Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/d2c7c7-2bcc-491e-96a7-b0d0bcd90fae/1/vnVdiCcRcMIQ-NXc3r1GXYlwZQM.roa
File: vnVdiCcRcMIQ-NXc3r1GXYlwZQM.roa (raw, json)
Hash identifier: ztPZuOrJ0r9BFJmdmqV/mTnHe/tDzwVYQWAL0k+hbu4=
Subject key identifier: BE:75:5D:88:27:11:70:C2:10:F8:D5:DC:DE:BD:46:5D:89:70:65:03
Certificate issuer: /CN=856caf1f2f0291401105ef68b25957dc555510d2
Certificate serial: 018CC501530E7D7822967A9CFFABEE3A5818
Authority key identifier: 85:6C:AF:1F:2F:02:91:40:11:05:EF:68:B2:59:57:DC:55:55:10:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hWyvHy8CkUARBe9osllX3FVVENI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/d2c7c7-2bcc-491e-96a7-b0d0bcd90fae/1/vnVdiCcRcMIQ-NXc3r1GXYlwZQM.roa
Signing time: Mon 01 Jan 2024 12:30:47 +0000
ROA not before: Mon 01 Jan 2024 12:30:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50074
IP address blocks: 195.211.208.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:48:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:53:0e:7d:78:22:96:7a:9c:ff:ab:ee:3a:58:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=856caf1f2f0291401105ef68b25957dc555510d2
Validity
Not Before: Jan 1 12:30:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=be755d88271170c210f8d5dcdebd465d89706503
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:a3:94:fa:58:d8:25:54:0f:f8:9b:9d:cd:58:
f3:71:d4:5d:e9:54:fb:37:e1:a1:03:d7:9e:89:c5:
9f:c7:4f:a3:39:38:38:17:e7:f1:80:db:e9:92:1b:
69:06:f7:f2:39:37:8f:00:33:32:3a:c8:b0:3d:88:
1f:6b:c4:17:28:32:ce:35:a8:e5:ef:53:75:c5:a4:
46:20:b7:6f:76:b1:78:3f:e4:e0:45:29:c6:03:9e:
e7:54:29:e3:7f:f0:83:f6:42:a2:b9:42:75:73:81:
3c:7b:44:19:0e:b2:71:32:85:a0:3b:42:79:7b:95:
e0:af:2b:b3:d1:d1:db:03:2b:a6:38:f5:09:9e:37:
2e:62:b2:c1:d1:2a:00:f1:81:78:06:cd:54:48:9d:
90:84:97:36:52:fa:f4:44:bf:1b:72:4c:2b:ee:13:
83:d8:73:a9:44:f5:da:dd:ad:c9:9d:a6:e3:1f:7d:
9a:8f:fb:7d:42:a1:bd:84:7c:78:3c:06:07:38:6c:
36:ae:71:62:26:b5:10:65:c3:c6:42:88:e4:69:f6:
fa:b2:1d:a5:8a:b4:a0:3a:bf:af:ae:1d:bc:e0:9f:
4c:46:84:b8:d8:f1:0b:78:ae:40:0a:3d:f1:75:4e:
f6:46:28:c2:08:04:2c:f3:9b:bd:82:05:ae:be:4a:
3b:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:75:5D:88:27:11:70:C2:10:F8:D5:DC:DE:BD:46:5D:89:70:65:03
X509v3 Authority Key Identifier:
keyid:85:6C:AF:1F:2F:02:91:40:11:05:EF:68:B2:59:57:DC:55:55:10:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hWyvHy8CkUARBe9osllX3FVVENI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/d2c7c7-2bcc-491e-96a7-b0d0bcd90fae/1/vnVdiCcRcMIQ-NXc3r1GXYlwZQM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/d2c7c7-2bcc-491e-96a7-b0d0bcd90fae/1/hWyvHy8CkUARBe9osllX3FVVENI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.211.208.0/22
Signature Algorithm: sha256WithRSAEncryption
af:9d:47:37:20:a5:20:d0:38:b4:de:0b:fe:13:22:9c:a2:5e:
5f:59:5f:59:88:68:f0:a2:e4:05:d0:33:3d:c8:39:a1:7e:c6:
c3:84:04:c4:7a:f1:95:80:b1:05:4b:72:41:59:bb:7f:64:48:
51:31:e1:4a:4f:77:ba:c8:2f:b7:1b:a6:b4:c8:7b:f9:01:0a:
6a:ec:c6:f3:dc:69:41:8d:d1:86:39:8f:ca:00:30:e3:d0:2c:
87:87:b1:fc:85:82:30:d3:2d:79:b0:39:c8:6f:2f:c2:c0:1c:
78:8c:6a:12:88:d3:e9:8f:4f:6f:bd:ee:b8:4e:e8:29:8f:1a:
65:a3:a9:74:bf:72:f0:39:ff:09:8d:cd:b1:93:cb:7a:06:e6:
d1:b0:02:27:e8:bb:7f:32:c9:95:02:b7:42:d0:bd:6e:de:7c:
9f:1c:08:e8:ff:d7:84:36:06:e8:a9:29:d6:01:8e:7c:b9:a5:
f9:3a:e6:2d:f6:43:ec:be:1e:34:3c:de:0e:50:52:44:57:1b:
91:4a:0e:e5:f0:b3:c0:82:f2:d2:94:15:a3:29:b8:b4:58:2d:
13:e2:59:09:09:08:60:83:a1:1f:14:23:41:1e:4b:bf:be:d3:
a2:36:b2:74:2c:82:72:6b:37:60:5c:b2:d0:57:8b:2f:93:38:
16:48:4d:62
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFAVMOfXgilnqc/6vuOlgYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NmNhZjFmMmYwMjkxNDAxMTA1ZWY2OGIyNTk1N2RjNTU1
NTEwZDIwHhcNMjQwMTAxMTIzMDQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTc1NWQ4ODI3MTE3MGMyMTBmOGQ1ZGNkZWJkNDY1ZDg5NzA2NTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgqOU+ljYJVQP+JudzVjzcdRd6VT7
N+GhA9eeicWfx0+jOTg4F+fxgNvpkhtpBvfyOTePADMyOsiwPYgfa8QXKDLONajl
71N1xaRGILdvdrF4P+TgRSnGA57nVCnjf/CD9kKiuUJ1c4E8e0QZDrJxMoWgO0J5
e5Xgryuz0dHbAyumOPUJnjcuYrLB0SoA8YF4Bs1USJ2QhJc2Uvr0RL8bckwr7hOD
2HOpRPXa3a3JnabjH32aj/t9QqG9hHx4PAYHOGw2rnFiJrUQZcPGQojkafb6sh2l
irSgOr+vrh284J9MRoS42PELeK5ACj3xdU72RijCCAQs85u9ggWuvko70QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL51XYgnEXDCEPjV3N69Rl2JcGUDMB8GA1UdIwQY
MBaAFIVsrx8vApFAEQXvaLJZV9xVVRDSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFd5dkh5OENrVUFSQmU5b3NsbFgzRlZWRU5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9kMmM3YzctMmJjYy00OTFlLTk2YTct
YjBkMGJjZDkwZmFlLzEvdm5WZGlDY1JjTUlRLU5YYzNyMUdYWWx3WlFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9kMmM3YzctMmJjYy00OTFlLTk2YTctYjBkMGJjZDkwZmFl
LzEvaFd5dkh5OENrVUFSQmU5b3NsbFgzRlZWRU5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCw9PQMA0G
CSqGSIb3DQEBCwUAA4IBAQCvnUc3IKUg0Di03gv+EyKcol5fWV9ZiGjwouQF0DM9
yDmhfsbDhATEevGVgLEFS3JBWbt/ZEhRMeFKT3e6yC+3G6a0yHv5AQpq7Mbz3GlB
jdGGOY/KADDj0CyHh7H8hYIw0y15sDnIby/CwBx4jGoSiNPpj09vve64Tugpjxpl
o6l0v3LwOf8Jjc2xk8t6BubRsAIn6Lt/MsmVArdC0L1u3nyfHAjo/9eENgboqSnW
AY58uaX5OuYt9kPsvh40PN4OUFJEVxuRSg7l8LPAgvLSlBWjKbi0WC0T4lkJCQhg
g6EfFCNBHku/vtOiNrJ0LIJyazdgXLLQV4svkzgWSE1i
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:23:02 2025 by rpki-client