Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/ffa6d4-5089-45a7-a38f-f5f8145651d3/1/vplB9QaXvZdBAvKS4MjnxTvwJ6E.roa
File: vplB9QaXvZdBAvKS4MjnxTvwJ6E.roa (raw, json)
Hash identifier: yvPMTSR+Uv3uCLLaIRx+dNAU1tFdHiYBwr8qbnFc8aQ=
Subject key identifier: BE:99:41:F5:06:97:BD:97:41:02:F2:92:E0:C8:E7:C5:3B:F0:27:A1
Certificate issuer: /CN=a220dda64843a4ee364b089356ca87995830fd77
Certificate serial: 018CCA2A2D250DAC9E0A8AD6F66B58C915EB
Authority key identifier: A2:20:DD:A6:48:43:A4:EE:36:4B:08:93:56:CA:87:99:58:30:FD:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oiDdpkhDpO42SwiTVsqHmVgw_Xc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/ffa6d4-5089-45a7-a38f-f5f8145651d3/1/vplB9QaXvZdBAvKS4MjnxTvwJ6E.roa
Signing time: Tue 02 Jan 2024 12:33:30 +0000
ROA not before: Tue 02 Jan 2024 12:33:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25460
IP address blocks: 193.161.4.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:48:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:2d:25:0d:ac:9e:0a:8a:d6:f6:6b:58:c9:15:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a220dda64843a4ee364b089356ca87995830fd77
Validity
Not Before: Jan 2 12:33:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=be9941f50697bd974102f292e0c8e7c53bf027a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:41:c1:6a:62:83:49:ca:4c:e4:13:58:85:b8:
37:ba:fa:d6:94:68:ca:81:ff:b2:0c:f6:7c:45:f2:
15:85:d3:54:8c:36:92:85:18:d7:b3:e9:1d:27:07:
ea:04:c5:9b:b1:85:6e:e4:93:12:21:4f:a7:3c:08:
d2:db:17:29:3f:8b:c8:59:5a:62:42:21:c0:04:3a:
32:16:70:53:aa:98:fb:28:19:96:3c:b3:bd:2b:90:
7d:b4:65:9d:b2:ee:ac:e7:02:76:52:d9:25:bd:5e:
19:83:32:2a:61:0e:c9:c5:be:64:58:27:a2:eb:fe:
b5:72:76:a1:b1:2d:ee:b5:58:0b:8b:2c:36:ea:03:
d9:2a:08:4b:b2:e7:62:35:54:12:de:54:bd:e2:73:
2b:b4:98:a2:11:fe:ef:4d:e4:92:69:70:12:42:e1:
cb:87:87:66:ab:a4:d2:b5:61:24:63:c7:07:3f:93:
83:96:8a:07:c8:3e:e4:55:5a:75:67:1d:da:99:82:
92:26:d4:a8:27:ef:c1:f3:4e:4b:f1:f0:d2:3c:70:
40:fe:aa:5a:36:e8:f9:ae:ab:f8:76:e2:b3:77:94:
52:32:9b:4b:63:78:29:39:b5:7e:a5:5f:15:0f:7c:
d1:44:5b:59:b8:49:ad:02:e3:7c:76:a2:28:5c:f3:
45:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:99:41:F5:06:97:BD:97:41:02:F2:92:E0:C8:E7:C5:3B:F0:27:A1
X509v3 Authority Key Identifier:
keyid:A2:20:DD:A6:48:43:A4:EE:36:4B:08:93:56:CA:87:99:58:30:FD:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oiDdpkhDpO42SwiTVsqHmVgw_Xc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/ffa6d4-5089-45a7-a38f-f5f8145651d3/1/vplB9QaXvZdBAvKS4MjnxTvwJ6E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/ffa6d4-5089-45a7-a38f-f5f8145651d3/1/oiDdpkhDpO42SwiTVsqHmVgw_Xc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.161.4.0/22
Signature Algorithm: sha256WithRSAEncryption
09:89:cc:d5:25:c2:58:f6:20:b9:9b:21:87:e8:7c:ea:59:f0:
e0:bf:68:e6:bf:fd:67:40:47:43:6d:30:df:c6:02:51:bc:be:
2b:8e:8a:f9:19:ff:db:26:d7:5a:5a:9a:d5:21:36:15:27:ad:
ce:3f:a6:7c:5c:d9:ed:b0:21:00:2a:41:ee:b8:9c:2d:8a:21:
33:7f:8e:b8:f5:ec:52:f9:31:f8:1b:42:c2:ca:2f:19:19:8c:
54:d4:25:88:cd:30:fe:46:1c:f6:2f:68:5c:9b:f7:a8:5e:ba:
95:fd:0e:37:54:87:8b:01:20:56:ef:b0:c9:bb:91:3f:41:8c:
75:62:42:fa:da:19:90:7d:6a:62:07:d7:7e:e1:08:f7:8a:b3:
e2:16:0d:3d:1e:f1:28:4d:65:47:57:fc:40:46:68:c0:be:05:
a3:1f:f3:a9:0e:1c:9d:b0:0a:7a:e4:04:f7:eb:34:4a:88:01:
5a:d8:5d:a9:dc:e1:91:d3:b4:24:a1:76:d8:e6:16:5c:f8:47:
97:5b:86:df:f2:61:13:ae:8f:f4:08:f0:a2:98:1c:5b:60:28:
82:a2:4a:40:5e:e6:0f:e9:1f:a4:ee:8d:1f:99:9a:0e:06:1b:
44:47:53:7e:08:e8:71:d6:ed:b0:d2:0d:fe:d6:f1:4b:14:67:
ab:76:b3:6d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKi0lDayeCorW9mtYyRXrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMjBkZGE2NDg0M2E0ZWUzNjRiMDg5MzU2Y2E4Nzk5NTgz
MGZkNzcwHhcNMjQwMTAyMTIzMzMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTk5NDFmNTA2OTdiZDk3NDEwMmYyOTJlMGM4ZTdjNTNiZjAyN2ExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs0HBamKDScpM5BNYhbg3uvrWlGjK
gf+yDPZ8RfIVhdNUjDaShRjXs+kdJwfqBMWbsYVu5JMSIU+nPAjS2xcpP4vIWVpi
QiHABDoyFnBTqpj7KBmWPLO9K5B9tGWdsu6s5wJ2UtklvV4ZgzIqYQ7Jxb5kWCei
6/61cnahsS3utVgLiyw26gPZKghLsudiNVQS3lS94nMrtJiiEf7vTeSSaXASQuHL
h4dmq6TStWEkY8cHP5ODlooHyD7kVVp1Zx3amYKSJtSoJ+/B805L8fDSPHBA/qpa
Nuj5rqv4duKzd5RSMptLY3gpObV+pV8VD3zRRFtZuEmtAuN8dqIoXPNF6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL6ZQfUGl72XQQLykuDI58U78CehMB8GA1UdIwQY
MBaAFKIg3aZIQ6TuNksIk1bKh5lYMP13MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2lEZHBraERwTzQyU3dpVFZzcUhtVmd3X1hjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9mZmE2ZDQtNTA4OS00NWE3LWEzOGYt
ZjVmODE0NTY1MWQzLzEvdnBsQjlRYVh2WmRCQXZLUzRNam54VHZ3SjZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9mZmE2ZDQtNTA4OS00NWE3LWEzOGYtZjVmODE0NTY1MWQz
LzEvb2lEZHBraERwTzQyU3dpVFZzcUhtVmd3X1hjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwaEEMA0G
CSqGSIb3DQEBCwUAA4IBAQAJiczVJcJY9iC5myGH6HzqWfDgv2jmv/1nQEdDbTDf
xgJRvL4rjor5Gf/bJtdaWprVITYVJ63OP6Z8XNntsCEAKkHuuJwtiiEzf4649exS
+TH4G0LCyi8ZGYxU1CWIzTD+Rhz2L2hcm/eoXrqV/Q43VIeLASBW77DJu5E/QYx1
YkL62hmQfWpiB9d+4Qj3irPiFg09HvEoTWVHV/xARmjAvgWjH/OpDhydsAp65AT3
6zRKiAFa2F2p3OGR07QkoXbY5hZc+EeXW4bf8mETro/0CPCimBxbYCiCokpAXuYP
6R+k7o0fmZoOBhtER1N+COhx1u2w0g3+1vFLFGerdrNt
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:30:30 2025 by rpki-client