Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/d442a7-74e6-476a-8755-f255658bb881/1/VQwQnzTcZjgkoS0w19J2Jqm9MDM.roa
File: VQwQnzTcZjgkoS0w19J2Jqm9MDM.roa (raw, json)
Hash identifier: q+voG1cUOOlqGhaakrTYMtkYkXexTa5Cw8wwd3zfeFM=
Subject key identifier: 55:0C:10:9F:34:DC:66:38:24:A1:2D:30:D7:D2:76:26:A9:BD:30:33
Certificate issuer: /CN=881af85f81dd3f3b24ab14ed1f42c7cc466502f0
Certificate serial: 018CC2DB0A9F964F28ACD4AE970F15949BBB
Authority key identifier: 88:1A:F8:5F:81:DD:3F:3B:24:AB:14:ED:1F:42:C7:CC:46:65:02:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iBr4X4HdPzskqxTtH0LHzEZlAvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/d442a7-74e6-476a-8755-f255658bb881/1/VQwQnzTcZjgkoS0w19J2Jqm9MDM.roa
Signing time: Mon 01 Jan 2024 02:29:44 +0000
ROA not before: Mon 01 Jan 2024 02:29:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12808
IP address blocks: 212.125.32.0/19 maxlen: 24
212.125.56.0/22 maxlen: 24
212.125.52.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:48:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:0a:9f:96:4f:28:ac:d4:ae:97:0f:15:94:9b:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=881af85f81dd3f3b24ab14ed1f42c7cc466502f0
Validity
Not Before: Jan 1 02:29:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=550c109f34dc663824a12d30d7d27626a9bd3033
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:aa:b1:75:a8:90:d8:89:94:c1:1c:c6:ee:39:
06:dc:fd:cd:4b:a7:64:c3:fc:d9:1e:1a:8c:6e:07:
78:43:f2:d1:a5:51:ce:be:c1:a2:3d:5a:18:3c:a5:
c8:05:9f:d9:87:ba:ab:f5:d7:01:dc:39:b3:47:67:
a9:ab:8b:c2:ec:23:a0:e2:a0:11:4f:66:25:b3:b2:
26:d9:64:8a:a8:ba:3d:01:c1:a6:1e:7a:76:e2:7e:
5e:34:6f:50:24:57:9d:3d:b4:88:04:3e:d0:b1:fe:
1d:3c:d8:e4:68:ef:0d:5e:28:84:a6:a4:5c:d9:43:
95:b9:7b:c2:5b:13:18:86:7f:02:6d:80:88:ab:71:
ca:c4:b3:03:2c:35:a6:0c:fe:94:18:d4:e6:a5:93:
bf:9e:2e:d8:50:cb:8e:7a:5c:5c:28:c0:cf:16:09:
0b:04:62:91:6b:fa:2f:dc:78:20:33:11:c4:af:5e:
c0:dc:62:74:f7:7b:36:4a:e9:b6:c2:15:79:02:75:
25:55:54:5d:5e:bd:c9:10:09:d8:4a:16:65:71:be:
5c:12:3b:b3:0e:68:b7:81:60:0b:eb:6a:45:b9:3a:
f8:56:96:22:07:bd:53:49:22:79:56:f5:bf:89:3f:
bf:d4:16:8e:63:0a:1d:1f:9e:4e:11:4e:a5:fb:91:
82:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:0C:10:9F:34:DC:66:38:24:A1:2D:30:D7:D2:76:26:A9:BD:30:33
X509v3 Authority Key Identifier:
keyid:88:1A:F8:5F:81:DD:3F:3B:24:AB:14:ED:1F:42:C7:CC:46:65:02:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iBr4X4HdPzskqxTtH0LHzEZlAvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/d442a7-74e6-476a-8755-f255658bb881/1/VQwQnzTcZjgkoS0w19J2Jqm9MDM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/d442a7-74e6-476a-8755-f255658bb881/1/iBr4X4HdPzskqxTtH0LHzEZlAvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.125.32.0/19
Signature Algorithm: sha256WithRSAEncryption
34:c4:e6:cc:41:b3:78:44:f7:a4:12:23:30:d5:ed:c5:f0:61:
38:44:b0:e7:28:89:64:0c:2a:b4:59:13:c9:5c:99:d2:ff:f8:
d4:38:de:9b:e9:db:7e:e0:1d:18:17:9c:16:8a:0f:89:74:3a:
e5:a0:6a:ff:e5:26:f3:12:4c:19:6b:aa:67:94:e1:49:01:fd:
c8:e6:8d:a8:5e:a8:9a:58:12:16:54:ba:82:34:e8:57:b5:af:
fa:67:db:c4:78:b2:9a:50:c4:da:70:34:95:71:79:6b:f9:8c:
ed:d6:20:c0:50:b7:fc:e4:d4:d2:df:17:ce:a5:0b:78:ea:ee:
25:58:d6:3d:d1:06:52:7c:70:76:29:a7:cc:1f:7c:08:f0:2a:
c2:eb:f2:af:1f:72:16:25:0f:36:0a:76:b2:ec:42:13:85:39:
cb:55:cb:af:63:8f:23:41:bb:61:57:db:c2:4c:bd:65:27:1a:
c6:64:00:9f:d6:3b:63:fe:cb:b0:1d:79:b8:00:62:e2:3b:99:
d0:b3:be:33:e4:da:45:59:94:fb:ad:80:03:9d:e2:a7:1c:ce:
a5:86:32:d9:8c:87:e0:2b:b0:8a:9d:7d:06:04:30:30:a1:a2:
14:76:b4:8f:c4:72:7c:5d:9a:af:25:d4:f3:f7:d3:d3:c1:3e:
fc:cc:db:6f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC2wqflk8orNSulw8VlJu7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4MWFmODVmODFkZDNmM2IyNGFiMTRlZDFmNDJjN2NjNDY2
NTAyZjAwHhcNMjQwMTAxMDIyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTBjMTA5ZjM0ZGM2NjM4MjRhMTJkMzBkN2QyNzYyNmE5YmQzMDMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh6qxdaiQ2ImUwRzG7jkG3P3NS6dk
w/zZHhqMbgd4Q/LRpVHOvsGiPVoYPKXIBZ/Zh7qr9dcB3DmzR2epq4vC7COg4qAR
T2Yls7Im2WSKqLo9AcGmHnp24n5eNG9QJFedPbSIBD7Qsf4dPNjkaO8NXiiEpqRc
2UOVuXvCWxMYhn8CbYCIq3HKxLMDLDWmDP6UGNTmpZO/ni7YUMuOelxcKMDPFgkL
BGKRa/ov3HggMxHEr17A3GJ093s2Sum2whV5AnUlVVRdXr3JEAnYShZlcb5cEjuz
Dmi3gWAL62pFuTr4VpYiB71TSSJ5VvW/iT+/1BaOYwodH55OEU6l+5GCmQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFUMEJ803GY4JKEtMNfSdiapvTAzMB8GA1UdIwQY
MBaAFIga+F+B3T87JKsU7R9Cx8xGZQLwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUJyNFg0SGRQenNrcXhUdEgwTEh6RVpsQXZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9kNDQyYTctNzRlNi00NzZhLTg3NTUt
ZjI1NTY1OGJiODgxLzEvVlF3UW56VGNaamdrb1MwdzE5SjJKcW05TURNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9kNDQyYTctNzRlNi00NzZhLTg3NTUtZjI1NTY1OGJiODgx
LzEvaUJyNFg0SGRQenNrcXhUdEgwTEh6RVpsQXZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQF1H0gMA0G
CSqGSIb3DQEBCwUAA4IBAQA0xObMQbN4RPekEiMw1e3F8GE4RLDnKIlkDCq0WRPJ
XJnS//jUON6b6dt+4B0YF5wWig+JdDrloGr/5SbzEkwZa6pnlOFJAf3I5o2oXqia
WBIWVLqCNOhXta/6Z9vEeLKaUMTacDSVcXlr+Yzt1iDAULf85NTS3xfOpQt46u4l
WNY90QZSfHB2KafMH3wI8CrC6/KvH3IWJQ82Cnay7EIThTnLVcuvY48jQbthV9vC
TL1lJxrGZACf1jtj/suwHXm4AGLiO5nQs74z5NpFWZT7rYADneKnHM6lhjLZjIfg
K7CKnX0GBDAwoaIUdrSPxHJ8XZqvJdTz99PTwT78zNtv
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:27:01 2025 by rpki-client