Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/VglVwouqTI23zqJjuBmicPWrMec.roa
File: VglVwouqTI23zqJjuBmicPWrMec.roa (raw, json)
Hash identifier: FaI9/B6XdA0wqN1hW/VI9pfk8cfH7AyTbytl+3K3XFI=
Subject key identifier: 56:09:55:C2:8B:AA:4C:8D:B7:CE:A2:63:B8:19:A2:70:F5:AB:31:E7
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 0196FD3D4C2A1F56E4E2D240F43B8C2DD275
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/VglVwouqTI23zqJjuBmicPWrMec.roa
Signing time: Fri 23 May 2025 13:02:54 +0000
ROA not before: Fri 23 May 2025 13:02:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 5.102.116.0/22 maxlen: 24
31.186.180.0/22 maxlen: 24
46.20.210.0/23 maxlen: 24
82.163.52.0/23 maxlen: 24
82.163.96.0/21 maxlen: 24
92.114.40.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sun 25 May 2025 06:02:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:fd:3d:4c:2a:1f:56:e4:e2:d2:40:f4:3b:8c:2d:d2:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: May 23 13:02:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=560955c28baa4c8db7cea263b819a270f5ab31e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:b5:a1:d2:d6:1a:09:31:fd:bf:77:bf:3f:b1:
37:fa:39:ba:0d:b9:4b:b2:91:89:24:5b:76:51:6a:
0f:bd:03:df:e2:ba:0d:46:cf:20:e6:41:c4:b4:ef:
f2:16:da:75:36:67:48:31:55:e0:50:9e:c7:b3:cc:
52:cd:2d:9a:f9:f7:09:98:11:0d:a6:ed:34:49:d7:
c7:2d:09:ae:ef:e1:e9:ab:23:2e:39:c2:62:9c:25:
f3:a2:f8:c1:9e:30:d0:32:60:b9:79:5d:90:eb:77:
47:4c:7e:62:70:9f:00:7a:74:34:44:af:84:2c:05:
84:aa:b2:52:06:3e:a9:b9:a3:b0:fd:a0:b9:c8:6c:
93:54:87:8e:5c:8b:6c:21:eb:1f:7e:d8:fe:fd:e3:
ec:02:b3:20:54:6a:9e:d3:20:cb:29:c4:dc:37:d3:
5f:10:16:d4:3c:ea:d3:27:31:68:5b:c3:4a:98:f9:
b4:e6:2a:21:a9:6c:6d:7d:94:30:96:d6:ed:32:dd:
1a:fc:c0:b5:28:90:c1:08:a6:38:4f:bd:42:7f:20:
13:01:c1:4a:0e:7d:4d:bf:f2:95:f8:2a:70:f1:3b:
42:6e:72:c5:8e:5b:c0:64:d2:d9:85:3d:95:ff:1a:
48:5d:29:1d:d7:7b:dc:7f:80:35:0b:d2:34:94:ef:
7a:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:09:55:C2:8B:AA:4C:8D:B7:CE:A2:63:B8:19:A2:70:F5:AB:31:E7
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/VglVwouqTI23zqJjuBmicPWrMec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.116.0/22
31.186.180.0/22
46.20.210.0/23
82.163.52.0/23
82.163.96.0/21
92.114.40.0/22
Signature Algorithm: sha256WithRSAEncryption
1b:23:65:bf:78:f2:dd:39:1b:05:a7:ce:0c:d3:bf:7b:be:ef:
e8:4b:01:5e:2b:b1:59:47:5b:8f:62:17:cc:10:b0:34:12:3a:
34:58:11:aa:17:c4:d7:e6:11:86:e0:d3:6c:72:4f:17:f1:cf:
27:67:ab:d1:f4:14:1a:fa:c7:16:4d:9d:9a:41:c8:d2:a7:7a:
bc:69:9e:b4:99:24:ef:b7:6c:3d:bd:66:3e:75:8f:cd:18:e4:
f0:d3:e0:16:fc:07:7f:ad:8f:8a:47:3b:1a:84:38:6f:a6:e8:
95:94:ca:15:d8:76:ca:2e:55:5b:14:4d:1d:4b:73:3d:11:62:
82:b9:88:7e:5c:7b:74:e7:a6:68:3e:83:54:9b:44:cd:97:19:
85:35:d7:4b:fb:74:23:67:bc:ea:a9:9a:b9:58:36:d4:68:12:
5c:6c:16:c5:f9:ab:87:70:32:fe:b7:46:48:4e:1c:47:17:8f:
b7:e7:61:02:b3:23:d2:6d:3e:fb:34:10:27:b6:34:fe:b1:e0:
84:4f:0a:de:e4:3d:c4:8a:23:50:9f:cd:8e:97:98:8d:0a:21:
5f:0c:62:e9:84:92:21:c8:ff:ba:04:d5:9a:c6:e0:e3:85:d8:
62:c5:6f:7d:10:4c:ae:ae:fd:23:88:8e:12:74:46:34:3f:ce:
42:bb:e9:19
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZb9PUwqH1bk4tJA9DuMLdJ1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjUwNTIzMTMwMjU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjA5NTVjMjhiYWE0YzhkYjdjZWEyNjNiODE5YTI3MGY1YWIzMWU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk7Wh0tYaCTH9v3e/P7E3+jm6DblL
spGJJFt2UWoPvQPf4roNRs8g5kHEtO/yFtp1NmdIMVXgUJ7Hs8xSzS2a+fcJmBEN
pu00SdfHLQmu7+HpqyMuOcJinCXzovjBnjDQMmC5eV2Q63dHTH5icJ8AenQ0RK+E
LAWEqrJSBj6puaOw/aC5yGyTVIeOXItsIesfftj+/ePsArMgVGqe0yDLKcTcN9Nf
EBbUPOrTJzFoW8NKmPm05iohqWxtfZQwltbtMt0a/MC1KJDBCKY4T71CfyATAcFK
Dn1Nv/KV+Cpw8TtCbnLFjlvAZNLZhT2V/xpIXSkd13vcf4A1C9I0lO96YQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFFYJVcKLqkyNt86iY7gZonD1qzHnMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvVmdsVndvdXFUSTIzenFKanVCbWljUFdyTWVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCBWZ0AwQC
H7q0AwQBLhTSAwQBUqM0AwQDUqNgAwQCXHIoMA0GCSqGSIb3DQEBCwUAA4IBAQAb
I2W/ePLdORsFp84M0797vu/oSwFeK7FZR1uPYhfMELA0Ejo0WBGqF8TX5hGG4NNs
ck8X8c8nZ6vR9BQa+scWTZ2aQcjSp3q8aZ60mSTvt2w9vWY+dY/NGOTw0+AW/Ad/
rY+KRzsahDhvpuiVlMoV2HbKLlVbFE0dS3M9EWKCuYh+XHt056ZoPoNUm0TNlxmF
NddL+3QjZ7zqqZq5WDbUaBJcbBbF+auHcDL+t0ZIThxHF4+352ECsyPSbT77NBAn
tjT+seCETwre5D3EiiNQn82Ol5iNCiFfDGLphJIhyP+6BNWaxuDjhdhixW99EEyu
rv0jiI4SdEY0P85Cu+kZ
-----END CERTIFICATE-----
Generated at Sun Jun 8 09:44:50 2025 by rpki-client