Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/70fcb3-8302-41e4-836a-eead508be4ee/1/VGeviFC-kzNaF_TYc5WJ2Z_Erso.roa
File: VGeviFC-kzNaF_TYc5WJ2Z_Erso.roa (raw, json)
Hash identifier: 7l23+yktDQAmS9vBRxGgqn26f5vVq0mYULgKBJNOAqM=
Subject key identifier: 54:67:AF:88:50:BE:93:33:5A:17:F4:D8:73:95:89:D9:9F:C4:AE:CA
Certificate issuer: /CN=bf41addc9a4eea246d42f98c7c72b30b68d67a97
Certificate serial: 01941FFA776B358C9FFFE3EF4A1B392A1FAD
Authority key identifier: BF:41:AD:DC:9A:4E:EA:24:6D:42:F9:8C:7C:72:B3:0B:68:D6:7A:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v0Gt3JpO6iRtQvmMfHKzC2jWepc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/70fcb3-8302-41e4-836a-eead508be4ee/1/VGeviFC-kzNaF_TYc5WJ2Z_Erso.roa
Signing time: Wed 01 Jan 2025 03:48:15 +0000
ROA not before: Wed 01 Jan 2025 03:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214654
IP address blocks: 45.87.101.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 31 Mar 2025 02:28:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:77:6b:35:8c:9f:ff:e3:ef:4a:1b:39:2a:1f:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf41addc9a4eea246d42f98c7c72b30b68d67a97
Validity
Not Before: Jan 1 03:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5467af8850be93335a17f4d8739589d99fc4aeca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:a5:7a:bd:89:d5:cb:f4:38:eb:71:a7:65:48:
3a:84:c4:65:55:54:b6:e4:c6:0c:5e:a8:d8:b0:72:
b8:10:89:b4:e5:07:89:0e:fa:a8:e6:05:4e:40:45:
c4:ec:96:3c:3c:94:1a:bb:a1:58:49:1a:1e:08:f3:
d7:c8:1a:44:ed:44:f8:28:e9:1a:74:5a:95:7f:4e:
3c:b2:b3:3f:75:8a:c4:e4:6f:a9:70:78:0a:04:60:
5b:dc:e4:9d:cc:3f:4b:70:d6:c9:c4:2e:a2:a2:fa:
7c:fb:61:8c:23:0e:12:67:b6:9a:2d:1f:16:ad:0e:
69:d8:1e:64:01:60:8f:66:2b:13:a1:0a:55:e9:d9:
21:43:f5:d6:cf:eb:05:07:b5:9e:d9:3c:1b:f5:f7:
32:a0:74:04:31:e3:a5:c4:45:81:be:25:34:b3:9f:
b2:0e:53:f9:86:ce:42:8e:a1:44:0f:fa:33:c9:a2:
59:13:ef:34:71:85:5f:cc:cb:1b:ed:bb:3a:9c:a6:
4d:66:55:e4:cb:15:78:f2:03:88:41:91:4c:03:61:
8c:8d:77:16:4e:79:7f:ec:58:3f:e4:ed:91:9b:bc:
64:dd:0f:d8:22:1e:cb:8f:65:de:7e:1d:1d:08:08:
ea:c4:9e:e2:4d:78:c7:ac:61:74:4d:93:83:a0:85:
28:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:67:AF:88:50:BE:93:33:5A:17:F4:D8:73:95:89:D9:9F:C4:AE:CA
X509v3 Authority Key Identifier:
keyid:BF:41:AD:DC:9A:4E:EA:24:6D:42:F9:8C:7C:72:B3:0B:68:D6:7A:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v0Gt3JpO6iRtQvmMfHKzC2jWepc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/70fcb3-8302-41e4-836a-eead508be4ee/1/VGeviFC-kzNaF_TYc5WJ2Z_Erso.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/70fcb3-8302-41e4-836a-eead508be4ee/1/v0Gt3JpO6iRtQvmMfHKzC2jWepc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.101.0/24
Signature Algorithm: sha256WithRSAEncryption
93:6c:e4:e6:4a:26:dd:49:d6:1f:79:1b:b2:fc:5d:32:5b:4f:
6d:b3:44:55:92:b3:09:86:f4:30:a5:2d:4f:93:07:23:29:2f:
11:4e:04:0c:05:9d:03:a1:79:3b:d5:cd:68:c3:50:33:3b:b1:
14:b9:22:2d:c5:a6:49:d6:27:99:7e:20:3f:fe:a2:14:a0:fe:
61:50:1b:f4:45:ef:c3:34:51:07:6b:2a:d5:d2:df:79:b5:68:
78:a1:af:3a:a4:55:46:26:f8:ab:49:df:cc:f9:d3:4d:33:f8:
0b:46:f6:31:55:c6:9b:7d:7b:2c:9e:78:7b:c2:de:6d:cc:38:
fa:d7:dc:45:ec:4b:5e:a6:08:b9:ed:a8:17:bb:18:fd:4b:e3:
eb:6f:9b:51:9c:ff:70:83:14:ee:a2:5d:da:1f:41:13:f1:c6:
e1:cb:74:eb:3b:c0:09:32:c9:b5:7b:24:8f:39:20:10:9e:0c:
f5:4e:6a:b3:c8:38:00:cc:c1:c7:06:a9:47:77:9b:61:55:1d:
a1:00:27:20:0a:d2:6b:cf:ee:44:2e:20:98:9f:32:40:3b:66:
69:5d:3c:88:08:e3:5d:35:af:73:28:71:5d:21:45:04:42:de:
93:5b:ef:44:2f:75:2e:5f:59:3f:7a:fc:ef:f6:8e:5e:d6:94:
16:fa:02:93
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+ndrNYyf/+PvShs5Kh+tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmNDFhZGRjOWE0ZWVhMjQ2ZDQyZjk4YzdjNzJiMzBiNjhk
NjdhOTcwHhcNMjUwMTAxMDM0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDY3YWY4ODUwYmU5MzMzNWExN2Y0ZDg3Mzk1ODlkOTlmYzRhZWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxKV6vYnVy/Q463GnZUg6hMRlVVS2
5MYMXqjYsHK4EIm05QeJDvqo5gVOQEXE7JY8PJQau6FYSRoeCPPXyBpE7UT4KOka
dFqVf048srM/dYrE5G+pcHgKBGBb3OSdzD9LcNbJxC6iovp8+2GMIw4SZ7aaLR8W
rQ5p2B5kAWCPZisToQpV6dkhQ/XWz+sFB7We2Twb9fcyoHQEMeOlxEWBviU0s5+y
DlP5hs5CjqFED/ozyaJZE+80cYVfzMsb7bs6nKZNZlXkyxV48gOIQZFMA2GMjXcW
Tnl/7Fg/5O2Rm7xk3Q/YIh7Lj2Xefh0dCAjqxJ7iTXjHrGF0TZODoIUo4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFRnr4hQvpMzWhf02HOVidmfxK7KMB8GA1UdIwQY
MBaAFL9BrdyaTuokbUL5jHxyswto1nqXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjBHdDNKcE82aVJ0UXZtTWZIS3pDMmpXZXBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS83MGZjYjMtODMwMi00MWU0LTgzNmEt
ZWVhZDUwOGJlNGVlLzEvVkdldmlGQy1rek5hRl9UWWM1V0oyWl9FcnNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS83MGZjYjMtODMwMi00MWU0LTgzNmEtZWVhZDUwOGJlNGVl
LzEvdjBHdDNKcE82aVJ0UXZtTWZIS3pDMmpXZXBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVdlMA0G
CSqGSIb3DQEBCwUAA4IBAQCTbOTmSibdSdYfeRuy/F0yW09ts0RVkrMJhvQwpS1P
kwcjKS8RTgQMBZ0DoXk71c1ow1AzO7EUuSItxaZJ1ieZfiA//qIUoP5hUBv0Re/D
NFEHayrV0t95tWh4oa86pFVGJvirSd/M+dNNM/gLRvYxVcabfXssnnh7wt5tzDj6
19xF7Etepgi57agXuxj9S+Prb5tRnP9wgxTuol3aH0ET8cbhy3TrO8AJMsm1eySP
OSAQngz1TmqzyDgAzMHHBqlHd5thVR2hACcgCtJrz+5ELiCYnzJAO2ZpXTyICONd
Na9zKHFdIUUEQt6TW+9EL3UuX1k/evzv9o5e1pQW+gKT
-----END CERTIFICATE-----
Generated at Sun Apr 13 11:39:14 2025 by rpki-client