Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/VBmGfTfXnRe3biiji6vPYSGnt7A.roa
File: VBmGfTfXnRe3biiji6vPYSGnt7A.roa (raw, json)
Hash identifier: 7BkEhijiR2a0zI12bHpZF2wD2+j0YHDzHkv4cN7qW/U=
Subject key identifier: 54:19:86:7D:37:D7:9D:17:B7:6E:28:A3:8B:AB:CF:61:21:A7:B7:B0
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01942824CE7470EE4DDB402ABA88EF017BF9
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/VBmGfTfXnRe3biiji6vPYSGnt7A.roa
Signing time: Thu 02 Jan 2025 17:51:28 +0000
ROA not before: Thu 02 Jan 2025 17:51:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215479
IP address blocks: 178.215.238.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 27 Jan 2025 14:52:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:24:ce:74:70:ee:4d:db:40:2a:ba:88:ef:01:7b:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 17:51:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5419867d37d79d17b76e28a38babcf6121a7b7b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:1a:c9:97:58:ed:1d:33:9e:8f:5a:ba:ec:d3:
33:eb:fa:e7:d0:7b:de:a3:8d:61:e5:21:ad:5b:ee:
09:e7:3b:ac:21:6e:3b:b4:13:0c:d8:b5:fc:8c:c5:
fc:50:69:ad:ff:ef:b7:91:6b:7f:43:61:f8:95:c3:
13:4a:4f:95:e7:9a:d6:77:70:ce:07:2d:84:1c:d5:
4c:69:84:1c:b0:4d:e1:a4:24:1b:90:08:94:de:31:
dd:4f:2b:23:5a:72:14:48:a6:74:56:f6:e6:26:bc:
67:62:d8:4a:a2:08:4c:fb:1f:18:3c:12:f6:cb:fb:
55:dc:48:07:cd:26:ed:78:90:f9:8b:f2:89:d9:ca:
4d:23:ff:0c:52:4e:6c:0b:a4:01:ff:4b:43:da:25:
47:c5:ae:0a:84:f8:fe:b5:aa:74:ce:ea:e4:7c:ec:
57:cc:bc:a0:e2:84:ee:78:7c:70:9d:f5:8a:95:4c:
9c:3f:07:2e:6f:30:3b:e6:2b:94:81:b4:c9:ce:c3:
90:d6:15:2c:30:4c:8a:81:de:6d:0c:90:bb:10:fa:
33:4a:04:16:73:77:6b:24:49:75:e5:89:96:62:d8:
76:36:7c:eb:58:57:58:00:a4:15:5c:91:d6:be:71:
72:2a:56:09:a7:67:cc:53:55:22:e2:e2:ee:4f:ca:
00:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:19:86:7D:37:D7:9D:17:B7:6E:28:A3:8B:AB:CF:61:21:A7:B7:B0
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/VBmGfTfXnRe3biiji6vPYSGnt7A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.215.238.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:dc:4e:f6:99:85:36:dc:ae:56:35:ec:94:5e:7b:9d:3b:97:
f2:d8:05:2e:3f:bf:24:ec:d2:88:29:8b:7c:61:5c:e4:96:53:
d1:f1:3a:6a:6c:af:4b:79:b1:82:c7:01:e7:af:26:61:ba:86:
85:85:39:e8:ec:b3:0e:4f:02:be:2d:6d:09:35:5d:15:4b:89:
96:16:ce:2f:c3:37:af:80:87:bb:7b:65:6c:60:e9:cd:3d:8f:
e8:1a:12:e5:dd:76:de:a6:43:7f:36:fb:48:d5:4e:5f:c7:a3:
9e:6c:ee:b1:11:9f:d8:26:85:39:cb:c9:75:86:60:db:96:8b:
b8:b5:aa:08:04:eb:78:88:04:26:62:5e:53:6f:2b:6d:79:9a:
4e:6b:51:0d:58:bc:73:9a:4f:a7:e0:d4:98:b7:f6:87:fe:f1:
af:6b:43:63:53:c4:a2:6a:c1:aa:3d:12:f8:e2:df:89:4d:71:
f4:46:a9:fa:cc:c3:95:d9:79:a0:05:5a:13:16:5f:0b:51:39:
b8:9d:d3:8e:b8:44:bb:e6:af:1b:e2:41:5c:75:7e:28:b2:53:
42:42:8f:5c:99:29:95:d2:65:da:db:d0:b4:41:d7:d2:81:84:
cb:88:21:e2:87:72:f1:d9:15:02:59:0f:82:11:6a:a9:62:ab:
68:ff:2a:02
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJM50cO5N20AquojvAXv5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwMTAyMTc1MTI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDE5ODY3ZDM3ZDc5ZDE3Yjc2ZTI4YTM4YmFiY2Y2MTIxYTdiN2IwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApBrJl1jtHTOej1q67NMz6/rn0Hve
o41h5SGtW+4J5zusIW47tBMM2LX8jMX8UGmt/++3kWt/Q2H4lcMTSk+V55rWd3DO
By2EHNVMaYQcsE3hpCQbkAiU3jHdTysjWnIUSKZ0VvbmJrxnYthKoghM+x8YPBL2
y/tV3EgHzSbteJD5i/KJ2cpNI/8MUk5sC6QB/0tD2iVHxa4KhPj+tap0zurkfOxX
zLyg4oTueHxwnfWKlUycPwcubzA75iuUgbTJzsOQ1hUsMEyKgd5tDJC7EPozSgQW
c3drJEl15YmWYth2NnzrWFdYAKQVXJHWvnFyKlYJp2fMU1Ui4uLuT8oAZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFQZhn03150Xt24oo4urz2Ehp7ewMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvVkJtR2ZUZlhuUmUzYmlpamk2dlBZU0dudDdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAstfuMA0G
CSqGSIb3DQEBCwUAA4IBAQBM3E72mYU23K5WNeyUXnudO5fy2AUuP78k7NKIKYt8
YVzkllPR8TpqbK9LebGCxwHnryZhuoaFhTno7LMOTwK+LW0JNV0VS4mWFs4vwzev
gIe7e2VsYOnNPY/oGhLl3XbepkN/NvtI1U5fx6OebO6xEZ/YJoU5y8l1hmDblou4
taoIBOt4iAQmYl5TbytteZpOa1ENWLxzmk+n4NSYt/aH/vGva0NjU8SiasGqPRL4
4t+JTXH0Rqn6zMOV2XmgBVoTFl8LUTm4ndOOuES75q8b4kFcdX4oslNCQo9cmSmV
0mXa29C0QdfSgYTLiCHih3Lx2RUCWQ+CEWqpYqto/yoC
-----END CERTIFICATE-----
Generated at Mon Apr 28 03:25:59 2025 by rpki-client