Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/vna3Dxtr64_XCclyPId-yONBvD0.roa
File: vna3Dxtr64_XCclyPId-yONBvD0.roa (raw, json)
Hash identifier: MRES/mslYAclTEQUIyklzpu12H7/uW3KKO58tmmukAk=
Subject key identifier: BE:76:B7:0F:1B:6B:EB:8F:D7:09:C9:72:3C:87:7E:C8:E3:41:BC:3D
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 0193E3BB8F7093C1AEE55CACD851BC090EFB
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/vna3Dxtr64_XCclyPId-yONBvD0.roa
Signing time: Fri 20 Dec 2024 11:02:20 +0000
ROA not before: Fri 20 Dec 2024 11:02:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202147
IP address blocks: 178.19.40.0/23 maxlen: 23
185.229.216.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:e3:bb:8f:70:93:c1:ae:e5:5c:ac:d8:51:bc:09:0e:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Dec 20 11:02:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=be76b70f1b6beb8fd709c9723c877ec8e341bc3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:49:49:63:15:3d:3f:1a:23:a9:24:9f:c4:c9:
8e:11:ef:9a:47:05:e3:6a:54:b8:d8:59:63:e2:74:
63:ac:17:c5:14:71:de:e7:be:c0:13:3e:40:3a:95:
d4:73:f6:1d:35:87:72:3a:04:d9:d6:07:3b:be:ac:
d9:a0:a5:a2:e1:89:a3:66:3e:a0:8a:22:dc:eb:ba:
af:fd:b4:c0:ce:39:1e:ca:06:ac:bd:98:87:c1:7a:
82:24:1c:0e:a3:21:29:36:c2:23:3e:d4:c7:0f:a1:
68:83:8a:be:c8:98:0b:16:84:4c:2f:48:8d:1b:d2:
a9:5d:03:da:12:97:01:f8:0c:0d:4f:70:df:85:c0:
8a:23:df:af:c5:52:bf:97:35:2c:77:f5:ff:dd:89:
a7:c2:d0:aa:df:6f:3a:4d:76:7b:1d:9d:62:1a:24:
f9:0b:22:20:b1:04:9a:3e:b3:88:81:83:a0:7a:fd:
95:ff:68:11:88:e0:c4:9e:9b:a8:bd:96:03:55:ef:
b4:4e:ff:64:c5:bd:42:14:f0:7d:d5:81:78:82:e1:
1b:46:01:79:82:14:a3:e2:45:c7:a5:41:cc:5a:a6:
2f:bb:34:7f:a2:a3:67:72:3b:a6:31:9a:d8:aa:51:
aa:d3:27:5c:ec:30:0a:48:ac:97:3f:8b:ac:5a:96:
37:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:76:B7:0F:1B:6B:EB:8F:D7:09:C9:72:3C:87:7E:C8:E3:41:BC:3D
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/vna3Dxtr64_XCclyPId-yONBvD0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.19.40.0/23
185.229.216.0/22
Signature Algorithm: sha256WithRSAEncryption
b1:9d:af:b5:2a:77:98:68:98:fe:15:71:77:9c:9d:6f:da:ab:
15:70:3e:af:6c:5d:a5:b9:28:d6:f1:da:12:fd:ac:92:28:01:
f1:6f:d5:d0:c7:21:5f:f4:5d:da:ff:15:02:e7:99:fc:d2:8f:
49:8c:0e:6d:23:47:42:ca:ce:66:6a:d6:c3:e4:ac:da:4c:98:
0f:70:6e:25:29:1f:e5:45:03:22:40:de:94:0f:4b:1a:6e:da:
8c:93:76:ce:d6:51:af:71:d6:f9:bd:4a:59:1f:d9:b5:f6:07:
d3:cc:72:7a:b4:57:e0:da:ea:3e:10:7e:19:6b:b5:9a:0d:34:
00:5e:18:93:a4:18:cc:3c:8f:22:73:2b:12:fd:cb:57:28:fa:
5b:1d:01:be:92:da:a6:98:8d:2d:70:c0:c5:bc:dc:14:fa:cf:
3d:76:4f:52:83:fe:1b:50:57:f3:39:27:fb:da:61:1a:93:77:
4d:23:e0:38:01:b4:46:13:56:9f:39:65:b6:49:95:f0:bb:1c:
51:06:a3:31:e9:9d:59:7f:54:84:c8:37:4d:86:d7:41:89:25:
c2:9e:b2:cc:61:1a:d2:38:6a:eb:f1:41:eb:3a:95:fb:c8:ff:
16:a6:51:a2:d9:d0:a9:0a:70:5e:cb:80:c4:11:a7:ff:c4:a0:
e0:aa:e1:ae
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZPju49wk8Gu5Vys2FG8CQ77MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjQxMjIwMTEwMjIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTc2YjcwZjFiNmJlYjhmZDcwOWM5NzIzYzg3N2VjOGUzNDFiYzNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArElJYxU9PxojqSSfxMmOEe+aRwXj
alS42Flj4nRjrBfFFHHe577AEz5AOpXUc/YdNYdyOgTZ1gc7vqzZoKWi4YmjZj6g
iiLc67qv/bTAzjkeygasvZiHwXqCJBwOoyEpNsIjPtTHD6Fog4q+yJgLFoRML0iN
G9KpXQPaEpcB+AwNT3DfhcCKI9+vxVK/lzUsd/X/3YmnwtCq3286TXZ7HZ1iGiT5
CyIgsQSaPrOIgYOgev2V/2gRiODEnpuovZYDVe+0Tv9kxb1CFPB91YF4guEbRgF5
ghSj4kXHpUHMWqYvuzR/oqNncjumMZrYqlGq0ydc7DAKSKyXP4usWpY3ywIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFL52tw8ba+uP1wnJcjyHfsjjQbw9MB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvdm5hM0R4dHI2NF9YQ2NseVBJZC15T05CdkQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBshMoAwQC
ueXYMA0GCSqGSIb3DQEBCwUAA4IBAQCxna+1KneYaJj+FXF3nJ1v2qsVcD6vbF2l
uSjW8doS/aySKAHxb9XQxyFf9F3a/xUC55n80o9JjA5tI0dCys5matbD5KzaTJgP
cG4lKR/lRQMiQN6UD0sabtqMk3bO1lGvcdb5vUpZH9m19gfTzHJ6tFfg2uo+EH4Z
a7WaDTQAXhiTpBjMPI8icysS/ctXKPpbHQG+ktqmmI0tcMDFvNwU+s89dk9Sg/4b
UFfzOSf72mEak3dNI+A4AbRGE1afOWW2SZXwuxxRBqMx6Z1Zf1SEyDdNhtdBiSXC
nrLMYRrSOGrr8UHrOpX7yP8WplGi2dCpCnBey4DEEaf/xKDgquGu
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:17:21 2025 by rpki-client