Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/VlKpw1uHHpi35cS1sbJvjp3ldFg.roa
File: VlKpw1uHHpi35cS1sbJvjp3ldFg.roa (raw, json)
Hash identifier: 9M5kjYavFhVrRI85RDZ2MH5o/jzd+dB1d0G3JCS/gYQ=
Subject key identifier: 56:52:A9:C3:5B:87:1E:98:B7:E5:C4:B5:B1:B2:6F:8E:9D:E5:74:58
Certificate issuer: /CN=f98a02d20c6b7de357125f38b1735ca1b91f87b3
Certificate serial: 018CC56E6BBDDC0E3C6EB47AC3BCC4BC2C98
Authority key identifier: F9:8A:02:D2:0C:6B:7D:E3:57:12:5F:38:B1:73:5C:A1:B9:1F:87:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-YoC0gxrfeNXEl84sXNcobkfh7M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/VlKpw1uHHpi35cS1sbJvjp3ldFg.roa
Signing time: Mon 01 Jan 2024 14:29:57 +0000
ROA not before: Mon 01 Jan 2024 14:29:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209565
IP address blocks: 131.117.225.0/24 maxlen: 24
131.117.224.0/24 maxlen: 24
131.117.228.0/24 maxlen: 24
131.117.233.0/24 maxlen: 24
185.21.138.0/24 maxlen: 24
185.21.137.0/24 maxlen: 24
185.21.136.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:48:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:6b:bd:dc:0e:3c:6e:b4:7a:c3:bc:c4:bc:2c:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f98a02d20c6b7de357125f38b1735ca1b91f87b3
Validity
Not Before: Jan 1 14:29:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5652a9c35b871e98b7e5c4b5b1b26f8e9de57458
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:df:93:4a:8f:31:a6:53:7f:74:fe:cb:ad:3d:
ed:c5:32:67:79:05:05:a2:35:ef:bd:4f:d8:81:24:
d5:f4:74:95:62:80:1e:a0:6a:ef:90:91:90:56:55:
38:39:80:7a:f8:1c:3a:a3:99:66:a1:74:97:42:b5:
eb:fa:0d:3b:09:4d:4f:42:a8:03:fe:10:89:14:e5:
c0:5f:a7:3e:8d:31:93:a7:76:9b:6a:67:cc:9b:1c:
53:c5:87:99:59:68:03:a1:33:54:ef:42:14:b6:53:
80:44:20:80:12:03:09:53:c2:c6:77:ba:8a:35:c5:
ae:78:8b:07:77:00:ae:66:70:cf:da:58:5b:df:b5:
1c:70:dd:bc:95:35:cc:c8:82:c9:7f:63:6d:e5:e3:
f6:90:af:7a:2b:aa:97:1b:88:a5:72:12:41:f1:72:
58:45:19:92:43:15:8c:65:63:e0:0d:83:4b:4b:a1:
29:16:4d:ce:19:bd:d6:ce:04:d7:77:6a:9d:3b:6b:
c3:fd:6c:b3:48:4b:08:8c:9d:38:11:69:5b:c8:7c:
96:03:34:68:29:f3:7b:c2:79:31:ec:1e:cc:50:80:
c6:5c:f3:db:09:d2:74:b5:14:dc:7c:60:b7:2b:c8:
36:e7:86:e0:3d:41:d3:65:06:fc:56:71:eb:2d:45:
22:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:52:A9:C3:5B:87:1E:98:B7:E5:C4:B5:B1:B2:6F:8E:9D:E5:74:58
X509v3 Authority Key Identifier:
keyid:F9:8A:02:D2:0C:6B:7D:E3:57:12:5F:38:B1:73:5C:A1:B9:1F:87:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-YoC0gxrfeNXEl84sXNcobkfh7M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/VlKpw1uHHpi35cS1sbJvjp3ldFg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/1-YoC0gxrfeNXEl84sXNcobkfh7M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
131.117.224.0/23
131.117.228.0/24
131.117.233.0/24
185.21.136.0-185.21.138.255
Signature Algorithm: sha256WithRSAEncryption
d8:4e:13:04:45:d7:90:5d:9f:5b:4d:fe:45:fa:1a:09:1a:bd:
00:a8:0b:8a:34:d4:ac:e8:b1:49:54:32:c7:29:5a:8a:e7:c6:
a4:90:47:04:25:44:b8:29:cf:90:ea:e3:34:ed:d7:08:1b:80:
ca:09:5f:32:96:45:1e:9f:51:dd:75:49:77:83:e6:e6:71:18:
1d:01:48:0b:63:25:5a:9d:94:8f:bb:aa:8a:51:db:94:c0:9d:
4a:9a:0c:a5:28:85:6c:f4:c7:e9:77:da:f6:6d:8d:8a:97:cb:
52:75:1d:0e:04:1d:1d:19:a9:c6:e7:37:b6:da:e8:5d:8d:f6:
bf:b2:37:26:d0:3f:1a:2f:50:e7:be:c1:6e:20:6f:46:b1:f6:
db:9e:9c:20:2d:af:40:cb:5f:e6:73:3a:b5:47:45:a4:f0:97:
a0:62:e9:57:4b:cd:a4:9d:05:a6:af:1a:fb:cb:5b:20:12:ae:
4f:91:68:ad:6a:27:53:9b:0e:40:f7:ae:fe:f8:19:39:31:53:
9e:7e:87:ed:71:d3:1c:6b:8a:c7:55:eb:a7:67:7e:0c:40:23:
64:14:76:50:70:73:64:0c:7c:dc:cd:21:72:a6:16:3e:95:45:
55:2f:2d:d9:1e:96:a8:0b:dc:36:08:87:4e:60:6c:9e:e7:32:
53:b3:51:a6
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzFbmu93A48brR6w7zEvCyYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5OGEwMmQyMGM2YjdkZTM1NzEyNWYzOGIxNzM1Y2ExYjkx
Zjg3YjMwHhcNMjQwMTAxMTQyOTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjUyYTljMzViODcxZTk4YjdlNWM0YjViMWIyNmY4ZTlkZTU3NDU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmd+TSo8xplN/dP7LrT3txTJneQUF
ojXvvU/YgSTV9HSVYoAeoGrvkJGQVlU4OYB6+Bw6o5lmoXSXQrXr+g07CU1PQqgD
/hCJFOXAX6c+jTGTp3abamfMmxxTxYeZWWgDoTNU70IUtlOARCCAEgMJU8LGd7qK
NcWueIsHdwCuZnDP2lhb37UccN28lTXMyILJf2Nt5eP2kK96K6qXG4ilchJB8XJY
RRmSQxWMZWPgDYNLS6EpFk3OGb3WzgTXd2qdO2vD/WyzSEsIjJ04EWlbyHyWAzRo
KfN7wnkx7B7MUIDGXPPbCdJ0tRTcfGC3K8g254bgPUHTZQb8VnHrLUUifwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFFZSqcNbhx6Yt+XEtbGyb46d5XRYMB8GA1UdIwQY
MBaAFPmKAtIMa33jVxJfOLFzXKG5H4ezMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1Zb0MwZ3hyZmVOWEVsODRzWE5jb2JrZmg3TS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2IvYTkyMDZlLWMxZTEtNGMxNS05NTMz
LWFjZTNkNjc1ZDNjZC8xL1ZsS3B3MXVISHBpMzVjUzFzYkp2anAzbGRGZy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvN2IvYTkyMDZlLWMxZTEtNGMxNS05NTMzLWFjZTNkNjc1ZDNj
ZC8xLzEtWW9DMGd4cmZlTlhFbDg0c1hOY29ia2ZoN00uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwOQYIKwYBBQUHAQcBAf8EKjAoMCYEAgABMCADBAGDdeAD
BACDdeQDBACDdekwDAMEA7kViAMEALkVijANBgkqhkiG9w0BAQsFAAOCAQEA2E4T
BEXXkF2fW03+RfoaCRq9AKgLijTUrOixSVQyxylaiufGpJBHBCVEuCnPkOrjNO3X
CBuAyglfMpZFHp9R3XVJd4Pm5nEYHQFIC2MlWp2Uj7uqilHblMCdSpoMpSiFbPTH
6Xfa9m2NipfLUnUdDgQdHRmpxuc3ttroXY32v7I3JtA/Gi9Q577BbiBvRrH2256c
IC2vQMtf5nM6tUdFpPCXoGLpV0vNpJ0Fpq8a+8tbIBKuT5ForWonU5sOQPeu/vgZ
OTFTnn6H7XHTHGuKx1Xrp2d+DEAjZBR2UHBzZAx83M0hcqYWPpVFVS8t2R6WqAvc
NgiHTmBsnucyU7NRpg==
-----END CERTIFICATE-----
Generated at Sun Apr 20 15:14:07 2025 by rpki-client