Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/b8ed2d-3545-4599-97e5-1523803fadaf/1/VkPCVjrtQcBJByQQl0a1mpJUVdQ.roa
File: VkPCVjrtQcBJByQQl0a1mpJUVdQ.roa (raw, json)
Hash identifier: 3w9gnJHVqwuIU2+LWh8sM/HTbDY2j0YZBsqGUZyrWHQ=
Subject key identifier: 56:43:C2:56:3A:ED:41:C0:49:07:24:10:97:46:B5:9A:92:54:55:D4
Certificate issuer: /CN=a18164d9961a16d2eff773f5027821e9d2bd3740
Certificate serial: 019450B475D36C96CF65B4E2BBEE3C4DD559
Authority key identifier: A1:81:64:D9:96:1A:16:D2:EF:F7:73:F5:02:78:21:E9:D2:BD:37:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oYFk2ZYaFtLv93P1Angh6dK9N0A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/b8ed2d-3545-4599-97e5-1523803fadaf/1/VkPCVjrtQcBJByQQl0a1mpJUVdQ.roa
Signing time: Fri 10 Jan 2025 14:53:11 +0000
ROA not before: Fri 10 Jan 2025 14:53:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8899
IP address blocks: 5.45.0.0/21 maxlen: 21
5.100.128.0/20 maxlen: 20
37.157.40.0/21 maxlen: 21
46.165.128.0/18 maxlen: 18
77.244.96.0/20 maxlen: 20
80.74.48.0/20 maxlen: 20
Validation: Failed, certificate revoked on Fri 10 Jan 2025 14:54:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:50:b4:75:d3:6c:96:cf:65:b4:e2:bb:ee:3c:4d:d5:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a18164d9961a16d2eff773f5027821e9d2bd3740
Validity
Not Before: Jan 10 14:53:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5643c2563aed41c0490724109746b59a925455d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:73:55:83:5a:89:15:65:34:e6:b3:bc:e2:b9:
1e:06:57:17:9b:3c:d4:6f:eb:ff:60:9d:4c:28:55:
c0:41:6b:94:8e:0a:1a:71:5b:a6:a0:80:87:01:eb:
11:51:fc:26:0d:64:d1:a2:8f:b7:7c:92:56:67:b1:
10:e9:d9:56:fe:76:5d:68:8d:21:12:bf:a0:2e:e6:
4e:8a:75:9d:87:1c:91:04:43:7a:cf:a2:ba:03:60:
98:86:12:0c:47:9f:72:6f:d9:55:5e:a4:14:82:e1:
12:c1:86:dd:4c:82:da:46:e8:ca:8e:43:33:80:7f:
af:d1:65:14:50:36:bc:43:82:a2:89:f8:a0:16:2d:
75:ac:6d:a0:ea:23:cf:bf:b6:7e:ca:88:c9:93:56:
10:e1:1e:bc:b2:b7:3d:ec:16:d4:06:b8:88:db:7b:
01:70:ae:09:fd:b0:0b:11:bb:b0:0a:2e:6d:ce:f2:
66:66:0c:f9:61:58:bf:ee:e8:de:67:80:4c:75:67:
05:0b:8e:ed:e4:9c:1d:c0:7b:9c:36:95:75:d9:c1:
a6:5b:0a:23:c8:59:f2:7b:b4:72:d8:8c:8c:37:75:
54:a2:c0:51:93:f3:0d:33:e7:27:e1:0f:46:b3:c5:
86:53:b8:35:e4:f5:29:5e:c9:4b:31:bc:d6:06:85:
e4:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:43:C2:56:3A:ED:41:C0:49:07:24:10:97:46:B5:9A:92:54:55:D4
X509v3 Authority Key Identifier:
keyid:A1:81:64:D9:96:1A:16:D2:EF:F7:73:F5:02:78:21:E9:D2:BD:37:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oYFk2ZYaFtLv93P1Angh6dK9N0A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/b8ed2d-3545-4599-97e5-1523803fadaf/1/VkPCVjrtQcBJByQQl0a1mpJUVdQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/b8ed2d-3545-4599-97e5-1523803fadaf/1/oYFk2ZYaFtLv93P1Angh6dK9N0A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.45.0.0/21
5.100.128.0/20
37.157.40.0/21
46.165.128.0/18
77.244.96.0/20
80.74.48.0/20
Signature Algorithm: sha256WithRSAEncryption
4d:8d:4d:10:b4:71:87:26:e3:58:dd:74:4e:e7:39:aa:b0:71:
76:6d:66:d8:88:65:f9:33:a2:01:dd:2a:6c:e1:c0:63:0c:be:
57:ed:fe:f9:02:63:85:b5:12:51:34:71:e9:aa:b9:cc:06:98:
a0:ab:87:ac:d4:34:f8:37:0c:f9:3f:e8:05:df:41:aa:4a:54:
04:5c:87:a0:61:86:55:47:60:17:78:b6:b7:33:1d:d5:df:68:
17:bb:24:5f:e0:9b:c6:31:a4:ca:1e:5b:b8:fe:9a:7d:df:23:
35:8e:cc:5e:e1:5e:3a:2c:db:4b:49:83:75:5c:6f:c7:a6:9d:
f1:c9:67:b8:73:a7:f0:a0:1a:92:90:9a:0e:fa:58:e2:39:62:
07:ac:d1:d3:97:41:98:fb:8b:6f:70:4c:2f:e5:56:ef:84:24:
24:c0:b4:fd:5d:4d:f0:0e:ef:c3:41:4c:0e:71:ce:79:13:3b:
9f:0b:ca:66:e2:7a:52:b2:d0:33:d2:49:50:3d:9b:6e:52:57:
fe:c7:53:23:3b:87:9e:a5:e1:80:3b:f4:83:94:d6:15:c0:9a:
c7:a9:4b:ce:52:29:49:bb:1b:c1:be:bf:24:63:89:43:34:11:
92:18:88:47:46:33:ce:a9:c4:52:ee:4a:e9:82:f5:45:08:26:
3c:ba:22:f7
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZRQtHXTbJbPZbTiu+48TdVZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExODE2NGQ5OTYxYTE2ZDJlZmY3NzNmNTAyNzgyMWU5ZDJi
ZDM3NDAwHhcNMjUwMTEwMTQ1MzExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjQzYzI1NjNhZWQ0MWMwNDkwNzI0MTA5NzQ2YjU5YTkyNTQ1NWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAonNVg1qJFWU05rO84rkeBlcXmzzU
b+v/YJ1MKFXAQWuUjgoacVumoICHAesRUfwmDWTRoo+3fJJWZ7EQ6dlW/nZdaI0h
Er+gLuZOinWdhxyRBEN6z6K6A2CYhhIMR59yb9lVXqQUguESwYbdTILaRujKjkMz
gH+v0WUUUDa8Q4KiifigFi11rG2g6iPPv7Z+yojJk1YQ4R68src97BbUBriI23sB
cK4J/bALEbuwCi5tzvJmZgz5YVi/7ujeZ4BMdWcFC47t5JwdwHucNpV12cGmWwoj
yFnye7Ry2IyMN3VUosBRk/MNM+cn4Q9Gs8WGU7g15PUpXslLMbzWBoXksQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFFZDwlY67UHASQckEJdGtZqSVFXUMB8GA1UdIwQY
MBaAFKGBZNmWGhbS7/dz9QJ4IenSvTdAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1lGazJaWWFGdEx2OTNQMUFuZ2g2ZEs5TjBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9iOGVkMmQtMzU0NS00NTk5LTk3ZTUt
MTUyMzgwM2ZhZGFmLzEvVmtQQ1ZqcnRRY0JKQnlRUWwwYTFtcEpVVmRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9iOGVkMmQtMzU0NS00NTk5LTk3ZTUtMTUyMzgwM2ZhZGFm
LzEvb1lGazJaWWFGdEx2OTNQMUFuZ2g2ZEs5TjBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQDBS0AAwQE
BWSAAwQDJZ0oAwQGLqWAAwQETfRgAwQEUEowMA0GCSqGSIb3DQEBCwUAA4IBAQBN
jU0QtHGHJuNY3XRO5zmqsHF2bWbYiGX5M6IB3Sps4cBjDL5X7f75AmOFtRJRNHHp
qrnMBpigq4es1DT4Nwz5P+gF30GqSlQEXIegYYZVR2AXeLa3Mx3V32gXuyRf4JvG
MaTKHlu4/pp93yM1jsxe4V46LNtLSYN1XG/Hpp3xyWe4c6fwoBqSkJoO+ljiOWIH
rNHTl0GY+4tvcEwv5VbvhCQkwLT9XU3wDu/DQUwOcc55EzufC8pm4npSstAz0klQ
PZtuUlf+x1MjO4eepeGAO/SDlNYVwJrHqUvOUilJuxvBvr8kY4lDNBGSGIhHRjPO
qcRS7krpgvVFCCY8uiL3
-----END CERTIFICATE-----
Generated at Mon May 12 15:53:31 2025 by rpki-client