Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/ff5ec9-e22e-4030-8334-d5dd46aaa401/1/0aE50fyCb5vUR6kva6QGqSHvjnY.roa
File: 0aE50fyCb5vUR6kva6QGqSHvjnY.roa (raw, json)
Hash identifier: kHXWAqBMzYpcHCRBeG0q261roWcr3hYBpjtz+BC1eJk=
Subject key identifier: D1:A1:39:D1:FC:82:6F:9B:D4:47:A9:2F:6B:A4:06:A9:21:EF:8E:76
Certificate issuer: /CN=555d742d527f9700cc0047d7d61bfd822878db1f
Certificate serial: 018CC348ECFACE48269FBEE231F6E6556E56
Authority key identifier: 55:5D:74:2D:52:7F:97:00:CC:00:47:D7:D6:1B:FD:82:28:78:DB:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VV10LVJ_lwDMAEfX1hv9gih42x8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/ff5ec9-e22e-4030-8334-d5dd46aaa401/1/0aE50fyCb5vUR6kva6QGqSHvjnY.roa
Signing time: Mon 01 Jan 2024 04:29:45 +0000
ROA not before: Mon 01 Jan 2024 04:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44075
IP address blocks: 194.147.159.0/24 maxlen: 24
194.147.156.0/22 maxlen: 22
194.147.156.0/24 maxlen: 24
194.147.157.0/24 maxlen: 24
194.147.158.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 11 Oct 2024 09:38:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:ec:fa:ce:48:26:9f:be:e2:31:f6:e6:55:6e:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=555d742d527f9700cc0047d7d61bfd822878db1f
Validity
Not Before: Jan 1 04:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d1a139d1fc826f9bd447a92f6ba406a921ef8e76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:63:a3:aa:f3:ec:c4:4e:7a:2b:e2:88:31:f4:
20:3d:00:db:d5:90:45:85:be:f9:62:60:14:cc:39:
63:26:14:a7:63:79:70:c6:53:70:ac:8a:b2:3d:26:
3c:cb:b6:4d:be:8f:d8:af:b7:50:74:65:26:04:80:
c6:fc:c6:48:58:2d:90:ef:2d:3f:be:2f:c9:eb:ff:
06:b7:d4:0c:19:ba:ab:12:9a:02:ed:43:92:0a:95:
db:11:91:9f:c8:50:11:36:e7:99:25:3c:56:55:56:
46:62:a7:83:7d:ac:6d:ae:5b:f2:5b:19:1c:48:48:
d1:72:d8:f8:68:e4:d6:aa:16:9e:5f:8e:9a:a8:66:
67:d8:70:2b:41:8b:6c:79:af:93:73:bb:ab:c9:ee:
ca:79:c8:c7:6a:21:6c:59:df:77:01:76:16:7c:5c:
79:4d:f2:13:e0:6c:79:99:98:d2:74:a9:c8:ac:1e:
0e:d7:31:c8:0d:b1:cb:7f:0f:98:1a:4a:07:60:8e:
96:6a:f5:c7:42:13:19:2e:b4:8d:06:7a:ad:3f:26:
64:c0:c8:ae:4d:69:8f:d8:e5:15:4f:0c:14:ac:49:
99:51:82:7b:e5:cd:89:cf:7e:37:6a:22:e7:8e:b0:
f6:d7:db:a9:06:94:dc:87:67:f7:01:0b:e1:70:dd:
ea:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:A1:39:D1:FC:82:6F:9B:D4:47:A9:2F:6B:A4:06:A9:21:EF:8E:76
X509v3 Authority Key Identifier:
keyid:55:5D:74:2D:52:7F:97:00:CC:00:47:D7:D6:1B:FD:82:28:78:DB:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VV10LVJ_lwDMAEfX1hv9gih42x8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/ff5ec9-e22e-4030-8334-d5dd46aaa401/1/0aE50fyCb5vUR6kva6QGqSHvjnY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/ff5ec9-e22e-4030-8334-d5dd46aaa401/1/VV10LVJ_lwDMAEfX1hv9gih42x8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.147.156.0/22
Signature Algorithm: sha256WithRSAEncryption
81:25:dc:3e:1d:b3:90:45:65:6f:29:ce:6d:2a:26:ec:bf:64:
0c:f1:c0:45:63:ed:4d:a7:ec:78:ac:8d:49:69:73:e0:11:33:
b8:18:a6:31:d2:dd:ce:45:e7:26:b1:28:5c:98:a4:5a:05:6b:
fe:ce:b6:63:23:71:67:1a:72:d8:11:e8:04:39:ef:12:88:47:
45:c0:d2:28:7b:20:fa:28:2b:aa:58:c5:5a:3d:b6:f9:8c:92:
63:68:91:a5:14:7c:92:31:30:f3:e6:d1:66:9e:74:60:52:8a:
e6:bf:bc:60:75:ff:af:e4:8a:fa:75:45:3e:15:e8:4c:36:04:
72:56:f1:fc:98:38:c2:6f:5c:16:59:7e:0a:33:5f:6b:33:ac:
4e:f9:05:c4:9b:89:b9:71:24:be:00:c9:da:bc:1d:0d:d0:b6:
c7:18:9b:d1:16:1a:dd:c6:1c:00:36:8e:99:68:89:15:02:0a:
a1:3d:24:83:b0:1c:08:1d:00:fe:46:fc:83:6f:1e:f1:b6:1e:
36:2a:78:d8:04:b5:fb:19:49:46:f0:0c:8d:99:87:f9:42:23:
c2:b7:ce:b7:d4:0c:d9:fa:a7:5b:15:8a:c5:bb:64:8b:f5:99:
74:25:0e:94:bc:72:c5:66:67:c0:14:f3:fe:85:62:36:5b:6f:
a1:0f:61:ed
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSOz6zkgmn77iMfbmVW5WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1NWQ3NDJkNTI3Zjk3MDBjYzAwNDdkN2Q2MWJmZDgyMjg3
OGRiMWYwHhcNMjQwMTAxMDQyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWExMzlkMWZjODI2ZjliZDQ0N2E5MmY2YmE0MDZhOTIxZWY4ZTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtGOjqvPsxE56K+KIMfQgPQDb1ZBF
hb75YmAUzDljJhSnY3lwxlNwrIqyPSY8y7ZNvo/Yr7dQdGUmBIDG/MZIWC2Q7y0/
vi/J6/8Gt9QMGbqrEpoC7UOSCpXbEZGfyFARNueZJTxWVVZGYqeDfaxtrlvyWxkc
SEjRctj4aOTWqhaeX46aqGZn2HArQYtsea+Tc7urye7KecjHaiFsWd93AXYWfFx5
TfIT4Gx5mZjSdKnIrB4O1zHIDbHLfw+YGkoHYI6WavXHQhMZLrSNBnqtPyZkwMiu
TWmP2OUVTwwUrEmZUYJ75c2Jz343aiLnjrD219upBpTch2f3AQvhcN3qtQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNGhOdH8gm+b1EepL2ukBqkh7452MB8GA1UdIwQY
MBaAFFVddC1Sf5cAzABH19Yb/YIoeNsfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVlYxMExWSl9sd0RNQUVmWDFodjlnaWg0Mng4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9mZjVlYzktZTIyZS00MDMwLTgzMzQt
ZDVkZDQ2YWFhNDAxLzEvMGFFNTBmeUNiNXZVUjZrdmE2UUdxU0h2am5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9mZjVlYzktZTIyZS00MDMwLTgzMzQtZDVkZDQ2YWFhNDAx
LzEvVlYxMExWSl9sd0RNQUVmWDFodjlnaWg0Mng4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwpOcMA0G
CSqGSIb3DQEBCwUAA4IBAQCBJdw+HbOQRWVvKc5tKibsv2QM8cBFY+1Np+x4rI1J
aXPgETO4GKYx0t3ORecmsShcmKRaBWv+zrZjI3FnGnLYEegEOe8SiEdFwNIoeyD6
KCuqWMVaPbb5jJJjaJGlFHySMTDz5tFmnnRgUormv7xgdf+v5Ir6dUU+FehMNgRy
VvH8mDjCb1wWWX4KM19rM6xO+QXEm4m5cSS+AMnavB0N0LbHGJvRFhrdxhwANo6Z
aIkVAgqhPSSDsBwIHQD+RvyDbx7xth42KnjYBLX7GUlG8AyNmYf5QiPCt8631AzZ
+qdbFYrFu2SL9Zl0JQ6UvHLFZmfAFPP+hWI2W2+hD2Ht
-----END CERTIFICATE-----
Generated at Thu Apr 17 18:35:00 2025 by rpki-client