Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/9f8b16-284f-4512-b3dc-015d9f1b4b50/1/VIjj_Xlmag3gOIL6k0PyWZsqyrs.roa
File: VIjj_Xlmag3gOIL6k0PyWZsqyrs.roa (raw, json)
Hash identifier: EW93KxU8Sjg0iZjT9M26RhfAdnBJc3AkTAgwCuNeY/w=
Subject key identifier: 54:88:E3:FD:79:66:6A:0D:E0:38:82:FA:93:43:F2:59:9B:2A:CA:BB
Certificate issuer: /CN=7fcad89df1bf99a36f290cc3ef0f1e7b4d027533
Certificate serial: 018F7677AF0287461E9B9514911AE1311FA8
Authority key identifier: 7F:CA:D8:9D:F1:BF:99:A3:6F:29:0C:C3:EF:0F:1E:7B:4D:02:75:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f8rYnfG_maNvKQzD7w8ee00CdTM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/9f8b16-284f-4512-b3dc-015d9f1b4b50/1/VIjj_Xlmag3gOIL6k0PyWZsqyrs.roa
Signing time: Tue 14 May 2024 09:38:26 +0000
ROA not before: Tue 14 May 2024 09:38:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211381
IP address blocks: 62.233.53.0/24 maxlen: 24
109.107.157.0/24 maxlen: 24
185.237.165.0/24 maxlen: 24
185.241.61.0/24 maxlen: 24
185.251.25.0/24 maxlen: 24
193.3.168.0/24 maxlen: 24
193.169.105.0/24 maxlen: 24
194.15.46.0/24 maxlen: 24
194.26.232.0/24 maxlen: 24
194.62.105.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 15 May 2024 12:41:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:76:77:af:02:87:46:1e:9b:95:14:91:1a:e1:31:1f:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7fcad89df1bf99a36f290cc3ef0f1e7b4d027533
Validity
Not Before: May 14 09:38:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5488e3fd79666a0de03882fa9343f2599b2acabb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:41:e4:ce:44:bc:ef:64:48:f3:65:c0:c9:27:
f7:eb:3b:9e:58:fb:65:1b:e5:45:52:84:d9:bb:69:
0d:c7:a8:b9:f2:14:69:73:4d:09:a0:c7:69:ac:26:
6a:14:95:b4:20:fa:92:db:af:cb:50:02:17:7b:ee:
e8:1f:5e:0a:3a:7e:4b:1e:b5:49:a3:6b:9e:b7:99:
c0:de:66:40:fe:01:0e:1f:cb:9d:90:5a:e2:9b:cc:
6a:f7:6d:fb:f6:31:79:4c:e0:89:19:29:9c:8b:3a:
63:c4:7d:00:ca:76:f4:5a:18:41:73:fb:7b:04:1c:
b4:1a:fe:9f:e3:32:08:81:e8:1b:a3:e0:9f:30:3e:
6b:88:de:e6:3f:3d:67:31:12:08:78:cf:50:cc:cc:
e5:a9:35:6e:6d:64:ec:d7:b5:eb:a0:84:de:ee:ac:
d2:e4:44:4e:f7:12:97:4b:97:8c:44:31:1d:74:5d:
4f:b4:34:39:dd:6a:1f:ff:28:57:99:db:40:34:85:
69:6b:2d:d1:65:b7:3a:d9:33:20:af:8a:08:eb:54:
d3:fb:44:da:ca:20:7f:07:6f:54:00:e8:42:a2:92:
15:c6:cb:d1:16:9e:d3:c7:40:57:06:87:65:6a:cd:
bb:2d:34:09:be:ba:fb:f6:d9:da:bd:0a:fb:7a:44:
3e:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:88:E3:FD:79:66:6A:0D:E0:38:82:FA:93:43:F2:59:9B:2A:CA:BB
X509v3 Authority Key Identifier:
keyid:7F:CA:D8:9D:F1:BF:99:A3:6F:29:0C:C3:EF:0F:1E:7B:4D:02:75:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8rYnfG_maNvKQzD7w8ee00CdTM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/9f8b16-284f-4512-b3dc-015d9f1b4b50/1/VIjj_Xlmag3gOIL6k0PyWZsqyrs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/9f8b16-284f-4512-b3dc-015d9f1b4b50/1/f8rYnfG_maNvKQzD7w8ee00CdTM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.233.53.0/24
109.107.157.0/24
185.237.165.0/24
185.241.61.0/24
185.251.25.0/24
193.3.168.0/24
193.169.105.0/24
194.15.46.0/24
194.26.232.0/24
194.62.105.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:fa:25:e2:72:88:17:dd:9d:08:18:71:ae:f0:31:95:ea:09:
c4:e6:36:3d:8e:0c:1b:87:33:e1:2c:12:f4:0a:69:96:8e:96:
20:94:fe:a3:d8:5b:a2:56:ee:d1:19:3b:4b:51:29:85:a9:1c:
d1:07:a5:6d:09:75:2c:da:c3:a8:13:ce:f1:dd:b1:a5:27:6e:
8a:91:34:76:d2:83:15:38:fe:f4:eb:02:a4:75:32:b4:26:bd:
b7:50:54:56:c5:4c:cd:4d:0c:3b:e6:9d:3a:53:42:a7:e9:c5:
f8:0f:11:56:57:fa:dd:fc:c0:76:02:99:5f:8d:6c:df:f1:6e:
08:02:ca:8d:a2:6a:a5:bb:71:50:b4:97:9b:0e:d1:e8:ea:11:
c4:60:c3:6e:de:f0:2b:43:3d:96:96:43:62:c4:2a:3a:87:5f:
b8:54:2c:4d:f8:03:7e:80:b3:16:10:08:ef:12:75:46:03:e0:
c1:39:56:d2:f9:65:6a:0f:ea:43:00:8e:16:97:91:92:44:cf:
78:5d:fe:11:44:31:d4:a8:76:c9:53:f0:f5:fb:8f:3a:e2:7e:
53:39:b3:97:eb:a2:9f:cf:67:34:f7:ab:d5:58:fb:4d:5d:bc:
f4:c8:5c:4c:2d:55:9a:6e:0c:96:0f:e4:d0:b5:ea:f5:ba:ed:
32:17:0e:85
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAY92d68Ch0Yem5UUkRrhMR+oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmY2FkODlkZjFiZjk5YTM2ZjI5MGNjM2VmMGYxZTdiNGQw
Mjc1MzMwHhcNMjQwNTE0MDkzODI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDg4ZTNmZDc5NjY2YTBkZTAzODgyZmE5MzQzZjI1OTliMmFjYWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyUHkzkS872RI82XAySf36zueWPtl
G+VFUoTZu2kNx6i58hRpc00JoMdprCZqFJW0IPqS26/LUAIXe+7oH14KOn5LHrVJ
o2uet5nA3mZA/gEOH8udkFrim8xq92379jF5TOCJGSmcizpjxH0Aynb0WhhBc/t7
BBy0Gv6f4zIIgegbo+CfMD5riN7mPz1nMRIIeM9QzMzlqTVubWTs17XroITe7qzS
5ERO9xKXS5eMRDEddF1PtDQ53Wof/yhXmdtANIVpay3RZbc62TMgr4oI61TT+0Ta
yiB/B29UAOhCopIVxsvRFp7Tx0BXBodlas27LTQJvrr79tnavQr7ekQ+IQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFFSI4/15ZmoN4DiC+pND8lmbKsq7MB8GA1UdIwQY
MBaAFH/K2J3xv5mjbykMw+8PHntNAnUzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjhyWW5mR19tYU52S1F6RDd3OGVlMDBDZFRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS85ZjhiMTYtMjg0Zi00NTEyLWIzZGMt
MDE1ZDlmMWI0YjUwLzEvVklqal9YbG1hZzNnT0lMNmswUHlXWnNxeXJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS85ZjhiMTYtMjg0Zi00NTEyLWIzZGMtMDE1ZDlmMWI0YjUw
LzEvZjhyWW5mR19tYU52S1F6RDd3OGVlMDBDZFRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAPuk1AwQA
bWudAwQAue2lAwQAufE9AwQAufsZAwQAwQOoAwQAwalpAwQAwg8uAwQAwhroAwQA
wj5pMA0GCSqGSIb3DQEBCwUAA4IBAQCN+iXicogX3Z0IGHGu8DGV6gnE5jY9jgwb
hzPhLBL0CmmWjpYglP6j2FuiVu7RGTtLUSmFqRzRB6VtCXUs2sOoE87x3bGlJ26K
kTR20oMVOP706wKkdTK0Jr23UFRWxUzNTQw75p06U0Kn6cX4DxFWV/rd/MB2Aplf
jWzf8W4IAsqNomqlu3FQtJebDtHo6hHEYMNu3vArQz2WlkNixCo6h1+4VCxN+AN+
gLMWEAjvEnVGA+DBOVbS+WVqD+pDAI4Wl5GSRM94Xf4RRDHUqHbJU/D1+4864n5T
ObOX66Kfz2c096vVWPtNXbz0yFxMLVWabgyWD+TQter1uu0yFw6F
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:18:46 2025 by rpki-client