Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/2215f7-887a-4bd5-bf97-ffb709f7668c/1/VXM5MCicKQ0VIJqJgqogPKix1ak.roa
File: VXM5MCicKQ0VIJqJgqogPKix1ak.roa (raw, json)
Hash identifier: 7n2IYxcpkxN2UInlHiF0MkEAeya8DrH3pHWB2NTJ3C0=
Subject key identifier: 55:73:39:30:28:9C:29:0D:15:20:9A:89:82:AA:20:3C:A8:B1:D5:A9
Certificate issuer: /CN=4c87389ef41f18c1fcc82754349ea7096980b1e3
Certificate serial: 0194228D6790C2146F640119E0FB52C4FFF2
Authority key identifier: 4C:87:38:9E:F4:1F:18:C1:FC:C8:27:54:34:9E:A7:09:69:80:B1:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TIc4nvQfGMH8yCdUNJ6nCWmAseM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/2215f7-887a-4bd5-bf97-ffb709f7668c/1/VXM5MCicKQ0VIJqJgqogPKix1ak.roa
Signing time: Wed 01 Jan 2025 15:47:59 +0000
ROA not before: Wed 01 Jan 2025 15:47:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214317
IP address blocks: 94.247.104.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 14 Feb 2025 10:02:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:67:90:c2:14:6f:64:01:19:e0:fb:52:c4:ff:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c87389ef41f18c1fcc82754349ea7096980b1e3
Validity
Not Before: Jan 1 15:47:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=55733930289c290d15209a8982aa203ca8b1d5a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:dc:e2:39:5c:ab:1b:11:c8:f8:71:14:9b:8b:
77:2a:66:f4:f1:dc:59:58:13:b6:72:6d:15:3b:c8:
67:af:67:b9:00:5c:63:4a:a5:03:a2:c7:af:4e:42:
db:f7:65:71:ee:a4:d8:34:76:a4:ad:83:e4:32:36:
1e:e6:4a:37:6b:ab:51:27:08:6f:2f:7b:f4:72:f4:
36:f4:da:c7:27:9e:06:43:c7:06:0a:1f:30:49:fa:
e6:22:0b:62:c9:c4:a5:02:ee:52:a4:28:09:a9:c9:
72:c7:71:b4:bf:7d:45:0c:de:22:37:74:fe:91:87:
cb:55:c4:94:01:84:4d:dd:bc:49:73:d4:8d:75:88:
12:e7:70:66:48:2c:76:50:56:3d:74:8e:c7:f4:f0:
a2:18:c4:b0:3b:44:8c:53:72:27:9d:47:33:69:e6:
51:2c:51:a1:f7:71:b5:01:96:08:c3:c7:a2:94:5c:
42:3e:f5:88:4d:0a:7f:b7:e1:26:23:80:ce:49:72:
48:9f:c2:fd:f0:04:de:cf:26:e1:ad:1b:fd:00:4e:
cb:14:31:e1:3d:b8:97:15:f6:0a:b4:f0:1c:41:72:
33:4f:a2:16:b3:e2:ba:7c:56:ed:d9:a3:09:32:09:
08:45:bc:14:4d:96:15:b8:92:03:c7:18:0a:02:28:
2d:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:73:39:30:28:9C:29:0D:15:20:9A:89:82:AA:20:3C:A8:B1:D5:A9
X509v3 Authority Key Identifier:
keyid:4C:87:38:9E:F4:1F:18:C1:FC:C8:27:54:34:9E:A7:09:69:80:B1:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TIc4nvQfGMH8yCdUNJ6nCWmAseM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/2215f7-887a-4bd5-bf97-ffb709f7668c/1/VXM5MCicKQ0VIJqJgqogPKix1ak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/2215f7-887a-4bd5-bf97-ffb709f7668c/1/TIc4nvQfGMH8yCdUNJ6nCWmAseM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.247.104.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:0f:f0:e4:41:99:31:41:d0:83:2d:fe:e9:aa:ce:22:0b:8f:
2a:f4:9e:66:79:a4:2a:72:ec:80:ad:ed:72:4a:f6:4c:e1:9f:
00:8b:e6:97:47:d9:72:0c:1c:6b:f9:42:a3:dc:00:af:cc:70:
aa:01:0f:db:6d:e2:d1:76:86:0a:ac:59:85:3b:64:45:36:d7:
a4:c4:0b:ff:2d:fa:a8:d6:b7:11:3e:35:e2:5c:d9:b0:d8:b4:
31:5d:43:93:09:c3:19:30:90:91:94:9b:e0:f4:56:64:ed:48:
c9:2a:58:b5:a2:f8:a5:45:2d:64:1a:cf:fa:d2:ac:58:32:28:
5e:1d:01:36:c4:6c:20:ea:aa:8e:76:30:00:22:91:78:ad:b6:
57:2f:ae:a3:bb:77:f3:49:2c:b6:8f:a6:40:10:d8:c5:2b:f7:
94:99:9c:f7:33:c1:3f:db:9e:e7:ac:c2:50:6d:1c:1d:82:69:
6d:e2:99:4d:22:52:2e:da:f5:74:ae:87:05:28:4f:5b:81:0b:
dd:4d:9d:65:e8:ca:03:0b:1c:f4:eb:c9:78:23:52:4c:01:78:
32:28:4d:d6:78:9a:38:62:dc:be:3b:64:e1:7b:1a:7d:e7:37:
4a:4b:d4:c1:59:a1:6e:e1:34:f6:4e:9c:4d:67:b4:ea:50:be:
1a:8d:7c:f9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijWeQwhRvZAEZ4PtSxP/yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjODczODllZjQxZjE4YzFmY2M4Mjc1NDM0OWVhNzA5Njk4
MGIxZTMwHhcNMjUwMTAxMTU0NzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTczMzkzMDI4OWMyOTBkMTUyMDlhODk4MmFhMjAzY2E4YjFkNWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAidziOVyrGxHI+HEUm4t3Kmb08dxZ
WBO2cm0VO8hnr2e5AFxjSqUDosevTkLb92Vx7qTYNHakrYPkMjYe5ko3a6tRJwhv
L3v0cvQ29NrHJ54GQ8cGCh8wSfrmIgtiycSlAu5SpCgJqclyx3G0v31FDN4iN3T+
kYfLVcSUAYRN3bxJc9SNdYgS53BmSCx2UFY9dI7H9PCiGMSwO0SMU3InnUczaeZR
LFGh93G1AZYIw8eilFxCPvWITQp/t+EmI4DOSXJIn8L98ATezybhrRv9AE7LFDHh
PbiXFfYKtPAcQXIzT6IWs+K6fFbt2aMJMgkIRbwUTZYVuJIDxxgKAigtAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFVzOTAonCkNFSCaiYKqIDyosdWpMB8GA1UdIwQY
MBaAFEyHOJ70HxjB/MgnVDSepwlpgLHjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEljNG52UWZHTUg4eUNkVU5KNm5DV21Bc2VNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8yMjE1ZjctODg3YS00YmQ1LWJmOTct
ZmZiNzA5Zjc2NjhjLzEvVlhNNU1DaWNLUTBWSUpxSmdxb2dQS2l4MWFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC8yMjE1ZjctODg3YS00YmQ1LWJmOTctZmZiNzA5Zjc2Njhj
LzEvVEljNG52UWZHTUg4eUNkVU5KNm5DV21Bc2VNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXvdoMA0G
CSqGSIb3DQEBCwUAA4IBAQCqD/DkQZkxQdCDLf7pqs4iC48q9J5meaQqcuyAre1y
SvZM4Z8Ai+aXR9lyDBxr+UKj3ACvzHCqAQ/bbeLRdoYKrFmFO2RFNtekxAv/Lfqo
1rcRPjXiXNmw2LQxXUOTCcMZMJCRlJvg9FZk7UjJKli1ovilRS1kGs/60qxYMihe
HQE2xGwg6qqOdjAAIpF4rbZXL66ju3fzSSy2j6ZAENjFK/eUmZz3M8E/257nrMJQ
bRwdgmlt4plNIlIu2vV0rocFKE9bgQvdTZ1l6MoDCxz068l4I1JMAXgyKE3WeJo4
Yty+O2Thexp95zdKS9TBWaFu4TT2TpxNZ7TqUL4ajXz5
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:28:26 2025 by rpki-client