Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/VfkE2tasHh80AdE1gqb5uzwzeBk.roa
File: VfkE2tasHh80AdE1gqb5uzwzeBk.roa (raw, json)
Hash identifier: lnfA74Ob4tsyZQ9kf4NvfS+yuqPLhWYyEXQvpr3Hzro=
Subject key identifier: 55:F9:04:DA:D6:AC:1E:1F:34:01:D1:35:82:A6:F9:BB:3C:33:78:19
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01942824EAB679EFA975283620DD0C5AE9B2
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/VfkE2tasHh80AdE1gqb5uzwzeBk.roa
Signing time: Thu 02 Jan 2025 17:51:35 +0000
ROA not before: Thu 02 Jan 2025 17:51:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41798
IP address blocks: 193.124.93.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
195.133.8.0/24 maxlen: 24
195.133.62.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 27 Jan 2025 14:28:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:24:ea:b6:79:ef:a9:75:28:36:20:dd:0c:5a:e9:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 2 17:51:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=55f904dad6ac1e1f3401d13582a6f9bb3c337819
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:df:9f:45:b7:50:31:47:36:74:9d:7e:a5:21:
39:25:5b:6b:15:7e:4a:c9:f1:37:68:d4:f7:15:ca:
b5:e9:11:40:14:01:1a:41:c3:57:37:d3:26:f6:db:
3c:73:6c:17:9e:95:a1:77:37:01:97:02:64:00:a6:
60:7e:a9:bb:7a:9c:21:3a:d1:35:70:bd:a0:21:81:
6c:82:4d:df:e9:34:cc:6b:a4:b6:1e:1a:b7:73:f9:
b3:f3:33:e7:c4:76:41:a8:ef:7c:00:0c:73:56:03:
1b:0f:0f:45:a4:c1:5d:7e:76:bb:87:81:5b:53:f8:
9c:8d:95:c2:75:37:72:6a:b5:6c:b3:92:89:7c:92:
64:47:53:97:4e:cc:76:6f:c0:95:1f:2c:42:de:4b:
ad:b1:0a:86:4e:a0:80:1a:20:b1:71:f9:28:18:46:
88:c4:25:a0:ce:da:72:49:95:f0:d8:08:e1:44:8b:
22:d9:ec:0b:d2:6b:6f:8b:7f:7c:f3:aa:38:c5:e3:
f8:57:02:db:88:d6:b1:a8:a7:92:b8:16:80:74:9f:
57:56:e5:36:dd:f8:e0:34:e2:79:ef:23:d9:91:d8:
e8:6f:2f:8b:10:25:2e:1b:a3:03:89:7c:f7:22:b6:
55:65:54:ad:ea:eb:f1:f2:e2:0a:7d:84:24:27:41:
a5:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:F9:04:DA:D6:AC:1E:1F:34:01:D1:35:82:A6:F9:BB:3C:33:78:19
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/VfkE2tasHh80AdE1gqb5uzwzeBk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.93.0/24
194.58.42.0/24
195.133.8.0/24
195.133.62.0/24
Signature Algorithm: sha256WithRSAEncryption
55:23:00:b2:52:75:0d:dd:e0:eb:95:bb:57:a7:5a:be:47:cd:
db:cf:92:a5:f8:d4:0f:03:83:4b:df:0a:de:50:52:ea:9e:f9:
aa:61:06:70:93:8d:9d:d4:4d:a5:5c:58:0a:26:fd:0d:15:16:
8e:58:e9:97:48:5f:b2:fe:f1:24:f6:f4:44:b3:ec:ad:fd:72:
ce:a6:e1:64:ad:45:ab:85:37:b7:43:04:1c:65:f9:39:51:17:
6b:37:c1:e8:49:71:d7:ba:50:74:1e:f3:76:29:23:6f:c2:74:
87:bc:74:17:59:8e:79:44:01:72:ec:83:b1:78:4b:0b:d9:e5:
57:a8:74:00:13:f3:d4:a8:51:f7:1b:77:4f:f1:7c:55:d1:c9:
c1:96:17:fa:d0:04:0d:4e:f1:7f:d3:d5:79:1c:ec:0c:2e:09:
be:89:6d:2f:fb:89:ae:41:1e:a8:d0:56:d5:a7:e7:51:a2:8b:
43:97:74:dd:56:e9:e6:15:c3:15:4d:9b:8a:e7:d9:1d:16:91:
28:3a:20:c9:26:98:85:f5:56:d4:4d:f9:b1:6a:c7:3e:ea:e7:
2f:87:15:7a:48:6a:a2:84:1b:7e:72:b7:9c:6b:e8:5b:f9:97:
f7:96:af:68:87:fb:1e:0a:84:53:f1:e2:e4:3b:2c:47:f7:66:
02:ae:5f:df
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQoJOq2ee+pdSg2IN0MWumyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUwMTAyMTc1MTM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWY5MDRkYWQ2YWMxZTFmMzQwMWQxMzU4MmE2ZjliYjNjMzM3ODE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5t+fRbdQMUc2dJ1+pSE5JVtrFX5K
yfE3aNT3Fcq16RFAFAEaQcNXN9Mm9ts8c2wXnpWhdzcBlwJkAKZgfqm7epwhOtE1
cL2gIYFsgk3f6TTMa6S2Hhq3c/mz8zPnxHZBqO98AAxzVgMbDw9FpMFdfna7h4Fb
U/icjZXCdTdyarVss5KJfJJkR1OXTsx2b8CVHyxC3kutsQqGTqCAGiCxcfkoGEaI
xCWgztpySZXw2AjhRIsi2ewL0mtvi39886o4xeP4VwLbiNaxqKeSuBaAdJ9XVuU2
3fjgNOJ57yPZkdjoby+LECUuG6MDiXz3IrZVZVSt6uvx8uIKfYQkJ0Gl1wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFX5BNrWrB4fNAHRNYKm+bs8M3gZMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvVmZrRTJ0YXNIaDgwQWRFMWdxYjV1end6ZUJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwXxdAwQA
wjoqAwQAw4UIAwQAw4U+MA0GCSqGSIb3DQEBCwUAA4IBAQBVIwCyUnUN3eDrlbtX
p1q+R83bz5Kl+NQPA4NL3wreUFLqnvmqYQZwk42d1E2lXFgKJv0NFRaOWOmXSF+y
/vEk9vREs+yt/XLOpuFkrUWrhTe3QwQcZfk5URdrN8HoSXHXulB0HvN2KSNvwnSH
vHQXWY55RAFy7IOxeEsL2eVXqHQAE/PUqFH3G3dP8XxV0cnBlhf60AQNTvF/09V5
HOwMLgm+iW0v+4muQR6o0FbVp+dRootDl3TdVunmFcMVTZuK59kdFpEoOiDJJpiF
9VbUTfmxasc+6ucvhxV6SGqihBt+creca+hb+Zf3lq9oh/seCoRT8eLkOyxH92YC
rl/f
-----END CERTIFICATE-----
Generated at Sun Jun 8 09:51:19 2025 by rpki-client