Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/NM3XZ4JWIut42tCa01vpyGPknxw.roa
File: NM3XZ4JWIut42tCa01vpyGPknxw.roa (raw, json)
Hash identifier: BtFMZPcNwsJvi5s7zDGB6TOqXiX87zgkLWLGeS2rE8A=
Subject key identifier: 34:CD:D7:67:82:56:22:EB:78:DA:D0:9A:D3:5B:E9:C8:63:E4:9F:1C
Certificate issuer: /CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Certificate serial: 0194221F5B1497FB8289E66CAF8FA1DE2D20
Authority key identifier: FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/NM3XZ4JWIut42tCa01vpyGPknxw.roa
Signing time: Wed 01 Jan 2025 13:47:47 +0000
ROA not before: Wed 01 Jan 2025 13:47:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 92.53.160.0/20 maxlen: 24
92.53.184.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 15 Jan 2025 11:52:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:5b:14:97:fb:82:89:e6:6c:af:8f:a1:de:2d:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Validity
Not Before: Jan 1 13:47:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=34cdd767825622eb78dad09ad35be9c863e49f1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:cb:df:c2:9d:4a:52:cc:7e:bb:86:a8:df:90:
1e:bd:70:cc:6a:ec:69:da:27:f9:4a:a9:ea:37:41:
15:11:35:c0:02:ab:9e:68:79:96:96:7f:de:ec:3d:
b6:8e:c4:59:81:c4:25:99:87:a5:9e:b8:9d:5e:56:
22:f3:5a:2c:fb:9d:c2:fe:12:86:4c:8b:31:60:ba:
0f:fc:8c:00:22:1c:25:5a:57:98:19:a4:47:c0:56:
43:35:dd:71:0c:e7:7c:ca:54:81:89:fc:91:c8:d8:
5b:34:2d:56:0d:49:0a:a5:9a:9e:80:ff:d3:71:17:
83:39:c7:3e:8c:6c:3d:0f:5f:4f:8c:7d:27:5f:3a:
fe:d9:bf:14:78:25:e0:af:8a:4f:6b:fb:42:d4:e8:
2e:dd:2c:29:b3:60:e4:a3:fb:f1:09:69:ef:73:65:
af:2f:6c:a7:11:8b:64:45:07:11:0a:5a:54:d5:9d:
4f:e2:91:51:e5:93:58:fd:ce:4c:a2:d1:33:76:67:
9e:a9:5e:72:d2:cd:b8:2a:d3:8f:76:27:93:a3:71:
8e:b8:47:5c:2b:34:b6:a1:e4:21:40:a0:18:67:eb:
46:81:56:d6:55:ae:fd:45:9f:20:52:fa:9d:5f:cd:
9d:ac:f1:09:cd:db:c6:b4:52:0f:c0:8c:fe:93:25:
52:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:CD:D7:67:82:56:22:EB:78:DA:D0:9A:D3:5B:E9:C8:63:E4:9F:1C
X509v3 Authority Key Identifier:
keyid:FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/NM3XZ4JWIut42tCa01vpyGPknxw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/_neeViOLby6gaO3k4grvAMkEEys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.53.160.0/20
92.53.184.0/22
Signature Algorithm: sha256WithRSAEncryption
10:3d:c7:28:9e:05:dd:eb:14:c3:7b:21:d8:29:2a:48:ad:6b:
1c:ae:1b:7e:51:49:74:d0:8b:49:58:6c:16:b7:24:99:13:9d:
96:0d:6f:f2:35:e8:dd:9e:85:88:0a:5f:a3:6f:92:0d:d1:61:
28:f6:73:df:a0:38:16:08:01:ec:79:8c:f5:57:c8:dd:aa:f9:
3b:d5:ea:c1:68:b6:cc:2e:56:e7:51:89:9d:77:89:18:61:0b:
f9:c3:12:e1:e0:4a:40:43:82:dd:04:ec:54:4b:f7:b6:54:62:
f2:a5:c3:cb:91:8a:97:a8:9b:fe:6b:ac:06:7c:ee:f2:00:39:
65:b1:07:cf:29:75:98:8f:d3:a0:8f:1d:52:ee:13:26:4e:fa:
ab:98:f4:50:44:f2:9e:3d:f4:51:64:6c:08:1e:59:46:56:9a:
56:fd:8a:7e:ab:6d:79:80:f2:c5:b3:a8:56:50:75:52:07:77:
bd:39:8f:f8:e1:fe:31:99:5c:c9:2e:32:88:f2:f3:74:59:c3:
f9:fc:21:ca:80:9a:f8:10:0c:0e:29:de:0f:12:09:d5:a5:59:
77:e5:5c:10:5a:b4:35:62:6f:af:04:e9:7e:66:99:2c:d5:98:
0a:e8:a3:d0:f5:98:ce:5d:48:6a:3c:fb:74:6c:bc:25:06:02:
ce:fe:12:fe
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQiH1sUl/uCieZsr4+h3i0gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNzc5ZTU2MjM4YjZmMmVhMDY4ZWRlNGUyMGFlZjAwYzkw
NDEzMmIwHhcNMjUwMTAxMTM0NzQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGNkZDc2NzgyNTYyMmViNzhkYWQwOWFkMzViZTljODYzZTQ5ZjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0svfwp1KUsx+u4ao35AevXDMauxp
2if5SqnqN0EVETXAAqueaHmWln/e7D22jsRZgcQlmYelnridXlYi81os+53C/hKG
TIsxYLoP/IwAIhwlWleYGaRHwFZDNd1xDOd8ylSBifyRyNhbNC1WDUkKpZqegP/T
cReDOcc+jGw9D19PjH0nXzr+2b8UeCXgr4pPa/tC1Ogu3Swps2Dko/vxCWnvc2Wv
L2ynEYtkRQcRClpU1Z1P4pFR5ZNY/c5MotEzdmeeqV5y0s24KtOPdieTo3GOuEdc
KzS2oeQhQKAYZ+tGgVbWVa79RZ8gUvqdX82drPEJzdvGtFIPwIz+kyVS/wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDTN12eCViLreNrQmtNb6chj5J8cMB8GA1UdIwQY
MBaAFP53nlYji28uoGjt5OIK7wDJBBMrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX25lZVZpT0xieTZnYU8zazRncnZBTWtFRXlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS80ZGU1OTgtNmIwMy00YmVmLWFiMTQt
MzM4OTQ5MTNkY2I3LzEvTk0zWFo0SldJdXQ0MnRDYTAxdnB5R1Brbnh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS80ZGU1OTgtNmIwMy00YmVmLWFiMTQtMzM4OTQ5MTNkY2I3
LzEvX25lZVZpT0xieTZnYU8zazRncnZBTWtFRXlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEXDWgAwQC
XDW4MA0GCSqGSIb3DQEBCwUAA4IBAQAQPccongXd6xTDeyHYKSpIrWscrht+UUl0
0ItJWGwWtySZE52WDW/yNejdnoWICl+jb5IN0WEo9nPfoDgWCAHseYz1V8jdqvk7
1erBaLbMLlbnUYmdd4kYYQv5wxLh4EpAQ4LdBOxUS/e2VGLypcPLkYqXqJv+a6wG
fO7yADllsQfPKXWYj9Ogjx1S7hMmTvqrmPRQRPKePfRRZGwIHllGVppW/Yp+q215
gPLFs6hWUHVSB3e9OY/44f4xmVzJLjKI8vN0WcP5/CHKgJr4EAwOKd4PEgnVpVl3
5VwQWrQ1Ym+vBOl+Zpks1ZgK6KPQ9ZjOXUhqPPt0bLwlBgLO/hL+
-----END CERTIFICATE-----
Generated at Fri May 9 23:48:41 2025 by rpki-client