Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/vu1TKiCl1W-5NeafRVYy6paZ0_A.roa
File: vu1TKiCl1W-5NeafRVYy6paZ0_A.roa (raw, json)
Hash identifier: GROQSeZvE9EBBKmXeWn/02z5QKqt3JohvQXa7ClTsqo=
Subject key identifier: BE:ED:53:2A:20:A5:D5:6F:B9:35:E6:9F:45:56:32:EA:96:99:D3:F0
Certificate issuer: /CN=3af7710df8add64bb9688e0f4581bea67e402c66
Certificate serial: 018CC42497DFA264300D5AB534098D148D66
Authority key identifier: 3A:F7:71:0D:F8:AD:D6:4B:B9:68:8E:0F:45:81:BE:A6:7E:40:2C:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvdxDfit1ku5aI4PRYG-pn5ALGY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/vu1TKiCl1W-5NeafRVYy6paZ0_A.roa
Signing time: Mon 01 Jan 2024 08:29:41 +0000
ROA not before: Mon 01 Jan 2024 08:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5398
IP address blocks: 185.155.184.0/23 maxlen: 24
31.44.32.0/20 maxlen: 20
193.221.216.0/23 maxlen: 23
31.44.46.0/23 maxlen: 23
77.220.64.0/19 maxlen: 19
46.21.29.0/24 maxlen: 24
2a0f:e880::/29 maxlen: 29
2a02:210::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 13 Aug 2024 05:05:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:97:df:a2:64:30:0d:5a:b5:34:09:8d:14:8d:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af7710df8add64bb9688e0f4581bea67e402c66
Validity
Not Before: Jan 1 08:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=beed532a20a5d56fb935e69f455632ea9699d3f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:49:1a:17:e6:e4:32:ff:3f:c8:56:1f:7d:19:
d9:a4:42:d9:38:54:e9:99:bf:04:c5:9f:52:8d:0e:
f0:57:0d:4a:1b:6a:f8:0c:b0:75:c4:26:a3:45:82:
36:bd:39:82:8c:ea:2e:85:6d:1d:c0:e6:18:97:51:
d1:7b:23:66:fc:f0:a5:96:6a:08:25:15:a5:32:b8:
7a:29:c7:20:0d:52:5d:aa:4e:30:4e:0d:62:75:c2:
c7:41:2c:fb:99:09:26:e4:d2:df:7c:1b:d1:77:4b:
ce:fe:7b:75:a9:d0:b7:f7:8c:8d:a0:db:a7:56:f6:
5e:5b:2e:5c:78:b0:11:73:00:7c:63:67:42:27:09:
b3:77:28:a4:37:c0:47:21:3d:6a:11:89:25:e4:31:
c5:0c:81:cc:6e:96:e9:37:e6:a9:8d:3d:6d:11:ab:
ea:ca:10:88:d9:70:ee:8b:13:ba:01:b3:06:5e:ca:
06:27:3b:0e:c7:6d:5f:ea:15:71:d8:06:5a:18:43:
8e:4d:72:1b:d3:ed:83:b4:c4:7e:45:72:84:a0:b9:
43:36:fa:24:0b:e5:66:4b:52:5c:e1:a2:af:5c:73:
40:3c:f3:35:a3:dd:02:33:53:fa:37:a1:8c:f4:e0:
40:c6:d3:bf:ef:68:98:83:6f:20:86:45:db:7a:5d:
30:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:ED:53:2A:20:A5:D5:6F:B9:35:E6:9F:45:56:32:EA:96:99:D3:F0
X509v3 Authority Key Identifier:
keyid:3A:F7:71:0D:F8:AD:D6:4B:B9:68:8E:0F:45:81:BE:A6:7E:40:2C:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvdxDfit1ku5aI4PRYG-pn5ALGY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/vu1TKiCl1W-5NeafRVYy6paZ0_A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/OvdxDfit1ku5aI4PRYG-pn5ALGY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.44.32.0/20
46.21.29.0/24
77.220.64.0/19
185.155.184.0/23
193.221.216.0/23
IPv6:
2a02:210::/32
2a0f:e880::/29
Signature Algorithm: sha256WithRSAEncryption
a7:dd:98:8b:9d:6d:3d:c2:3a:0d:56:29:66:44:e4:bf:37:84:
78:e8:e3:c1:a6:6d:db:25:ac:54:49:9a:46:61:64:57:b4:6e:
b0:8f:81:6f:ab:8e:4c:e3:88:83:95:00:0c:58:ff:8f:b7:7d:
45:a8:8b:08:47:fd:58:9a:aa:80:4d:3b:74:a6:52:d4:06:b6:
24:3f:67:73:8f:3b:8e:34:55:21:6d:e6:22:73:86:0a:15:cf:
d9:ea:f9:ad:ce:31:81:f1:21:f7:ff:01:91:5a:12:75:36:bc:
fd:6d:cc:56:29:fd:87:d1:5e:a4:7a:20:ac:ec:66:1d:5b:c1:
2d:af:39:8d:5d:b4:03:75:37:e0:07:89:68:53:61:a4:20:eb:
7b:f6:76:56:09:bd:87:a7:f3:87:f5:d0:21:ad:86:83:67:b1:
80:f7:dd:d3:a1:1e:7b:f6:f0:50:92:37:66:72:dc:a3:e7:9a:
f6:a9:5d:30:cc:90:7e:7f:5c:33:5f:cb:ea:bd:e2:7a:41:8b:
74:b7:f9:f4:18:bd:12:01:4e:54:6e:61:c9:ed:27:dc:4f:c0:
b4:35:30:36:32:18:7d:ec:94:32:8a:9f:22:01:d2:a2:e1:e3:
1e:ab:84:f8:3f:ea:d0:6d:2a:cc:f7:3e:17:79:5a:61:38:ec:
94:7c:4b:ef
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYzEJJffomQwDVq1NAmNFI1mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjc3MTBkZjhhZGQ2NGJiOTY4OGUwZjQ1ODFiZWE2N2U0
MDJjNjYwHhcNMjQwMTAxMDgyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWVkNTMyYTIwYTVkNTZmYjkzNWU2OWY0NTU2MzJlYTk2OTlkM2YwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA40kaF+bkMv8/yFYffRnZpELZOFTp
mb8ExZ9SjQ7wVw1KG2r4DLB1xCajRYI2vTmCjOouhW0dwOYYl1HReyNm/PCllmoI
JRWlMrh6KccgDVJdqk4wTg1idcLHQSz7mQkm5NLffBvRd0vO/nt1qdC394yNoNun
VvZeWy5ceLARcwB8Y2dCJwmzdyikN8BHIT1qEYkl5DHFDIHMbpbpN+apjT1tEavq
yhCI2XDuixO6AbMGXsoGJzsOx21f6hVx2AZaGEOOTXIb0+2DtMR+RXKEoLlDNvok
C+VmS1Jc4aKvXHNAPPM1o90CM1P6N6GM9OBAxtO/72iYg28ghkXbel0woQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFL7tUyogpdVvuTXmn0VWMuqWmdPwMB8GA1UdIwQY
MBaAFDr3cQ34rdZLuWiOD0WBvqZ+QCxmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZkeERmaXQxa3U1YUk0UFJZRy1wbjVBTEdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9mNTlmZTMtOTU2ZS00OTM3LTg1OGQt
ZWVjNDE2YTg4NmY3LzEvdnUxVEtpQ2wxVy01TmVhZlJWWXk2cGFaMF9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi9mNTlmZTMtOTU2ZS00OTM3LTg1OGQtZWVjNDE2YTg4NmY3
LzEvT3ZkeERmaXQxa3U1YUk0UFJZRy1wbjVBTEdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQEHywgAwQA
LhUdAwQFTdxAAwQBuZu4AwQBwd3YMBQEAgACMA4DBQAqAgIQAwUDKg/ogDANBgkq
hkiG9w0BAQsFAAOCAQEAp92Yi51tPcI6DVYpZkTkvzeEeOjjwaZt2yWsVEmaRmFk
V7RusI+Bb6uOTOOIg5UADFj/j7d9RaiLCEf9WJqqgE07dKZS1Aa2JD9nc487jjRV
IW3mInOGChXP2er5rc4xgfEh9/8BkVoSdTa8/W3MVin9h9FepHogrOxmHVvBLa85
jV20A3U34AeJaFNhpCDre/Z2Vgm9h6fzh/XQIa2Gg2exgPfd06Eee/bwUJI3ZnLc
o+ea9qldMMyQfn9cM1/L6r3iekGLdLf59Bi9EgFOVG5hye0n3E/AtDUwNjIYfeyU
MoqfIgHSouHjHquE+D/q0G0qzPc+F3laYTjslHxL7w==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:21:53 2025 by rpki-client