Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/VUqE_GcsQ7uYYrxGXy0jpWseoUQ.roa
File: VUqE_GcsQ7uYYrxGXy0jpWseoUQ.roa (raw, json)
Hash identifier: 006dj0BC17LB+LHQEToMXZHKqiXwjWagX5uf8rCdQM0=
Subject key identifier: 55:4A:84:FC:67:2C:43:BB:98:62:BC:46:5F:2D:23:A5:6B:1E:A1:44
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 01957FAA94D7FB1488FF5D14D35B7BD6E8D9
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/VUqE_GcsQ7uYYrxGXy0jpWseoUQ.roa
Signing time: Mon 10 Mar 2025 10:47:20 +0000
ROA not before: Mon 10 Mar 2025 10:47:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 329007
IP address blocks: 91.92.34.0/24 maxlen: 24
93.152.217.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 13 Mar 2025 13:43:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:7f:aa:94:d7:fb:14:88:ff:5d:14:d3:5b:7b:d6:e8:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Mar 10 10:47:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=554a84fc672c43bb9862bc465f2d23a56b1ea144
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:ae:03:c0:f6:ee:a4:50:e4:8f:de:11:04:05:
94:f6:e7:91:54:8c:52:23:9e:09:f7:27:dc:5c:eb:
7d:2c:d9:26:50:ab:8e:40:68:a0:8a:c7:f5:f8:e9:
37:57:47:e5:27:b6:62:9b:34:83:ae:39:28:34:85:
60:76:a9:39:85:13:20:18:53:59:04:5f:98:eb:4f:
6e:63:2a:fe:98:cc:d7:90:18:d1:74:d6:2d:fa:23:
6a:b1:a8:49:70:82:c1:9e:9c:c3:13:e3:3b:79:01:
ca:bd:96:a8:eb:d2:db:59:0e:bb:92:5e:80:3e:8f:
84:5a:ed:92:7e:de:0e:bc:3a:a0:e5:ca:c8:17:16:
fb:68:a8:b3:03:06:95:1b:44:55:05:c8:22:5e:7a:
87:91:c0:20:36:1d:50:6d:16:b9:a8:11:cc:a6:6f:
74:6c:9a:8d:81:34:f9:a5:77:97:b4:c4:49:dc:b8:
5b:5b:5b:08:57:1e:92:e2:db:af:ab:58:8d:80:bc:
bc:b3:4d:95:01:7f:cf:64:8b:4e:ca:76:12:b2:d4:
b3:60:e9:a9:d5:32:35:7b:5c:00:7c:f0:96:bc:67:
3e:a2:3d:5b:1d:64:7d:f8:3c:5f:99:3e:f0:87:ee:
2f:df:25:9d:5a:e7:6a:75:3c:4a:fd:56:72:9a:fd:
09:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:4A:84:FC:67:2C:43:BB:98:62:BC:46:5F:2D:23:A5:6B:1E:A1:44
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/VUqE_GcsQ7uYYrxGXy0jpWseoUQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.92.34.0/24
93.152.217.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:a4:dc:e1:13:2f:93:db:65:6e:aa:80:b9:75:99:40:1e:1b:
3b:d9:44:1f:da:8d:fb:8e:64:c9:0d:01:c0:c9:d1:d5:56:af:
dd:51:7b:d7:d5:41:43:f9:1e:84:39:c8:80:ce:e1:ad:be:05:
c1:8d:92:f0:e4:0b:1f:b9:b0:2c:54:25:05:34:eb:59:4b:0c:
e6:04:ac:fe:33:0f:2b:d4:b8:77:e7:98:e5:45:e2:04:78:b7:
bd:6e:61:55:e8:5e:e2:26:41:f9:8a:cf:cd:4a:15:12:11:d5:
e0:99:7f:ee:0e:c2:2f:81:61:35:fb:6a:2b:6d:8b:d5:69:ef:
ae:93:6c:b9:ff:30:dc:32:21:c1:65:df:fa:2d:f0:1b:5a:da:
f3:58:ea:b7:3d:4b:2f:aa:c8:41:80:cf:7d:7f:13:a2:3a:cf:
fd:f0:1b:fc:0d:77:33:a9:8f:3d:bd:03:ff:88:4c:7f:2b:e2:
83:cf:1c:98:b0:47:fb:1a:2a:ac:93:4e:3c:e3:59:fd:b6:6e:
ef:0c:81:19:13:b4:b7:fb:d2:71:41:f1:12:fb:40:51:77:e5:
0c:43:bf:28:20:85:00:e6:bc:a6:33:f8:b5:4c:a2:9c:da:03:
89:ca:83:7b:2d:17:0c:28:53:50:29:0a:2d:30:9c:2c:9a:86:
55:56:2f:de
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZV/qpTX+xSI/10U01t71ujZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjUwMzEwMTA0NzIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTRhODRmYzY3MmM0M2JiOTg2MmJjNDY1ZjJkMjNhNTZiMWVhMTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsa4DwPbupFDkj94RBAWU9ueRVIxS
I54J9yfcXOt9LNkmUKuOQGigisf1+Ok3V0flJ7ZimzSDrjkoNIVgdqk5hRMgGFNZ
BF+Y609uYyr+mMzXkBjRdNYt+iNqsahJcILBnpzDE+M7eQHKvZao69LbWQ67kl6A
Po+EWu2Sft4OvDqg5crIFxb7aKizAwaVG0RVBcgiXnqHkcAgNh1QbRa5qBHMpm90
bJqNgTT5pXeXtMRJ3LhbW1sIVx6S4tuvq1iNgLy8s02VAX/PZItOynYSstSzYOmp
1TI1e1wAfPCWvGc+oj1bHWR9+DxfmT7wh+4v3yWdWudqdTxK/VZymv0JJwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFVKhPxnLEO7mGK8Rl8tI6VrHqFEMB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvVlVxRV9HY3NRN3VZWXJ4R1h5MGpwV3Nlb1VRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW1wiAwQA
XZjZMA0GCSqGSIb3DQEBCwUAA4IBAQCOpNzhEy+T22VuqoC5dZlAHhs72UQf2o37
jmTJDQHAydHVVq/dUXvX1UFD+R6EOciAzuGtvgXBjZLw5AsfubAsVCUFNOtZSwzm
BKz+Mw8r1Lh355jlReIEeLe9bmFV6F7iJkH5is/NShUSEdXgmX/uDsIvgWE1+2or
bYvVae+uk2y5/zDcMiHBZd/6LfAbWtrzWOq3PUsvqshBgM99fxOiOs/98Bv8DXcz
qY89vQP/iEx/K+KDzxyYsEf7Giqsk04841n9tm7vDIEZE7S3+9JxQfES+0BRd+UM
Q78oIIUA5rymM/i1TKKc2gOJyoN7LRcMKFNQKQotMJwsmoZVVi/e
-----END CERTIFICATE-----
Generated at Wed Apr 9 00:20:24 2025 by rpki-client