Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/4b9ccf-7535-45dd-bd97-0b5ecb474f15/1/VTuZS3GiEHxqPeNEejqyo83iHxY.roa
File: VTuZS3GiEHxqPeNEejqyo83iHxY.roa (raw, json)
Hash identifier: kSTmJMsKV9bDqLSHC7hIkWZbnTPwD2cuH0vqHyD72q4=
Subject key identifier: 55:3B:99:4B:71:A2:10:7C:6A:3D:E3:44:7A:3A:B2:A3:CD:E2:1F:16
Certificate issuer: /CN=de2921989d7d90c64ebb35658831fe6a8f49c938
Certificate serial: 018CC94AAB9F8073548E210060B9134425C5
Authority key identifier: DE:29:21:98:9D:7D:90:C6:4E:BB:35:65:88:31:FE:6A:8F:49:C9:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3ikhmJ19kMZOuzVliDH-ao9JyTg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/4b9ccf-7535-45dd-bd97-0b5ecb474f15/1/VTuZS3GiEHxqPeNEejqyo83iHxY.roa
Signing time: Tue 02 Jan 2024 08:29:23 +0000
ROA not before: Tue 02 Jan 2024 08:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12293
IP address blocks: 45.132.64.0/22 maxlen: 22
2a0c:1180::/40 maxlen: 40
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:50:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4a:ab:9f:80:73:54:8e:21:00:60:b9:13:44:25:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de2921989d7d90c64ebb35658831fe6a8f49c938
Validity
Not Before: Jan 2 08:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=553b994b71a2107c6a3de3447a3ab2a3cde21f16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:1e:4d:fb:e6:24:93:01:24:c6:d8:73:7d:3b:
be:b5:04:e3:67:af:4e:fd:85:be:75:7a:84:0e:f0:
e4:06:3c:3c:79:ea:d3:1b:79:91:51:4d:5f:a5:a6:
82:5c:e2:54:3a:e7:7e:ef:63:fe:f6:2e:e9:70:e3:
d5:9b:b7:2a:1b:ca:eb:7d:89:c3:f9:04:b3:88:79:
9a:83:d5:9f:37:2f:5b:a8:68:8f:f7:ba:02:2a:51:
59:b5:77:22:97:73:6f:65:9e:4a:5b:61:ad:86:0b:
8a:9d:40:60:85:00:d0:33:98:41:cf:65:02:b2:b5:
dd:73:15:40:32:81:8f:37:e8:72:6e:36:43:f9:0a:
7e:7e:a5:13:a3:92:f5:58:06:88:6e:61:62:87:a4:
6f:f7:3b:9c:c7:75:59:1f:6c:52:46:6a:f2:21:5a:
c4:f3:b4:08:96:c5:6b:2d:5a:92:d8:91:c5:f2:17:
44:b5:e2:0d:71:78:95:3d:b1:8b:5b:0c:06:d3:25:
f2:fa:15:a7:eb:d9:06:5e:15:1f:bb:1f:e2:ef:d9:
54:ad:55:48:36:cb:80:1b:ac:10:4e:e8:bc:85:14:
01:28:e1:08:5e:db:5b:7b:87:b7:74:85:70:e2:21:
40:32:08:ba:87:c5:87:73:f9:71:ed:72:a2:db:4c:
48:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:3B:99:4B:71:A2:10:7C:6A:3D:E3:44:7A:3A:B2:A3:CD:E2:1F:16
X509v3 Authority Key Identifier:
keyid:DE:29:21:98:9D:7D:90:C6:4E:BB:35:65:88:31:FE:6A:8F:49:C9:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ikhmJ19kMZOuzVliDH-ao9JyTg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/4b9ccf-7535-45dd-bd97-0b5ecb474f15/1/VTuZS3GiEHxqPeNEejqyo83iHxY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/4b9ccf-7535-45dd-bd97-0b5ecb474f15/1/3ikhmJ19kMZOuzVliDH-ao9JyTg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.64.0/22
IPv6:
2a0c:1180::/40
Signature Algorithm: sha256WithRSAEncryption
c3:e7:78:fc:85:9d:9b:71:a3:68:8a:e4:db:f6:71:49:6c:10:
ad:09:6a:ad:4b:a0:c1:1a:55:16:ab:b9:90:bb:12:93:7f:c7:
ff:52:54:dc:34:05:ad:7e:aa:9b:ce:57:04:2c:28:4b:d4:a7:
ae:81:e3:a7:bd:9d:c8:4d:90:60:90:3d:64:d0:1a:61:59:41:
81:41:f6:08:5d:04:4d:9a:61:17:17:0a:7d:57:fd:5d:af:35:
1e:3c:75:30:cd:81:63:4d:ba:ca:ab:26:a6:fd:f7:4f:9a:54:
9f:1d:fb:b9:b7:44:2f:0f:2d:88:9b:9c:a8:0c:79:ec:22:c9:
be:18:22:dd:f2:36:41:64:b8:f3:43:6f:b6:85:c3:1e:fb:31:
29:29:e3:39:b1:cf:86:de:3d:a5:25:5b:2d:52:e4:e5:00:24:
b9:91:ec:27:c7:db:6b:af:1f:11:fb:20:cc:1e:df:db:82:f8:
79:32:7f:fa:ff:d7:91:3e:13:87:8e:b6:74:81:f6:64:0e:f8:
eb:bd:c4:97:55:69:ba:bf:35:1f:47:72:da:cf:9c:59:27:06:
6a:9f:1e:ad:c5:9f:b2:43:e9:eb:fc:fd:90:79:b9:cf:6e:52:
2d:71:0e:76:96:dd:5f:72:9a:95:e5:fd:12:02:e2:57:6a:f9:
15:08:35:71
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYzJSqufgHNUjiEAYLkTRCXFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMjkyMTk4OWQ3ZDkwYzY0ZWJiMzU2NTg4MzFmZTZhOGY0
OWM5MzgwHhcNMjQwMTAyMDgyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTNiOTk0YjcxYTIxMDdjNmEzZGUzNDQ3YTNhYjJhM2NkZTIxZjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwh5N++YkkwEkxthzfTu+tQTjZ69O
/YW+dXqEDvDkBjw8eerTG3mRUU1fpaaCXOJUOud+72P+9i7pcOPVm7cqG8rrfYnD
+QSziHmag9WfNy9bqGiP97oCKlFZtXcil3NvZZ5KW2GthguKnUBghQDQM5hBz2UC
srXdcxVAMoGPN+hybjZD+Qp+fqUTo5L1WAaIbmFih6Rv9zucx3VZH2xSRmryIVrE
87QIlsVrLVqS2JHF8hdEteINcXiVPbGLWwwG0yXy+hWn69kGXhUfux/i79lUrVVI
NsuAG6wQTui8hRQBKOEIXttbe4e3dIVw4iFAMgi6h8WHc/lx7XKi20xIowIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFFU7mUtxohB8aj3jRHo6sqPN4h8WMB8GA1UdIwQY
MBaAFN4pIZidfZDGTrs1ZYgx/mqPSck4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2lraG1KMTlrTVpPdXpWbGlESC1hbzlKeVRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS80YjljY2YtNzUzNS00NWRkLWJkOTct
MGI1ZWNiNDc0ZjE1LzEvVlR1WlMzR2lFSHhxUGVORWVqcXlvODNpSHhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS80YjljY2YtNzUzNS00NWRkLWJkOTctMGI1ZWNiNDc0ZjE1
LzEvM2lraG1KMTlrTVpPdXpWbGlESC1hbzlKeVRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQCLYRAMA4E
AgACMAgDBgAqDBGAADANBgkqhkiG9w0BAQsFAAOCAQEAw+d4/IWdm3GjaIrk2/Zx
SWwQrQlqrUugwRpVFqu5kLsSk3/H/1JU3DQFrX6qm85XBCwoS9SnroHjp72dyE2Q
YJA9ZNAaYVlBgUH2CF0ETZphFxcKfVf9Xa81Hjx1MM2BY026yqsmpv33T5pUnx37
ubdELw8tiJucqAx57CLJvhgi3fI2QWS480NvtoXDHvsxKSnjObHPht49pSVbLVLk
5QAkuZHsJ8fba68fEfsgzB7f24L4eTJ/+v/XkT4Th462dIH2ZA74673El1Vpur81
H0dy2s+cWScGap8ercWfskPp6/z9kHm5z25SLXEOdpbdX3KaleX9EgLiV2r5FQg1
cQ==
-----END CERTIFICATE-----
Generated at Fri Apr 18 20:13:47 2025 by rpki-client