Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/5aa4dc-d184-4db4-9e10-49f981ee5981/1/_vBkmymdT-m6-O5_6JrTG8LFjQ0.roa
File: _vBkmymdT-m6-O5_6JrTG8LFjQ0.roa (raw, json)
Hash identifier: NZvH1VoSwf5Oe4cuM6LnItHV/pQH1dXqSQHZJs9y43c=
Subject key identifier: FE:F0:64:9B:29:9D:4F:E9:BA:F8:EE:7F:E8:9A:D3:1B:C2:C5:8D:0D
Certificate issuer: /CN=55baf26967510b3c52e46d1dc593967cdf29f9c9
Certificate serial: 0194EFD105C7B86C60C83B8B1A5F9EB86FF1
Authority key identifier: 55:BA:F2:69:67:51:0B:3C:52:E4:6D:1D:C5:93:96:7C:DF:29:F9:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VbryaWdRCzxS5G0dxZOWfN8p-ck.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/5aa4dc-d184-4db4-9e10-49f981ee5981/1/_vBkmymdT-m6-O5_6JrTG8LFjQ0.roa
Signing time: Mon 10 Feb 2025 12:24:00 +0000
ROA not before: Mon 10 Feb 2025 12:24:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 178.253.52.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 14:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ef:d1:05:c7:b8:6c:60:c8:3b:8b:1a:5f:9e:b8:6f:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=55baf26967510b3c52e46d1dc593967cdf29f9c9
Validity
Not Before: Feb 10 12:24:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fef0649b299d4fe9baf8ee7fe89ad31bc2c58d0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:49:34:46:8e:2f:61:b9:96:ee:b7:d0:43:f5:
63:8f:61:2a:49:62:76:86:f1:4e:be:bd:f9:d7:03:
c3:b6:f2:6d:1e:8d:01:3f:ce:68:9c:93:6e:bb:b7:
cd:e6:0c:9f:c6:ea:83:f2:a1:56:5b:d1:ba:53:6e:
79:79:64:85:b2:4a:2e:ad:76:9f:49:22:4b:6c:42:
a8:96:73:f4:d5:c2:f0:72:9b:8f:80:4c:14:2c:5d:
06:e0:e6:5f:b6:65:e8:e1:3f:5a:fd:44:e3:d0:f9:
bb:eb:53:0c:12:b9:10:cb:ee:0a:fd:5e:c0:55:c6:
b2:1b:5d:5e:eb:50:f5:39:3b:2d:65:82:65:01:48:
90:5e:a6:79:a3:2c:8b:5d:a0:6c:b9:ce:1b:70:84:
f4:c2:9c:ab:7e:80:bf:29:fd:a6:54:d3:4d:fb:95:
a2:cf:54:0d:3b:de:e2:a2:a8:0e:0e:5c:d6:de:75:
d5:08:3e:da:f0:52:4c:f9:af:06:19:12:f4:96:39:
a4:a4:f5:6a:40:42:72:9e:89:7d:e7:30:1c:36:7e:
44:d9:3d:72:c1:75:6a:df:80:92:82:10:de:2f:47:
9f:19:a7:95:d0:29:92:6f:22:4b:9c:bf:a6:42:cb:
72:21:ca:0a:04:ac:e1:60:bf:b0:45:22:dd:fd:9a:
e9:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:F0:64:9B:29:9D:4F:E9:BA:F8:EE:7F:E8:9A:D3:1B:C2:C5:8D:0D
X509v3 Authority Key Identifier:
keyid:55:BA:F2:69:67:51:0B:3C:52:E4:6D:1D:C5:93:96:7C:DF:29:F9:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VbryaWdRCzxS5G0dxZOWfN8p-ck.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/5aa4dc-d184-4db4-9e10-49f981ee5981/1/_vBkmymdT-m6-O5_6JrTG8LFjQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/5aa4dc-d184-4db4-9e10-49f981ee5981/1/VbryaWdRCzxS5G0dxZOWfN8p-ck.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.253.52.0/23
Signature Algorithm: sha256WithRSAEncryption
85:1b:4a:6d:30:c8:e7:e6:36:a3:5b:e4:f0:4e:5d:a3:be:c2:
f9:9b:13:29:90:1c:b8:66:88:d9:55:31:e2:aa:f2:2e:b7:56:
95:58:5c:50:9d:6d:8c:98:fe:f2:2e:8e:dd:8f:17:9f:16:aa:
4f:8e:4c:a0:2e:80:97:4e:d3:f1:56:da:91:01:97:62:fa:3d:
bf:8d:91:eb:dc:fb:e4:cf:8a:07:b2:c2:0b:a4:e7:dd:4a:1b:
dd:b1:ca:53:ec:64:c1:78:74:ec:f7:de:70:60:8d:b4:b2:1b:
07:7c:91:88:98:3b:51:fd:4f:fd:f4:65:06:27:c4:bb:27:c4:
55:91:f5:0f:7c:b3:90:d3:0b:9a:67:c1:98:df:93:c4:06:f9:
71:e6:b7:a9:f8:f1:1d:3a:fe:af:a7:8a:a0:ac:1f:e6:39:b8:
8f:4d:d5:00:0b:8d:c5:3d:fd:45:83:1c:08:be:83:b1:bf:16:
e6:1f:af:1c:d0:9f:8c:f4:4e:f4:6a:bf:fa:66:77:40:98:86:
b7:4b:97:e8:7a:1f:d0:fa:f0:c2:2d:44:ad:dd:ff:0e:f4:2c:
a0:42:90:ff:67:33:c5:c6:a8:5f:3e:51:ad:9b:5f:35:8c:8c:
68:08:9d:f8:4e:ea:65:23:ff:5d:c3:65:96:4d:67:7f:cb:bd:
c9:b3:e3:72
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZTv0QXHuGxgyDuLGl+euG/xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1YmFmMjY5Njc1MTBiM2M1MmU0NmQxZGM1OTM5NjdjZGYy
OWY5YzkwHhcNMjUwMjEwMTIyNDAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZWYwNjQ5YjI5OWQ0ZmU5YmFmOGVlN2ZlODlhZDMxYmMyYzU4ZDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArUk0Ro4vYbmW7rfQQ/Vjj2EqSWJ2
hvFOvr351wPDtvJtHo0BP85onJNuu7fN5gyfxuqD8qFWW9G6U255eWSFskourXaf
SSJLbEKolnP01cLwcpuPgEwULF0G4OZftmXo4T9a/UTj0Pm761MMErkQy+4K/V7A
VcayG11e61D1OTstZYJlAUiQXqZ5oyyLXaBsuc4bcIT0wpyrfoC/Kf2mVNNN+5Wi
z1QNO97ioqgODlzW3nXVCD7a8FJM+a8GGRL0ljmkpPVqQEJynol95zAcNn5E2T1y
wXVq34CSghDeL0efGaeV0CmSbyJLnL+mQstyIcoKBKzhYL+wRSLd/ZrpuwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP7wZJspnU/puvjuf+ia0xvCxY0NMB8GA1UdIwQY
MBaAFFW68mlnUQs8UuRtHcWTlnzfKfnJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVmJyeWFXZFJDenhTNUcwZHhaT1dmTjhwLWNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS81YWE0ZGMtZDE4NC00ZGI0LTllMTAt
NDlmOTgxZWU1OTgxLzEvX3ZCa215bWRULW02LU81XzZKclRHOExGalEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS81YWE0ZGMtZDE4NC00ZGI0LTllMTAtNDlmOTgxZWU1OTgx
LzEvVmJyeWFXZFJDenhTNUcwZHhaT1dmTjhwLWNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBsv00MA0G
CSqGSIb3DQEBCwUAA4IBAQCFG0ptMMjn5jajW+TwTl2jvsL5mxMpkBy4ZojZVTHi
qvIut1aVWFxQnW2MmP7yLo7djxefFqpPjkygLoCXTtPxVtqRAZdi+j2/jZHr3Pvk
z4oHssILpOfdShvdscpT7GTBeHTs995wYI20shsHfJGImDtR/U/99GUGJ8S7J8RV
kfUPfLOQ0wuaZ8GY35PEBvlx5rep+PEdOv6vp4qgrB/mObiPTdUAC43FPf1FgxwI
voOxvxbmH68c0J+M9E70ar/6ZndAmIa3S5foeh/Q+vDCLUSt3f8O9CygQpD/ZzPF
xqhfPlGtm181jIxoCJ34TuplI/9dw2WWTWd/y73Js+Ny
-----END CERTIFICATE-----
Generated at Mon Apr 28 13:43:28 2025 by rpki-client