Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/VAv7687EFgAdrpZbTX6WZpyjlVA.roa
File: VAv7687EFgAdrpZbTX6WZpyjlVA.roa (raw, json)
Hash identifier: 6OHRBpDMtJjtxxUwoRMuq3kkIxPrXyUNOdoulfm/Ap0=
Subject key identifier: 54:0B:FB:EB:CE:C4:16:00:1D:AE:96:5B:4D:7E:96:66:9C:A3:95:50
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018CCA2A5490778532BC6965B7C069756E54
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/VAv7687EFgAdrpZbTX6WZpyjlVA.roa
Signing time: Tue 02 Jan 2024 12:33:40 +0000
ROA not before: Tue 02 Jan 2024 12:33:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211433
IP address blocks: 92.38.39.0/24 maxlen: 24
92.253.202.0/24 maxlen: 24
93.170.10.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:49:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:54:90:77:85:32:bc:69:65:b7:c0:69:75:6e:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 12:33:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=540bfbebcec416001dae965b4d7e96669ca39550
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:0d:3e:ce:8f:ee:10:e7:7e:ae:0e:82:6d:d9:
ab:31:80:6a:37:83:f0:ef:79:04:ae:1f:7a:ce:09:
39:70:0a:67:2b:a3:7c:d9:4a:f8:6d:06:ec:e4:6a:
01:50:b5:63:b0:5f:5e:d4:49:70:c6:29:a3:08:39:
40:bd:f6:7f:1f:64:34:00:dc:a6:b0:58:ce:49:65:
5d:80:00:68:01:83:10:fd:60:ed:26:48:a8:55:d8:
0b:cc:7b:04:11:9b:c2:ae:57:f6:f5:45:62:ce:e3:
c9:28:35:41:d5:1c:49:22:6b:7a:76:87:07:1e:4d:
2a:29:0c:1e:3c:00:e8:c7:c0:6f:2e:cc:82:7f:05:
2b:41:d0:42:4f:9a:ee:40:98:ac:6b:53:8a:95:47:
64:26:aa:f7:b8:00:ee:ea:ee:4f:37:e0:71:a0:37:
dd:bc:71:2c:9c:e1:33:e8:f5:65:96:be:1c:74:6d:
08:dc:09:55:4e:5a:b7:de:cb:fe:75:85:70:c5:58:
58:7c:b8:ef:7a:54:dd:dc:c9:23:e8:93:de:94:cf:
db:67:ce:fc:87:82:bd:f7:af:60:6b:5f:cf:39:99:
4f:39:16:fa:1d:76:72:0b:d5:53:3f:02:e8:b6:8b:
0b:fc:94:8b:f5:39:7e:4b:3c:59:b2:a8:89:43:0f:
8f:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:0B:FB:EB:CE:C4:16:00:1D:AE:96:5B:4D:7E:96:66:9C:A3:95:50
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/VAv7687EFgAdrpZbTX6WZpyjlVA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.38.39.0/24
92.253.202.0/24
93.170.10.0/24
Signature Algorithm: sha256WithRSAEncryption
70:25:13:84:e7:2e:d1:f1:e8:4d:b8:34:1f:c4:94:0b:eb:7e:
52:d2:0b:c9:36:77:05:b8:a7:b9:ca:fa:1a:37:ae:11:64:81:
71:76:59:c1:cf:ae:ff:42:44:f1:e1:11:b2:a3:fc:2d:21:03:
0f:75:cf:0c:0a:57:05:e7:01:ac:2e:5a:be:d7:aa:fd:12:b8:
81:b8:40:66:f0:a1:7f:10:05:20:77:82:1c:ef:4d:a8:6a:73:
a1:4f:15:66:de:e1:d4:a7:8f:65:96:29:f8:d2:34:cf:a6:57:
a1:c5:e3:bc:39:bd:fb:15:a8:99:8c:e1:c4:9f:fb:a8:47:6a:
2d:15:9e:f7:26:15:e4:68:8e:40:6c:b2:08:6f:41:e9:e2:31:
66:d5:48:ee:a4:cf:f6:83:4a:5e:36:17:ad:40:be:a2:17:f5:
d2:76:74:8a:95:3f:7e:98:43:f7:1e:6b:dd:20:42:83:74:97:
3f:b4:6e:ea:48:57:19:dd:f4:ad:5e:2d:f7:2b:33:e7:ae:c9:
62:45:b3:af:a2:f5:88:7d:b2:3b:5b:e7:03:5d:ff:86:96:75:
6d:98:2f:ea:7f:05:c2:5e:ab:f5:ed:b6:a6:b7:66:49:da:a1:
f7:29:d4:f7:27:dc:61:db:e7:a5:98:ef:7e:8f:f9:b3:62:e7:
40:05:b9:15
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzKKlSQd4UyvGllt8BpdW5UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjQwMTAyMTIzMzQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDBiZmJlYmNlYzQxNjAwMWRhZTk2NWI0ZDdlOTY2NjljYTM5NTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsA0+zo/uEOd+rg6CbdmrMYBqN4Pw
73kErh96zgk5cApnK6N82Ur4bQbs5GoBULVjsF9e1ElwximjCDlAvfZ/H2Q0ANym
sFjOSWVdgABoAYMQ/WDtJkioVdgLzHsEEZvCrlf29UVizuPJKDVB1RxJImt6docH
Hk0qKQwePADox8BvLsyCfwUrQdBCT5ruQJisa1OKlUdkJqr3uADu6u5PN+BxoDfd
vHEsnOEz6PVllr4cdG0I3AlVTlq33sv+dYVwxVhYfLjvelTd3Mkj6JPelM/bZ878
h4K9969ga1/POZlPORb6HXZyC9VTPwLotosL/JSL9Tl+SzxZsqiJQw+PzQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFQL++vOxBYAHa6WW01+lmaco5VQMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvVkF2NzY4N0VGZ0FkcnBaYlRYNldacHlqbFZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAXCYnAwQA
XP3KAwQAXaoKMA0GCSqGSIb3DQEBCwUAA4IBAQBwJROE5y7R8ehNuDQfxJQL635S
0gvJNncFuKe5yvoaN64RZIFxdlnBz67/QkTx4RGyo/wtIQMPdc8MClcF5wGsLlq+
16r9EriBuEBm8KF/EAUgd4Ic702oanOhTxVm3uHUp49llin40jTPplehxeO8Ob37
FaiZjOHEn/uoR2otFZ73JhXkaI5AbLIIb0Hp4jFm1UjupM/2g0peNhetQL6iF/XS
dnSKlT9+mEP3HmvdIEKDdJc/tG7qSFcZ3fStXi33KzPnrsliRbOvovWIfbI7W+cD
Xf+GlnVtmC/qfwXCXqv17bamt2ZJ2qH3KdT3J9xh2+elmO9+j/mzYudABbkV
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:44:34 2025 by rpki-client