Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/05d8ba-9433-4a2e-bfe6-37b21bab3b00/1/VzPqy99HLKKjF0ijrJ4TO1IErME.roa
File: VzPqy99HLKKjF0ijrJ4TO1IErME.roa (raw, json)
Hash identifier: wZDgWATldn+gTO2f3DgxXQCFlFKR4Rg2zg9N3MBEY2o=
Subject key identifier: 57:33:EA:CB:DF:47:2C:A2:A3:17:48:A3:AC:9E:13:3B:52:04:AC:C1
Certificate issuer: /CN=82d7fe7312efb42bd8d1ecd82ac76191ea26c356
Certificate serial: 018CC802563C65FE68F7218FA07E9DA802F3
Authority key identifier: 82:D7:FE:73:12:EF:B4:2B:D8:D1:EC:D8:2A:C7:61:91:EA:26:C3:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gtf-cxLvtCvY0ezYKsdhkeomw1Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/05d8ba-9433-4a2e-bfe6-37b21bab3b00/1/VzPqy99HLKKjF0ijrJ4TO1IErME.roa
Signing time: Tue 02 Jan 2024 02:30:45 +0000
ROA not before: Tue 02 Jan 2024 02:30:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29684
IP address blocks: 92.43.168.0/23 maxlen: 23
92.43.168.0/24 maxlen: 24
92.43.169.0/24 maxlen: 24
92.43.171.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 13 Sep 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:56:3c:65:fe:68:f7:21:8f:a0:7e:9d:a8:02:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=82d7fe7312efb42bd8d1ecd82ac76191ea26c356
Validity
Not Before: Jan 2 02:30:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5733eacbdf472ca2a31748a3ac9e133b5204acc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:74:80:49:bc:32:94:de:3f:4a:19:be:60:0d:
21:f8:0b:53:1e:5e:c8:87:e4:8a:dd:a0:80:7a:44:
49:29:8c:29:f7:77:ed:fc:e3:78:d4:6a:cf:33:24:
cc:7e:41:1b:f8:50:93:69:34:b4:d9:09:e8:9b:0d:
67:bd:99:31:bf:ff:78:b1:c6:81:92:ab:4a:45:17:
79:04:64:c7:c1:a8:bb:be:de:a9:ed:6a:1d:97:aa:
de:4c:93:b3:6a:84:4f:b9:40:2c:31:ae:59:0a:ba:
6a:17:1e:80:66:21:48:0e:bb:26:6b:34:bb:2c:3b:
c2:ea:e2:8f:44:60:01:82:0f:c8:f3:ae:90:fb:a4:
ad:91:fe:21:2f:ac:e6:de:1c:eb:50:b3:98:7a:45:
e8:fd:5e:f2:62:d7:c7:69:7c:2e:1e:79:9a:02:b8:
3a:f9:f9:cb:a3:64:ea:41:79:a5:0d:70:59:08:a6:
12:7f:89:71:0f:ee:dc:5c:e1:d2:ae:df:d3:5c:4f:
ad:ee:47:d5:cc:ec:4e:27:3b:22:c1:0b:8b:ba:fe:
c4:05:3b:c9:2f:8b:ea:46:5d:81:23:8b:0f:a6:67:
ce:61:98:dd:e7:6e:33:96:13:04:9c:3e:89:33:d7:
b2:24:ed:48:5a:bd:e3:7d:7e:f8:b3:0f:0a:ba:4e:
73:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:33:EA:CB:DF:47:2C:A2:A3:17:48:A3:AC:9E:13:3B:52:04:AC:C1
X509v3 Authority Key Identifier:
keyid:82:D7:FE:73:12:EF:B4:2B:D8:D1:EC:D8:2A:C7:61:91:EA:26:C3:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gtf-cxLvtCvY0ezYKsdhkeomw1Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/05d8ba-9433-4a2e-bfe6-37b21bab3b00/1/VzPqy99HLKKjF0ijrJ4TO1IErME.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/05d8ba-9433-4a2e-bfe6-37b21bab3b00/1/gtf-cxLvtCvY0ezYKsdhkeomw1Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.43.168.0/23
92.43.171.0/24
Signature Algorithm: sha256WithRSAEncryption
72:25:92:59:26:2c:55:8c:3f:9c:d9:a8:05:7d:4a:37:5d:e6:
09:6e:d5:bd:6b:b0:0a:1e:31:81:a3:36:c5:32:0e:3a:e2:b9:
27:26:35:87:70:d7:8e:c3:47:ea:65:40:07:83:d1:bd:3b:6e:
bf:1f:15:1f:0f:1c:e7:fa:6e:dd:bb:ac:d1:9d:27:30:dd:38:
48:ce:c7:6f:02:94:5e:6d:a4:df:f9:57:61:73:59:63:36:a7:
a6:c8:36:94:0a:01:03:e9:d9:69:97:48:f9:59:c8:d6:e4:5b:
f2:73:f0:75:78:60:8b:e7:d4:fa:51:be:ac:c3:ca:44:40:41:
1e:4b:0b:f0:52:04:f9:ce:8c:2e:42:0d:ea:31:6c:d4:ec:a2:
ee:bb:61:f8:91:5e:5e:b8:e2:be:9a:3b:27:90:46:cd:c7:d8:
c7:ea:9e:bf:d7:dc:52:bf:35:b7:2c:5d:b4:a8:5b:1b:bd:1c:
88:81:d5:f4:7f:d4:fc:11:74:cf:9f:fc:05:d0:f1:70:eb:e3:
c5:cd:79:e4:6d:28:44:b9:5b:bf:f3:02:97:4e:06:1d:76:d8:
f3:3b:aa:13:48:c5:33:44:4a:99:f8:c6:e5:14:d6:7f:04:2f:
55:5f:cd:88:a0:5f:28:00:6c:57:04:56:16:e2:d5:63:32:f3:
0c:4e:7a:58
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIAlY8Zf5o9yGPoH6dqALzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyZDdmZTczMTJlZmI0MmJkOGQxZWNkODJhYzc2MTkxZWEy
NmMzNTYwHhcNMjQwMTAyMDIzMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzMzZWFjYmRmNDcyY2EyYTMxNzQ4YTNhYzllMTMzYjUyMDRhY2MxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiXSASbwylN4/Shm+YA0h+AtTHl7I
h+SK3aCAekRJKYwp93ft/ON41GrPMyTMfkEb+FCTaTS02Qnomw1nvZkxv/94scaB
kqtKRRd5BGTHwai7vt6p7Wodl6reTJOzaoRPuUAsMa5ZCrpqFx6AZiFIDrsmazS7
LDvC6uKPRGABgg/I866Q+6Stkf4hL6zm3hzrULOYekXo/V7yYtfHaXwuHnmaArg6
+fnLo2TqQXmlDXBZCKYSf4lxD+7cXOHSrt/TXE+t7kfVzOxOJzsiwQuLuv7EBTvJ
L4vqRl2BI4sPpmfOYZjd524zlhMEnD6JM9eyJO1IWr3jfX74sw8Kuk5zMwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFcz6svfRyyioxdIo6yeEztSBKzBMB8GA1UdIwQY
MBaAFILX/nMS77Qr2NHs2CrHYZHqJsNWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3RmLWN4THZ0Q3ZZMGV6WUtzZGhrZW9tdzFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi8wNWQ4YmEtOTQzMy00YTJlLWJmZTYt
MzdiMjFiYWIzYjAwLzEvVnpQcXk5OUhMS0tqRjBpanJKNFRPMUlFck1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi8wNWQ4YmEtOTQzMy00YTJlLWJmZTYtMzdiMjFiYWIzYjAw
LzEvZ3RmLWN4THZ0Q3ZZMGV6WUtzZGhrZW9tdzFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBXCuoAwQA
XCurMA0GCSqGSIb3DQEBCwUAA4IBAQByJZJZJixVjD+c2agFfUo3XeYJbtW9a7AK
HjGBozbFMg464rknJjWHcNeOw0fqZUAHg9G9O26/HxUfDxzn+m7du6zRnScw3ThI
zsdvApRebaTf+Vdhc1ljNqemyDaUCgED6dlpl0j5WcjW5Fvyc/B1eGCL59T6Ub6s
w8pEQEEeSwvwUgT5zowuQg3qMWzU7KLuu2H4kV5euOK+mjsnkEbNx9jH6p6/19xS
vzW3LF20qFsbvRyIgdX0f9T8EXTPn/wF0PFw6+PFzXnkbShEuVu/8wKXTgYddtjz
O6oTSMUzREqZ+MblFNZ/BC9VX82IoF8oAGxXBFYW4tVjMvMMTnpY
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:25:50 2025 by rpki-client