Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/vCF0e1LhzuKO5IMcMCR34jMc3MQ.roa
File: vCF0e1LhzuKO5IMcMCR34jMc3MQ.roa (raw, json)
Hash identifier: T/8CsvVtmRtrKTuuxawiYoOeHK5J7n80vVvuUmydCBk=
Subject key identifier: BC:21:74:7B:52:E1:CE:E2:8E:E4:83:1C:30:24:77:E2:33:1C:DC:C4
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 01968316C86AC179963BBE704B4CDB4E99F8
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/vCF0e1LhzuKO5IMcMCR34jMc3MQ.roa
Signing time: Tue 29 Apr 2025 19:47:10 +0000
ROA not before: Tue 29 Apr 2025 19:47:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 31.186.180.0/22 maxlen: 24
37.34.80.0/21 maxlen: 24
46.20.210.0/23 maxlen: 24
82.163.52.0/23 maxlen: 24
92.114.40.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 01 May 2025 06:45:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:83:16:c8:6a:c1:79:96:3b:be:70:4b:4c:db:4e:99:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Apr 29 19:47:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bc21747b52e1cee28ee4831c302477e2331cdcc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:d7:ef:18:a0:38:23:38:7d:46:5a:f6:51:2d:
f2:a3:52:65:ee:38:ad:bd:fd:36:6e:5c:0c:e1:1f:
59:62:32:85:0c:94:fc:6c:a5:04:3c:f2:fd:96:18:
7b:7f:ad:00:7a:1d:ef:9f:11:3d:21:d9:27:d1:37:
a1:5d:83:97:46:00:6b:97:b9:29:f6:9f:72:74:11:
4a:a2:ea:5c:1a:3e:d0:d5:bd:5b:da:bf:5d:a9:d5:
b4:b3:ad:52:f4:48:51:d2:9a:1b:9a:d6:cb:81:c7:
a1:fc:b0:3b:82:8e:0a:75:f6:18:64:ba:cb:98:1f:
7f:3e:b2:63:6f:66:4a:28:54:a2:24:a6:2b:34:03:
0d:56:a4:36:84:ca:84:35:8c:10:1b:50:e7:e6:84:
6b:c3:6f:78:67:b6:ab:6d:a9:80:3f:87:3b:00:95:
42:7d:95:66:c1:e8:2a:b8:99:22:40:85:4f:93:14:
08:bf:07:4c:be:eb:44:9f:d4:48:78:e2:de:df:a6:
f8:84:0c:9d:38:51:35:56:00:97:af:e4:fa:39:fd:
ff:e1:8e:9e:a0:b1:7c:a7:ef:b5:40:3d:1b:a5:43:
73:60:bd:25:5a:e0:db:9f:85:0e:94:18:7f:d0:2b:
9a:cf:f2:79:d3:b1:73:25:8a:a0:dc:56:12:7d:a9:
77:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:21:74:7B:52:E1:CE:E2:8E:E4:83:1C:30:24:77:E2:33:1C:DC:C4
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/vCF0e1LhzuKO5IMcMCR34jMc3MQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.186.180.0/22
37.34.80.0/21
46.20.210.0/23
82.163.52.0/23
92.114.40.0/22
Signature Algorithm: sha256WithRSAEncryption
00:1e:31:76:38:12:2b:db:31:68:24:12:db:40:d4:fc:7d:d0:
0b:24:d2:f1:db:e2:1b:d2:2d:ad:b6:dd:f6:2f:fe:a8:9f:cd:
0b:fa:fe:85:46:cb:5f:dd:1c:0a:71:ba:9c:16:b9:26:b2:1a:
5c:b2:b9:39:01:d3:a6:04:fc:3d:25:df:bf:a4:10:24:3b:7f:
2f:92:14:15:c5:95:7a:8c:0d:80:91:e4:b9:f2:fa:09:d4:36:
4a:87:de:d4:0f:da:4a:76:89:ba:3e:a2:b1:12:35:b9:b4:93:
23:b3:0e:ff:7d:90:b9:73:49:0e:f5:35:f8:a8:df:ef:af:6d:
73:bf:26:37:ef:04:ba:30:86:02:d6:bc:6f:5d:76:83:2c:14:
9b:0b:47:82:ee:5f:ae:7c:3e:84:6e:4d:6c:3d:69:43:49:65:
be:68:ed:23:a1:33:9c:05:b1:b1:65:96:52:59:02:89:ca:cc:
9c:99:46:03:25:7b:c9:70:dd:ab:96:91:86:60:99:b1:4a:be:
8a:29:9f:d9:e0:7e:83:a4:cd:7b:08:9c:be:36:33:97:7c:04:
e2:54:91:9e:10:3b:75:47:34:c2:ec:4d:fe:f4:e9:8c:07:0b:
25:da:1b:b9:97:27:c4:a5:3a:56:03:2a:af:55:50:e6:2a:f0:
82:96:e7:2d
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZaDFshqwXmWO75wS0zbTpn4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjUwNDI5MTk0NzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzIxNzQ3YjUyZTFjZWUyOGVlNDgzMWMzMDI0NzdlMjMzMWNkY2M0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAptfvGKA4Izh9Rlr2US3yo1Jl7jit
vf02blwM4R9ZYjKFDJT8bKUEPPL9lhh7f60Aeh3vnxE9Idkn0TehXYOXRgBrl7kp
9p9ydBFKoupcGj7Q1b1b2r9dqdW0s61S9EhR0pobmtbLgceh/LA7go4KdfYYZLrL
mB9/PrJjb2ZKKFSiJKYrNAMNVqQ2hMqENYwQG1Dn5oRrw294Z7arbamAP4c7AJVC
fZVmwegquJkiQIVPkxQIvwdMvutEn9RIeOLe36b4hAydOFE1VgCXr+T6Of3/4Y6e
oLF8p++1QD0bpUNzYL0lWuDbn4UOlBh/0Cuaz/J507FzJYqg3FYSfal3yQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFLwhdHtS4c7ijuSDHDAkd+IzHNzEMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvdkNGMGUxTGh6dUtPNUlNY01DUjM0ak1jM01RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCH7q0AwQD
JSJQAwQBLhTSAwQBUqM0AwQCXHIoMA0GCSqGSIb3DQEBCwUAA4IBAQAAHjF2OBIr
2zFoJBLbQNT8fdALJNLx2+Ib0i2ttt32L/6on80L+v6FRstf3RwKcbqcFrkmshpc
srk5AdOmBPw9Jd+/pBAkO38vkhQVxZV6jA2AkeS58voJ1DZKh97UD9pKdom6PqKx
EjW5tJMjsw7/fZC5c0kO9TX4qN/vr21zvyY37wS6MIYC1rxvXXaDLBSbC0eC7l+u
fD6Ebk1sPWlDSWW+aO0joTOcBbGxZZZSWQKJysycmUYDJXvJcN2rlpGGYJmxSr6K
KZ/Z4H6DpM17CJy+NjOXfATiVJGeEDt1RzTC7E3+9OmMBwsl2hu5lyfEpTpWAyqv
VVDmKvCCluct
-----END CERTIFICATE-----
Generated at Sun May 11 21:01:21 2025 by rpki-client