Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/VcYQo4qClF5n5M2rmZVOIp0tfUg.roa
File: VcYQo4qClF5n5M2rmZVOIp0tfUg.roa (raw, json)
Hash identifier: m4t4yMIvRw31lyiI1XBu+twvjfbKOcEmdO9KjyXTgkA=
Subject key identifier: 55:C6:10:A3:8A:82:94:5E:67:E4:CD:AB:99:95:4E:22:9D:2D:7D:48
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 019017AC1F1EDA059FA668EF9915565486CE
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/VcYQo4qClF5n5M2rmZVOIp0tfUg.roa
Signing time: Fri 14 Jun 2024 16:54:34 +0000
ROA not before: Fri 14 Jun 2024 16:54:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197071
IP address blocks: 45.86.156.0/23 maxlen: 23
45.86.156.0/24 maxlen: 24
185.236.8.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 26 Oct 2024 18:40:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:17:ac:1f:1e:da:05:9f:a6:68:ef:99:15:56:54:86:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Jun 14 16:54:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=55c610a38a82945e67e4cdab99954e229d2d7d48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:e1:95:a0:13:2a:ce:bb:28:99:54:d6:8c:50:
94:ea:c0:4c:8c:a0:3f:b8:c2:ee:c4:eb:e3:04:71:
7d:b1:a6:40:60:db:eb:6e:0e:1d:75:1a:41:1a:3c:
9c:26:10:fb:72:9d:06:05:41:17:d5:4a:6e:91:9f:
9b:ba:7f:2f:65:0b:d7:bc:fe:0f:ea:40:21:d6:a4:
71:46:c6:84:00:b3:cf:eb:c4:b0:e9:3f:97:a9:32:
27:af:b7:6b:e6:db:3c:05:c1:85:b5:b2:af:b0:5e:
3b:7c:63:35:3e:28:13:7b:67:fb:b0:16:b8:68:ff:
8e:e3:e8:de:4f:ad:f6:e0:22:ee:d7:1c:30:45:dc:
7a:ee:ae:b7:1f:cb:bd:b6:05:71:94:88:50:b3:b3:
49:ef:48:e3:86:70:6c:25:dc:a7:88:0e:6d:09:e8:
bf:fc:cc:10:dd:99:47:fb:ef:01:ac:39:52:fe:af:
1e:8a:b9:bf:77:69:f0:74:79:91:09:8e:11:70:fc:
fd:c5:37:5c:f7:37:81:6f:bb:d6:1c:5b:b1:11:b2:
ea:bc:91:25:79:a1:cc:75:2a:ae:2c:28:aa:de:bc:
f8:95:9c:c4:88:0e:5a:00:6c:5a:e9:09:0e:02:27:
90:8b:61:3f:22:6f:2d:4c:12:fa:10:34:db:d2:bc:
63:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:C6:10:A3:8A:82:94:5E:67:E4:CD:AB:99:95:4E:22:9D:2D:7D:48
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/VcYQo4qClF5n5M2rmZVOIp0tfUg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.156.0/23
185.236.8.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:1f:15:f6:30:d1:63:b8:c4:2e:12:66:9c:c1:eb:54:06:64:
36:22:1a:98:a6:d6:63:10:32:a0:4d:3c:1e:f7:05:93:43:a5:
82:52:72:e3:30:91:a9:b5:85:ee:e1:79:6b:81:94:c0:88:0a:
97:7d:64:07:73:f2:8e:2c:c5:25:77:4c:63:92:5b:4d:9a:8a:
6d:ea:be:f2:95:9d:b4:65:b7:7a:c9:59:5c:b5:7b:d3:a0:7d:
b8:e1:9c:69:20:ef:c3:1d:73:85:ea:4d:16:f0:6a:a3:98:cb:
26:b2:c2:cb:c5:73:68:c9:94:f0:b5:c3:0f:24:5e:6f:db:82:
78:f7:8e:69:78:4b:7c:1e:96:90:da:e7:ee:24:ae:05:93:40:
86:2d:85:61:ba:0d:ae:f4:d2:0e:76:91:cb:9a:53:01:f8:5d:
f3:4a:67:90:09:a5:01:db:41:34:85:30:0e:ac:4d:46:22:1d:
3d:4e:e1:ae:20:8e:90:62:0f:64:1a:9c:ec:85:cf:52:49:3a:
e5:dd:1d:5d:52:d3:aa:53:93:fb:98:ad:d6:5c:00:c2:2d:10:
c6:01:94:82:f2:f9:63:ad:ff:20:1f:b2:63:9f:86:aa:e2:87:
56:db:fe:83:1c:13:c0:e0:20:16:fc:28:6c:e1:96:c6:c9:aa:
e8:18:3d:3f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZAXrB8e2gWfpmjvmRVWVIbOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOGFlYTJmMDI1ZjQ5NWJlYWNlZTdjZTVhODgyMDUxOWRk
YTEzNzAwHhcNMjQwNjE0MTY1NDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWM2MTBhMzhhODI5NDVlNjdlNGNkYWI5OTk1NGUyMjlkMmQ3ZDQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+GVoBMqzrsomVTWjFCU6sBMjKA/
uMLuxOvjBHF9saZAYNvrbg4ddRpBGjycJhD7cp0GBUEX1UpukZ+bun8vZQvXvP4P
6kAh1qRxRsaEALPP68Sw6T+XqTInr7dr5ts8BcGFtbKvsF47fGM1PigTe2f7sBa4
aP+O4+jeT6324CLu1xwwRdx67q63H8u9tgVxlIhQs7NJ70jjhnBsJdyniA5tCei/
/MwQ3ZlH++8BrDlS/q8eirm/d2nwdHmRCY4RcPz9xTdc9zeBb7vWHFuxEbLqvJEl
eaHMdSquLCiq3rz4lZzEiA5aAGxa6QkOAieQi2E/Im8tTBL6EDTb0rxjJwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFXGEKOKgpReZ+TNq5mVTiKdLX1IMB8GA1UdIwQY
MBaAFE+K6i8CX0lb6s7nzlqIIFGd2hNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUt
NjA4MDk1MmYwZTA0LzEvVmNZUW80cUNsRjVuNU0ycm1aVk9JcDB0ZlVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUtNjA4MDk1MmYwZTA0
LzEvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLVacAwQA
uewIMA0GCSqGSIb3DQEBCwUAA4IBAQB8HxX2MNFjuMQuEmacwetUBmQ2IhqYptZj
EDKgTTwe9wWTQ6WCUnLjMJGptYXu4XlrgZTAiAqXfWQHc/KOLMUld0xjkltNmopt
6r7ylZ20Zbd6yVlctXvToH244ZxpIO/DHXOF6k0W8GqjmMsmssLLxXNoyZTwtcMP
JF5v24J4945peEt8HpaQ2ufuJK4Fk0CGLYVhug2u9NIOdpHLmlMB+F3zSmeQCaUB
20E0hTAOrE1GIh09TuGuII6QYg9kGpzshc9SSTrl3R1dUtOqU5P7mK3WXADCLRDG
AZSC8vljrf8gH7Jjn4aq4odW2/6DHBPA4CAW/Chs4ZbGyaroGD0/
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:42:15 2025 by rpki-client