Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/Vj4gSS-ZpJ0Kg1XhlVb9Dy4J53g.roa
File: Vj4gSS-ZpJ0Kg1XhlVb9Dy4J53g.roa (raw, json)
Hash identifier: cGiDc1rmJvpzYHVa6j5R84k8iuM3optTgCinqPKg1Hk=
Subject key identifier: 56:3E:20:49:2F:99:A4:9D:0A:83:55:E1:95:56:FD:0F:2E:09:E7:78
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 0196F7EEA7C440EC8AF1279E1758D0779B40
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/Vj4gSS-ZpJ0Kg1XhlVb9Dy4J53g.roa
Signing time: Thu 22 May 2025 12:18:54 +0000
ROA not before: Thu 22 May 2025 12:18:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21859
IP address blocks: 89.251.20.0/24 maxlen: 24
91.200.221.0/24 maxlen: 24
109.122.42.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 22 May 2025 14:26:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f7:ee:a7:c4:40:ec:8a:f1:27:9e:17:58:d0:77:9b:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: May 22 12:18:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=563e20492f99a49d0a8355e19556fd0f2e09e778
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:a8:c1:2f:80:e3:cd:3a:07:a3:65:0d:1d:d1:
a4:d5:70:32:07:51:d9:53:cd:c5:94:91:92:c7:83:
07:4e:35:2a:bd:bc:e1:b3:ea:60:b9:7b:90:da:18:
72:07:7b:f6:d9:93:08:5e:63:4e:69:48:c2:f7:ff:
ad:5f:d8:a0:e7:17:cc:4d:ef:2a:c1:e8:31:f7:19:
f9:e5:46:d2:04:49:c9:e9:a3:3a:8d:36:e8:d8:e3:
ab:8b:b0:dc:48:f0:c2:2a:3e:04:5e:3f:cd:22:be:
c4:82:db:21:e4:94:48:24:6c:59:e3:40:fb:fe:6d:
8d:28:bb:79:bd:17:a6:fd:30:ec:15:ec:82:5b:76:
ae:e6:8b:0f:db:cb:c1:4d:10:b0:bb:2f:96:19:c1:
d4:b2:76:b3:f9:2e:f6:26:f0:3e:80:85:1d:1f:e6:
f6:23:1c:03:ce:6f:83:38:96:07:9e:87:e2:81:7f:
11:be:d7:a0:69:b7:d2:15:b7:82:7f:0f:ba:9c:eb:
57:ab:00:f5:fd:7d:66:4c:f4:78:b2:58:d3:28:44:
c4:63:21:43:55:bf:5b:a0:11:c6:0a:77:0e:dd:13:
28:99:f3:ae:da:68:cb:a3:5e:46:1c:76:cd:d3:21:
05:7a:ae:a2:19:ba:0d:c1:f0:d0:ae:9f:2f:cb:54:
91:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:3E:20:49:2F:99:A4:9D:0A:83:55:E1:95:56:FD:0F:2E:09:E7:78
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/Vj4gSS-ZpJ0Kg1XhlVb9Dy4J53g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.20.0/24
91.200.221.0/24
109.122.42.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:35:fd:4c:51:71:93:97:e7:b4:2e:69:90:35:74:74:2b:86:
83:bf:20:be:fc:0d:04:cb:b2:a9:74:ef:95:67:7e:c0:38:09:
fc:f6:60:69:c1:ee:04:fa:00:6b:9e:cc:fa:b8:ab:be:b4:85:
da:15:30:b1:20:93:83:bf:84:5a:06:1f:10:d2:e9:d5:4d:ff:
43:8c:da:a1:73:a2:91:c6:a0:47:ee:e9:45:c4:00:ab:8d:c5:
12:0b:3c:c1:bc:3b:cf:39:be:be:3a:14:64:6e:42:d2:d7:12:
ae:f3:bf:01:20:1b:3c:76:ad:6d:fb:07:4c:a6:07:72:48:c1:
d5:ca:d5:fb:f4:b4:37:a2:1a:7c:ca:0a:a2:68:38:c3:8f:f7:
64:9a:39:95:be:4f:b9:31:9e:a8:74:70:a6:c1:ec:22:d4:61:
f3:17:16:fd:c2:48:84:81:67:95:e7:8c:04:c9:7b:23:c5:3d:
5c:cc:8c:89:bf:ec:df:7b:a7:e9:da:55:60:a5:fb:cc:89:3d:
46:fa:02:10:91:29:df:11:14:01:fb:95:66:90:27:31:9c:5e:
59:f1:c6:db:15:dc:1c:d0:aa:54:55:9b:f9:56:d1:45:b2:b2:
95:ec:e6:87:e7:ce:b0:3a:00:37:d0:cf:30:51:0b:64:0a:22:
28:ef:75:11
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZb37qfEQOyK8SeeF1jQd5tAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjUwNTIyMTIxODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjNlMjA0OTJmOTlhNDlkMGE4MzU1ZTE5NTU2ZmQwZjJlMDllNzc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtqjBL4DjzToHo2UNHdGk1XAyB1HZ
U83FlJGSx4MHTjUqvbzhs+pguXuQ2hhyB3v22ZMIXmNOaUjC9/+tX9ig5xfMTe8q
wegx9xn55UbSBEnJ6aM6jTbo2OOri7DcSPDCKj4EXj/NIr7Egtsh5JRIJGxZ40D7
/m2NKLt5vRem/TDsFeyCW3au5osP28vBTRCwuy+WGcHUsnaz+S72JvA+gIUdH+b2
IxwDzm+DOJYHnofigX8RvtegabfSFbeCfw+6nOtXqwD1/X1mTPR4sljTKETEYyFD
Vb9boBHGCncO3RMomfOu2mjLo15GHHbN0yEFeq6iGboNwfDQrp8vy1SRJQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFY+IEkvmaSdCoNV4ZVW/Q8uCed4MB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvVmo0Z1NTLVpwSjBLZzFYaGxWYjlEeTRKNTNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWfsUAwQA
W8jdAwQAbXoqMA0GCSqGSIb3DQEBCwUAA4IBAQB7Nf1MUXGTl+e0LmmQNXR0K4aD
vyC+/A0Ey7KpdO+VZ37AOAn89mBpwe4E+gBrnsz6uKu+tIXaFTCxIJODv4RaBh8Q
0unVTf9DjNqhc6KRxqBH7ulFxACrjcUSCzzBvDvPOb6+OhRkbkLS1xKu878BIBs8
dq1t+wdMpgdySMHVytX79LQ3ohp8ygqiaDjDj/dkmjmVvk+5MZ6odHCmwewi1GHz
Fxb9wkiEgWeV54wEyXsjxT1czIyJv+zfe6fp2lVgpfvMiT1G+gIQkSnfERQB+5Vm
kCcxnF5Z8cbbFdwc0KpUVZv5VtFFsrKV7OaH586wOgA30M8wUQtkCiIo73UR
-----END CERTIFICATE-----
Generated at Sun Jun 8 13:35:54 2025 by rpki-client