Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/vnFWtFPRMdZd7pV43qGav-0ieUY.roa
File: vnFWtFPRMdZd7pV43qGav-0ieUY.roa (raw, json)
Hash identifier: qrawXoXLWCXoea7vX0HNyw2h6Mk2zI74UkUMjW8CB4E=
Subject key identifier: BE:71:56:B4:53:D1:31:D6:5D:EE:95:78:DE:A1:9A:BF:ED:22:79:46
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0193C08ACEFEA834B6670E111CC205393A1C
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/vnFWtFPRMdZd7pV43qGav-0ieUY.roa
Signing time: Fri 13 Dec 2024 15:02:22 +0000
ROA not before: Fri 13 Dec 2024 15:02:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215590
IP address blocks: 194.87.192.0/22 maxlen: 22
194.87.192.0/24 maxlen: 24
194.87.193.0/24 maxlen: 24
194.87.194.0/24 maxlen: 24
194.87.195.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:51:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:c0:8a:ce:fe:a8:34:b6:67:0e:11:1c:c2:05:39:3a:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 13 15:02:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=be7156b453d131d65dee9578dea19abfed227946
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:d3:75:24:97:a1:5e:7d:27:a6:11:97:42:0d:
9b:5c:8b:a2:bd:86:cc:ec:01:04:d5:ca:3a:7d:1f:
9b:ac:4a:d2:8b:3f:ec:8e:e4:05:df:8c:59:91:04:
17:56:24:14:7c:fa:f6:98:21:7c:3c:69:6e:c3:12:
6f:21:66:8d:88:00:93:c3:a9:56:31:68:29:30:49:
bc:61:19:4d:c1:5d:d7:8b:8e:25:41:29:ab:e0:fb:
93:92:fa:e3:d0:92:c8:1c:ce:50:90:64:1a:fa:b8:
62:08:cd:df:b7:d2:a2:41:51:0b:9e:80:35:16:49:
5f:8e:5d:8f:be:e5:16:a8:c0:17:ba:40:71:da:90:
b3:d4:2b:22:95:59:78:e5:ac:89:13:87:50:ba:cc:
f0:cb:cf:b0:bd:27:64:0b:5c:07:f7:17:1c:2a:98:
6e:be:de:e0:63:db:b1:e6:09:e3:11:93:9f:c2:9a:
c0:c4:4e:85:6c:57:41:e9:b2:e9:c2:47:b3:a4:24:
d4:30:67:db:6c:c6:d8:fa:2f:dc:17:e5:f6:f6:27:
a1:1b:76:69:86:70:c7:26:ed:93:70:35:dc:75:7f:
d0:da:f7:e2:27:1c:6e:d5:04:b0:22:57:7b:2a:8f:
7a:ba:70:af:5a:3a:ee:23:02:b4:11:81:9e:30:ee:
e5:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:71:56:B4:53:D1:31:D6:5D:EE:95:78:DE:A1:9A:BF:ED:22:79:46
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/vnFWtFPRMdZd7pV43qGav-0ieUY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.192.0/22
Signature Algorithm: sha256WithRSAEncryption
41:80:4a:99:11:f4:ab:35:61:e7:b4:55:9d:28:fc:21:07:54:
73:81:63:46:ca:73:7d:88:c5:be:26:a4:74:40:44:f7:b4:f7:
75:74:c8:94:7b:5f:7b:3b:7e:75:df:fe:c6:e7:bf:f7:03:0a:
b1:13:58:9a:41:25:e1:32:d9:eb:6d:b8:f7:31:a0:c6:bf:87:
0b:65:0e:72:df:c0:c2:ba:25:f8:67:59:5b:df:fb:73:7b:56:
a0:1a:99:9e:9d:92:0f:84:39:82:e6:37:41:bd:ac:ea:31:f8:
26:ec:92:53:4d:0d:2f:e4:3c:08:19:1a:ba:f4:e7:70:b4:62:
ee:d3:43:c2:4d:4a:5e:6c:ca:b1:22:a4:fb:0a:7b:23:be:ed:
f5:a5:c6:30:3c:4b:0c:c7:45:f6:00:1c:5f:34:33:91:4f:cc:
21:b6:7a:53:7c:7e:e3:61:14:6d:ce:b9:b8:88:22:be:67:de:
77:16:0d:d0:77:20:cc:2c:0b:34:3e:00:8f:d9:2c:29:10:04:
a5:8f:8f:8d:eb:72:a2:9c:b4:a2:53:5f:c3:c0:e4:08:51:64:
00:0f:43:d7:bb:56:3c:7f:c6:6d:05:07:97:85:f6:56:29:4f:
68:56:76:00:dd:ac:d8:42:58:64:d7:96:b9:45:53:09:31:68:
b2:cb:f0:51
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZPAis7+qDS2Zw4RHMIFOTocMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQxMjEzMTUwMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTcxNTZiNDUzZDEzMWQ2NWRlZTk1NzhkZWExOWFiZmVkMjI3OTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAstN1JJehXn0nphGXQg2bXIuivYbM
7AEE1co6fR+brErSiz/sjuQF34xZkQQXViQUfPr2mCF8PGluwxJvIWaNiACTw6lW
MWgpMEm8YRlNwV3Xi44lQSmr4PuTkvrj0JLIHM5QkGQa+rhiCM3ft9KiQVELnoA1
Fklfjl2PvuUWqMAXukBx2pCz1CsilVl45ayJE4dQuszwy8+wvSdkC1wH9xccKphu
vt7gY9ux5gnjEZOfwprAxE6FbFdB6bLpwkezpCTUMGfbbMbY+i/cF+X29iehG3Zp
hnDHJu2TcDXcdX/Q2vfiJxxu1QSwIld7Ko96unCvWjruIwK0EYGeMO7lVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL5xVrRT0THWXe6VeN6hmr/tInlGMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvdm5GV3RGUFJNZFpkN3BWNDNxR2F2LTBpZVVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwlfAMA0G
CSqGSIb3DQEBCwUAA4IBAQBBgEqZEfSrNWHntFWdKPwhB1RzgWNGynN9iMW+JqR0
QET3tPd1dMiUe197O3513/7G57/3AwqxE1iaQSXhMtnrbbj3MaDGv4cLZQ5y38DC
uiX4Z1lb3/tze1agGpmenZIPhDmC5jdBvazqMfgm7JJTTQ0v5DwIGRq69OdwtGLu
00PCTUpebMqxIqT7Cnsjvu31pcYwPEsMx0X2ABxfNDORT8whtnpTfH7jYRRtzrm4
iCK+Z953Fg3QdyDMLAs0PgCP2SwpEASlj4+N63KinLSiU1/DwOQIUWQAD0PXu1Y8
f8ZtBQeXhfZWKU9oVnYA3azYQlhk15a5RVMJMWiyy/BR
-----END CERTIFICATE-----
Generated at Fri Apr 18 20:24:50 2025 by rpki-client