Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/80ee8f-867a-4b25-ae5d-92b9daa00379/1/vTi1XEEulK4vHVhSJzb9vLZJAN8.roa
File: vTi1XEEulK4vHVhSJzb9vLZJAN8.roa (raw, json)
Hash identifier: 8uke7AJVertwyVWmZqk2tDEF46oVjksD0KS8UFAFUoc=
Subject key identifier: BD:38:B5:5C:41:2E:94:AE:2F:1D:58:52:27:36:FD:BC:B6:49:00:DF
Certificate issuer: /CN=b561ab100017a6125316fcc613384aafbde60189
Certificate serial: 0194221FC58AF165D4F6EFE75BC2EEA28A88
Authority key identifier: B5:61:AB:10:00:17:A6:12:53:16:FC:C6:13:38:4A:AF:BD:E6:01:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tWGrEAAXphJTFvzGEzhKr73mAYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/80ee8f-867a-4b25-ae5d-92b9daa00379/1/vTi1XEEulK4vHVhSJzb9vLZJAN8.roa
Signing time: Wed 01 Jan 2025 13:48:14 +0000
ROA not before: Wed 01 Jan 2025 13:48:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1103
IP address blocks: 192.42.124.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 17 Jan 2025 10:09:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:c5:8a:f1:65:d4:f6:ef:e7:5b:c2:ee:a2:8a:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b561ab100017a6125316fcc613384aafbde60189
Validity
Not Before: Jan 1 13:48:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bd38b55c412e94ae2f1d58522736fdbcb64900df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:5c:f1:31:23:b4:4a:d1:e1:34:af:e6:fa:e0:
87:41:30:ed:89:17:2b:c0:d5:0b:31:53:93:6b:4e:
8a:c3:f1:82:77:20:d5:ae:5c:0e:96:93:28:ed:4c:
75:f2:d4:c0:ea:1e:d9:aa:ad:cf:d0:0d:bd:b2:51:
5a:93:66:b4:fa:7c:9c:2c:66:7b:d5:de:09:bd:b8:
54:01:de:d7:eb:78:00:10:ae:3e:16:bf:0b:67:36:
a6:ed:be:f6:63:bf:f5:79:73:de:52:d8:45:0d:21:
d3:c4:fc:57:5f:35:70:17:24:4c:86:99:14:59:89:
14:a4:49:d3:5a:f6:bf:0a:e5:ca:0f:87:8b:73:c6:
ce:8c:53:b2:1d:b1:c6:a7:1c:9c:cd:b6:a9:0b:e0:
27:16:a5:20:54:32:e8:37:81:2e:15:9f:38:49:7b:
fc:33:7d:a0:16:5b:5a:d0:fb:b8:ee:74:c8:95:21:
fc:89:57:9c:53:e8:6e:fd:f0:58:bb:a4:04:b6:94:
77:83:58:45:9a:d2:1b:c7:e1:e6:61:fc:e6:ee:15:
50:a7:c3:84:7c:a9:8d:d9:e8:ff:ff:24:11:05:7f:
08:83:76:d0:a7:2a:b7:f1:fc:6a:70:c6:5f:19:83:
5e:95:d0:24:26:1c:de:61:4e:90:30:6d:ba:5c:b7:
b6:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:38:B5:5C:41:2E:94:AE:2F:1D:58:52:27:36:FD:BC:B6:49:00:DF
X509v3 Authority Key Identifier:
keyid:B5:61:AB:10:00:17:A6:12:53:16:FC:C6:13:38:4A:AF:BD:E6:01:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tWGrEAAXphJTFvzGEzhKr73mAYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/80ee8f-867a-4b25-ae5d-92b9daa00379/1/vTi1XEEulK4vHVhSJzb9vLZJAN8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/80ee8f-867a-4b25-ae5d-92b9daa00379/1/tWGrEAAXphJTFvzGEzhKr73mAYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.42.124.0/22
Signature Algorithm: sha256WithRSAEncryption
0b:58:f9:16:5e:b8:62:b9:d7:6a:ac:a9:52:bb:65:66:12:fc:
b2:ef:7f:af:e0:a5:49:7f:48:79:e4:08:79:d6:75:be:78:53:
5d:29:7c:fa:c2:1a:2b:b5:36:d1:10:96:9e:1a:43:b4:70:98:
37:b4:1b:8c:fe:20:13:81:bb:70:0f:ab:62:3f:b2:0a:27:b3:
49:7a:79:90:ed:b2:21:12:bb:16:a2:b4:b5:98:0b:02:a9:ab:
35:9e:54:bd:2a:c1:cc:5e:5f:fb:a8:1f:9f:cf:8c:65:5b:f8:
eb:6e:bb:b9:e7:52:7b:84:ca:29:d5:d1:8e:28:18:3c:9a:4a:
ec:94:e5:18:31:04:8f:63:76:41:bd:c0:b7:17:ea:07:c9:0b:
9b:18:32:85:f9:f2:95:db:49:bf:87:dd:3e:31:d9:9b:64:1f:
73:1c:34:be:87:60:9f:99:f0:cc:be:9b:43:d8:3d:69:f3:0a:
4e:4a:9a:62:23:0b:5c:60:d5:0e:2e:4f:16:a6:be:1a:b5:e4:
bc:8f:4f:9e:39:38:58:c7:54:7f:82:c2:21:08:f6:71:6a:4b:
19:c0:23:26:c5:b7:77:2d:83:a8:8c:9e:6f:20:c2:e2:c0:dd:
9b:7e:b1:ac:b2:31:15:9d:a6:83:ef:17:37:9d:0e:61:9a:5a:
23:07:d2:65
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH8WK8WXU9u/nW8LuooqIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NjFhYjEwMDAxN2E2MTI1MzE2ZmNjNjEzMzg0YWFmYmRl
NjAxODkwHhcNMjUwMTAxMTM0ODE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDM4YjU1YzQxMmU5NGFlMmYxZDU4NTIyNzM2ZmRiY2I2NDkwMGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzlzxMSO0StHhNK/m+uCHQTDtiRcr
wNULMVOTa06Kw/GCdyDVrlwOlpMo7Ux18tTA6h7Zqq3P0A29slFak2a0+nycLGZ7
1d4JvbhUAd7X63gAEK4+Fr8LZzam7b72Y7/1eXPeUthFDSHTxPxXXzVwFyRMhpkU
WYkUpEnTWva/CuXKD4eLc8bOjFOyHbHGpxyczbapC+AnFqUgVDLoN4EuFZ84SXv8
M32gFlta0Pu47nTIlSH8iVecU+hu/fBYu6QEtpR3g1hFmtIbx+HmYfzm7hVQp8OE
fKmN2ej//yQRBX8Ig3bQpyq38fxqcMZfGYNeldAkJhzeYU6QMG26XLe2PQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL04tVxBLpSuLx1YUic2/by2SQDfMB8GA1UdIwQY
MBaAFLVhqxAAF6YSUxb8xhM4Sq+95gGJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFdHckVBQVhwaEpURnZ6R0V6aEtyNzNtQVlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS84MGVlOGYtODY3YS00YjI1LWFlNWQt
OTJiOWRhYTAwMzc5LzEvdlRpMVhFRXVsSzR2SFZoU0p6Yjl2TFpKQU44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS84MGVlOGYtODY3YS00YjI1LWFlNWQtOTJiOWRhYTAwMzc5
LzEvdFdHckVBQVhwaEpURnZ6R0V6aEtyNzNtQVlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwCp8MA0G
CSqGSIb3DQEBCwUAA4IBAQALWPkWXrhiuddqrKlSu2VmEvyy73+v4KVJf0h55Ah5
1nW+eFNdKXz6whortTbREJaeGkO0cJg3tBuM/iATgbtwD6tiP7IKJ7NJenmQ7bIh
ErsWorS1mAsCqas1nlS9KsHMXl/7qB+fz4xlW/jrbru551J7hMop1dGOKBg8mkrs
lOUYMQSPY3ZBvcC3F+oHyQubGDKF+fKV20m/h90+MdmbZB9zHDS+h2CfmfDMvptD
2D1p8wpOSppiIwtcYNUOLk8Wpr4ateS8j0+eOThYx1R/gsIhCPZxaksZwCMmxbd3
LYOojJ5vIMLiwN2bfrGssjEVnaaD7xc3nQ5hmlojB9Jl
-----END CERTIFICATE-----
Generated at Tue Apr 22 13:12:17 2025 by rpki-client