Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/94622d-c26d-4376-b059-bd405419b00d/1/Vtx3X7rMfuLhxnK8jvuzPa3aM_c.roa
File: Vtx3X7rMfuLhxnK8jvuzPa3aM_c.roa (raw, json)
Hash identifier: Jh3tzO0O8qQd559o16vENUq3dHp27GOY6u+LjO4MaVI=
Subject key identifier: 56:DC:77:5F:BA:CC:7E:E2:E1:C6:72:BC:8E:FB:B3:3D:AD:DA:33:F7
Certificate issuer: /CN=d38579e4c7da01df0465186236e9af27eb7312ed
Certificate serial: 01920F8D914591B57D632DFA86067C995603
Authority key identifier: D3:85:79:E4:C7:DA:01:DF:04:65:18:62:36:E9:AF:27:EB:73:12:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/04V55MfaAd8EZRhiNumvJ-tzEu0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/94622d-c26d-4376-b059-bd405419b00d/1/Vtx3X7rMfuLhxnK8jvuzPa3aM_c.roa
Signing time: Fri 20 Sep 2024 13:09:48 +0000
ROA not before: Fri 20 Sep 2024 13:09:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28773
IP address blocks: 188.190.160.0/19 maxlen: 19
195.78.38.0/23 maxlen: 23
2001:67c:2ee4::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 02 Oct 2024 13:47:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:0f:8d:91:45:91:b5:7d:63:2d:fa:86:06:7c:99:56:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d38579e4c7da01df0465186236e9af27eb7312ed
Validity
Not Before: Sep 20 13:09:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=56dc775fbacc7ee2e1c672bc8efbb33dadda33f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:a9:85:2f:88:2a:99:c7:fc:ca:48:c1:14:28:
1e:6e:b1:ba:f0:42:16:e0:fc:dc:a1:ec:23:65:fd:
64:18:e7:75:96:60:06:45:e2:01:70:92:68:3a:a7:
fb:51:14:9c:6d:fd:7a:56:14:a9:af:99:c1:1a:32:
c8:21:6f:3b:74:8d:7b:4b:81:70:54:4f:69:06:9c:
7c:c0:75:18:84:df:b1:f2:be:ec:c9:a2:ba:c5:96:
cd:32:f3:71:1c:d9:5e:34:00:6e:20:32:5b:0f:7d:
68:53:35:32:34:77:41:2a:5e:4b:a2:53:b7:80:62:
92:d0:1c:43:9b:d1:7a:03:36:dd:c0:b0:4c:85:d6:
66:7a:2f:ee:5e:0e:15:82:15:2f:d1:52:a0:b0:f5:
5e:73:a7:48:92:a2:a6:7a:a5:40:f2:3d:ee:3e:03:
b5:21:9e:c5:7a:ba:97:33:33:03:66:4a:57:2c:07:
65:6b:37:9c:d5:6f:34:d4:ab:ab:67:fa:f6:81:f1:
83:60:fd:fc:68:bb:0e:66:53:82:9a:9d:f0:fb:c1:
b3:1d:3c:cf:e1:92:6d:74:31:ef:40:db:5a:cc:60:
e8:3b:12:05:f5:dc:36:15:98:5d:ea:09:9e:69:0b:
c7:8c:86:8b:30:2d:73:e3:cd:b9:6e:c0:af:2b:e0:
c7:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:DC:77:5F:BA:CC:7E:E2:E1:C6:72:BC:8E:FB:B3:3D:AD:DA:33:F7
X509v3 Authority Key Identifier:
keyid:D3:85:79:E4:C7:DA:01:DF:04:65:18:62:36:E9:AF:27:EB:73:12:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/04V55MfaAd8EZRhiNumvJ-tzEu0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/94622d-c26d-4376-b059-bd405419b00d/1/Vtx3X7rMfuLhxnK8jvuzPa3aM_c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/94622d-c26d-4376-b059-bd405419b00d/1/04V55MfaAd8EZRhiNumvJ-tzEu0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.190.160.0/19
195.78.38.0/23
IPv6:
2001:67c:2ee4::/48
Signature Algorithm: sha256WithRSAEncryption
29:8c:12:17:0a:99:b9:e8:f0:e5:ce:ed:03:33:26:01:06:f4:
06:82:1d:1a:f1:e3:24:d1:47:fa:12:06:cd:6f:58:78:d4:f8:
4e:1f:98:5b:31:f3:f0:80:fa:95:a6:36:37:bf:2c:9c:85:3f:
c0:4b:0d:c3:72:37:eb:66:56:bb:09:c0:45:05:91:ec:0f:30:
8e:9d:de:55:84:76:d9:9e:a9:d9:8f:42:83:b6:11:8f:cf:6e:
1b:cd:2a:5e:04:8e:63:44:a2:2e:85:58:b0:58:26:f5:49:8d:
37:2e:0b:77:c9:8d:df:b6:b8:38:99:a7:4f:28:3f:7d:b1:20:
c6:a1:b4:27:d5:d8:74:12:c1:e7:40:2a:de:c6:87:9f:7f:de:
0a:d8:45:7b:9a:08:18:ff:92:ce:ba:3c:34:90:46:64:db:eb:
10:2c:b5:58:0c:18:90:1b:a8:98:14:f0:87:f7:f0:9e:55:13:
f9:c3:c0:26:3b:f2:5b:6a:e2:dd:e3:5d:32:7f:24:d1:0e:cf:
22:4e:90:70:35:2d:38:b8:ca:d2:c7:36:df:0c:52:c9:ef:b5:
6d:a3:3e:29:ef:64:e7:74:b6:3f:40:71:03:7e:da:54:f9:eb:
13:9f:46:7a:37:7e:7d:50:51:63:3b:6e:99:a1:09:64:7f:1e:
05:73:6e:ee
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZIPjZFFkbV9Yy36hgZ8mVYDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzODU3OWU0YzdkYTAxZGYwNDY1MTg2MjM2ZTlhZjI3ZWI3
MzEyZWQwHhcNMjQwOTIwMTMwOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmRjNzc1ZmJhY2M3ZWUyZTFjNjcyYmM4ZWZiYjMzZGFkZGEzM2Y3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyqmFL4gqmcf8ykjBFCgebrG68EIW
4PzcoewjZf1kGOd1lmAGReIBcJJoOqf7URScbf16VhSpr5nBGjLIIW87dI17S4Fw
VE9pBpx8wHUYhN+x8r7syaK6xZbNMvNxHNleNABuIDJbD31oUzUyNHdBKl5LolO3
gGKS0BxDm9F6AzbdwLBMhdZmei/uXg4VghUv0VKgsPVec6dIkqKmeqVA8j3uPgO1
IZ7FerqXMzMDZkpXLAdlazec1W801KurZ/r2gfGDYP38aLsOZlOCmp3w+8GzHTzP
4ZJtdDHvQNtazGDoOxIF9dw2FZhd6gmeaQvHjIaLMC1z4825bsCvK+DHmQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFFbcd1+6zH7i4cZyvI77sz2t2jP3MB8GA1UdIwQY
MBaAFNOFeeTH2gHfBGUYYjbpryfrcxLtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDRWNTVNZmFBZDhFWlJoaU51bXZKLXR6RXUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC85NDYyMmQtYzI2ZC00Mzc2LWIwNTkt
YmQ0MDU0MTliMDBkLzEvVnR4M1g3ck1mdUxoeG5LOGp2dXpQYTNhTV9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC85NDYyMmQtYzI2ZC00Mzc2LWIwNTktYmQ0MDU0MTliMDBk
LzEvMDRWNTVNZmFBZDhFWlJoaU51bXZKLXR6RXUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQFvL6gAwQB
w04mMA8EAgACMAkDBwAgAQZ8LuQwDQYJKoZIhvcNAQELBQADggEBACmMEhcKmbno
8OXO7QMzJgEG9AaCHRrx4yTRR/oSBs1vWHjU+E4fmFsx8/CA+pWmNje/LJyFP8BL
DcNyN+tmVrsJwEUFkewPMI6d3lWEdtmeqdmPQoO2EY/PbhvNKl4EjmNEoi6FWLBY
JvVJjTcuC3fJjd+2uDiZp08oP32xIMahtCfV2HQSwedAKt7Gh59/3grYRXuaCBj/
ks66PDSQRmTb6xAstVgMGJAbqJgU8If38J5VE/nDwCY78ltq4t3jXTJ/JNEOzyJO
kHA1LTi4ytLHNt8MUsnvtW2jPinvZOd0tj9AcQN+2lT56xOfRno3fn1QUWM7bpmh
CWR/HgVzbu4=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:17:23 2025 by rpki-client