Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/269290-59ff-4233-8fa0-27550b219507/1/VOcqzwXrXb9Lq9F0KoP0yM9LjWQ.roa
File: VOcqzwXrXb9Lq9F0KoP0yM9LjWQ.roa (raw, json)
Hash identifier: LvJLFakVuUR22D+ZuMyn73ciNF/93yK4yTbiyMCjPdk=
Subject key identifier: 54:E7:2A:CF:05:EB:5D:BF:4B:AB:D1:74:2A:83:F4:C8:CF:4B:8D:64
Certificate issuer: /CN=ff1a0a7554385703974ae15ef947bc54c0b89c95
Certificate serial: 019265C62AEBCAC06D24A2A314409078811D
Authority key identifier: FF:1A:0A:75:54:38:57:03:97:4A:E1:5E:F9:47:BC:54:C0:B8:9C:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_xoKdVQ4VwOXSuFe-Ue8VMC4nJU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/269290-59ff-4233-8fa0-27550b219507/1/VOcqzwXrXb9Lq9F0KoP0yM9LjWQ.roa
Signing time: Mon 07 Oct 2024 06:58:58 +0000
ROA not before: Mon 07 Oct 2024 06:58:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25181
IP address blocks: 195.2.36.0/23 maxlen: 23
195.2.38.0/23 maxlen: 23
195.2.41.0/24 maxlen: 24
2a00:1310::/32 maxlen: 48
2a00:1310:802::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:49:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:65:c6:2a:eb:ca:c0:6d:24:a2:a3:14:40:90:78:81:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff1a0a7554385703974ae15ef947bc54c0b89c95
Validity
Not Before: Oct 7 06:58:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=54e72acf05eb5dbf4babd1742a83f4c8cf4b8d64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:5a:30:bc:a1:55:3f:cb:64:a1:63:3a:63:a1:
a9:26:03:ef:0f:13:b7:8e:e5:d7:e8:e3:c2:cb:1c:
6b:d7:45:5a:5a:fe:5b:af:3d:d7:d6:5a:01:2f:99:
ab:96:91:5c:ec:d4:3f:c5:c5:a0:9e:bf:8e:c1:37:
f6:0d:85:b4:5e:7b:6c:cc:a6:80:79:87:f7:9f:a4:
6a:d7:e4:da:d9:4c:3b:cf:77:0d:17:21:d9:b1:e5:
29:9f:61:f6:df:ba:d4:d9:32:18:ed:f6:ec:85:0f:
55:1c:aa:ab:30:5a:14:7e:8c:fe:47:13:12:e8:f5:
2c:51:3c:c4:4e:7b:c4:2e:a9:b5:a8:25:a3:62:75:
2c:55:bc:73:8a:be:40:ec:49:3c:27:0a:22:51:8a:
93:7c:1a:fa:0e:ec:99:f3:30:29:72:26:d1:d4:dc:
b5:1c:8f:38:ba:d5:7f:01:43:52:c6:06:12:9d:63:
3d:3d:05:31:93:8f:a4:ed:42:5a:35:d6:f9:38:fc:
9c:19:f4:f1:ab:70:9a:9c:3a:a5:ae:31:f6:f7:69:
82:24:98:bf:04:dd:ce:5f:e4:2f:21:01:af:1c:c1:
ab:ca:29:b9:72:b3:1c:71:69:5e:b6:44:f3:95:3a:
b4:29:d2:97:d8:02:d9:f5:09:12:55:ec:78:01:f1:
8b:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:E7:2A:CF:05:EB:5D:BF:4B:AB:D1:74:2A:83:F4:C8:CF:4B:8D:64
X509v3 Authority Key Identifier:
keyid:FF:1A:0A:75:54:38:57:03:97:4A:E1:5E:F9:47:BC:54:C0:B8:9C:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_xoKdVQ4VwOXSuFe-Ue8VMC4nJU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/269290-59ff-4233-8fa0-27550b219507/1/VOcqzwXrXb9Lq9F0KoP0yM9LjWQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/269290-59ff-4233-8fa0-27550b219507/1/_xoKdVQ4VwOXSuFe-Ue8VMC4nJU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.2.36.0/22
195.2.41.0/24
IPv6:
2a00:1310::/32
Signature Algorithm: sha256WithRSAEncryption
a1:0b:92:ec:ee:4b:2b:92:ce:89:e4:c4:a3:85:71:b4:12:f6:
b4:9b:0f:82:41:31:d5:71:56:7e:34:44:8b:ba:03:ac:0c:16:
cd:be:af:1a:be:58:01:03:7b:b4:7e:e3:0f:74:e5:dd:a2:c2:
4a:a5:7f:f1:95:31:a1:72:7f:b9:90:5f:a9:d9:7e:29:82:73:
6a:07:3c:98:f2:1a:72:56:89:66:9e:1c:91:0c:2f:a2:19:9b:
cc:f5:0d:e9:32:85:5a:a5:80:b2:1b:bb:ef:6f:29:db:52:45:
fb:92:f0:d1:82:ab:1b:27:bb:bb:60:c7:48:4a:ba:7f:bb:63:
1d:c0:8f:fd:0d:db:20:a4:b2:5b:4f:c8:a6:1a:dd:21:6e:b0:
79:62:66:43:64:de:3f:4a:2d:a5:5f:b0:4f:ed:b1:b4:fd:24:
b5:c9:2a:60:83:95:fb:00:bf:77:58:3a:a6:74:aa:77:06:8b:
91:97:38:28:03:52:52:55:4c:50:03:00:fd:f9:1e:1d:e8:d2:
2c:cc:89:a5:b9:5d:d4:f3:2c:61:7b:63:7a:9d:6c:97:5c:54:
b1:07:af:2a:ea:88:f6:d2:8f:7f:bb:ec:42:95:00:ed:a6:f9:
5b:2b:1a:5e:e0:fc:51:c1:21:c7:00:b5:f5:2b:37:de:97:6f:
42:70:cf:75
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZJlxirrysBtJKKjFECQeIEdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmMWEwYTc1NTQzODU3MDM5NzRhZTE1ZWY5NDdiYzU0YzBi
ODljOTUwHhcNMjQxMDA3MDY1ODU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NGU3MmFjZjA1ZWI1ZGJmNGJhYmQxNzQyYTgzZjRjOGNmNGI4ZDY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2lowvKFVP8tkoWM6Y6GpJgPvDxO3
juXX6OPCyxxr10VaWv5brz3X1loBL5mrlpFc7NQ/xcWgnr+OwTf2DYW0XntszKaA
eYf3n6Rq1+Ta2Uw7z3cNFyHZseUpn2H237rU2TIY7fbshQ9VHKqrMFoUfoz+RxMS
6PUsUTzETnvELqm1qCWjYnUsVbxzir5A7Ek8JwoiUYqTfBr6DuyZ8zApcibR1Ny1
HI84utV/AUNSxgYSnWM9PQUxk4+k7UJaNdb5OPycGfTxq3CanDqlrjH292mCJJi/
BN3OX+QvIQGvHMGryim5crMccWletkTzlTq0KdKX2ALZ9QkSVex4AfGLWQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFTnKs8F612/S6vRdCqD9MjPS41kMB8GA1UdIwQY
MBaAFP8aCnVUOFcDl0rhXvlHvFTAuJyVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3hvS2RWUTRWd09YU3VGZS1VZThWTUM0bkpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy8yNjkyOTAtNTlmZi00MjMzLThmYTAt
Mjc1NTBiMjE5NTA3LzEvVk9jcXp3WHJYYjlMcTlGMEtvUDB5TTlMaldRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy8yNjkyOTAtNTlmZi00MjMzLThmYTAtMjc1NTBiMjE5NTA3
LzEvX3hvS2RWUTRWd09YU3VGZS1VZThWTUM0bkpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCwwIkAwQA
wwIpMA0EAgACMAcDBQAqABMQMA0GCSqGSIb3DQEBCwUAA4IBAQChC5Ls7ksrks6J
5MSjhXG0Eva0mw+CQTHVcVZ+NESLugOsDBbNvq8avlgBA3u0fuMPdOXdosJKpX/x
lTGhcn+5kF+p2X4pgnNqBzyY8hpyVolmnhyRDC+iGZvM9Q3pMoVapYCyG7vvbynb
UkX7kvDRgqsbJ7u7YMdISrp/u2MdwI/9DdsgpLJbT8imGt0hbrB5YmZDZN4/Si2l
X7BP7bG0/SS1ySpgg5X7AL93WDqmdKp3BouRlzgoA1JSVUxQAwD9+R4d6NIszIml
uV3U8yxhe2N6nWyXXFSxB68q6oj20o9/u+xClQDtpvlbKxpe4PxRwSHHALX1Kzfe
l29CcM91
-----END CERTIFICATE-----
Generated at Tue Apr 22 22:30:16 2025 by rpki-client