Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/6555e3-82f6-46ca-a170-48f77ee85ab9/1/vKD1X-jgf5rIJA4G6pwqMojuRV4.roa
File: vKD1X-jgf5rIJA4G6pwqMojuRV4.roa (raw, json)
Hash identifier: fbvMQmePhdG/UIKJYTYnfCavdJk6hZaz9OK7R4QEjQM=
Subject key identifier: BC:A0:F5:5F:E8:E0:7F:9A:C8:24:0E:06:EA:9C:2A:32:88:EE:45:5E
Certificate issuer: /CN=5bc9a6c85ca7a5657b9e8ae80865d12ef8166a03
Certificate serial: 01942521C7202CB94565B2A60EE5DD6F99D9
Authority key identifier: 5B:C9:A6:C8:5C:A7:A5:65:7B:9E:8A:E8:08:65:D1:2E:F8:16:6A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W8mmyFynpWV7noroCGXRLvgWagM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/6555e3-82f6-46ca-a170-48f77ee85ab9/1/vKD1X-jgf5rIJA4G6pwqMojuRV4.roa
Signing time: Thu 02 Jan 2025 03:49:18 +0000
ROA not before: Thu 02 Jan 2025 03:49:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13172
IP address blocks: 91.211.232.0/24 maxlen: 24
91.211.234.0/24 maxlen: 24
91.211.235.0/24 maxlen: 24
185.108.188.0/24 maxlen: 24
195.225.127.0/24 maxlen: 24
2a03:d180::/32 maxlen: 32
2a03:d180:fffe::/48 maxlen: 48
2a03:d180:ffff::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 12 Feb 2025 22:15:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:c7:20:2c:b9:45:65:b2:a6:0e:e5:dd:6f:99:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5bc9a6c85ca7a5657b9e8ae80865d12ef8166a03
Validity
Not Before: Jan 2 03:49:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bca0f55fe8e07f9ac8240e06ea9c2a3288ee455e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:d4:5d:94:fe:1e:23:32:25:4b:4a:e1:20:c1:
93:e5:c5:f1:1e:14:6c:24:90:5a:70:5f:9e:f0:5d:
17:67:af:a8:30:2b:f8:97:b8:d5:cd:91:a7:7d:9a:
dd:35:98:84:de:9d:fb:1e:40:b8:0a:83:ab:f5:0e:
a0:fa:83:c2:d5:2e:4c:da:d9:c6:1a:fe:6c:e5:7a:
11:00:9a:a2:33:6e:2d:b8:d2:b2:47:3a:73:7d:32:
40:21:d8:92:c0:7b:a5:6a:07:d0:a9:65:ce:16:2d:
7a:e5:69:58:09:70:d5:20:77:11:41:a7:7e:a0:56:
cf:1b:70:b7:fb:a4:36:90:7e:08:b0:ef:be:4b:5c:
ca:2e:06:68:a0:cf:36:a1:c3:d7:78:a1:fa:c4:f7:
43:00:54:4a:cf:85:ed:84:dd:95:7f:1e:e8:86:76:
1e:bc:d8:d6:83:8c:c1:7b:8c:27:36:1e:e2:e8:a2:
0b:29:aa:f9:6d:e5:13:9d:af:27:94:dc:44:5d:1c:
d3:bd:3d:1b:65:c2:db:8b:db:25:b8:40:f2:4c:32:
46:8f:30:3a:52:a8:fe:ab:02:de:26:17:86:43:ea:
94:c7:97:6a:6d:cd:69:48:70:06:f9:fb:5a:eb:d9:
93:38:7e:5a:ca:0a:6b:d7:1e:4e:ad:0d:51:73:d9:
0c:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:A0:F5:5F:E8:E0:7F:9A:C8:24:0E:06:EA:9C:2A:32:88:EE:45:5E
X509v3 Authority Key Identifier:
keyid:5B:C9:A6:C8:5C:A7:A5:65:7B:9E:8A:E8:08:65:D1:2E:F8:16:6A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W8mmyFynpWV7noroCGXRLvgWagM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/6555e3-82f6-46ca-a170-48f77ee85ab9/1/vKD1X-jgf5rIJA4G6pwqMojuRV4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/6555e3-82f6-46ca-a170-48f77ee85ab9/1/W8mmyFynpWV7noroCGXRLvgWagM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.211.232.0/24
91.211.234.0/23
185.108.188.0/24
195.225.127.0/24
IPv6:
2a03:d180::/32
Signature Algorithm: sha256WithRSAEncryption
32:53:bb:1c:be:94:e8:08:e3:e1:b5:b4:96:cf:7b:c9:6a:d9:
d4:e2:2d:95:62:02:b2:d7:6a:c6:f6:e4:48:d6:a5:a9:91:38:
8e:c8:6c:f5:03:2c:5b:54:24:15:c5:11:5f:17:a6:a4:41:f5:
d5:dd:94:d8:21:48:7d:e8:08:c8:cc:df:03:ea:cd:f9:30:9c:
97:62:77:8d:c9:02:71:7a:6f:2b:78:b0:9d:82:c9:b0:8e:a6:
92:d3:16:ee:2c:12:e6:24:53:e7:a4:5e:bb:92:ed:b0:9d:2f:
96:ff:31:b3:0a:96:e8:f9:a1:98:db:42:a3:63:15:27:62:f6:
14:7f:f7:c5:82:4d:3f:9b:c1:51:f6:c0:54:0f:1c:7b:0f:fe:
c1:ec:d9:be:02:04:4e:b7:6e:b8:21:b1:c1:c1:45:6a:87:2c:
61:98:60:d4:88:2f:58:c9:1d:34:8e:09:0f:93:0c:57:08:c0:
7c:07:07:ad:14:3e:c9:9e:c3:71:b7:17:74:eb:48:2b:98:dc:
c8:1e:00:e7:a5:b2:99:48:18:50:ad:85:8a:0c:04:87:af:04:
ba:fc:e0:61:b2:86:3d:fb:d8:68:8f:ae:21:2f:eb:df:f8:b6:
c7:46:51:92:c6:50:9c:6d:68:60:92:d8:ab:86:99:de:97:9e:
b6:8c:3d:cb
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQlIccgLLlFZbKmDuXdb5nZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViYzlhNmM4NWNhN2E1NjU3YjllOGFlODA4NjVkMTJlZjgx
NjZhMDMwHhcNMjUwMTAyMDM0OTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2EwZjU1ZmU4ZTA3ZjlhYzgyNDBlMDZlYTljMmEzMjg4ZWU0NTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApNRdlP4eIzIlS0rhIMGT5cXxHhRs
JJBacF+e8F0XZ6+oMCv4l7jVzZGnfZrdNZiE3p37HkC4CoOr9Q6g+oPC1S5M2tnG
Gv5s5XoRAJqiM24tuNKyRzpzfTJAIdiSwHulagfQqWXOFi165WlYCXDVIHcRQad+
oFbPG3C3+6Q2kH4IsO++S1zKLgZooM82ocPXeKH6xPdDAFRKz4XthN2Vfx7ohnYe
vNjWg4zBe4wnNh7i6KILKar5beUTna8nlNxEXRzTvT0bZcLbi9sluEDyTDJGjzA6
Uqj+qwLeJheGQ+qUx5dqbc1pSHAG+fta69mTOH5aygpr1x5OrQ1Rc9kMjwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFLyg9V/o4H+ayCQOBuqcKjKI7kVeMB8GA1UdIwQY
MBaAFFvJpshcp6Vle56K6Ahl0S74FmoDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzhtbXlGeW5wV1Y3bm9yb0NHWFJMdmdXYWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS82NTU1ZTMtODJmNi00NmNhLWExNzAt
NDhmNzdlZTg1YWI5LzEvdktEMVgtamdmNXJJSkE0RzZwd3FNb2p1UlY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS82NTU1ZTMtODJmNi00NmNhLWExNzAtNDhmNzdlZTg1YWI5
LzEvVzhtbXlGeW5wV1Y3bm9yb0NHWFJMdmdXYWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAW9PoAwQB
W9PqAwQAuWy8AwQAw+F/MA0EAgACMAcDBQAqA9GAMA0GCSqGSIb3DQEBCwUAA4IB
AQAyU7scvpToCOPhtbSWz3vJatnU4i2VYgKy12rG9uRI1qWpkTiOyGz1AyxbVCQV
xRFfF6akQfXV3ZTYIUh96AjIzN8D6s35MJyXYneNyQJxem8reLCdgsmwjqaS0xbu
LBLmJFPnpF67ku2wnS+W/zGzCpbo+aGY20KjYxUnYvYUf/fFgk0/m8FR9sBUDxx7
D/7B7Nm+AgROt264IbHBwUVqhyxhmGDUiC9YyR00jgkPkwxXCMB8BwetFD7JnsNx
txd060grmNzIHgDnpbKZSBhQrYWKDASHrwS6/OBhsoY9+9hoj64hL+vf+LbHRlGS
xlCcbWhgktirhpnel562jD3L
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:15:25 2025 by rpki-client