Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/fab918-8f4d-4ede-bad1-31b950270536/1/VST5BX37aro3h53PHm5nMVc0ze4.roa
File: VST5BX37aro3h53PHm5nMVc0ze4.roa (raw, json)
Hash identifier: Nudzcdlbn76cyx5A66sZcNlvUl5YVpyg6od2F28OCJk=
Subject key identifier: 55:24:F9:05:7D:FB:6A:BA:37:87:9D:CF:1E:6E:67:31:57:34:CD:EE
Certificate issuer: /CN=0690913dbbeedadde95dce4704526284e7ae7cca
Certificate serial: 018CC72689C0584D0C33CB85A645D237A330
Authority key identifier: 06:90:91:3D:BB:EE:DA:DD:E9:5D:CE:47:04:52:62:84:E7:AE:7C:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BpCRPbvu2t3pXc5HBFJihOeufMo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/fab918-8f4d-4ede-bad1-31b950270536/1/VST5BX37aro3h53PHm5nMVc0ze4.roa
Signing time: Mon 01 Jan 2024 22:30:40 +0000
ROA not before: Mon 01 Jan 2024 22:30:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12637
IP address blocks: 195.182.210.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:89:c0:58:4d:0c:33:cb:85:a6:45:d2:37:a3:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0690913dbbeedadde95dce4704526284e7ae7cca
Validity
Not Before: Jan 1 22:30:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5524f9057dfb6aba37879dcf1e6e67315734cdee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:15:3b:56:41:40:28:8b:69:92:fe:b8:4f:76:
23:d0:2a:96:2c:a1:53:08:62:18:d6:46:81:92:7c:
8e:44:c1:df:c7:fc:fc:84:b3:1c:94:12:d4:48:cc:
a7:41:c7:8f:86:61:a4:43:7c:a7:8a:fe:62:2c:66:
19:92:59:f9:27:aa:7b:6d:36:07:92:74:10:eb:7b:
8f:d3:7b:a9:8f:90:ba:16:04:19:26:3d:65:94:64:
2a:c3:bb:86:ff:e5:40:b6:a3:08:10:d7:ad:d7:cf:
d1:19:a4:a1:a6:cc:05:0d:90:35:26:92:49:9c:13:
16:ac:8d:e3:a4:13:ed:de:23:5b:2d:90:9a:2b:d3:
b5:c7:70:d5:a6:28:67:7b:95:1a:8f:e2:fc:bb:e0:
a9:dd:c7:1a:b3:b0:fe:c4:69:c2:28:2f:15:e2:9b:
71:2b:26:7a:b9:f5:41:b2:0a:89:20:9d:28:0d:1c:
09:12:d7:ab:ae:99:3e:3f:21:08:4b:7b:27:84:7a:
7c:fb:70:d8:6a:87:1e:3b:56:e4:d5:34:d7:6a:98:
7b:8b:d6:40:75:b9:65:43:22:31:8e:89:bb:6d:7c:
95:3e:84:7d:f1:b1:67:c7:62:87:6f:4e:93:42:9a:
ac:a8:75:3e:89:62:a7:14:0f:09:b4:9a:3e:a2:e4:
10:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:24:F9:05:7D:FB:6A:BA:37:87:9D:CF:1E:6E:67:31:57:34:CD:EE
X509v3 Authority Key Identifier:
keyid:06:90:91:3D:BB:EE:DA:DD:E9:5D:CE:47:04:52:62:84:E7:AE:7C:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BpCRPbvu2t3pXc5HBFJihOeufMo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/fab918-8f4d-4ede-bad1-31b950270536/1/VST5BX37aro3h53PHm5nMVc0ze4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/fab918-8f4d-4ede-bad1-31b950270536/1/BpCRPbvu2t3pXc5HBFJihOeufMo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.182.210.0/23
Signature Algorithm: sha256WithRSAEncryption
44:cb:d3:f0:dd:c0:74:86:20:75:ae:46:53:87:0f:69:a6:2b:
04:36:82:37:41:ec:34:6b:a4:c9:ae:c5:8a:1f:88:a3:4d:21:
0c:08:b6:bf:ef:41:7a:05:ff:f8:34:4f:1e:10:b2:60:9a:6f:
54:4c:02:c6:05:2e:20:9d:94:21:ba:3e:15:50:2c:ca:82:eb:
22:6d:59:97:56:c5:c9:1e:4c:7f:68:33:8d:bd:f9:2a:ce:36:
fa:08:5d:a2:e8:cd:9c:aa:5f:02:50:1e:d5:57:32:96:58:49:
4f:80:16:c8:26:a2:e8:46:63:85:da:69:2b:bf:9b:ba:94:0a:
48:73:05:8b:a9:1c:85:7f:a4:30:71:1e:23:d2:14:5b:c0:db:
bc:95:88:ab:34:a6:99:b3:f9:cc:23:85:f1:91:f9:a2:cb:c7:
b8:e5:dd:fb:41:b3:1c:20:87:39:0d:a8:88:c8:ee:6f:a9:97:
e5:45:1a:a9:c6:bc:da:ba:74:bf:d8:44:1c:e6:88:96:d5:b7:
f3:f7:c8:e3:0a:70:c0:aa:e6:fb:91:60:8c:ed:8e:b8:aa:48:
fb:04:5a:91:3e:64:1a:27:47:c7:cb:ae:fc:e1:2d:e4:3a:d3:
46:1f:66:c2:7d:94:a8:fd:2b:8e:9f:66:54:5b:93:d3:5f:82:
11:eb:da:a7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJonAWE0MM8uFpkXSN6MwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2OTA5MTNkYmJlZWRhZGRlOTVkY2U0NzA0NTI2Mjg0ZTdh
ZTdjY2EwHhcNMjQwMTAxMjIzMDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTI0ZjkwNTdkZmI2YWJhMzc4NzlkY2YxZTZlNjczMTU3MzRjZGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlhU7VkFAKItpkv64T3Yj0CqWLKFT
CGIY1kaBknyORMHfx/z8hLMclBLUSMynQcePhmGkQ3yniv5iLGYZkln5J6p7bTYH
knQQ63uP03upj5C6FgQZJj1llGQqw7uG/+VAtqMIENet18/RGaShpswFDZA1JpJJ
nBMWrI3jpBPt3iNbLZCaK9O1x3DVpihne5Uaj+L8u+Cp3ccas7D+xGnCKC8V4ptx
KyZ6ufVBsgqJIJ0oDRwJEterrpk+PyEIS3snhHp8+3DYaoceO1bk1TTXaph7i9ZA
dbllQyIxjom7bXyVPoR98bFnx2KHb06TQpqsqHU+iWKnFA8JtJo+ouQQkwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFUk+QV9+2q6N4edzx5uZzFXNM3uMB8GA1UdIwQY
MBaAFAaQkT277trd6V3ORwRSYoTnrnzKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnBDUlBidnUydDNwWGM1SEJGSmloT2V1Zk1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mYWI5MTgtOGY0ZC00ZWRlLWJhZDEt
MzFiOTUwMjcwNTM2LzEvVlNUNUJYMzdhcm8zaDUzUEhtNW5NVmMwemU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mYWI5MTgtOGY0ZC00ZWRlLWJhZDEtMzFiOTUwMjcwNTM2
LzEvQnBDUlBidnUydDNwWGM1SEJGSmloT2V1Zk1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw7bSMA0G
CSqGSIb3DQEBCwUAA4IBAQBEy9Pw3cB0hiB1rkZThw9ppisENoI3Qew0a6TJrsWK
H4ijTSEMCLa/70F6Bf/4NE8eELJgmm9UTALGBS4gnZQhuj4VUCzKgusibVmXVsXJ
Hkx/aDONvfkqzjb6CF2i6M2cql8CUB7VVzKWWElPgBbIJqLoRmOF2mkrv5u6lApI
cwWLqRyFf6QwcR4j0hRbwNu8lYirNKaZs/nMI4Xxkfmiy8e45d37QbMcIIc5DaiI
yO5vqZflRRqpxrzaunS/2EQc5oiW1bfz98jjCnDAqub7kWCM7Y64qkj7BFqRPmQa
J0fHy6784S3kOtNGH2bCfZSo/SuOn2ZUW5PTX4IR69qn
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:51 2025 by rpki-client