Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/VIqNafOki5Gp9MQ8cWkh4YmnUPo.roa
File: VIqNafOki5Gp9MQ8cWkh4YmnUPo.roa (raw, json)
Hash identifier: 0pMRCDyeNEfdI5K/LmRNVRhUF1+8tIqjmrlVn/mgO+c=
Subject key identifier: 54:8A:8D:69:F3:A4:8B:91:A9:F4:C4:3C:71:69:21:E1:89:A7:50:FA
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01926C1F700E1360E2311860B81D8A6A149B
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/VIqNafOki5Gp9MQ8cWkh4YmnUPo.roa
Signing time: Tue 08 Oct 2024 12:34:12 +0000
ROA not before: Tue 08 Oct 2024 12:34:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 64267
IP address blocks: 80.240.85.0/24 maxlen: 24
89.213.229.0/24 maxlen: 24
217.145.71.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 09 Oct 2024 08:27:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:6c:1f:70:0e:13:60:e2:31:18:60:b8:1d:8a:6a:14:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Oct 8 12:34:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=548a8d69f3a48b91a9f4c43c716921e189a750fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:5c:8c:15:ba:72:2d:6c:45:29:41:f4:81:21:
bc:5a:42:83:39:36:dc:64:78:54:19:68:0a:84:5f:
13:98:c5:3a:37:74:11:1a:c5:13:e8:9a:12:aa:9f:
dc:98:9d:22:07:23:46:8f:25:eb:62:c7:de:16:8c:
fe:db:71:0a:62:c1:af:d0:25:29:c9:a1:ac:81:cc:
e4:db:1d:9d:54:fa:3e:2c:4d:5c:24:ed:92:4c:89:
be:01:9c:35:7b:fb:d5:82:c6:1d:f1:da:0f:7c:25:
41:7e:48:7e:d7:19:86:61:2b:20:1c:3f:f2:54:e0:
63:6c:93:5f:35:e5:6a:8f:bf:2e:07:b0:f4:2a:91:
af:f5:aa:3d:9f:af:56:a2:f4:bb:19:63:35:8a:45:
2e:d7:a1:af:7f:2f:31:1e:2c:d8:d7:52:bd:b3:9e:
7a:42:95:6d:6d:b5:02:ad:f4:33:d8:00:ad:ff:59:
2a:90:cc:2a:a2:d0:80:32:c9:c2:4f:af:0e:63:94:
ef:31:1e:31:eb:eb:b6:f8:1e:15:5c:87:4d:ea:19:
53:4b:cc:0e:48:78:94:47:9a:4e:fc:78:07:93:ba:
a8:c4:00:21:83:f1:93:d3:18:ed:69:00:74:2a:b0:
40:d2:7b:90:cc:08:d0:8f:8d:36:de:bd:55:7e:e4:
69:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:8A:8D:69:F3:A4:8B:91:A9:F4:C4:3C:71:69:21:E1:89:A7:50:FA
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/VIqNafOki5Gp9MQ8cWkh4YmnUPo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.240.85.0/24
89.213.229.0/24
217.145.71.0/24
Signature Algorithm: sha256WithRSAEncryption
57:a2:7b:f5:4a:04:3c:99:b5:2d:77:ed:7b:b5:a4:ff:98:4c:
b5:cb:ce:9b:d9:61:db:5b:eb:b7:3b:32:6b:5b:b3:13:36:d2:
ed:69:29:67:05:57:15:98:78:64:fd:5c:14:fa:61:67:77:e7:
bb:f9:24:7f:56:45:aa:02:0c:83:6b:3a:c4:47:28:14:c3:1b:
ce:50:3c:ce:4c:37:22:ac:a6:12:2e:9c:6a:7b:b5:89:e6:e7:
33:2c:50:67:94:ea:7d:4c:a0:3d:c4:42:7d:51:db:23:88:75:
83:3a:50:1f:3a:6d:1c:d4:35:21:e8:20:78:46:2e:94:76:40:
5d:f7:52:f4:0f:ce:b5:5b:45:d1:cf:53:0e:b1:35:9c:a4:c0:
06:87:14:70:b5:66:6f:cd:a4:42:18:fd:72:fc:1e:10:75:75:
ef:d9:81:b4:b2:80:2f:53:bc:77:7e:e8:d8:53:97:55:1d:5b:
53:21:ab:27:59:ac:ea:de:d2:f2:e0:e3:cf:ef:49:5b:ac:84:
9f:ba:dd:85:0a:32:e1:1f:e1:c8:69:f9:7f:81:eb:28:25:1f:
8d:7d:4b:a6:3a:49:d6:29:d1:e4:dc:14:af:f7:a1:be:60:0d:
f1:13:c5:e3:c5:0f:b2:4e:1b:47:c1:2d:78:44:a7:c2:c5:d5:
b5:d3:18:8f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZJsH3AOE2DiMRhguB2KahSbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMDA4MTIzNDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDhhOGQ2OWYzYTQ4YjkxYTlmNGM0M2M3MTY5MjFlMTg5YTc1MGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAslyMFbpyLWxFKUH0gSG8WkKDOTbc
ZHhUGWgKhF8TmMU6N3QRGsUT6JoSqp/cmJ0iByNGjyXrYsfeFoz+23EKYsGv0CUp
yaGsgczk2x2dVPo+LE1cJO2STIm+AZw1e/vVgsYd8doPfCVBfkh+1xmGYSsgHD/y
VOBjbJNfNeVqj78uB7D0KpGv9ao9n69WovS7GWM1ikUu16Gvfy8xHizY11K9s556
QpVtbbUCrfQz2ACt/1kqkMwqotCAMsnCT68OY5TvMR4x6+u2+B4VXIdN6hlTS8wO
SHiUR5pO/HgHk7qoxAAhg/GT0xjtaQB0KrBA0nuQzAjQj4023r1VfuRpJwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFSKjWnzpIuRqfTEPHFpIeGJp1D6MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvVklxTmFmT2tpNUdwOU1ROGNXa2g0WW1uVVBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUPBVAwQA
WdXlAwQA2ZFHMA0GCSqGSIb3DQEBCwUAA4IBAQBXonv1SgQ8mbUtd+17taT/mEy1
y86b2WHbW+u3OzJrW7MTNtLtaSlnBVcVmHhk/VwU+mFnd+e7+SR/VkWqAgyDazrE
RygUwxvOUDzOTDcirKYSLpxqe7WJ5uczLFBnlOp9TKA9xEJ9UdsjiHWDOlAfOm0c
1DUh6CB4Ri6UdkBd91L0D861W0XRz1MOsTWcpMAGhxRwtWZvzaRCGP1y/B4QdXXv
2YG0soAvU7x3fujYU5dVHVtTIasnWazq3tLy4OPP70lbrISfut2FCjLhH+HIafl/
gesoJR+NfUumOknWKdHk3BSv96G+YA3xE8XjxQ+yThtHwS14RKfCxdW10xiP
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:31:28 2025 by rpki-client