Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/bea847-a783-489d-ae4b-53f57504ef35/1/vf32Q6kfy6uh40KLTSnzNtmzx0k.roa
File: vf32Q6kfy6uh40KLTSnzNtmzx0k.roa (raw, json)
Hash identifier: Ley/3BtVdLl6E3EjVJGvS/BsoNktyM0M68db0L74q3Q=
Subject key identifier: BD:FD:F6:43:A9:1F:CB:AB:A1:E3:42:8B:4D:29:F3:36:D9:B3:C7:49
Certificate issuer: /CN=9863354a111af6d5e1ad10da38ad8144b6be868e
Certificate serial: 0194228D1F3AED4DB290487BE9868ABA309E
Authority key identifier: 98:63:35:4A:11:1A:F6:D5:E1:AD:10:DA:38:AD:81:44:B6:BE:86:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mGM1ShEa9tXhrRDaOK2BRLa-ho4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/bea847-a783-489d-ae4b-53f57504ef35/1/vf32Q6kfy6uh40KLTSnzNtmzx0k.roa
Signing time: Wed 01 Jan 2025 15:47:41 +0000
ROA not before: Wed 01 Jan 2025 15:47:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 193.134.253.0/24 maxlen: 24
193.135.101.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 20 Feb 2025 10:31:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:1f:3a:ed:4d:b2:90:48:7b:e9:86:8a:ba:30:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9863354a111af6d5e1ad10da38ad8144b6be868e
Validity
Not Before: Jan 1 15:47:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bdfdf643a91fcbaba1e3428b4d29f336d9b3c749
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:85:bc:b9:4b:2b:0e:5f:ee:e8:da:62:db:f2:
3c:27:8a:6f:df:3e:cc:99:6f:62:75:7e:6b:69:56:
1d:ac:f1:81:f4:2b:58:08:e8:0b:4d:c3:26:89:fe:
54:c9:db:9e:25:da:ba:09:14:d1:87:70:56:3e:e9:
20:53:8f:9c:63:19:d5:69:94:3e:77:c2:c8:9a:7f:
a9:b5:e6:e0:2c:4c:33:81:d8:10:15:1d:d6:f8:20:
3b:e1:3a:ef:98:35:c6:48:01:e6:73:a6:38:9a:55:
87:ce:5a:62:0f:2f:7e:da:64:90:23:33:a6:df:68:
42:5f:90:86:82:f0:f6:d8:97:52:6e:1c:46:d1:0b:
f2:a8:97:43:3f:be:de:54:ff:5c:e4:46:01:75:6c:
5d:93:34:19:2b:f6:71:6f:3d:3a:3a:86:b0:e7:0b:
92:4e:0f:35:ec:26:11:c2:50:b5:dc:32:e4:d8:46:
92:13:65:ba:db:de:cc:e4:13:d7:41:be:5e:36:0a:
3a:af:9d:2e:e8:e7:b1:66:37:b7:77:83:78:e7:2b:
dc:1a:63:30:fe:ab:bb:9b:e1:74:2b:6c:4e:e5:82:
da:ca:f5:f4:0f:10:54:1c:2a:90:e2:41:94:5b:14:
dc:49:3e:a8:e3:74:62:ef:16:27:5b:a0:b9:a3:22:
31:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:FD:F6:43:A9:1F:CB:AB:A1:E3:42:8B:4D:29:F3:36:D9:B3:C7:49
X509v3 Authority Key Identifier:
keyid:98:63:35:4A:11:1A:F6:D5:E1:AD:10:DA:38:AD:81:44:B6:BE:86:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mGM1ShEa9tXhrRDaOK2BRLa-ho4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/bea847-a783-489d-ae4b-53f57504ef35/1/vf32Q6kfy6uh40KLTSnzNtmzx0k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/bea847-a783-489d-ae4b-53f57504ef35/1/mGM1ShEa9tXhrRDaOK2BRLa-ho4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.134.253.0/24
193.135.101.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:db:88:55:be:e9:7a:67:1a:0b:e3:aa:5f:fd:14:e1:7d:be:
e8:7e:f5:3e:8b:38:da:47:87:2e:43:c4:c7:3d:fe:81:a2:26:
92:94:9d:89:89:3e:6a:72:60:dc:34:d2:12:f8:30:06:95:e5:
85:31:0a:01:9d:10:ee:04:ea:45:67:05:b8:28:75:d8:69:30:
2d:46:a2:9e:a6:11:89:96:c0:46:7a:96:54:59:af:e6:5d:b2:
2b:3d:9d:68:4c:e0:da:ad:c2:bc:ca:53:c4:27:24:88:02:17:
3b:c1:8d:ee:44:b3:b9:f5:6e:ee:01:b2:a1:31:89:e5:5d:e5:
04:8c:7f:fe:7c:a1:12:d7:6d:ea:71:76:79:ef:20:37:e2:ef:
13:99:04:cc:76:14:bf:e0:aa:a8:86:8b:66:b0:4b:c2:ff:37:
c1:09:66:de:61:1c:dd:e3:9d:59:03:1a:a3:6f:ff:0c:c8:c0:
0b:bf:af:f9:8f:93:a8:c5:05:75:fa:54:c2:ee:f3:29:76:21:
3e:66:c9:eb:9a:90:52:f0:2b:3a:50:95:99:14:d3:fb:d9:e9:
52:a4:8f:d6:1b:cd:a9:16:f8:88:d9:8b:81:4a:a9:b0:3d:2e:
51:a9:5f:3c:0b:89:f4:ac:74:3e:43:e7:aa:fe:f7:8c:b6:9f:
7c:ad:71:8f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQijR867U2ykEh76YaKujCeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4NjMzNTRhMTExYWY2ZDVlMWFkMTBkYTM4YWQ4MTQ0YjZi
ZTg2OGUwHhcNMjUwMTAxMTU0NzQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGZkZjY0M2E5MWZjYmFiYTFlMzQyOGI0ZDI5ZjMzNmQ5YjNjNzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqoW8uUsrDl/u6Npi2/I8J4pv3z7M
mW9idX5raVYdrPGB9CtYCOgLTcMmif5UydueJdq6CRTRh3BWPukgU4+cYxnVaZQ+
d8LImn+ptebgLEwzgdgQFR3W+CA74TrvmDXGSAHmc6Y4mlWHzlpiDy9+2mSQIzOm
32hCX5CGgvD22JdSbhxG0QvyqJdDP77eVP9c5EYBdWxdkzQZK/Zxbz06Ooaw5wuS
Tg817CYRwlC13DLk2EaSE2W6297M5BPXQb5eNgo6r50u6OexZje3d4N45yvcGmMw
/qu7m+F0K2xO5YLayvX0DxBUHCqQ4kGUWxTcST6o43Ri7xYnW6C5oyIxzQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFL399kOpH8uroeNCi00p8zbZs8dJMB8GA1UdIwQY
MBaAFJhjNUoRGvbV4a0Q2jitgUS2voaOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUdNMVNoRWE5dFhoclJEYU9LMkJSTGEtaG80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9iZWE4NDctYTc4My00ODlkLWFlNGIt
NTNmNTc1MDRlZjM1LzEvdmYzMlE2a2Z5NnVoNDBLTFRTbnpOdG16eDBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9iZWE4NDctYTc4My00ODlkLWFlNGItNTNmNTc1MDRlZjM1
LzEvbUdNMVNoRWE5dFhoclJEYU9LMkJSTGEtaG80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwYb9AwQA
wYdlMA0GCSqGSIb3DQEBCwUAA4IBAQAc24hVvul6ZxoL46pf/RThfb7ofvU+izja
R4cuQ8THPf6BoiaSlJ2JiT5qcmDcNNIS+DAGleWFMQoBnRDuBOpFZwW4KHXYaTAt
RqKephGJlsBGepZUWa/mXbIrPZ1oTODarcK8ylPEJySIAhc7wY3uRLO59W7uAbKh
MYnlXeUEjH/+fKES123qcXZ57yA34u8TmQTMdhS/4KqohotmsEvC/zfBCWbeYRzd
451ZAxqjb/8MyMALv6/5j5OoxQV1+lTC7vMpdiE+ZsnrmpBS8Cs6UJWZFNP72elS
pI/WG82pFviI2YuBSqmwPS5RqV88C4n0rHQ+Q+eq/veMtp98rXGP
-----END CERTIFICATE-----
Generated at Sun Apr 6 19:50:06 2025 by rpki-client