Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/vfjBglEo5kXfvbi3n46h3iVJ5hA.roa
File: vfjBglEo5kXfvbi3n46h3iVJ5hA.roa (raw, json)
Hash identifier: O4HV3oI3Jlwt5leCTyJ7uSeDejzjZ7Sbn+7nroGRJzc=
Subject key identifier: BD:F8:C1:82:51:28:E6:45:DF:BD:B8:B7:9F:8E:A1:DE:25:49:E6:10
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01942826AF4C82EA7E7B7DBEFE8BBDC15428
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/vfjBglEo5kXfvbi3n46h3iVJ5hA.roa
Signing time: Thu 02 Jan 2025 17:53:31 +0000
ROA not before: Thu 02 Jan 2025 17:53:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 22427
IP address blocks: 84.32.64.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 02 Feb 2025 19:02:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:af:4c:82:ea:7e:7b:7d:be:fe:8b:bd:c1:54:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 2 17:53:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bdf8c1825128e645dfbdb8b79f8ea1de2549e610
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:0c:8c:a1:fd:f9:c3:39:19:97:ae:7d:3c:75:
e8:a2:52:35:6b:95:b0:e2:37:35:ca:c5:26:c0:6c:
65:a5:35:0f:f6:7a:c2:e4:73:e4:9e:9a:21:98:8f:
2b:a0:8a:01:dd:26:78:12:67:c3:c2:7e:c0:c3:5f:
25:8a:eb:ad:be:fd:94:95:b3:8f:00:a0:c4:b0:d8:
04:a9:e0:44:b4:e3:88:f6:a2:3a:cb:71:9d:76:7e:
e3:a8:a3:cf:f9:c2:d9:62:4b:9d:24:36:66:63:cc:
ed:2d:39:cd:e3:d7:75:62:ce:42:64:49:3b:ab:64:
08:73:60:66:bf:d7:bc:73:74:57:b7:d1:6b:61:31:
52:6b:82:b0:17:86:08:c6:b4:1d:ba:94:24:c3:41:
9b:d4:64:ab:a7:29:c8:5b:a1:b3:5d:16:78:9e:58:
df:90:7e:67:a4:31:6c:85:af:78:69:c5:2e:8c:f2:
1a:9b:5c:ba:85:7c:bd:89:69:a9:cb:32:7c:ae:83:
31:11:4b:b4:25:e0:66:20:35:24:b5:fa:33:5c:3c:
67:34:65:a8:77:99:81:6e:0b:c7:b4:af:df:bf:9d:
1e:f0:72:10:cc:46:ed:43:68:f6:c0:1c:d1:99:df:
14:cd:df:3f:b3:8d:e5:06:04:23:02:cf:7e:01:a7:
9a:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:F8:C1:82:51:28:E6:45:DF:BD:B8:B7:9F:8E:A1:DE:25:49:E6:10
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/vfjBglEo5kXfvbi3n46h3iVJ5hA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.64.0/24
Signature Algorithm: sha256WithRSAEncryption
70:69:b2:8e:00:2d:48:66:7f:72:db:bd:dc:92:ac:c4:4c:7c:
2a:46:bf:5e:d1:19:47:8a:8e:44:d9:77:70:7c:45:ad:83:46:
72:2a:55:d8:47:05:37:25:f6:09:08:1e:60:3b:7e:00:27:2c:
fe:37:9c:81:43:67:91:c8:b2:f0:66:e2:0e:03:fb:8b:ed:08:
19:b0:e0:51:f0:05:77:3d:bf:64:29:a1:b6:98:2d:d1:05:50:
b7:6d:94:f1:ea:e5:21:01:84:ea:f7:24:0f:29:c0:48:9e:e2:
1d:53:8b:2d:33:99:dd:54:eb:3e:95:70:f1:14:8a:9f:07:50:
4c:4a:52:60:e1:14:62:9d:9d:13:4e:21:ae:c6:df:54:43:b6:
a6:93:4d:38:c8:1d:6d:6d:f9:cf:06:55:2e:2c:f4:09:8f:f8:
8d:63:b5:d2:5a:33:4d:a4:61:d6:52:e3:e5:93:3c:10:18:66:
e1:1a:93:10:65:de:39:07:cb:eb:c5:72:a8:b7:3a:42:0d:ff:
f2:04:49:c2:d0:0b:b1:d0:bd:33:65:12:b2:4d:02:72:25:46:
c3:d3:24:b6:7f:f4:54:b9:38:45:da:fc:05:66:c3:24:1c:83:
34:61:fa:c2:a5:0c:62:e2:d6:84:56:87:e9:f0:dc:20:fc:1c:
98:ec:8e:53
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJq9Mgup+e32+/ou9wVQoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjUwMTAyMTc1MzMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGY4YzE4MjUxMjhlNjQ1ZGZiZGI4Yjc5ZjhlYTFkZTI1NDllNjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwyMof35wzkZl659PHXoolI1a5Ww
4jc1ysUmwGxlpTUP9nrC5HPknpohmI8roIoB3SZ4EmfDwn7Aw18liuutvv2UlbOP
AKDEsNgEqeBEtOOI9qI6y3Gddn7jqKPP+cLZYkudJDZmY8ztLTnN49d1Ys5CZEk7
q2QIc2Bmv9e8c3RXt9FrYTFSa4KwF4YIxrQdupQkw0Gb1GSrpynIW6GzXRZ4nljf
kH5npDFsha94acUujPIam1y6hXy9iWmpyzJ8roMxEUu0JeBmIDUktfozXDxnNGWo
d5mBbgvHtK/fv50e8HIQzEbtQ2j2wBzRmd8Uzd8/s43lBgQjAs9+AaeaXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL34wYJRKOZF3724t5+Ood4lSeYQMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvdmZqQmdsRW81a1hmdmJpM240NmgzaVZKNWhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVCBAMA0G
CSqGSIb3DQEBCwUAA4IBAQBwabKOAC1IZn9y273ckqzETHwqRr9e0RlHio5E2Xdw
fEWtg0ZyKlXYRwU3JfYJCB5gO34AJyz+N5yBQ2eRyLLwZuIOA/uL7QgZsOBR8AV3
Pb9kKaG2mC3RBVC3bZTx6uUhAYTq9yQPKcBInuIdU4stM5ndVOs+lXDxFIqfB1BM
SlJg4RRinZ0TTiGuxt9UQ7amk004yB1tbfnPBlUuLPQJj/iNY7XSWjNNpGHWUuPl
kzwQGGbhGpMQZd45B8vrxXKotzpCDf/yBEnC0Aux0L0zZRKyTQJyJUbD0yS2f/RU
uThF2vwFZsMkHIM0YfrCpQxi4taEVofp8Nwg/ByY7I5T
-----END CERTIFICATE-----
Generated at Fri Apr 11 08:10:29 2025 by rpki-client