Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/0a60ce-bb37-4337-bf50-5eca36e19f5d/1/VHE-OUvayuM6t5yjqPjGVk-__I4.roa
File: VHE-OUvayuM6t5yjqPjGVk-__I4.roa (raw, json)
Hash identifier: reqJplyvV/1tsBHaUKXQwBNeYkweBnRRRi2UUAYh6Ts=
Subject key identifier: 54:71:3E:39:4B:DA:CA:E3:3A:B7:9C:A3:A8:F8:C6:56:4F:BF:FC:8E
Certificate issuer: /CN=b02a9af2fc5fe93c43148aacb13c51be904c8e4c
Certificate serial: 019022BA041636231CCA3AC52F0B3776B9E8
Authority key identifier: B0:2A:9A:F2:FC:5F:E9:3C:43:14:8A:AC:B1:3C:51:BE:90:4C:8E:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sCqa8vxf6TxDFIqssTxRvpBMjkw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/0a60ce-bb37-4337-bf50-5eca36e19f5d/1/VHE-OUvayuM6t5yjqPjGVk-__I4.roa
Signing time: Sun 16 Jun 2024 20:25:34 +0000
ROA not before: Sun 16 Jun 2024 20:25:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51395
IP address blocks: 2001:67c:500::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:48:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:22:ba:04:16:36:23:1c:ca:3a:c5:2f:0b:37:76:b9:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b02a9af2fc5fe93c43148aacb13c51be904c8e4c
Validity
Not Before: Jun 16 20:25:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=54713e394bdacae33ab79ca3a8f8c6564fbffc8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:24:ce:ff:88:77:ef:0f:48:51:a2:eb:a3:4c:
0b:6d:b8:86:c2:62:9c:61:80:ea:e1:6c:10:de:31:
04:7f:03:65:1d:38:de:58:72:5d:aa:74:2c:59:0b:
40:52:4b:57:32:b1:01:94:4e:2a:06:6d:ac:f0:28:
3f:3f:aa:8e:e1:54:25:0d:26:a6:a7:70:ea:76:76:
4a:99:35:23:7e:76:ad:b3:2b:cd:68:ce:2b:df:44:
05:0b:53:e8:20:88:25:7b:71:55:08:b0:e0:bf:b0:
fd:64:f1:0a:3d:43:8f:a2:7b:2f:cd:4b:cc:74:20:
97:1b:18:29:d9:85:78:30:c9:89:5d:2a:b0:bb:35:
dc:0d:30:9f:3a:7a:e5:80:d2:6a:c5:fe:73:3c:20:
f0:39:a7:b8:29:d8:a9:d5:ec:ef:79:e4:f5:3c:c1:
20:c7:3d:9b:81:5c:44:62:a5:90:2b:5f:54:fc:b6:
f8:4e:55:28:49:c3:5e:c0:9e:88:3f:30:f4:3a:36:
e8:15:4c:46:54:dc:22:3b:41:2b:aa:41:a6:d8:16:
2a:66:2a:e3:3b:98:c7:4b:21:27:2a:04:09:d1:f6:
76:71:c7:81:81:d3:2b:10:39:14:8d:22:a0:90:c2:
43:e9:92:f4:78:d8:1c:e2:05:ee:4b:9f:0f:1f:c1:
bc:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:71:3E:39:4B:DA:CA:E3:3A:B7:9C:A3:A8:F8:C6:56:4F:BF:FC:8E
X509v3 Authority Key Identifier:
keyid:B0:2A:9A:F2:FC:5F:E9:3C:43:14:8A:AC:B1:3C:51:BE:90:4C:8E:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sCqa8vxf6TxDFIqssTxRvpBMjkw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/0a60ce-bb37-4337-bf50-5eca36e19f5d/1/VHE-OUvayuM6t5yjqPjGVk-__I4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/0a60ce-bb37-4337-bf50-5eca36e19f5d/1/sCqa8vxf6TxDFIqssTxRvpBMjkw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:500::/48
Signature Algorithm: sha256WithRSAEncryption
8d:4e:6f:9b:b0:8f:6a:72:9e:98:8e:b5:6a:51:86:4c:32:e2:
cb:f7:e5:9c:ef:31:af:b2:42:37:9c:a9:62:52:8d:b3:ab:56:
69:c5:d1:d7:55:99:be:cf:60:3b:20:10:fc:fb:43:5e:4e:28:
e1:fb:7d:39:31:84:98:c5:97:ed:47:2c:4e:e6:77:83:39:39:
51:d3:41:56:58:18:ae:79:2b:bf:db:96:98:82:fc:d3:a7:ac:
a9:cb:b1:c4:01:5c:ea:08:24:74:77:9a:3a:be:8b:20:fd:69:
ed:95:a7:d5:1a:eb:82:84:7c:df:b8:12:af:c7:8d:6d:3c:8a:
bc:e0:69:66:75:30:a6:fc:f6:3c:42:11:29:bf:38:aa:4a:b2:
48:f5:1b:7c:e1:4f:62:33:3f:50:b5:80:0d:16:00:f8:4e:25:
0b:21:25:96:59:0a:9b:a1:6f:54:3a:f3:4f:12:67:e5:ed:5f:
16:85:0b:24:cf:92:86:d5:ce:13:3a:a0:21:a1:06:14:9a:54:
5a:5e:ab:03:db:b1:8d:39:01:4f:5b:fd:ef:d1:b2:0c:aa:fb:
7a:37:f3:8f:b2:8e:a6:52:42:44:c4:95:c5:b0:2e:4f:c1:3f:
ea:17:ca:94:bf:97:31:fd:bb:a1:56:34:86:3f:c9:fb:3b:a2:
67:f3:b5:fb
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZAiugQWNiMcyjrFLws3drnoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwMmE5YWYyZmM1ZmU5M2M0MzE0OGFhY2IxM2M1MWJlOTA0
YzhlNGMwHhcNMjQwNjE2MjAyNTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDcxM2UzOTRiZGFjYWUzM2FiNzljYTNhOGY4YzY1NjRmYmZmYzhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApyTO/4h37w9IUaLro0wLbbiGwmKc
YYDq4WwQ3jEEfwNlHTjeWHJdqnQsWQtAUktXMrEBlE4qBm2s8Cg/P6qO4VQlDSam
p3DqdnZKmTUjfnatsyvNaM4r30QFC1PoIIgle3FVCLDgv7D9ZPEKPUOPonsvzUvM
dCCXGxgp2YV4MMmJXSqwuzXcDTCfOnrlgNJqxf5zPCDwOae4Kdip1ezveeT1PMEg
xz2bgVxEYqWQK19U/Lb4TlUoScNewJ6IPzD0OjboFUxGVNwiO0ErqkGm2BYqZirj
O5jHSyEnKgQJ0fZ2cceBgdMrEDkUjSKgkMJD6ZL0eNgc4gXuS58PH8G8fwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFRxPjlL2srjOreco6j4xlZPv/yOMB8GA1UdIwQY
MBaAFLAqmvL8X+k8QxSKrLE8Ub6QTI5MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0NxYTh2eGY2VHhERklxc3NUeFJ2cEJNamt3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi8wYTYwY2UtYmIzNy00MzM3LWJmNTAt
NWVjYTM2ZTE5ZjVkLzEvVkhFLU9VdmF5dU02dDV5anFQakdWay1fX0k0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi8wYTYwY2UtYmIzNy00MzM3LWJmNTAtNWVjYTM2ZTE5ZjVk
LzEvc0NxYTh2eGY2VHhERklxc3NUeFJ2cEJNamt3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAUA
MA0GCSqGSIb3DQEBCwUAA4IBAQCNTm+bsI9qcp6YjrVqUYZMMuLL9+Wc7zGvskI3
nKliUo2zq1ZpxdHXVZm+z2A7IBD8+0NeTijh+305MYSYxZftRyxO5neDOTlR00FW
WBiueSu/25aYgvzTp6ypy7HEAVzqCCR0d5o6vosg/WntlafVGuuChHzfuBKvx41t
PIq84GlmdTCm/PY8QhEpvziqSrJI9Rt84U9iMz9QtYANFgD4TiULISWWWQqboW9U
OvNPEmfl7V8WhQskz5KG1c4TOqAhoQYUmlRaXqsD27GNOQFPW/3v0bIMqvt6N/OP
so6mUkJExJXFsC5PwT/qF8qUv5cx/buhVjSGP8n7O6Jn87X7
-----END CERTIFICATE-----
Generated at Tue Mar 11 05:03:48 2025 by rpki-client