Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/VQf4yVyMWgiV2ZThfhzWHfVcRXA.roa
File: VQf4yVyMWgiV2ZThfhzWHfVcRXA.roa (raw, json)
Hash identifier: e0p2uFl5vA2nQHCeXUAx05obuTDJbE+oTuyxJIdDDVo=
Subject key identifier: 55:07:F8:C9:5C:8C:5A:08:95:D9:94:E1:7E:1C:D6:1D:F5:5C:45:70
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0193D34DAC24EE8690C17C3DE264BFE2CBF0
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/VQf4yVyMWgiV2ZThfhzWHfVcRXA.roa
Signing time: Tue 17 Dec 2024 06:28:23 +0000
ROA not before: Tue 17 Dec 2024 06:28:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201814
IP address blocks: 194.180.48.0/24 maxlen: 24
194.180.49.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 19 Dec 2024 15:11:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:d3:4d:ac:24:ee:86:90:c1:7c:3d:e2:64:bf:e2:cb:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Dec 17 06:28:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5507f8c95c8c5a0895d994e17e1cd61df55c4570
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:1c:df:6b:dc:4c:87:d5:70:f2:32:86:e8:82:
40:0a:7d:45:23:c6:e1:a6:e2:37:89:9c:3b:90:7f:
f3:f3:40:cb:5c:75:16:70:9d:f7:9c:2e:66:74:ee:
40:96:f4:b5:31:f9:1e:92:d8:2c:fc:3f:ce:58:a4:
50:d9:4b:eb:2b:56:55:51:a1:d3:c5:6e:a8:c9:f9:
71:7a:61:be:af:b6:78:48:c4:77:6a:48:de:9d:97:
91:67:07:d1:11:95:75:02:f6:44:85:7c:c0:e0:04:
f3:d1:59:59:01:2e:69:4b:20:31:d1:67:7b:ec:b7:
95:00:cc:2d:5b:16:85:c7:7b:fc:fd:8d:85:78:b8:
2d:25:8e:c0:9a:d9:19:a5:8f:83:7f:13:71:dc:03:
0f:79:9b:96:a7:10:37:35:8c:2b:a2:03:52:85:e9:
2c:fe:15:9f:ce:a5:97:92:37:20:dd:7f:f4:7b:27:
d9:e7:bc:ee:be:11:f7:fb:b9:8f:6f:a7:81:36:43:
7b:80:b0:ac:8c:ea:44:cd:0d:5e:55:bb:1f:cd:1f:
c1:41:35:0b:1b:70:2e:e3:00:d7:d8:8e:53:65:29:
6e:9a:75:7f:1e:f1:d9:c8:73:9b:92:e4:55:9d:2a:
6b:14:dd:69:9b:2a:5e:ac:27:d4:94:36:2d:e9:81:
9f:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:07:F8:C9:5C:8C:5A:08:95:D9:94:E1:7E:1C:D6:1D:F5:5C:45:70
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/VQf4yVyMWgiV2ZThfhzWHfVcRXA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.180.48.0/23
Signature Algorithm: sha256WithRSAEncryption
5a:33:aa:72:bd:92:dc:51:9f:3c:67:9f:9d:ee:fb:f8:d8:4b:
48:27:0f:dd:80:09:81:ec:d1:df:62:9f:72:c0:a0:33:54:b4:
c7:a9:9c:b1:da:25:54:00:f5:10:30:6a:22:a2:6e:88:d6:8f:
f7:a2:53:2f:50:58:18:5d:f1:06:df:de:52:3e:5b:ce:9f:ef:
ea:ae:df:ab:c1:3d:b5:47:ff:c3:df:d7:3c:30:19:9c:c4:f6:
26:c7:ce:90:52:93:36:87:3a:a6:23:60:f6:0a:65:3e:6c:84:
77:98:34:b1:70:de:3a:ba:79:fb:d3:df:25:b2:98:b7:74:ba:
61:fd:0e:74:a3:46:e0:e9:fb:f6:2b:0a:fa:4b:a4:d8:35:7e:
0d:2e:5d:d0:7a:31:c0:b5:13:0c:94:17:ee:4b:be:dc:41:86:
59:8f:c6:22:59:aa:57:65:6a:f2:90:9c:30:7c:7c:cb:97:c9:
a2:7a:66:70:1f:8a:4c:ca:e4:a5:a8:dc:8a:8e:28:5d:f0:bd:
93:71:07:bc:0f:f9:3e:08:65:d7:02:35:e7:86:bd:6d:98:f9:
e3:31:3c:5d:56:87:f0:8b:26:e2:2c:9c:df:a5:47:e7:a9:d2:
76:54:c5:4e:e3:dc:df:84:25:26:eb:48:fc:65:d4:8a:19:8b:
78:55:d7:63
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZPTTawk7oaQwXw94mS/4svwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQxMjE3MDYyODIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTA3ZjhjOTVjOGM1YTA4OTVkOTk0ZTE3ZTFjZDYxZGY1NWM0NTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqhzfa9xMh9Vw8jKG6IJACn1FI8bh
puI3iZw7kH/z80DLXHUWcJ33nC5mdO5AlvS1Mfkektgs/D/OWKRQ2UvrK1ZVUaHT
xW6oyflxemG+r7Z4SMR3akjenZeRZwfREZV1AvZEhXzA4ATz0VlZAS5pSyAx0Wd7
7LeVAMwtWxaFx3v8/Y2FeLgtJY7AmtkZpY+DfxNx3AMPeZuWpxA3NYwrogNSheks
/hWfzqWXkjcg3X/0eyfZ57zuvhH3+7mPb6eBNkN7gLCsjOpEzQ1eVbsfzR/BQTUL
G3Au4wDX2I5TZSlumnV/HvHZyHObkuRVnSprFN1pmyperCfUlDYt6YGfSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFUH+MlcjFoIldmU4X4c1h31XEVwMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvVlFmNHlWeU1XZ2lWMlpUaGZoeldIZlZjUlhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwrQwMA0G
CSqGSIb3DQEBCwUAA4IBAQBaM6pyvZLcUZ88Z5+d7vv42EtIJw/dgAmB7NHfYp9y
wKAzVLTHqZyx2iVUAPUQMGoiom6I1o/3olMvUFgYXfEG395SPlvOn+/qrt+rwT21
R//D39c8MBmcxPYmx86QUpM2hzqmI2D2CmU+bIR3mDSxcN46unn7098lspi3dLph
/Q50o0bg6fv2Kwr6S6TYNX4NLl3QejHAtRMMlBfuS77cQYZZj8YiWapXZWrykJww
fHzLl8miemZwH4pMyuSlqNyKjihd8L2TcQe8D/k+CGXXAjXnhr1tmPnjMTxdVofw
iybiLJzfpUfnqdJ2VMVO49zfhCUm60j8ZdSKGYt4Vddj
-----END CERTIFICATE-----
Generated at Sun Apr 27 10:17:53 2025 by rpki-client