:DD:D8
Certificate issuer: /CN=2347aaab2206c08128f543730064a145a3effa14
Certificate serial: 0196383CCAD4D39D952618B31F97E2F52FAF
Authority key identifier: 23:47:AA:AB:22:06:C0:81:28:F5:43:73:00:64:A1:45:A3:EF:FA:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I0eqqyIGwIEo9UNzAGShRaPv-hQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/ef9f0d-d840-4371-adc4-75840661eaf5/1/NthHOuboDG0fJ6GTtmC0J-d53dg.roa
Signing time: Tue 15 Apr 2025 06:57:10 +0000
ROA not before: Tue 15 Apr 2025 06:57:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8434
IP address blocks: 195.66.32.0/19 maxlen: 19
213.163.128.0/19 maxlen: 19
2a02:1400::/26 maxlen: 26
Validation: Failed, certificate revoked on Tue 15 Apr 2025 11:30:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:38:3c:ca:d4:d3:9d:95:26:18:b3:1f:97:e2:f5:2f:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2347aaab2206c08128f543730064a145a3effa14
Validity
Not Before: Apr 15 06:57:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=36d8473ae6e80c6d1f27a193b660b427e779ddd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:14:57:43:d5:fe:7c:46:c7:8c:e8:7e:36:ae:
a9:05:35:06:51:17:97:ff:17:ba:ea:42:8a:fc:82:
7c:4d:fd:4c:06:1d:08:8c:7f:6e:a5:ac:66:6a:21:
8e:3e:46:4e:fc:b3:b2:3d:ef:f8:7e:5f:40:e1:33:
da:50:81:da:a5:e5:09:38:6f:7b:8d:b1:d8:5e:ce:
90:eb:2b:70:37:47:e0:e5:19:e2:57:cc:fa:ea:08:
c7:4c:4d:91:bf:0f:2b:27:05:b8:97:d9:73:5e:52:
bf:be:16:78:4e:09:d8:1e:06:60:0a:e7:1c:bf:f2:
65:10:b4:b2:dc:09:27:37:58:f3:71:ce:bd:34:a4:
2b:61:c4:c7:76:60:21:10:ae:fa:a6:84:ea:be:a8:
1a:82:4e:3b:0d:d6:08:4c:d1:0a:78:e9:e0:d0:26:
2e:db:ca:0e:20:16:6d:75:43:99:27:f9:35:ad:b1:
5f:0e:47:e6:18:18:5f:7d:f0:e3:53:7c:e4:20:ce:
19:0a:f2:13:46:63:e0:03:af:3e:d3:cd:c8:b3:b7:
fc:1b:25:d4:c2:09:19:63:bf:04:45:38:fc:41:81:
f0:52:00:5e:03:ec:89:60:dd:c2:94:52:13:25:fb:
b2:80:0d:3c:c9:a5:18:62:44:4d:88:13:5d:d4:4a:
30:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:D8:47:3A:E6:E8:0C:6D:1F:27:A1:93:B6:60:B4:27:E7:79:DD:D8
X509v3 Authority Key Identifier:
keyid:23:47:AA:AB:22:06:C0:81:28:F5:43:73:00:64:A1:45:A3:EF:FA:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I0eqqyIGwIEo9UNzAGShRaPv-hQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/ef9f0d-d840-4371-adc4-75840661eaf5/1/NthHOuboDG0fJ6GTtmC0J-d53dg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/ef9f0d-d840-4371-adc4-75840661eaf5/1/I0eqqyIGwIEo9UNzAGShRaPv-hQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.66.32.0/19
213.163.128.0/19
IPv6:
2a02:1400::/26
Signature Algorithm: sha256WithRSAEncryption
25:78:c0:d6:10:c9:50:44:a2:11:6f:82:9a:38:b0:57:04:59:
8c:4f:bc:34:b4:c7:f2:e2:c1:21:5c:a2:b1:94:74:2f:34:6c:
b1:bf:d3:be:7f:dc:15:07:11:bc:38:66:52:8b:48:c5:4f:01:
21:3b:42:88:b5:b5:7d:29:c1:1b:cc:c9:a0:13:7d:ac:ed:54:
09:d0:a7:00:de:7d:70:cb:cd:8f:b6:48:bf:84:91:43:cf:67:
56:6a:66:01:b1:3d:09:ef:10:8b:d0:55:9e:e3:2a:20:68:27:
c8:f8:19:42:cf:a5:a3:99:e4:5b:28:15:22:e6:13:78:af:6c:
e7:f8:67:e6:62:fc:83:6f:43:08:43:9f:da:00:13:bf:59:86:
38:34:58:8e:29:c6:3e:94:02:c8:12:d2:cb:48:5e:d0:b1:97:
94:d1:75:3f:c2:12:fc:f8:21:f6:be:9c:eb:82:2b:a3:71:f8:
0d:d7:8f:c6:e6:ff:0b:6f:a6:41:fa:54:5b:c6:1b:c9:d0:d4:
64:92:6c:01:fa:2c:7b:bf:f3:c4:7f:bf:bc:d8:05:14:a0:e2:
61:a6:24:0b:4d:5c:0a:3f:59:cb:07:98:b9:15:46:4c:39:4f:
3c:d3:f2:79:a5:47:01:ca:cc:85:d4:62:ec:9a:f8:2b:70:37:
25:01:0c:4c
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZY4PMrU052VJhizH5fi9S+vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNDdhYWFiMjIwNmMwODEyOGY1NDM3MzAwNjRhMTQ1YTNl
ZmZhMTQwHhcNMjUwNDE1MDY1NzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmQ4NDczYWU2ZTgwYzZkMWYyN2ExOTNiNjYwYjQyN2U3NzlkZGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqRRXQ9X+fEbHjOh+Nq6pBTUGUReX
/xe66kKK/IJ8Tf1MBh0IjH9upaxmaiGOPkZO/LOyPe/4fl9A4TPaUIHapeUJOG97
jbHYXs6Q6ytwN0fg5RniV8z66gjHTE2Rvw8rJwW4l9lzXlK/vhZ4TgnYHgZgCucc
v/JlELSy3AknN1jzcc69NKQrYcTHdmAhEK76poTqvqgagk47DdYITNEKeOng0CYu
28oOIBZtdUOZJ/k1rbFfDkfmGBhfffDjU3zkIM4ZCvITRmPgA68+083Is7f8GyXU
wgkZY78ERTj8QYHwUgBeA+yJYN3ClFITJfuygA08yaUYYkRNiBNd1EowxQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDbYRzrm6AxtHyehk7ZgtCfned3YMB8GA1UdIwQY
MBaAFCNHqqsiBsCBKPVDcwBkoUWj7/oUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTBlcXF5SUd3SUVvOVVOekFHU2hSYVB2LWhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9lZjlmMGQtZDg0MC00MzcxLWFkYzQt
NzU4NDA2NjFlYWY1LzEvTnRoSE91Ym9ERzBmSjZHVHRtQzBKLWQ1M2RnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC9lZjlmMGQtZDg0MC00MzcxLWFkYzQtNzU4NDA2NjFlYWY1
LzEvSTBlcXF5SUd3SUVvOVVOekFHU2hSYVB2LWhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQFw0IgAwQF
1aOAMA0EAgACMAcDBQYqAhQAMA0GCSqGSIb3DQEBCwUAA4IBAQAleMDWEMlQRKIR
b4KaOLBXBFmMT7w0tMfy4sEhXKKxlHQvNGyxv9O+f9wVBxG8OGZSi0jFTwEhO0KI
tbV9KcEbzMmgE32s7VQJ0KcA3n1wy82Ptki/hJFDz2dWamYBsT0J7xCL0FWe4yog
aCfI+BlCz6WjmeRbKBUi5hN4r2zn+GfmYvyDb0MIQ5/aABO/WYY4NFiOKcY+lALI
EtLLSF7QsZeU0XU/whL8+CH2vpzrgiujcfgN14/G5v8Lb6ZB+lRbxhvJ0NRkkmwB
+ix7v/PEf7+82AUUoOJhpiQLTVwKP1nLB5i5FUZMOU880/J5pUcBysyF1GLsmvgr
cDclAQxM
-----END CERTIFICATE-----
Generated at Sun May 11 08:35:32 2025 by rpki-client