Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/f3829a-9527-444b-bd72-3ef3fd969957/1/VmASDLWLkzdWRBCHbpWDAZwX7yg.roa
File: VmASDLWLkzdWRBCHbpWDAZwX7yg.roa (raw, json)
Hash identifier: iPtkggLb//dFdbBO5wn6s6O57f/4VpaYKDt7FFGZGhQ=
Subject key identifier: 56:60:12:0C:B5:8B:93:37:56:44:10:87:6E:95:83:01:9C:17:EF:28
Certificate issuer: /CN=d766fc6f1b8e2b604f7fb73c29fd5d689a0ea81d
Certificate serial: 018E75AC880E03F09ED68274F07519D885F4
Authority key identifier: D7:66:FC:6F:1B:8E:2B:60:4F:7F:B7:3C:29:FD:5D:68:9A:0E:A8:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12b8bxuOK2BPf7c8Kf1daJoOqB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/f3829a-9527-444b-bd72-3ef3fd969957/1/VmASDLWLkzdWRBCHbpWDAZwX7yg.roa
Signing time: Mon 25 Mar 2024 12:53:45 +0000
ROA not before: Mon 25 Mar 2024 12:53:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48135
IP address blocks: 94.127.80.0/22 maxlen: 22
94.127.81.0/24 maxlen: 24
94.127.83.0/24 maxlen: 24
94.127.84.0/22 maxlen: 22
94.127.85.0/24 maxlen: 24
94.127.86.0/23 maxlen: 23
94.127.86.0/24 maxlen: 24
94.127.87.0/24 maxlen: 24
151.89.0.0/16 maxlen: 16
151.89.0.0/17 maxlen: 17
151.89.54.0/24 maxlen: 24
151.89.55.0/24 maxlen: 24
151.89.56.0/24 maxlen: 24
151.89.128.0/17 maxlen: 17
151.89.232.0/22 maxlen: 22
185.51.12.0/24 maxlen: 24
185.51.13.0/24 maxlen: 24
185.51.14.0/24 maxlen: 24
185.51.15.0/24 maxlen: 24
193.111.46.0/24 maxlen: 24
193.169.150.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:47:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:75:ac:88:0e:03:f0:9e:d6:82:74:f0:75:19:d8:85:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d766fc6f1b8e2b604f7fb73c29fd5d689a0ea81d
Validity
Not Before: Mar 25 12:53:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5660120cb58b9337564410876e9583019c17ef28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:b0:31:06:c3:91:fb:5b:c4:35:04:0a:68:54:
27:5e:ea:de:0e:5e:e8:60:28:5b:a8:07:6d:31:6c:
a8:a5:b9:21:54:75:51:a8:b4:72:5c:d4:12:4d:87:
d8:fb:1c:f4:6d:6a:f6:b8:1b:09:c1:28:ff:a5:05:
d5:a4:89:18:c9:62:88:65:69:37:e8:8b:5a:65:a4:
2c:26:ce:29:37:7c:1f:c1:b2:11:ab:56:f5:5c:28:
e4:71:28:4f:50:a8:b7:9a:98:b5:e9:7e:04:30:bb:
1a:1d:ac:45:28:2e:ec:f2:d8:51:c3:aa:7a:39:90:
0a:ab:6f:70:d7:04:ed:2f:c1:12:78:67:49:89:f2:
c0:a1:68:1f:a8:96:19:0a:e5:4e:ed:1f:b7:0f:c3:
90:73:bc:84:fc:b9:2b:58:0a:0c:fc:d8:bf:7f:10:
32:c8:f2:a0:8d:a0:0b:68:67:bb:a2:f1:30:ec:87:
db:b4:5c:75:30:66:4f:d0:cd:58:ca:e8:13:f3:84:
d4:ff:92:2c:31:91:62:f9:7b:97:44:81:4a:b2:07:
ac:07:f0:2f:3e:3b:16:bf:3c:58:68:37:c0:1b:12:
15:bf:47:4a:d9:55:a4:3b:31:b6:58:d6:db:ec:54:
69:f2:9f:af:8d:85:05:3c:0f:76:d3:92:bf:8e:d7:
0d:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:60:12:0C:B5:8B:93:37:56:44:10:87:6E:95:83:01:9C:17:EF:28
X509v3 Authority Key Identifier:
keyid:D7:66:FC:6F:1B:8E:2B:60:4F:7F:B7:3C:29:FD:5D:68:9A:0E:A8:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12b8bxuOK2BPf7c8Kf1daJoOqB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/f3829a-9527-444b-bd72-3ef3fd969957/1/VmASDLWLkzdWRBCHbpWDAZwX7yg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/f3829a-9527-444b-bd72-3ef3fd969957/1/12b8bxuOK2BPf7c8Kf1daJoOqB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.127.80.0/21
151.89.0.0/16
185.51.12.0/22
193.111.46.0/24
193.169.150.0/23
Signature Algorithm: sha256WithRSAEncryption
25:35:9a:8e:a6:7e:b0:a3:b9:31:d9:cd:36:41:35:ff:17:e5:
27:0b:c8:ba:41:af:14:25:a1:15:f8:5f:15:83:9c:a5:e6:2c:
d6:46:ff:e0:14:9d:b0:e5:37:e4:32:39:03:70:06:a4:07:fc:
37:7f:29:76:6a:91:0d:20:2a:51:03:4b:f0:dc:2a:85:e5:81:
a3:bf:5d:0d:02:ae:1c:31:0b:03:ce:3f:b8:2e:9e:19:12:ed:
27:67:f9:a8:1f:c4:9c:95:a8:54:7c:9e:98:9b:50:3d:93:7f:
9b:f6:42:a0:27:66:42:43:f3:09:1e:e2:e4:4e:e9:f4:1f:18:
94:09:c7:58:4b:8b:9a:b1:02:b3:8b:ce:1c:ed:b6:22:f8:9d:
75:47:fa:f8:f3:f7:65:d8:ff:3d:8b:76:a0:04:e3:59:19:2f:
dd:a7:4b:cb:7e:bb:46:3c:32:90:e9:67:49:aa:50:aa:3b:cd:
ec:c6:da:f2:80:0f:80:70:45:47:8b:b1:73:8f:41:60:b8:f8:
bb:5d:36:7d:ec:29:f0:ee:7e:fe:6d:88:e6:a5:17:53:80:ff:
6e:42:98:2c:ee:3c:5e:0b:e2:92:59:f2:6a:54:50:db:1c:22:
9e:ed:21:5c:9a:d9:26:56:89:87:28:ad:01:86:05:30:6e:f8:
73:64:10:32
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAY51rIgOA/Ce1oJ08HUZ2IX0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NjZmYzZmMWI4ZTJiNjA0ZjdmYjczYzI5ZmQ1ZDY4OWEw
ZWE4MWQwHhcNMjQwMzI1MTI1MzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjYwMTIwY2I1OGI5MzM3NTY0NDEwODc2ZTk1ODMwMTljMTdlZjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjrAxBsOR+1vENQQKaFQnXureDl7o
YChbqAdtMWyopbkhVHVRqLRyXNQSTYfY+xz0bWr2uBsJwSj/pQXVpIkYyWKIZWk3
6ItaZaQsJs4pN3wfwbIRq1b1XCjkcShPUKi3mpi16X4EMLsaHaxFKC7s8thRw6p6
OZAKq29w1wTtL8ESeGdJifLAoWgfqJYZCuVO7R+3D8OQc7yE/LkrWAoM/Ni/fxAy
yPKgjaALaGe7ovEw7IfbtFx1MGZP0M1YyugT84TU/5IsMZFi+XuXRIFKsgesB/Av
PjsWvzxYaDfAGxIVv0dK2VWkOzG2WNbb7FRp8p+vjYUFPA9205K/jtcNCQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFFZgEgy1i5M3VkQQh26VgwGcF+8oMB8GA1UdIwQY
MBaAFNdm/G8bjitgT3+3PCn9XWiaDqgdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJiOGJ4dU9LMkJQZjdjOEtmMWRhSm9PcUIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9mMzgyOWEtOTUyNy00NDRiLWJkNzIt
M2VmM2ZkOTY5OTU3LzEvVm1BU0RMV0xremRXUkJDSGJwV0RBWndYN3lnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My9mMzgyOWEtOTUyNy00NDRiLWJkNzItM2VmM2ZkOTY5OTU3
LzEvMTJiOGJ4dU9LMkJQZjdjOEtmMWRhSm9PcUIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAjBAIAATAdAwQDXn9QAwMA
l1kDBAK5MwwDBADBby4DBAHBqZYwDQYJKoZIhvcNAQELBQADggEBACU1mo6mfrCj
uTHZzTZBNf8X5ScLyLpBrxQloRX4XxWDnKXmLNZG/+AUnbDlN+QyOQNwBqQH/Dd/
KXZqkQ0gKlEDS/DcKoXlgaO/XQ0CrhwxCwPOP7gunhkS7Sdn+agfxJyVqFR8npib
UD2Tf5v2QqAnZkJD8wke4uRO6fQfGJQJx1hLi5qxArOLzhzttiL4nXVH+vjz92XY
/z2LdqAE41kZL92nS8t+u0Y8MpDpZ0mqUKo7zezG2vKAD4BwRUeLsXOPQWC4+Ltd
Nn3sKfDufv5tiOalF1OA/25CmCzuPF4L4pJZ8mpUUNscIp7tIVya2SZWiYcorQGG
BTBu+HNkEDI=
-----END CERTIFICATE-----
Generated at Wed Apr 23 06:43:06 2025 by rpki-client