Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/9a50f1-294b-48e4-beaf-1dcad8e68ed9/1/vkn5gONUx-f2w6Tq2MKxhzRigMs.roa
File: vkn5gONUx-f2w6Tq2MKxhzRigMs.roa (raw, json)
Hash identifier: z/mH1g/upb7s/cBw0MlaAxR2HwY3KoOnpxu7v99G/GQ=
Subject key identifier: BE:49:F9:80:E3:54:C7:E7:F6:C3:A4:EA:D8:C2:B1:87:34:62:80:CB
Certificate issuer: /CN=9ed0c4ff4a90073288b97674694142721f5b8435
Certificate serial: 018CC9BC5868DF4A2147F60FE73E75CB4AA8
Authority key identifier: 9E:D0:C4:FF:4A:90:07:32:88:B9:76:74:69:41:42:72:1F:5B:84:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ntDE_0qQBzKIuXZ0aUFCch9bhDU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/9a50f1-294b-48e4-beaf-1dcad8e68ed9/1/vkn5gONUx-f2w6Tq2MKxhzRigMs.roa
Signing time: Tue 02 Jan 2024 10:33:33 +0000
ROA not before: Tue 02 Jan 2024 10:33:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 86.106.77.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:58:68:df:4a:21:47:f6:0f:e7:3e:75:cb:4a:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9ed0c4ff4a90073288b97674694142721f5b8435
Validity
Not Before: Jan 2 10:33:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=be49f980e354c7e7f6c3a4ead8c2b187346280cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:6e:aa:da:7a:d1:2a:b9:9f:50:f9:2c:12:6d:
17:3a:cf:e8:55:c2:b3:55:6f:05:8e:13:e0:c0:dc:
d6:d5:cd:44:2c:c5:4a:5b:f4:f2:48:87:ff:23:08:
76:8b:19:f7:a2:03:74:7a:8c:72:f1:e6:17:01:17:
b4:54:78:96:f8:bd:0d:b7:ab:1d:01:d1:53:f3:fe:
92:04:7d:77:26:38:90:24:4c:bf:b1:4d:03:00:7e:
6b:af:c6:25:8e:c7:ec:ff:8c:92:4b:60:bd:37:16:
f4:c0:e3:f3:ac:bf:15:0b:4f:02:87:55:69:7a:60:
71:93:49:d7:9b:c1:f8:28:75:1e:45:42:7b:7c:e5:
fb:4e:24:8f:da:71:22:6e:c6:a3:9d:64:0f:59:5e:
f2:8f:a3:79:e8:09:e8:38:b3:30:4f:31:60:51:00:
0f:c6:54:7b:87:2a:90:0f:27:95:60:b0:ab:e9:68:
fa:0c:d2:af:8c:dc:f0:36:eb:70:21:e2:a7:dd:77:
ae:19:ac:a2:bf:e5:9c:ef:fe:2b:5f:ea:35:6c:51:
e6:b0:7d:1f:a4:c3:25:32:70:06:2c:f0:5a:6d:2d:
8d:f7:99:f8:ac:c9:51:2f:fe:d0:39:5d:98:f3:7c:
57:b7:e8:60:48:50:9f:c7:f3:29:96:ee:21:03:63:
0d:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:49:F9:80:E3:54:C7:E7:F6:C3:A4:EA:D8:C2:B1:87:34:62:80:CB
X509v3 Authority Key Identifier:
keyid:9E:D0:C4:FF:4A:90:07:32:88:B9:76:74:69:41:42:72:1F:5B:84:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ntDE_0qQBzKIuXZ0aUFCch9bhDU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/9a50f1-294b-48e4-beaf-1dcad8e68ed9/1/vkn5gONUx-f2w6Tq2MKxhzRigMs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/9a50f1-294b-48e4-beaf-1dcad8e68ed9/1/ntDE_0qQBzKIuXZ0aUFCch9bhDU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.106.77.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:ba:1f:02:9b:38:d9:06:84:65:9d:e9:e6:8c:3c:35:67:aa:
7c:80:bc:e4:a2:b4:c5:45:f4:84:46:2d:6c:4e:5e:fd:f0:d4:
02:33:25:0f:0c:5f:39:51:4e:c1:6e:da:81:6b:7a:ea:27:74:
45:50:00:3c:4f:06:74:e5:0d:ad:e3:d2:b4:88:6f:24:13:01:
32:28:c0:42:7f:97:0a:56:de:24:7b:99:af:66:44:31:3d:ec:
91:ef:5e:b9:bc:07:fc:44:7e:b1:5b:dc:2b:f8:73:bb:aa:b4:
03:91:38:61:29:d9:ac:36:33:a1:f9:93:b0:b7:ba:a6:ab:b4:
36:8d:0d:d8:8a:57:d5:12:31:a5:65:2e:20:8a:2d:e7:ab:b6:
48:eb:e5:87:57:f4:d2:c7:6b:cf:46:96:2c:81:84:e0:cd:e8:
84:8a:28:f9:cf:64:d7:71:32:d0:2c:a9:4a:3f:ef:19:0a:30:
a9:6a:f1:f4:4a:18:6b:b3:79:d1:07:58:43:9e:02:89:5b:bf:
69:f0:3b:c3:3e:05:d6:0b:1b:0b:cd:72:18:75:6f:e1:29:82:
f5:85:cf:2d:30:8a:74:c6:6d:12:ad:f3:74:ed:ad:c6:60:62:
b9:cd:34:33:69:94:8e:ad:4c:c7:21:2a:24:dc:27:76:81:0c:
ce:17:0e:64
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJvFho30ohR/YP5z51y0qoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllZDBjNGZmNGE5MDA3MzI4OGI5NzY3NDY5NDE0MjcyMWY1
Yjg0MzUwHhcNMjQwMTAyMTAzMzMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTQ5Zjk4MGUzNTRjN2U3ZjZjM2E0ZWFkOGMyYjE4NzM0NjI4MGNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxW6q2nrRKrmfUPksEm0XOs/oVcKz
VW8FjhPgwNzW1c1ELMVKW/TySIf/Iwh2ixn3ogN0eoxy8eYXARe0VHiW+L0Nt6sd
AdFT8/6SBH13JjiQJEy/sU0DAH5rr8Yljsfs/4ySS2C9Nxb0wOPzrL8VC08Ch1Vp
emBxk0nXm8H4KHUeRUJ7fOX7TiSP2nEibsajnWQPWV7yj6N56AnoOLMwTzFgUQAP
xlR7hyqQDyeVYLCr6Wj6DNKvjNzwNutwIeKn3XeuGayiv+Wc7/4rX+o1bFHmsH0f
pMMlMnAGLPBabS2N95n4rMlRL/7QOV2Y83xXt+hgSFCfx/Mplu4hA2MN/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL5J+YDjVMfn9sOk6tjCsYc0YoDLMB8GA1UdIwQY
MBaAFJ7QxP9KkAcyiLl2dGlBQnIfW4Q1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnRERV8wcVFCektJdVhaMGFVRkNjaDliaERVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi85YTUwZjEtMjk0Yi00OGU0LWJlYWYt
MWRjYWQ4ZTY4ZWQ5LzEvdmtuNWdPTlV4LWYydzZUcTJNS3hoelJpZ01zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi85YTUwZjEtMjk0Yi00OGU0LWJlYWYtMWRjYWQ4ZTY4ZWQ5
LzEvbnRERV8wcVFCektJdVhaMGFVRkNjaDliaERVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVmpNMA0G
CSqGSIb3DQEBCwUAA4IBAQANuh8CmzjZBoRlnenmjDw1Z6p8gLzkorTFRfSERi1s
Tl798NQCMyUPDF85UU7BbtqBa3rqJ3RFUAA8TwZ05Q2t49K0iG8kEwEyKMBCf5cK
Vt4ke5mvZkQxPeyR7165vAf8RH6xW9wr+HO7qrQDkThhKdmsNjOh+ZOwt7qmq7Q2
jQ3YilfVEjGlZS4gii3nq7ZI6+WHV/TSx2vPRpYsgYTgzeiEiij5z2TXcTLQLKlK
P+8ZCjCpavH0Shhrs3nRB1hDngKJW79p8DvDPgXWCxsLzXIYdW/hKYL1hc8tMIp0
xm0SrfN07a3GYGK5zTQzaZSOrUzHISok3Cd2gQzOFw5k
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:21:23 2025 by rpki-client