Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/b5cf0b-ec31-4705-8f68-6f1fece87c89/1/l0AwI2QPX-qRg_kDCP2L4R5cxI8.roa
File: l0AwI2QPX-qRg_kDCP2L4R5cxI8.roa (raw, json)
Hash identifier: IBSO5zQdzVGdn31T6LUNl3x+vpYqaKAfqjYwul+7Ihw=
Subject key identifier: 97:40:30:23:64:0F:5F:EA:91:83:F9:03:08:FD:8B:E1:1E:5C:C4:8F
Certificate issuer: /CN=22d54df89b8fd921dada3f0daa29efff5cce0a79
Certificate serial: 018CC49352623DD9D0BF19820ACE808A4502
Authority key identifier: 22:D5:4D:F8:9B:8F:D9:21:DA:DA:3F:0D:AA:29:EF:FF:5C:CE:0A:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ItVN-JuP2SHa2j8Nqinv_1zOCnk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/b5cf0b-ec31-4705-8f68-6f1fece87c89/1/l0AwI2QPX-qRg_kDCP2L4R5cxI8.roa
Signing time: Mon 01 Jan 2024 10:30:38 +0000
ROA not before: Mon 01 Jan 2024 10:30:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51333
IP address blocks: 185.58.4.0/22 maxlen: 24
188.65.80.0/21 maxlen: 24
194.36.72.0/22 maxlen: 24
2a0c:bdc0::/29 maxlen: 29
2a02:6120::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:49:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:52:62:3d:d9:d0:bf:19:82:0a:ce:80:8a:45:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22d54df89b8fd921dada3f0daa29efff5cce0a79
Validity
Not Before: Jan 1 10:30:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=97403023640f5fea9183f90308fd8be11e5cc48f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:ac:0e:f7:67:de:68:47:c4:e2:24:24:bf:ba:
c4:31:90:78:e5:c3:24:8a:d0:91:2d:d3:f3:37:0a:
b6:22:bd:93:6d:5c:61:7a:01:4f:68:fd:16:c7:d3:
cb:7a:a8:69:d5:6f:e2:22:9b:50:de:cc:a3:19:c2:
6c:22:b7:06:9e:99:e9:b1:9c:60:26:c8:be:19:ab:
7d:8d:40:48:d2:1e:5b:9b:71:43:1d:89:7c:e2:dc:
b5:d0:44:ea:4b:a4:32:d5:f1:18:08:f3:ea:d8:93:
37:53:b2:dc:9d:b2:a2:5f:3d:82:39:4c:89:26:4e:
26:b7:d1:a7:a0:0d:88:56:00:f8:0c:da:ff:e7:cd:
dd:4e:a7:df:95:65:3e:05:82:58:53:b6:cc:c6:2a:
43:c1:ff:d2:80:db:84:f7:1a:bf:a1:76:e0:90:34:
fb:e7:28:a6:cd:4c:de:26:04:ae:f8:d5:d9:fe:6f:
d5:51:ed:06:52:84:dd:84:ac:72:54:60:91:76:37:
45:29:7f:46:e1:36:ad:47:91:4c:dd:83:d9:60:b9:
04:a1:d8:c1:63:3d:87:96:a7:19:68:63:56:fe:c3:
a5:d7:dc:66:50:7b:21:37:d5:70:fd:d0:d8:38:46:
86:3d:86:6f:a1:8c:7c:9a:14:ba:12:55:d6:bd:ae:
ed:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:40:30:23:64:0F:5F:EA:91:83:F9:03:08:FD:8B:E1:1E:5C:C4:8F
X509v3 Authority Key Identifier:
keyid:22:D5:4D:F8:9B:8F:D9:21:DA:DA:3F:0D:AA:29:EF:FF:5C:CE:0A:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ItVN-JuP2SHa2j8Nqinv_1zOCnk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/b5cf0b-ec31-4705-8f68-6f1fece87c89/1/l0AwI2QPX-qRg_kDCP2L4R5cxI8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/b5cf0b-ec31-4705-8f68-6f1fece87c89/1/ItVN-JuP2SHa2j8Nqinv_1zOCnk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.58.4.0/22
188.65.80.0/21
194.36.72.0/22
IPv6:
2a02:6120::/29
2a0c:bdc0::/29
Signature Algorithm: sha256WithRSAEncryption
39:db:9d:4f:f5:e3:02:5e:04:2a:ae:fd:17:66:f6:e3:ac:d7:
c9:7c:85:c4:b2:82:66:ea:5e:69:fe:64:96:31:f7:f4:9f:48:
65:e6:23:ee:35:b0:b4:a8:53:ac:66:f7:06:59:93:28:15:cc:
ec:d2:42:46:e4:ec:f5:d3:87:62:f2:fc:0b:6f:3c:87:a9:b3:
b9:4a:74:b7:c8:84:56:65:93:19:4f:36:6e:c7:53:82:ec:e3:
a8:40:46:f6:b3:7c:55:60:c2:0f:66:25:ad:b5:49:d3:93:32:
ce:34:0f:7b:88:a3:f8:11:94:f0:e7:5a:65:65:3b:43:9a:bc:
27:d6:27:ef:b8:15:f9:1a:e3:71:58:ba:2a:1a:66:c0:32:6c:
21:95:e6:86:3c:66:2a:f5:df:41:54:ce:b4:5a:1f:1f:ea:f9:
e2:f7:aa:6e:1f:c8:29:2a:95:e0:63:d1:27:56:9e:a3:84:22:
a0:1e:a1:1d:56:e5:aa:ff:bb:bf:e1:d6:83:28:84:ea:5e:55:
b2:b1:21:a8:11:2f:9e:f5:c0:55:d8:ca:d0:2a:20:30:12:7d:
46:62:fb:6f:e4:35:ed:89:6f:df:f2:8b:a2:55:7e:b9:bb:aa:
bc:47:b9:a9:ac:e2:9a:60:d1:0f:6c:df:e1:c4:6c:51:ed:6d:
95:69:4a:37
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYzEk1JiPdnQvxmCCs6AikUCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZDU0ZGY4OWI4ZmQ5MjFkYWRhM2YwZGFhMjllZmZmNWNj
ZTBhNzkwHhcNMjQwMTAxMTAzMDM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzQwMzAyMzY0MGY1ZmVhOTE4M2Y5MDMwOGZkOGJlMTFlNWNjNDhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkawO92feaEfE4iQkv7rEMZB45cMk
itCRLdPzNwq2Ir2TbVxhegFPaP0Wx9PLeqhp1W/iIptQ3syjGcJsIrcGnpnpsZxg
Jsi+Gat9jUBI0h5bm3FDHYl84ty10ETqS6Qy1fEYCPPq2JM3U7LcnbKiXz2COUyJ
Jk4mt9GnoA2IVgD4DNr/583dTqfflWU+BYJYU7bMxipDwf/SgNuE9xq/oXbgkDT7
5yimzUzeJgSu+NXZ/m/VUe0GUoTdhKxyVGCRdjdFKX9G4TatR5FM3YPZYLkEodjB
Yz2HlqcZaGNW/sOl19xmUHshN9Vw/dDYOEaGPYZvoYx8mhS6ElXWva7tPwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFJdAMCNkD1/qkYP5Awj9i+EeXMSPMB8GA1UdIwQY
MBaAFCLVTfibj9kh2to/Daop7/9czgp5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXRWTi1KdVAyU0hhMmo4TnFpbnZfMXpPQ25rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9iNWNmMGItZWMzMS00NzA1LThmNjgt
NmYxZmVjZTg3Yzg5LzEvbDBBd0kyUVBYLXFSZ19rRENQMkw0UjVjeEk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9iNWNmMGItZWMzMS00NzA1LThmNjgtNmYxZmVjZTg3Yzg5
LzEvSXRWTi1KdVAyU0hhMmo4TnFpbnZfMXpPQ25rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQCuToEAwQD
vEFQAwQCwiRIMBQEAgACMA4DBQMqAmEgAwUDKgy9wDANBgkqhkiG9w0BAQsFAAOC
AQEAOdudT/XjAl4EKq79F2b246zXyXyFxLKCZupeaf5kljH39J9IZeYj7jWwtKhT
rGb3BlmTKBXM7NJCRuTs9dOHYvL8C288h6mzuUp0t8iEVmWTGU82bsdTguzjqEBG
9rN8VWDCD2YlrbVJ05MyzjQPe4ij+BGU8OdaZWU7Q5q8J9Yn77gV+RrjcVi6Khpm
wDJsIZXmhjxmKvXfQVTOtFofH+r54veqbh/IKSqV4GPRJ1aeo4QioB6hHVblqv+7
v+HWgyiE6l5VsrEhqBEvnvXAVdjK0CogMBJ9RmL7b+Q17Ylv3/KLolV+ubuqvEe5
qazimmDRD2zf4cRsUe1tlWlKNw==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:26:20 2025 by rpki-client