Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/86ba36-78b8-44bb-9fb4-26c7c963a769/1/VfXQzwvMqL7sPVtc5PLKVYirDEo.roa
File: VfXQzwvMqL7sPVtc5PLKVYirDEo.roa (raw, json)
Hash identifier: uehmQDNVEhNgEZzi7yS+dGTtLhxzhdlEwSB6TW7xFek=
Subject key identifier: 55:F5:D0:CF:0B:CC:A8:BE:EC:3D:5B:5C:E4:F2:CA:55:88:AB:0C:4A
Certificate issuer: /CN=2e43dac8ea55693439dd1b8b4812ba71834f1031
Certificate serial: 0196AC844025CC8202890768CE27292ABBD2
Authority key identifier: 2E:43:DA:C8:EA:55:69:34:39:DD:1B:8B:48:12:BA:71:83:4F:10:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LkPayOpVaTQ53RuLSBK6cYNPEDE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/86ba36-78b8-44bb-9fb4-26c7c963a769/1/VfXQzwvMqL7sPVtc5PLKVYirDEo.roa
Signing time: Wed 07 May 2025 20:51:10 +0000
ROA not before: Wed 07 May 2025 20:51:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209275
IP address blocks: 88.214.40.0/24 maxlen: 24
88.214.42.0/24 maxlen: 24
185.225.198.0/24 maxlen: 24
2a09:9d00::/29 maxlen: 48
2a09:9d00:1::/48 maxlen: 48
2a09:9d00:2::/48 maxlen: 48
2a09:9d00:3::/48 maxlen: 48
2a09:9d00:4::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 May 2025 21:08:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ac:84:40:25:cc:82:02:89:07:68:ce:27:29:2a:bb:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e43dac8ea55693439dd1b8b4812ba71834f1031
Validity
Not Before: May 7 20:51:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=55f5d0cf0bcca8beec3d5b5ce4f2ca5588ab0c4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:b0:43:18:43:e7:ae:01:65:28:1e:db:28:8d:
25:37:3c:06:9a:82:68:0f:18:69:8d:11:3c:7c:72:
bd:59:47:ed:7f:aa:b1:90:bd:5d:da:48:b2:12:f4:
e9:1b:a3:38:3f:30:86:14:d4:3c:50:72:b9:06:c8:
c1:4b:ab:96:e2:b1:7b:f3:7b:5a:dc:68:a2:26:92:
65:e2:3d:88:0b:16:5b:ef:2c:70:96:02:61:42:51:
a9:e7:03:4f:e4:13:8e:4b:eb:f1:be:bf:7a:65:83:
ba:20:ed:28:d9:04:55:b6:da:e4:1f:f6:c5:42:b3:
8b:83:9a:9f:8a:cb:b7:bc:fa:23:54:f6:57:80:1c:
87:e0:97:c5:15:8d:56:9d:d1:89:e6:ea:0e:64:3b:
f6:cc:65:b7:f3:f9:ba:46:84:7f:fb:90:05:be:3a:
aa:68:ea:6d:77:31:df:6e:b8:50:d0:a1:da:ba:17:
dd:3e:79:e8:0f:ae:f1:30:05:41:12:15:9f:69:0a:
c6:cc:3b:c8:b4:b8:fd:be:93:45:99:a5:ec:96:65:
15:3b:ff:16:b2:a3:c6:39:b3:53:f5:06:4d:2d:55:
6a:c5:a9:27:d0:db:88:2d:02:fc:6d:52:93:66:74:
34:e1:e9:14:62:7c:9c:10:c2:ff:18:4e:a9:8c:38:
f4:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:F5:D0:CF:0B:CC:A8:BE:EC:3D:5B:5C:E4:F2:CA:55:88:AB:0C:4A
X509v3 Authority Key Identifier:
keyid:2E:43:DA:C8:EA:55:69:34:39:DD:1B:8B:48:12:BA:71:83:4F:10:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LkPayOpVaTQ53RuLSBK6cYNPEDE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/86ba36-78b8-44bb-9fb4-26c7c963a769/1/VfXQzwvMqL7sPVtc5PLKVYirDEo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/86ba36-78b8-44bb-9fb4-26c7c963a769/1/LkPayOpVaTQ53RuLSBK6cYNPEDE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.214.40.0/24
88.214.42.0/24
185.225.198.0/24
IPv6:
2a09:9d00::/29
Signature Algorithm: sha256WithRSAEncryption
a7:18:8b:14:37:55:b2:6c:e1:b0:17:68:0b:6a:e5:3d:de:f4:
56:e0:ac:66:d5:9e:2a:62:a6:69:4d:64:1b:c3:08:63:eb:15:
95:b4:8d:d3:ff:5e:b2:be:d5:2d:d0:63:8f:41:c5:5a:ae:6d:
35:10:3a:ff:7e:96:70:5c:af:eb:18:55:a5:c4:94:8f:f8:79:
6c:0c:e1:ab:34:5f:d4:bf:4e:76:b5:70:c7:de:ff:2c:7b:e6:
40:ae:20:e7:cd:2a:df:3b:fe:ea:f6:e1:3a:25:9a:9f:24:c8:
e5:63:bb:1b:74:86:c0:d1:83:dd:9f:cc:46:4a:53:39:c4:c3:
8d:b6:a3:c3:8f:02:e9:29:8f:37:af:53:49:e6:60:cc:f7:c3:
19:d4:b5:cc:56:06:a1:27:8f:b5:3c:9d:21:62:ec:cb:4a:f3:
42:eb:77:7a:52:c8:ee:b9:43:32:9d:1b:b1:14:c0:ba:5b:78:
c6:70:d5:3e:33:2b:94:e9:ed:8c:19:a7:07:d4:03:01:90:69:
f5:0f:7b:4c:f4:9f:70:ba:61:ca:8b:16:71:5b:63:3f:f8:f7:
f5:92:0a:ee:bf:83:cd:38:c4:2e:0b:4c:bf:fa:a2:ee:51:3e:
cb:df:a4:44:76:f3:05:17:97:8d:5b:15:26:f2:b7:85:8f:25:
fe:27:3e:8c
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZashEAlzIICiQdozicpKrvSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlNDNkYWM4ZWE1NTY5MzQzOWRkMWI4YjQ4MTJiYTcxODM0
ZjEwMzEwHhcNMjUwNTA3MjA1MTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWY1ZDBjZjBiY2NhOGJlZWMzZDViNWNlNGYyY2E1NTg4YWIwYzRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLBDGEPnrgFlKB7bKI0lNzwGmoJo
DxhpjRE8fHK9WUftf6qxkL1d2kiyEvTpG6M4PzCGFNQ8UHK5BsjBS6uW4rF783ta
3GiiJpJl4j2ICxZb7yxwlgJhQlGp5wNP5BOOS+vxvr96ZYO6IO0o2QRVttrkH/bF
QrOLg5qfisu3vPojVPZXgByH4JfFFY1WndGJ5uoOZDv2zGW38/m6RoR/+5AFvjqq
aOptdzHfbrhQ0KHauhfdPnnoD67xMAVBEhWfaQrGzDvItLj9vpNFmaXslmUVO/8W
sqPGObNT9QZNLVVqxakn0NuILQL8bVKTZnQ04ekUYnycEML/GE6pjDj0WwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFFX10M8LzKi+7D1bXOTyylWIqwxKMB8GA1UdIwQY
MBaAFC5D2sjqVWk0Od0bi0gSunGDTxAxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGtQYXlPcFZhVFE1M1J1TFNCSzZjWU5QRURFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy84NmJhMzYtNzhiOC00NGJiLTlmYjQt
MjZjN2M5NjNhNzY5LzEvVmZYUXp3dk1xTDdzUFZ0YzVQTEtWWWlyREVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy84NmJhMzYtNzhiOC00NGJiLTlmYjQtMjZjN2M5NjNhNzY5
LzEvTGtQYXlPcFZhVFE1M1J1TFNCSzZjWU5QRURFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAWNYoAwQA
WNYqAwQAueHGMA0EAgACMAcDBQMqCZ0AMA0GCSqGSIb3DQEBCwUAA4IBAQCnGIsU
N1WybOGwF2gLauU93vRW4Kxm1Z4qYqZpTWQbwwhj6xWVtI3T/16yvtUt0GOPQcVa
rm01EDr/fpZwXK/rGFWlxJSP+HlsDOGrNF/Uv052tXDH3v8se+ZAriDnzSrfO/7q
9uE6JZqfJMjlY7sbdIbA0YPdn8xGSlM5xMONtqPDjwLpKY83r1NJ5mDM98MZ1LXM
VgahJ4+1PJ0hYuzLSvNC63d6UsjuuUMynRuxFMC6W3jGcNU+MyuU6e2MGacH1AMB
kGn1D3tM9J9wumHKixZxW2M/+Pf1kgruv4PNOMQuC0y/+qLuUT7L36REdvMFF5eN
WxUm8reFjyX+Jz6M
-----END CERTIFICATE-----
Generated at Sun Jun 8 23:34:19 2025 by rpki-client