Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/VHCFqtPgXG25EvWZsfLX7KxNYkY.roa
File: VHCFqtPgXG25EvWZsfLX7KxNYkY.roa (raw, json)
Hash identifier: UTKQbOzVdMvQONglJnn5MQywVeQI9OnYEyhltcaKkA4=
Subject key identifier: 54:70:85:AA:D3:E0:5C:6D:B9:12:F5:99:B1:F2:D7:EC:AC:4D:62:46
Certificate issuer: /CN=65bdcff77bf060d5da12de45e2072e1cff4560a7
Certificate serial: 019422FB152316CDC2AF5784BC4C8834AD67
Authority key identifier: 65:BD:CF:F7:7B:F0:60:D5:DA:12:DE:45:E2:07:2E:1C:FF:45:60:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zb3P93vwYNXaEt5F4gcuHP9FYKc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/VHCFqtPgXG25EvWZsfLX7KxNYkY.roa
Signing time: Wed 01 Jan 2025 17:47:47 +0000
ROA not before: Wed 01 Jan 2025 17:47:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50304
IP address blocks: 31.169.48.0/21 maxlen: 32
37.202.56.0/21 maxlen: 24
45.152.48.0/22 maxlen: 22
91.90.40.0/21 maxlen: 24
91.199.193.0/24 maxlen: 24
91.205.184.0/22 maxlen: 22
91.227.248.0/22 maxlen: 24
94.124.74.0/24 maxlen: 24
134.90.144.0/21 maxlen: 32
134.90.148.0/24 maxlen: 24
176.125.232.0/22 maxlen: 22
178.255.144.0/21 maxlen: 32
185.12.56.0/22 maxlen: 24
185.35.200.0/22 maxlen: 24
185.35.200.0/24 maxlen: 24
185.41.240.0/22 maxlen: 24
185.152.32.0/22 maxlen: 24
185.152.32.0/23 maxlen: 23
193.27.45.0/24 maxlen: 24
193.28.1.0/24 maxlen: 24
193.28.4.0/24 maxlen: 24
193.28.7.0/24 maxlen: 24
193.138.6.0/23 maxlen: 24
194.35.228.0/22 maxlen: 24
194.99.40.0/22 maxlen: 24
194.127.198.0/23 maxlen: 23
194.127.199.0/24 maxlen: 24
195.64.118.0/24 maxlen: 24
213.163.240.0/23 maxlen: 23
217.197.164.0/22 maxlen: 24
2a02:20c8::/32 maxlen: 48
2a02:ed00::/29 maxlen: 32
2a02:ed00::/32 maxlen: 32
2a02:ed01::/32 maxlen: 32
2a02:ed03::/32 maxlen: 32
2a02:ed04:100::/44 maxlen: 44
2a02:ed04:3400::/44 maxlen: 44
2a02:ed04:3580::/44 maxlen: 44
2a02:ed04:4400::/44 maxlen: 44
2a02:ed04:4500::/44 maxlen: 44
2a02:ed04:4600::/44 maxlen: 44
2a02:ed04:4700::/44 maxlen: 44
2a02:ed05::/32 maxlen: 32
2a02:ed06::/32 maxlen: 32
2a04:8d40::/29 maxlen: 32
2a07:7d80::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 28 Jan 2025 08:44:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:15:23:16:cd:c2:af:57:84:bc:4c:88:34:ad:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65bdcff77bf060d5da12de45e2072e1cff4560a7
Validity
Not Before: Jan 1 17:47:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=547085aad3e05c6db912f599b1f2d7ecac4d6246
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:bd:36:04:8a:55:0e:a2:34:9a:8b:a3:4a:40:
c5:cf:ca:44:30:71:ce:5d:7b:48:21:5e:31:88:ac:
f5:72:2b:63:a5:bf:b1:ea:cb:36:bf:8d:c0:97:ab:
5c:97:f9:bf:7f:70:3b:a0:18:00:8f:57:45:45:c8:
52:e2:eb:4c:ce:34:7b:5a:19:01:67:d2:2e:51:da:
1f:92:be:74:1a:14:9e:b9:ba:c0:a9:92:79:29:12:
a2:a1:4d:e0:8c:53:f1:21:f7:2b:cc:2d:e0:df:31:
28:12:64:25:7d:51:e0:6b:84:f0:69:ae:8a:ff:81:
34:0e:28:ec:f0:bf:39:25:d9:a8:78:37:75:fa:08:
f2:03:d0:8b:bb:4f:4e:6f:db:b9:9d:05:17:91:04:
35:af:ff:80:d8:9e:0f:28:a6:21:cc:6d:b6:0d:1a:
cd:56:73:45:e7:3a:87:1b:fa:49:d6:fb:13:e4:5b:
05:2f:5e:39:8a:0f:85:5b:a6:07:fa:87:d4:52:cd:
f9:b0:c2:4d:f3:93:f2:fb:22:a0:12:16:b1:27:7b:
e5:4d:46:f5:2e:75:a4:a5:24:b8:bc:7e:0c:4e:54:
b2:f7:e8:2d:45:36:1e:b6:3b:22:5d:3c:12:2f:e1:
ba:1d:c4:2d:de:a1:d6:91:e8:3c:4a:5a:f6:7a:24:
67:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:70:85:AA:D3:E0:5C:6D:B9:12:F5:99:B1:F2:D7:EC:AC:4D:62:46
X509v3 Authority Key Identifier:
keyid:65:BD:CF:F7:7B:F0:60:D5:DA:12:DE:45:E2:07:2E:1C:FF:45:60:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zb3P93vwYNXaEt5F4gcuHP9FYKc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/VHCFqtPgXG25EvWZsfLX7KxNYkY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/Zb3P93vwYNXaEt5F4gcuHP9FYKc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.169.48.0/21
37.202.56.0/21
45.152.48.0/22
91.90.40.0/21
91.199.193.0/24
91.205.184.0/22
91.227.248.0/22
94.124.74.0/24
134.90.144.0/21
176.125.232.0/22
178.255.144.0/21
185.12.56.0/22
185.35.200.0/22
185.41.240.0/22
185.152.32.0/22
193.27.45.0/24
193.28.1.0/24
193.28.4.0/24
193.28.7.0/24
193.138.6.0/23
194.35.228.0/22
194.99.40.0/22
194.127.198.0/23
195.64.118.0/24
213.163.240.0/23
217.197.164.0/22
IPv6:
2a02:20c8::/32
2a02:ed00::/29
2a04:8d40::/29
2a07:7d80::/29
Signature Algorithm: sha256WithRSAEncryption
58:fe:a6:54:33:22:80:20:45:8b:83:d7:5e:ed:a8:af:1b:31:
94:41:c3:ce:41:cf:1d:9a:8f:dd:ea:3b:9a:af:67:32:ff:43:
c3:e8:91:48:7a:fb:08:14:ed:70:74:04:67:5b:0b:83:20:9f:
2a:a7:cf:ee:38:76:de:6e:e5:66:85:7a:58:70:67:bc:f1:85:
81:e1:80:8e:33:e9:d9:71:74:84:b4:5f:e0:08:eb:b7:d7:82:
6d:99:4a:1a:c0:5a:dd:76:54:73:54:f2:1b:fd:88:a6:65:b3:
35:bc:79:96:bc:b0:96:d3:91:05:8f:3b:97:29:56:08:d5:10:
f3:25:26:b5:a5:9c:1b:e6:6e:09:51:77:ad:12:33:d3:0d:d9:
7b:9e:35:93:4d:c9:e9:de:2e:8d:9e:8e:5e:4b:67:59:24:fe:
db:da:72:12:a7:99:4a:02:3e:bd:de:3e:fd:f6:b8:b2:f6:5f:
f9:9e:be:8d:f9:82:e2:85:47:56:57:c6:4b:41:94:18:3d:bb:
61:37:d2:de:23:58:71:ca:2a:e2:57:e8:0a:f4:d8:33:f3:77:
75:53:09:e8:cd:1b:66:3b:03:66:81:81:72:de:7c:b7:f7:17:
40:bd:16:06:b8:53:53:68:3e:97:3a:3e:4a:0a:d5:06:ab:54:
1e:fb:04:80
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgISAZQi+xUjFs3Cr1eEvEyINK1nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YmRjZmY3N2JmMDYwZDVkYTEyZGU0NWUyMDcyZTFjZmY0
NTYwYTcwHhcNMjUwMTAxMTc0NzQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDcwODVhYWQzZTA1YzZkYjkxMmY1OTliMWYyZDdlY2FjNGQ2MjQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsr02BIpVDqI0moujSkDFz8pEMHHO
XXtIIV4xiKz1citjpb+x6ss2v43Al6tcl/m/f3A7oBgAj1dFRchS4utMzjR7WhkB
Z9IuUdofkr50GhSeubrAqZJ5KRKioU3gjFPxIfcrzC3g3zEoEmQlfVHga4Twaa6K
/4E0Dijs8L85JdmoeDd1+gjyA9CLu09Ob9u5nQUXkQQ1r/+A2J4PKKYhzG22DRrN
VnNF5zqHG/pJ1vsT5FsFL145ig+FW6YH+ofUUs35sMJN85Py+yKgEhaxJ3vlTUb1
LnWkpSS4vH4MTlSy9+gtRTYetjsiXTwSL+G6HcQt3qHWkeg8Slr2eiRnPQIDAQAB
o4ICyDCCAsQwHQYDVR0OBBYEFFRwharT4FxtuRL1mbHy1+ysTWJGMB8GA1UdIwQY
MBaAFGW9z/d78GDV2hLeReIHLhz/RWCnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmIzUDkzdndZTlhhRXQ1RjRnY3VIUDlGWUtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS8xOTVmM2QtYTg1MS00NTVhLTliMGYt
ZDcwY2Q5N2Y0ODU3LzEvVkhDRnF0UGdYRzI1RXZXWnNmTFg3S3hOWWtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS8xOTVmM2QtYTg1MS00NTVhLTliMGYtZDcwY2Q5N2Y0ODU3
LzEvWmIzUDkzdndZTlhhRXQ1RjRnY3VIUDlGWUtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHdBggrBgEFBQcBBwEB/wSBzTCByjCBowQCAAEwgZwDBAMf
qTADBAMlyjgDBAItmDADBANbWigDBABbx8EDBAJbzbgDBAJb4/gDBABefEoDBAOG
WpADBAKwfegDBAOy/5ADBAK5DDgDBAK5I8gDBAK5KfADBAK5mCADBADBGy0DBADB
HAEDBADBHAQDBADBHAcDBAHBigYDBALCI+QDBALCYygDBAHCf8YDBADDQHYDBAHV
o/ADBALZxaQwIgQCAAIwHAMFACoCIMgDBQMqAu0AAwUDKgSNQAMFAyoHfYAwDQYJ
KoZIhvcNAQELBQADggEBAFj+plQzIoAgRYuD117tqK8bMZRBw85Bzx2aj93qO5qv
ZzL/Q8PokUh6+wgU7XB0BGdbC4Mgnyqnz+44dt5u5WaFelhwZ7zxhYHhgI4z6dlx
dIS0X+AI67fXgm2ZShrAWt12VHNU8hv9iKZlszW8eZa8sJbTkQWPO5cpVgjVEPMl
JrWlnBvmbglRd60SM9MN2XueNZNNyeneLo2ejl5LZ1kk/tvachKnmUoCPr3ePv32
uLL2X/mevo35guKFR1ZXxktBlBg9u2E30t4jWHHKKuJX6Ar02DPzd3VTCejNG2Y7
A2aBgXLefLf3F0C9Fga4U1NoPpc6PkoK1QarVB77BIA=
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:27:54 2025 by rpki-client