Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/Vmahe15DYE36s5JoT8Xd5gHTfhs.roa
File: Vmahe15DYE36s5JoT8Xd5gHTfhs.roa (raw, json)
Hash identifier: 0FRRhGnloLdxvsRJsF1C7ccaSZh+9UwJiAkFUyf65MM=
Subject key identifier: 56:66:A1:7B:5E:43:60:4D:FA:B3:92:68:4F:C5:DD:E6:01:D3:7E:1B
Certificate issuer: /CN=1b2c219f3c297b775880c3b651a2003f9be6de5e
Certificate serial: 01938BF74D507FE82CAEAF35EBF4C98F7179
Authority key identifier: 1B:2C:21:9F:3C:29:7B:77:58:80:C3:B6:51:A2:00:3F:9B:E6:DE:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/Vmahe15DYE36s5JoT8Xd5gHTfhs.roa
Signing time: Tue 03 Dec 2024 10:01:00 +0000
ROA not before: Tue 03 Dec 2024 10:01:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216334
IP address blocks: 109.120.141.0/24 maxlen: 24
176.98.189.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:48:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:8b:f7:4d:50:7f:e8:2c:ae:af:35:eb:f4:c9:8f:71:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b2c219f3c297b775880c3b651a2003f9be6de5e
Validity
Not Before: Dec 3 10:01:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5666a17b5e43604dfab392684fc5dde601d37e1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:b6:99:3e:3b:14:93:50:95:d0:6f:ff:e1:5e:
65:a2:c5:c9:b0:97:5c:a0:0a:5e:e7:95:dc:6d:71:
02:41:25:eb:da:18:45:bc:9b:f8:c3:29:fc:a7:19:
96:00:1e:a4:09:15:01:4d:52:52:1c:5d:e6:21:0b:
8a:16:c5:c5:f7:04:f9:20:25:53:19:2c:61:d9:7d:
48:33:e7:d5:b1:22:b6:79:bb:1e:3b:d7:2c:16:02:
c6:18:a3:d5:44:ff:83:68:a6:21:43:ef:ed:2b:48:
3a:e9:f5:1c:2c:57:1f:e6:e6:31:46:a9:ad:a3:28:
38:ac:da:f6:39:52:77:9d:0f:56:d3:70:80:a7:75:
1f:a1:3f:9a:84:85:88:6e:fb:71:af:a7:69:0d:14:
91:22:a5:15:c2:95:63:7a:7b:8a:60:ed:e1:cd:d2:
1c:9b:34:0f:c5:46:a9:f0:e1:34:ef:39:5f:19:08:
0d:c7:73:28:a1:83:8e:16:e6:20:6f:59:88:80:c2:
2a:a8:ce:88:31:f4:5b:e3:0e:7e:cb:9a:8f:69:bf:
d3:2b:4c:b8:ba:19:d6:09:02:d9:12:1d:10:51:ca:
dc:d8:94:cc:9d:04:2a:ae:34:de:72:81:00:39:dc:
53:23:f6:17:82:12:86:0c:08:93:b2:b0:af:7d:2a:
58:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:66:A1:7B:5E:43:60:4D:FA:B3:92:68:4F:C5:DD:E6:01:D3:7E:1B
X509v3 Authority Key Identifier:
keyid:1B:2C:21:9F:3C:29:7B:77:58:80:C3:B6:51:A2:00:3F:9B:E6:DE:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/Vmahe15DYE36s5JoT8Xd5gHTfhs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/Gywhnzwpe3dYgMO2UaIAP5vm3l4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.120.141.0/24
176.98.189.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:fc:d5:fb:11:5a:c0:6e:59:e5:81:e4:28:44:59:41:38:6d:
3d:a2:2f:ef:8e:b5:41:25:12:05:ec:2f:50:48:04:f1:76:96:
c4:9b:eb:11:27:37:8f:2a:7f:08:5b:b9:c6:9c:77:5c:ba:f7:
ca:5a:24:56:f9:68:72:5f:e2:5a:0f:95:fa:bb:c7:09:e0:8d:
6b:56:39:08:e0:c1:ac:58:b4:8a:83:50:0c:67:4f:f8:32:1f:
a5:31:a0:72:c8:0b:1f:ca:3b:c9:41:7f:68:14:63:04:cd:44:
b8:73:6b:95:6d:7d:d6:8c:01:53:16:ca:54:37:22:1e:c7:43:
7e:2b:ca:7c:96:ea:ff:87:08:c1:7c:88:b5:1e:5a:30:14:d2:
1d:83:de:e6:bc:0c:ca:aa:bc:f3:d9:50:83:18:02:ae:cb:e5:
b4:31:88:06:92:a0:20:40:50:be:5a:e4:57:02:92:db:75:2d:
d2:c5:96:bb:31:db:87:05:b4:8c:7b:f9:72:c6:9b:19:80:ce:
32:0c:ba:d9:73:0e:df:27:c2:47:4e:ad:73:b7:cb:37:4d:16:
43:55:03:2d:52:b9:c8:df:ad:59:0b:ca:58:0f:c9:2b:9f:9b:
b8:e6:af:46:f1:52:d5:a9:be:72:10:d4:18:a7:29:2e:ee:56:
51:34:00:e5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZOL901Qf+gsrq816/TJj3F5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMmMyMTlmM2MyOTdiNzc1ODgwYzNiNjUxYTIwMDNmOWJl
NmRlNWUwHhcNMjQxMjAzMTAwMTAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjY2YTE3YjVlNDM2MDRkZmFiMzkyNjg0ZmM1ZGRlNjAxZDM3ZTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4baZPjsUk1CV0G//4V5losXJsJdc
oApe55XcbXECQSXr2hhFvJv4wyn8pxmWAB6kCRUBTVJSHF3mIQuKFsXF9wT5ICVT
GSxh2X1IM+fVsSK2ebseO9csFgLGGKPVRP+DaKYhQ+/tK0g66fUcLFcf5uYxRqmt
oyg4rNr2OVJ3nQ9W03CAp3UfoT+ahIWIbvtxr6dpDRSRIqUVwpVjenuKYO3hzdIc
mzQPxUap8OE07zlfGQgNx3MooYOOFuYgb1mIgMIqqM6IMfRb4w5+y5qPab/TK0y4
uhnWCQLZEh0QUcrc2JTMnQQqrjTecoEAOdxTI/YXghKGDAiTsrCvfSpYSwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFZmoXteQ2BN+rOSaE/F3eYB034bMB8GA1UdIwQY
MBaAFBssIZ88KXt3WIDDtlGiAD+b5t5eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3l3aG56d3BlM2RZZ01PMlVhSUFQNXZtM2w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9iMTFhNDAtNDhlOS00ZTA2LWJmMTEt
OTJjODFmMjJlNzEyLzEvVm1haGUxNURZRTM2czVKb1Q4WGQ1Z0hUZmhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9iMTFhNDAtNDhlOS00ZTA2LWJmMTEtOTJjODFmMjJlNzEy
LzEvR3l3aG56d3BlM2RZZ01PMlVhSUFQNXZtM2w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAbXiNAwQA
sGK9MA0GCSqGSIb3DQEBCwUAA4IBAQAa/NX7EVrAblnlgeQoRFlBOG09oi/vjrVB
JRIF7C9QSATxdpbEm+sRJzePKn8IW7nGnHdcuvfKWiRW+WhyX+JaD5X6u8cJ4I1r
VjkI4MGsWLSKg1AMZ0/4Mh+lMaByyAsfyjvJQX9oFGMEzUS4c2uVbX3WjAFTFspU
NyIex0N+K8p8lur/hwjBfIi1HlowFNIdg97mvAzKqrzz2VCDGAKuy+W0MYgGkqAg
QFC+WuRXApLbdS3SxZa7MduHBbSMe/lyxpsZgM4yDLrZcw7fJ8JHTq1zt8s3TRZD
VQMtUrnI361ZC8pYD8krn5u45q9G8VLVqb5yENQYpyku7lZRNADl
-----END CERTIFICATE-----
Generated at Mon Apr 7 01:10:50 2025 by rpki-client