Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/0cf187-ecb3-4b42-91e4-6addfcb18f99/1/VKYp3Gbu93RV_Qz6pgfOsKzHvJ8.roa
File: VKYp3Gbu93RV_Qz6pgfOsKzHvJ8.roa (raw, json)
Hash identifier: RA7DRyC8TMRQhZQ2ZBr8PK1MVu2TGmUbg5TvG8tlCPo=
Subject key identifier: 54:A6:29:DC:66:EE:F7:74:55:FD:0C:FA:A6:07:CE:B0:AC:C7:BC:9F
Certificate issuer: /CN=9f7432f699cbd249b2e3c9c55bdefaf83986b442
Certificate serial: 018CC726C9F16E5198326177A0ECA6828B54
Authority key identifier: 9F:74:32:F6:99:CB:D2:49:B2:E3:C9:C5:5B:DE:FA:F8:39:86:B4:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n3Qy9pnL0kmy48nFW976-DmGtEI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/0cf187-ecb3-4b42-91e4-6addfcb18f99/1/VKYp3Gbu93RV_Qz6pgfOsKzHvJ8.roa
Signing time: Mon 01 Jan 2024 22:30:57 +0000
ROA not before: Mon 01 Jan 2024 22:30:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43757
IP address blocks: 192.108.126.0/24 maxlen: 24
78.31.24.0/21 maxlen: 21
2001:67c:1578::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:50:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:c9:f1:6e:51:98:32:61:77:a0:ec:a6:82:8b:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f7432f699cbd249b2e3c9c55bdefaf83986b442
Validity
Not Before: Jan 1 22:30:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=54a629dc66eef77455fd0cfaa607ceb0acc7bc9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:73:e2:00:23:43:90:b4:9a:ec:7c:cc:24:40:
97:93:62:d8:7f:81:d7:74:78:86:22:ef:cc:d4:0a:
a8:eb:78:a9:ae:67:ad:fd:bd:16:dc:9f:18:ae:4b:
36:32:26:7c:eb:7a:5e:14:a4:ae:a0:fb:6b:d6:6d:
8d:9a:c2:1e:c2:60:49:37:89:eb:76:90:3e:74:79:
73:25:97:bd:45:f9:79:57:27:c1:85:03:75:90:c0:
99:37:5b:ea:25:1c:46:2e:bc:38:10:28:7e:bd:a1:
c9:a8:33:c4:ce:80:8c:c1:71:e4:90:f4:ef:76:32:
0b:6a:77:75:f1:1c:06:45:22:70:33:10:32:ae:a8:
99:41:c9:ae:41:68:85:53:dd:91:c5:c2:bc:5b:6c:
ac:20:53:03:2d:ca:1c:2c:da:ec:35:9e:74:c6:d1:
80:aa:7d:0a:23:9d:9c:34:49:1e:52:52:37:83:c5:
41:cc:f3:fe:4e:6a:02:f6:ff:ea:e2:05:3d:9e:2d:
f5:b9:55:5c:c4:75:a4:36:ed:7d:38:a2:68:99:22:
58:5a:da:18:72:8a:5f:66:2c:6e:4d:5d:1c:6f:b8:
8b:23:7b:be:f3:05:63:46:75:89:e2:94:aa:59:32:
be:40:da:fa:43:dd:bf:10:10:01:52:bd:57:36:0a:
3f:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:A6:29:DC:66:EE:F7:74:55:FD:0C:FA:A6:07:CE:B0:AC:C7:BC:9F
X509v3 Authority Key Identifier:
keyid:9F:74:32:F6:99:CB:D2:49:B2:E3:C9:C5:5B:DE:FA:F8:39:86:B4:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n3Qy9pnL0kmy48nFW976-DmGtEI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/0cf187-ecb3-4b42-91e4-6addfcb18f99/1/VKYp3Gbu93RV_Qz6pgfOsKzHvJ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/0cf187-ecb3-4b42-91e4-6addfcb18f99/1/n3Qy9pnL0kmy48nFW976-DmGtEI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.31.24.0/21
192.108.126.0/24
IPv6:
2001:67c:1578::/48
Signature Algorithm: sha256WithRSAEncryption
8a:47:f7:4d:6c:68:61:e6:8b:ca:8a:ec:e2:bf:b2:86:8b:9a:
7a:61:65:92:92:0c:78:51:51:85:8a:9f:f3:df:53:fa:3f:30:
8f:e9:7f:cb:2c:75:66:09:70:40:00:31:b3:46:97:ff:75:81:
d6:70:16:55:99:37:b5:e4:2d:c3:e1:d5:61:e5:2e:d1:e3:e9:
ef:86:ad:b9:e2:a8:87:c1:ce:44:1a:5d:c1:88:ea:09:92:63:
0d:ea:cc:bb:8c:3f:6d:3e:76:57:00:50:87:17:ed:05:6a:98:
4e:91:62:8a:c7:cb:4d:fb:54:c4:02:b8:cc:a5:08:62:8b:87:
b5:43:16:07:21:81:d1:ae:5e:a4:cb:f0:c2:ed:d2:b3:70:81:
f2:ec:15:ef:ce:9d:fc:35:18:bb:b2:e5:8c:82:ac:f2:45:83:
8e:24:e7:f0:60:f8:ba:c7:c2:fc:f8:d6:44:4d:c2:d3:80:44:
3d:5c:71:31:ec:90:ef:6e:6a:8b:a1:e6:49:49:f6:52:cf:0b:
81:0f:56:21:c8:d7:08:2a:b8:86:b8:aa:cb:08:55:e0:aa:e3:
e7:d2:4e:6d:bc:51:17:d4:be:9b:02:29:4d:f8:54:14:e5:d3:
19:95:22:73:f3:59:49:c5:c3:4d:f3:a0:f5:32:75:f9:4f:f7:
0b:f1:c9:4c
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzHJsnxblGYMmF3oOymgotUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmNzQzMmY2OTljYmQyNDliMmUzYzljNTViZGVmYWY4Mzk4
NmI0NDIwHhcNMjQwMTAxMjIzMDU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NGE2MjlkYzY2ZWVmNzc0NTVmZDBjZmFhNjA3Y2ViMGFjYzdiYzlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtHPiACNDkLSa7HzMJECXk2LYf4HX
dHiGIu/M1Aqo63iprmet/b0W3J8Yrks2MiZ863peFKSuoPtr1m2NmsIewmBJN4nr
dpA+dHlzJZe9Rfl5VyfBhQN1kMCZN1vqJRxGLrw4ECh+vaHJqDPEzoCMwXHkkPTv
djILand18RwGRSJwMxAyrqiZQcmuQWiFU92RxcK8W2ysIFMDLcocLNrsNZ50xtGA
qn0KI52cNEkeUlI3g8VBzPP+TmoC9v/q4gU9ni31uVVcxHWkNu19OKJomSJYWtoY
copfZixuTV0cb7iLI3u+8wVjRnWJ4pSqWTK+QNr6Q92/EBABUr1XNgo/YQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFFSmKdxm7vd0Vf0M+qYHzrCsx7yfMB8GA1UdIwQY
MBaAFJ90MvaZy9JJsuPJxVve+vg5hrRCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjNReTlwbkwwa215NDhuRlc5NzYtRG1HdEVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi8wY2YxODctZWNiMy00YjQyLTkxZTQt
NmFkZGZjYjE4Zjk5LzEvVktZcDNHYnU5M1JWX1F6NnBnZk9zS3pIdko4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi8wY2YxODctZWNiMy00YjQyLTkxZTQtNmFkZGZjYjE4Zjk5
LzEvbjNReTlwbkwwa215NDhuRlc5NzYtRG1HdEVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQDTh8YAwQA
wGx+MA8EAgACMAkDBwAgAQZ8FXgwDQYJKoZIhvcNAQELBQADggEBAIpH901saGHm
i8qK7OK/soaLmnphZZKSDHhRUYWKn/PfU/o/MI/pf8ssdWYJcEAAMbNGl/91gdZw
FlWZN7XkLcPh1WHlLtHj6e+GrbniqIfBzkQaXcGI6gmSYw3qzLuMP20+dlcAUIcX
7QVqmE6RYorHy037VMQCuMylCGKLh7VDFgchgdGuXqTL8MLt0rNwgfLsFe/Onfw1
GLuy5YyCrPJFg44k5/Bg+LrHwvz41kRNwtOARD1ccTHskO9uaouh5klJ9lLPC4EP
ViHI1wgquIa4qssIVeCq4+fSTm28URfUvpsCKU34VBTl0xmVInPzWUnFw03zoPUy
dflP9wvxyUw=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:52:39 2025 by rpki-client