Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/VBPgCA3glErs4u8B_zNcwrhyLlI.roa
File: VBPgCA3glErs4u8B_zNcwrhyLlI.roa (raw, json)
Hash identifier: R8IYCn0FeYj8SYvK2RkVZdAzFriC0R1feJBjcu8iZxE=
Subject key identifier: 54:13:E0:08:0D:E0:94:4A:EC:E2:EF:01:FF:33:5C:C2:B8:72:2E:52
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0194E0ABC42826DDED850024B9B66A87F45F
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/VBPgCA3glErs4u8B_zNcwrhyLlI.roa
Signing time: Fri 07 Feb 2025 13:49:00 +0000
ROA not before: Fri 07 Feb 2025 13:49:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 84.32.7.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.20.0/22 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.47.0/24 maxlen: 24
84.32.64.0/24 maxlen: 24
84.32.148.0/23 maxlen: 24
84.32.150.0/23 maxlen: 24
84.32.174.0/23 maxlen: 24
84.32.214.0/23 maxlen: 24
84.32.244.0/23 maxlen: 24
84.32.246.0/23 maxlen: 24
88.216.22.0/23 maxlen: 24
88.216.34.0/24 maxlen: 24
88.216.44.0/24 maxlen: 24
88.216.45.0/24 maxlen: 24
88.216.66.0/23 maxlen: 24
88.216.93.0/24 maxlen: 24
88.216.130.0/23 maxlen: 24
88.216.134.0/23 maxlen: 24
88.216.220.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 13 Feb 2025 18:37:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:e0:ab:c4:28:26:dd:ed:85:00:24:b9:b6:6a:87:f4:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Feb 7 13:49:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5413e0080de0944aece2ef01ff335cc2b8722e52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:bb:ea:ba:39:6b:b2:d6:df:14:76:7e:66:86:
21:70:d5:9c:d1:ad:b2:94:91:13:93:7a:49:9c:48:
da:d8:04:99:ad:f5:8a:f0:d9:a1:8b:88:33:02:5b:
b4:83:c2:81:2e:6c:6e:26:dc:de:fd:be:87:60:48:
25:9e:5b:b7:e0:2a:83:6c:53:31:94:ac:c4:26:f7:
ab:f8:d0:d5:b1:02:96:13:af:47:3a:95:ea:53:48:
a3:3b:1a:28:d5:be:0a:f1:ac:46:0a:b7:19:fe:5b:
92:36:c7:32:cf:b4:1f:45:30:85:fc:c8:57:5d:78:
d2:96:33:c5:66:d5:ff:1c:1a:e2:ce:5a:0b:9c:64:
e7:22:c9:7b:5d:0c:46:80:27:1b:8f:96:b7:54:0d:
cc:0c:c9:95:5c:39:66:9e:94:8c:c6:a5:95:0a:eb:
b3:da:9a:c8:fd:99:c2:f0:0e:ad:75:f1:92:55:a3:
17:62:d5:c3:6a:bd:5c:7c:fd:21:14:b0:18:36:e4:
9f:42:ee:30:e1:c9:63:d0:b0:96:9f:55:3f:91:e0:
c2:c5:b4:90:1d:05:41:d6:d4:30:f0:53:80:00:f0:
e7:b1:26:25:2c:93:8a:f8:99:ac:70:d9:f7:d1:d8:
a7:3f:c4:6f:52:63:52:0b:62:c5:b7:6c:ac:a2:0c:
16:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:13:E0:08:0D:E0:94:4A:EC:E2:EF:01:FF:33:5C:C2:B8:72:2E:52
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/VBPgCA3glErs4u8B_zNcwrhyLlI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.7.0-84.32.8.255
84.32.20.0/22
84.32.46.0/23
84.32.64.0/24
84.32.148.0/22
84.32.174.0/23
84.32.214.0/23
84.32.244.0/22
88.216.22.0/23
88.216.34.0/24
88.216.44.0/23
88.216.66.0/23
88.216.93.0/24
88.216.130.0/23
88.216.134.0/23
88.216.220.0/24
Signature Algorithm: sha256WithRSAEncryption
53:f9:80:36:87:c7:36:d1:e2:79:82:32:48:56:3b:28:2b:6f:
e4:43:97:a1:79:a3:88:9c:ad:60:82:7e:19:e5:e3:bd:5a:2c:
c3:4d:2a:26:50:a3:46:ae:21:d2:63:92:be:48:b4:86:7e:0e:
33:2c:f2:fd:a0:fb:c6:e0:52:7d:97:67:62:7f:46:16:ce:dc:
73:44:55:1f:74:7a:3a:fb:9f:3d:11:88:99:07:58:9c:33:03:
ed:9b:56:ca:37:1f:fe:79:9a:b1:65:44:b9:be:4a:a7:5a:dd:
82:d2:37:6b:57:2d:bd:20:9a:85:e5:dc:88:b6:8f:1a:06:2b:
9b:5d:f2:01:d3:51:4f:cf:80:10:4b:39:db:c2:3f:95:cf:04:
bd:ec:a2:eb:25:18:0d:b1:bb:4e:51:3d:c5:18:6d:8b:a9:5c:
3f:76:b9:db:e8:31:a8:9c:40:6c:2f:49:f9:51:a9:b4:54:48:
ca:b9:a6:f8:f1:da:c4:7b:33:39:fb:33:69:d8:8a:5b:7b:39:
ea:ef:2c:a2:ab:5e:e8:fe:59:23:79:22:57:e3:4f:44:86:3c:
5c:54:ee:f9:ae:e4:01:f4:8d:5b:af:29:98:f2:2c:d3:1c:cd:
3c:57:39:e8:06:99:5a:12:50:b0:44:22:b3:2b:95:bf:73:73:
f9:cf:86:5e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgISAZTgq8QoJt3thQAkubZqh/RfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjUwMjA3MTM0OTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDEzZTAwODBkZTA5NDRhZWNlMmVmMDFmZjMzNWNjMmI4NzIyZTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp7vqujlrstbfFHZ+ZoYhcNWc0a2y
lJETk3pJnEja2ASZrfWK8Nmhi4gzAlu0g8KBLmxuJtze/b6HYEglnlu34CqDbFMx
lKzEJver+NDVsQKWE69HOpXqU0ijOxoo1b4K8axGCrcZ/luSNscyz7QfRTCF/MhX
XXjSljPFZtX/HBrizloLnGTnIsl7XQxGgCcbj5a3VA3MDMmVXDlmnpSMxqWVCuuz
2prI/ZnC8A6tdfGSVaMXYtXDar1cfP0hFLAYNuSfQu4w4clj0LCWn1U/keDCxbSQ
HQVB1tQw8FOAAPDnsSYlLJOK+JmscNn30dinP8RvUmNSC2LFt2ysogwWKQIDAQAB
o4ICbDCCAmgwHQYDVR0OBBYEFFQT4AgN4JRK7OLvAf8zXMK4ci5SMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvVkJQZ0NBM2dsRXJzNHU4Ql96TmN3cmh5TGxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwbgQCAAEwaDAMAwQAVCAH
AwQAVCAIAwQCVCAUAwQBVCAuAwQAVCBAAwQCVCCUAwQBVCCuAwQBVCDWAwQCVCD0
AwQBWNgWAwQAWNgiAwQBWNgsAwQBWNhCAwQAWNhdAwQBWNiCAwQBWNiGAwQAWNjc
MA0GCSqGSIb3DQEBCwUAA4IBAQBT+YA2h8c20eJ5gjJIVjsoK2/kQ5eheaOInK1g
gn4Z5eO9WizDTSomUKNGriHSY5K+SLSGfg4zLPL9oPvG4FJ9l2dif0YWztxzRFUf
dHo6+589EYiZB1icMwPtm1bKNx/+eZqxZUS5vkqnWt2C0jdrVy29IJqF5dyIto8a
BiubXfIB01FPz4AQSznbwj+VzwS97KLrJRgNsbtOUT3FGG2LqVw/drnb6DGonEBs
L0n5Uam0VEjKuab48drEezM5+zNp2Ipbeznq7yyiq17o/lkjeSJX409EhjxcVO75
ruQB9I1brymY8izTHM08VznoBplaElCwRCKzK5W/c3P5z4Ze
-----END CERTIFICATE-----
Generated at Sun Jun 15 03:52:38 2025 by rpki-client