Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/vZkgJIcZJ271HjqzYAGJMhBizm4.roa
File: vZkgJIcZJ271HjqzYAGJMhBizm4.roa (raw, json)
Hash identifier: BkN67DGJOA7R5bBnBXnyt6ZqbvZrZEbv4qVK1dkIGxA=
Subject key identifier: BD:99:20:24:87:19:27:6E:F5:1E:3A:B3:60:01:89:32:10:62:CE:6E
Certificate issuer: /CN=051f29462e7a7da7eb5f45da7873f14e403fe3ab
Certificate serial: 01955B09F657C63F7081B519861FF9282040
Authority key identifier: 05:1F:29:46:2E:7A:7D:A7:EB:5F:45:DA:78:73:F1:4E:40:3F:E3:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BR8pRi56fafrX0XaeHPxTkA_46s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/vZkgJIcZJ271HjqzYAGJMhBizm4.roa
Signing time: Mon 03 Mar 2025 08:05:34 +0000
ROA not before: Mon 03 Mar 2025 08:05:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 45.11.190.0/24 maxlen: 24
45.11.191.0/24 maxlen: 24
188.209.137.0/24 maxlen: 24
188.209.139.0/24 maxlen: 24
194.15.96.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Mar 2025 15:42:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:5b:09:f6:57:c6:3f:70:81:b5:19:86:1f:f9:28:20:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=051f29462e7a7da7eb5f45da7873f14e403fe3ab
Validity
Not Before: Mar 3 08:05:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bd9920248719276ef51e3ab3600189321062ce6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:d2:92:0f:e5:4d:42:64:bc:23:67:45:31:8a:
bd:aa:8d:df:10:6e:d9:12:82:97:d7:3d:21:31:cd:
57:7d:6f:f4:10:23:21:94:66:30:2e:5b:31:db:6e:
a5:70:66:b9:a9:7f:29:a7:fb:a4:5d:27:3a:70:68:
55:fc:74:ce:9b:af:75:d9:72:d3:79:c7:5b:1f:4c:
7d:7d:b0:3c:ae:94:ba:d2:81:81:4e:db:64:8f:e5:
47:aa:8d:17:af:6d:33:4e:fc:d3:54:b5:87:b2:81:
33:35:c6:9c:f6:5f:0d:48:12:62:43:4c:6c:fc:33:
7e:55:f8:50:4f:c8:8a:c2:58:00:9f:d1:5b:ea:f5:
cf:ed:4f:a8:2f:dd:43:15:19:51:3c:dc:47:4c:83:
b0:7c:3e:b6:9d:00:97:68:88:2d:20:16:e3:3b:d0:
ac:82:8a:ff:ec:e6:78:5d:6a:9c:d1:a5:20:4f:44:
25:76:2e:2f:3b:2c:36:74:80:c4:77:0e:7b:7d:04:
64:e5:c9:6d:f9:9e:d6:5a:ab:43:84:ea:ea:b5:bd:
ff:c2:6b:7c:cd:5f:3e:df:be:2e:24:5a:1c:17:d8:
fe:0a:67:8b:7f:6b:7b:86:75:a1:cd:a2:71:00:69:
86:7e:2d:8c:be:4e:79:b2:ba:d5:70:ab:9f:80:6e:
ae:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:99:20:24:87:19:27:6E:F5:1E:3A:B3:60:01:89:32:10:62:CE:6E
X509v3 Authority Key Identifier:
keyid:05:1F:29:46:2E:7A:7D:A7:EB:5F:45:DA:78:73:F1:4E:40:3F:E3:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BR8pRi56fafrX0XaeHPxTkA_46s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/vZkgJIcZJ271HjqzYAGJMhBizm4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/BR8pRi56fafrX0XaeHPxTkA_46s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.190.0/23
188.209.137.0/24
188.209.139.0/24
194.15.96.0/24
Signature Algorithm: sha256WithRSAEncryption
26:85:df:c4:4b:b5:77:e4:d6:26:ea:f5:81:5c:4e:36:06:ec:
b3:48:dc:a1:bf:3e:80:23:7c:26:61:5f:1e:e6:5e:cc:3d:d9:
4b:ad:5b:0a:5a:d8:27:03:71:00:e7:af:d9:ae:00:92:b3:bd:
10:67:d4:c4:97:72:50:75:86:0b:77:7c:f0:5d:74:1b:8c:ac:
9a:38:77:2a:86:d8:c4:08:49:bf:6e:9f:89:72:22:74:15:bc:
a9:92:35:d4:cd:a3:2c:41:19:48:9e:2c:db:51:26:e5:c7:a8:
c3:69:6c:32:de:12:95:fc:8c:6c:a4:93:02:1c:bf:2d:d4:5d:
54:87:af:0c:3d:a2:8b:3f:0d:9d:f4:81:78:6f:09:25:17:f0:
89:40:77:37:3d:84:d8:eb:d9:6d:cf:d1:f0:c6:71:c0:65:5e:
d7:1c:fc:ca:d6:3c:9d:ca:c2:01:e3:02:19:da:d4:d7:c7:e9:
24:01:61:18:2c:cf:54:be:7c:f7:29:09:0c:2c:f8:02:a2:aa:
06:f5:de:7d:d0:37:56:c9:66:b7:47:6e:66:f8:ed:8a:a8:df:
0e:7f:ff:83:3a:4a:90:da:2a:37:f2:a7:c6:88:ee:8a:b6:79:
c2:60:b9:08:50:27:9f:4d:3b:40:8d:e9:e6:46:95:57:27:b6:
b6:4d:07:44
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZVbCfZXxj9wgbUZhh/5KCBAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MWYyOTQ2MmU3YTdkYTdlYjVmNDVkYTc4NzNmMTRlNDAz
ZmUzYWIwHhcNMjUwMzAzMDgwNTM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDk5MjAyNDg3MTkyNzZlZjUxZTNhYjM2MDAxODkzMjEwNjJjZTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0NKSD+VNQmS8I2dFMYq9qo3fEG7Z
EoKX1z0hMc1XfW/0ECMhlGYwLlsx226lcGa5qX8pp/ukXSc6cGhV/HTOm6912XLT
ecdbH0x9fbA8rpS60oGBTttkj+VHqo0Xr20zTvzTVLWHsoEzNcac9l8NSBJiQ0xs
/DN+VfhQT8iKwlgAn9Fb6vXP7U+oL91DFRlRPNxHTIOwfD62nQCXaIgtIBbjO9Cs
gor/7OZ4XWqc0aUgT0Qldi4vOyw2dIDEdw57fQRk5clt+Z7WWqtDhOrqtb3/wmt8
zV8+374uJFocF9j+CmeLf2t7hnWhzaJxAGmGfi2Mvk55srrVcKufgG6uvwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFL2ZICSHGSdu9R46s2ABiTIQYs5uMB8GA1UdIwQY
MBaAFAUfKUYuen2n619F2nhz8U5AP+OrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlI4cFJpNTZmYWZyWDBYYWVIUHhUa0FfNDZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8zOTUzMjgtZjQ2MS00NGI3LWIwMzEt
M2Y4YjU1ZGExYWM0LzEvdlprZ0pJY1pKMjcxSGpxellBR0pNaEJpem00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8zOTUzMjgtZjQ2MS00NGI3LWIwMzEtM2Y4YjU1ZGExYWM0
LzEvQlI4cFJpNTZmYWZyWDBYYWVIUHhUa0FfNDZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBLQu+AwQA
vNGJAwQAvNGLAwQAwg9gMA0GCSqGSIb3DQEBCwUAA4IBAQAmhd/ES7V35NYm6vWB
XE42BuyzSNyhvz6AI3wmYV8e5l7MPdlLrVsKWtgnA3EA56/ZrgCSs70QZ9TEl3JQ
dYYLd3zwXXQbjKyaOHcqhtjECEm/bp+JciJ0FbypkjXUzaMsQRlInizbUSblx6jD
aWwy3hKV/IxspJMCHL8t1F1Uh68MPaKLPw2d9IF4bwklF/CJQHc3PYTY69ltz9Hw
xnHAZV7XHPzK1jydysIB4wIZ2tTXx+kkAWEYLM9Uvnz3KQkMLPgCoqoG9d590DdW
yWa3R25m+O2KqN8Of/+DOkqQ2io38qfGiO6KtnnCYLkIUCefTTtAjenmRpVXJ7a2
TQdE
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:42:43 2025 by rpki-client