Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/VTM-lDjTIbGaCdRYjztESFYrEwA.roa
File: VTM-lDjTIbGaCdRYjztESFYrEwA.roa (raw, json)
Hash identifier: diVCnKNxHVA6MJ//gigjJcIgZQg0iB/5wwxfSJ6wVXA=
Subject key identifier: 55:33:3E:94:38:D3:21:B1:9A:09:D4:58:8F:3B:44:48:56:2B:13:00
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0192A9F6CF10FA4AB402E7A596992BA9676F
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/VTM-lDjTIbGaCdRYjztESFYrEwA.roa
Signing time: Sun 20 Oct 2024 12:46:17 +0000
ROA not before: Sun 20 Oct 2024 12:46:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21738
IP address blocks: 2a0e:e980::/29 maxlen: 29
2a0f:e740::/29 maxlen: 29
2a10:37c0::/29 maxlen: 29
2a10:5200::/29 maxlen: 29
2a10:6900::/29 maxlen: 29
2a10:6f00::/29 maxlen: 29
2a10:7100::/29 maxlen: 29
2a10:7300::/29 maxlen: 29
2a10:7f00::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 25 Oct 2024 06:31:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:a9:f6:cf:10:fa:4a:b4:02:e7:a5:96:99:2b:a9:67:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Oct 20 12:46:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=55333e9438d321b19a09d4588f3b4448562b1300
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:4a:74:5d:ef:85:1e:42:0e:4f:cc:49:4d:db:
35:25:f4:71:2b:73:99:8a:11:60:7c:f1:70:fb:25:
06:a0:bc:c5:12:4b:48:b3:ee:4b:34:9b:ce:f3:a4:
1c:33:12:1a:74:c7:1b:22:f6:51:97:25:bf:2c:2f:
af:2f:05:5c:e2:57:cb:47:33:90:8a:28:16:36:28:
02:f8:00:9c:22:10:47:73:5a:5e:7c:24:61:70:fb:
d6:ee:a3:df:59:4d:cf:4e:f6:ad:76:b7:ac:77:f9:
c9:a9:e6:48:22:18:e1:a0:21:68:3c:9f:a6:af:bc:
14:b3:20:b6:7e:39:f1:b7:34:5f:d5:c3:85:24:98:
93:4c:75:86:62:a2:a0:9c:c1:53:29:35:2e:9d:49:
56:25:a5:e9:68:b8:18:60:a1:53:1a:28:2a:bb:80:
2c:bc:5e:3a:71:59:e9:01:8f:c2:1b:e3:c5:cb:14:
87:c9:ba:63:a2:23:b8:a1:00:dc:b3:6e:ee:d5:58:
01:f6:55:82:e6:b2:9f:74:e4:09:57:6c:22:cf:7f:
38:7a:44:cc:83:67:46:e8:a6:cd:41:6e:7f:ab:3c:
ef:97:f7:21:95:27:5c:76:97:10:97:6d:3b:83:ba:
da:2b:42:ea:14:f1:27:60:ee:38:4b:ab:5c:58:c5:
f3:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:33:3E:94:38:D3:21:B1:9A:09:D4:58:8F:3B:44:48:56:2B:13:00
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/VTM-lDjTIbGaCdRYjztESFYrEwA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:e980::/29
2a0f:e740::/29
2a10:37c0::/29
2a10:5200::/29
2a10:6900::/29
2a10:6f00::/29
2a10:7100::/29
2a10:7300::/29
2a10:7f00::/29
Signature Algorithm: sha256WithRSAEncryption
8f:4f:3c:32:f0:f7:2c:f1:e4:f2:34:c6:fc:91:21:ad:1b:8f:
b7:a7:6c:43:3c:af:48:4c:89:a4:94:66:79:8c:9a:7c:e5:5f:
dd:8c:93:85:97:b7:e7:f8:31:2a:56:1d:b3:78:2b:94:c8:c4:
f6:69:42:9e:30:6e:f9:2f:a0:fa:f7:45:42:16:57:78:af:53:
ef:a2:8d:d2:1f:8f:7e:5d:a3:d1:44:34:1a:bf:eb:38:05:77:
b0:63:00:a6:e1:21:aa:4d:ec:d2:76:05:1c:e1:1f:12:dd:c6:
63:4e:67:62:b2:6e:4d:89:53:8e:1a:47:5d:02:87:c7:a6:d9:
21:a1:37:84:48:29:4b:83:07:56:04:71:27:02:18:10:89:a1:
6f:9a:2d:b2:cc:ff:1d:9d:b9:f9:50:c9:ac:0c:70:45:f6:4c:
99:b5:4e:4c:d4:15:22:b7:f8:a0:c7:cc:9b:7c:fb:c1:be:3b:
14:23:fb:50:b8:4f:59:c1:47:a9:b9:14:56:85:0d:0a:d5:20:
9e:7f:58:03:3f:9e:dd:aa:c6:6f:e6:ff:ad:14:49:f3:a5:8a:
fc:00:73:d1:23:4a:ba:61:91:39:02:20:cb:06:16:f7:bf:c4:
8e:40:c5:c7:74:c8:ea:2f:52:39:31:14:cb:8f:f8:d0:53:bf:
1a:59:00:28
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZKp9s8Q+kq0AuellpkrqWdvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQxMDIwMTI0NjE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTMzM2U5NDM4ZDMyMWIxOWEwOWQ0NTg4ZjNiNDQ0ODU2MmIxMzAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtkp0Xe+FHkIOT8xJTds1JfRxK3OZ
ihFgfPFw+yUGoLzFEktIs+5LNJvO86QcMxIadMcbIvZRlyW/LC+vLwVc4lfLRzOQ
iigWNigC+ACcIhBHc1pefCRhcPvW7qPfWU3PTvatdresd/nJqeZIIhjhoCFoPJ+m
r7wUsyC2fjnxtzRf1cOFJJiTTHWGYqKgnMFTKTUunUlWJaXpaLgYYKFTGigqu4As
vF46cVnpAY/CG+PFyxSHybpjoiO4oQDcs27u1VgB9lWC5rKfdOQJV2wiz384ekTM
g2dG6KbNQW5/qzzvl/chlSdcdpcQl207g7raK0LqFPEnYO44S6tcWMXzRwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFFUzPpQ40yGxmgnUWI87REhWKxMAMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvVlRNLWxEalRJYkdhQ2RSWWp6dEVTRllyRXdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzBFBAIAAjA/AwUDKg7pgAMF
AyoP50ADBQMqEDfAAwUDKhBSAAMFAyoQaQADBQMqEG8AAwUDKhBxAAMFAyoQcwAD
BQMqEH8AMA0GCSqGSIb3DQEBCwUAA4IBAQCPTzwy8Pcs8eTyNMb8kSGtG4+3p2xD
PK9ITImklGZ5jJp85V/djJOFl7fn+DEqVh2zeCuUyMT2aUKeMG75L6D690VCFld4
r1Pvoo3SH49+XaPRRDQav+s4BXewYwCm4SGqTezSdgUc4R8S3cZjTmdism5NiVOO
GkddAofHptkhoTeESClLgwdWBHEnAhgQiaFvmi2yzP8dnbn5UMmsDHBF9kyZtU5M
1BUit/igx8ybfPvBvjsUI/tQuE9ZwUepuRRWhQ0K1SCef1gDP57dqsZv5v+tFEnz
pYr8AHPRI0q6YZE5AiDLBhb3v8SOQMXHdMjqL1I5MRTLj/jQU78aWQAo
-----END CERTIFICATE-----
Generated at Sat May 10 09:47:23 2025 by rpki-client