Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/vNww6krZkoei0H80e_hYVeDrBy4.roa
File: vNww6krZkoei0H80e_hYVeDrBy4.roa (raw, json)
Hash identifier: 0LE8AHPOp/oUABo//Jxz1cBoUu2Kf0HC3Q7Cb/ehuhE=
Subject key identifier: BC:DC:30:EA:4A:D9:92:87:A2:D0:7F:34:7B:F8:58:55:E0:EB:07:2E
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 01969D2CA4240C8BA3075D1F9493C9832D85
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/vNww6krZkoei0H80e_hYVeDrBy4.roa
Signing time: Sun 04 May 2025 21:21:10 +0000
ROA not before: Sun 04 May 2025 21:21:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7018
IP address blocks: 178.173.232.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 16 May 2025 14:28:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:9d:2c:a4:24:0c:8b:a3:07:5d:1f:94:93:c9:83:2d:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: May 4 21:21:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bcdc30ea4ad99287a2d07f347bf85855e0eb072e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:b5:46:7a:37:58:ce:cb:b7:73:e8:f9:9c:98:
43:9d:7d:38:ac:cc:ed:02:ac:ce:c3:48:e2:f8:99:
01:0b:46:28:e9:34:8d:f0:ee:44:49:c2:a9:94:15:
4d:05:ed:6d:47:3a:69:48:4d:2a:c7:31:9c:d0:19:
71:40:cd:d5:bc:65:0a:e9:54:4a:fd:1c:a0:86:74:
e4:fc:01:8e:05:dc:6c:3c:5e:81:14:ba:73:78:33:
cc:75:94:2f:66:59:ac:63:30:bc:b0:69:43:c9:4c:
59:5e:7f:70:5b:19:ca:49:85:15:21:76:d8:70:a2:
d7:d5:e0:56:f0:ef:03:7c:94:16:c4:86:31:dc:64:
8b:18:14:7b:9d:81:3b:17:4a:6f:65:1e:a7:b0:9e:
5b:a6:d7:e8:df:48:61:2c:48:04:a4:e0:33:71:30:
7d:12:e5:46:31:ea:30:c8:ee:5d:6e:da:e9:d4:62:
37:ef:c3:42:bf:4b:02:e3:16:22:fe:ed:19:89:e4:
82:2a:93:cb:4b:b1:0e:11:a1:10:a6:97:d1:f4:df:
8f:59:12:f0:43:13:2c:e5:35:e8:06:4d:9a:fd:62:
e6:20:d5:87:bc:9a:75:db:ba:59:f6:e9:63:4e:5e:
cf:69:ba:8e:f4:97:07:51:f9:15:85:67:16:73:92:
c7:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:DC:30:EA:4A:D9:92:87:A2:D0:7F:34:7B:F8:58:55:E0:EB:07:2E
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/vNww6krZkoei0H80e_hYVeDrBy4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.173.232.0/22
Signature Algorithm: sha256WithRSAEncryption
79:ce:c3:57:05:38:4b:45:50:3e:da:4a:e0:9e:f2:d4:e9:ce:
f0:0c:0f:10:0a:4b:4b:38:fb:e7:33:12:59:99:1b:04:bf:bd:
bf:37:94:ae:e3:f6:fb:7c:fb:ae:82:dc:d0:a1:c7:53:1b:e0:
ab:19:d6:fe:29:e6:c2:3d:d9:a4:c6:4c:63:f3:2b:1d:73:e4:
17:a8:e7:c3:f9:f8:7b:57:3a:25:bd:f5:d2:f7:59:ec:b2:c2:
b7:c8:b5:94:d8:c3:a2:5e:47:1f:75:0d:9d:96:62:00:e3:49:
2b:45:ab:3e:98:91:02:2b:00:e9:c0:24:60:46:79:e4:02:b2:
80:cb:79:e6:90:0b:7c:63:6e:75:13:a2:1f:d5:36:2d:9b:36:
12:c5:8c:e6:9b:f9:94:31:5f:23:f6:10:a3:2c:30:b3:ea:33:
85:2b:ab:f9:f0:ba:49:ba:64:ab:ae:a6:e5:55:09:11:8e:8c:
ab:3f:f9:b2:f3:1d:9e:33:de:8f:d3:17:0b:72:aa:ef:6e:79:
47:7f:14:26:77:f3:a3:f4:12:16:06:4a:92:3d:1c:88:90:fc:
ed:e4:9f:71:47:87:84:30:27:0d:70:6c:30:a7:6a:ed:2d:e7:
6a:ed:a9:4c:09:05:33:34:66:8e:9a:7b:30:22:c4:d5:a5:6a:
f8:76:89:02
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZadLKQkDIujB10flJPJgy2FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjUwNTA0MjEyMTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2RjMzBlYTRhZDk5Mjg3YTJkMDdmMzQ3YmY4NTg1NWUwZWIwNzJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsbVGejdYzsu3c+j5nJhDnX04rMzt
AqzOw0ji+JkBC0Yo6TSN8O5EScKplBVNBe1tRzppSE0qxzGc0BlxQM3VvGUK6VRK
/RyghnTk/AGOBdxsPF6BFLpzeDPMdZQvZlmsYzC8sGlDyUxZXn9wWxnKSYUVIXbY
cKLX1eBW8O8DfJQWxIYx3GSLGBR7nYE7F0pvZR6nsJ5bptfo30hhLEgEpOAzcTB9
EuVGMeowyO5dbtrp1GI378NCv0sC4xYi/u0ZieSCKpPLS7EOEaEQppfR9N+PWRLw
QxMs5TXoBk2a/WLmINWHvJp127pZ9uljTl7PabqO9JcHUfkVhWcWc5LH3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLzcMOpK2ZKHotB/NHv4WFXg6wcuMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvdk53dzZrclprb2VpMEg4MGVfaFlWZURyQnk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCsq3oMA0G
CSqGSIb3DQEBCwUAA4IBAQB5zsNXBThLRVA+2krgnvLU6c7wDA8QCktLOPvnMxJZ
mRsEv72/N5Su4/b7fPuugtzQocdTG+CrGdb+KebCPdmkxkxj8ysdc+QXqOfD+fh7
VzolvfXS91nsssK3yLWU2MOiXkcfdQ2dlmIA40krRas+mJECKwDpwCRgRnnkArKA
y3nmkAt8Y251E6If1TYtmzYSxYzmm/mUMV8j9hCjLDCz6jOFK6v58LpJumSrrqbl
VQkRjoyrP/my8x2eM96P0xcLcqrvbnlHfxQmd/Oj9BIWBkqSPRyIkPzt5J9xR4eE
MCcNcGwwp2rtLedq7alMCQUzNGaOmnswIsTVpWr4dokC
-----END CERTIFICATE-----
Generated at Fri Jun 13 10:31:58 2025 by rpki-client