Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/VRQSYYd6EO5NOAAOJEv24kEH7vs.roa
File: VRQSYYd6EO5NOAAOJEv24kEH7vs.roa (raw, json)
Hash identifier: w2rPa7m3/2vzPBb9CDnk35v1sSeC+6n1LeZo+QlIa2g=
Subject key identifier: 55:14:12:61:87:7A:10:EE:4D:38:00:0E:24:4B:F6:E2:41:07:EE:FB
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 0194274842EC1BB80F0E0C94AB5181C67A5E
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/VRQSYYd6EO5NOAAOJEv24kEH7vs.roa
Signing time: Thu 02 Jan 2025 13:50:34 +0000
ROA not before: Thu 02 Jan 2025 13:50:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15830
IP address blocks: 192.71.155.0/24 maxlen: 24
192.176.176.0/21 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Feb 2025 16:43:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:42:ec:1b:b8:0f:0e:0c:94:ab:51:81:c6:7a:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 2 13:50:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=55141261877a10ee4d38000e244bf6e24107eefb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:17:b8:5b:cd:78:cd:63:df:ee:f6:cb:b6:07:
c2:5f:12:fa:1a:ad:14:3e:28:9b:b6:8d:04:ff:c4:
92:93:9b:70:38:eb:a8:54:fd:7b:ad:18:7d:16:ff:
1e:8f:90:7e:3f:d9:c4:3c:2f:25:13:88:f2:ac:82:
e4:59:7d:60:42:1a:ab:3f:cc:40:62:49:97:67:29:
73:e7:a0:cc:0d:ff:bc:25:62:7f:ec:a2:7b:c2:5e:
71:29:f3:64:16:91:56:62:b2:78:5c:4c:d6:3a:d3:
28:ff:3d:76:4d:75:86:27:1e:8a:4c:f7:35:1e:e9:
39:9c:b2:ac:2e:65:95:39:09:11:47:63:a5:1d:61:
03:36:e7:4c:ee:ea:ed:c8:1b:b9:51:92:26:d8:9c:
b3:54:3b:60:e2:8d:42:93:79:cc:17:64:e4:dc:0e:
5f:4e:6b:e6:bf:6c:94:4b:e1:17:eb:32:74:dc:3a:
4a:67:eb:97:87:bb:ed:7f:19:77:ab:0d:ae:25:41:
b7:70:5c:59:47:00:3d:30:e8:ec:04:c6:51:b8:3d:
06:54:82:58:dd:e2:06:6c:b7:b2:73:7c:f2:89:f4:
0a:5b:32:73:51:26:e1:35:90:65:cf:c0:fb:6d:4a:
40:da:d9:4d:85:f4:53:d8:de:90:de:8c:20:4e:5b:
57:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:14:12:61:87:7A:10:EE:4D:38:00:0E:24:4B:F6:E2:41:07:EE:FB
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/VRQSYYd6EO5NOAAOJEv24kEH7vs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.71.155.0/24
192.176.176.0/21
Signature Algorithm: sha256WithRSAEncryption
03:15:69:e0:77:33:5d:7d:4a:c3:97:c0:2a:b8:e5:00:8a:61:
0f:69:6d:b0:8d:0e:b7:e9:d8:b5:b4:41:7c:21:60:38:1d:03:
63:66:c1:1a:b4:ea:93:54:ec:04:fa:75:36:82:cd:ce:fe:91:
7c:8d:d8:cd:9d:34:40:4f:24:5e:e5:5a:8f:f4:5e:69:f3:50:
3a:e1:a9:87:bb:6c:bb:9c:b5:f2:de:6b:f3:3a:1c:d5:63:bf:
08:50:bc:28:e5:78:e6:9d:c5:4b:fc:d4:0d:f2:6a:77:8f:bf:
ba:6d:34:61:26:0a:6f:93:19:5e:28:ee:ba:b9:a0:17:af:0f:
6a:ad:62:e6:0e:0a:b0:b3:7c:d5:a8:4b:d8:02:55:0a:77:c6:
b7:45:87:76:0c:02:cc:0e:44:6c:6c:86:7e:35:94:f0:49:b1:
4e:12:bc:21:02:e3:70:a1:4f:b1:50:38:34:94:2d:4a:ef:62:
f1:28:ae:c0:8f:3d:fd:d0:01:b3:1c:90:69:d8:f8:77:63:54:
c0:35:d4:7a:c2:1a:1b:36:6c:ab:af:1f:48:06:5a:3f:2a:7b:
86:5f:5d:4f:bf:27:cb:3a:49:f5:5e:7f:8f:09:70:63:e0:6e:
10:f9:53:ee:de:d6:5a:ca:d7:1d:b1:39:11:b0:7e:b6:d3:35:
bb:48:57:74
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQnSELsG7gPDgyUq1GBxnpeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjUwMTAyMTM1MDM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTE0MTI2MTg3N2ExMGVlNGQzODAwMGUyNDRiZjZlMjQxMDdlZWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxBe4W814zWPf7vbLtgfCXxL6Gq0U
Piibto0E/8SSk5twOOuoVP17rRh9Fv8ej5B+P9nEPC8lE4jyrILkWX1gQhqrP8xA
YkmXZylz56DMDf+8JWJ/7KJ7wl5xKfNkFpFWYrJ4XEzWOtMo/z12TXWGJx6KTPc1
Huk5nLKsLmWVOQkRR2OlHWEDNudM7urtyBu5UZIm2JyzVDtg4o1Ck3nMF2Tk3A5f
Tmvmv2yUS+EX6zJ03DpKZ+uXh7vtfxl3qw2uJUG3cFxZRwA9MOjsBMZRuD0GVIJY
3eIGbLeyc3zyifQKWzJzUSbhNZBlz8D7bUpA2tlNhfRT2N6Q3owgTltXIwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFUUEmGHehDuTTgADiRL9uJBB+77MB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvVlJRU1lZZDZFTzVOT0FBT0pFdjI0a0VIN3ZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwEebAwQD
wLCwMA0GCSqGSIb3DQEBCwUAA4IBAQADFWngdzNdfUrDl8AquOUAimEPaW2wjQ63
6di1tEF8IWA4HQNjZsEatOqTVOwE+nU2gs3O/pF8jdjNnTRATyRe5VqP9F5p81A6
4amHu2y7nLXy3mvzOhzVY78IULwo5XjmncVL/NQN8mp3j7+6bTRhJgpvkxleKO66
uaAXrw9qrWLmDgqws3zVqEvYAlUKd8a3RYd2DALMDkRsbIZ+NZTwSbFOErwhAuNw
oU+xUDg0lC1K72LxKK7Ajz390AGzHJBp2Ph3Y1TANdR6whobNmyrrx9IBlo/KnuG
X11PvyfLOkn1Xn+PCXBj4G4Q+VPu3tZaytcdsTkRsH620zW7SFd0
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:08:28 2025 by rpki-client