Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/2ad34e-b1e5-4d8c-948e-0f4dbb890bd0/1/nZ3hesIiG1Wx76mGuKCRJWor96Y.roa
File: nZ3hesIiG1Wx76mGuKCRJWor96Y.roa (raw, json)
Hash identifier: saenYpfgFMBrYplF28CdswTOWiYZvCZnZwXQakKYP3A=
Subject key identifier: 9D:9D:E1:7A:C2:22:1B:55:B1:EF:A9:86:B8:A0:91:25:6A:2B:F7:A6
Certificate issuer: /CN=54b0bec8f58db0ce5b91f34505277e40bfd3ae11
Certificate serial: 0196EC60D2BCEADA33385E8214E31F82CB35
Authority key identifier: 54:B0:BE:C8:F5:8D:B0:CE:5B:91:F3:45:05:27:7E:40:BF:D3:AE:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VLC-yPWNsM5bkfNFBSd-QL_TrhE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/2ad34e-b1e5-4d8c-948e-0f4dbb890bd0/1/nZ3hesIiG1Wx76mGuKCRJWor96Y.roa
Signing time: Tue 20 May 2025 06:28:10 +0000
ROA not before: Tue 20 May 2025 06:28:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43708
IP address blocks: 95.85.192.0/18 maxlen: 18
95.85.192.0/19 maxlen: 19
Validation: Failed, certificate revoked on Thu 22 May 2025 08:20:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ec:60:d2:bc:ea:da:33:38:5e:82:14:e3:1f:82:cb:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54b0bec8f58db0ce5b91f34505277e40bfd3ae11
Validity
Not Before: May 20 06:28:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9d9de17ac2221b55b1efa986b8a091256a2bf7a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:1d:78:fe:48:0c:5e:13:38:91:47:a5:20:ad:
96:77:49:e3:89:6e:8c:c9:28:34:93:43:a0:f8:45:
95:9f:5a:3d:37:63:93:20:3f:c3:df:7a:ab:09:f3:
4a:27:bf:8c:70:cc:8f:94:71:dd:b4:ec:a3:cd:29:
d3:a0:15:e7:ef:60:4b:2b:43:e1:7b:89:4f:bf:d2:
fe:8e:d5:57:66:02:6b:bf:8b:38:08:91:fe:75:f3:
30:6a:d4:a2:2b:fc:7b:39:f5:17:a9:c6:14:24:0e:
80:df:d3:03:0f:c1:f0:8b:2f:45:54:79:f2:f8:fd:
a9:27:4f:34:72:c1:f1:e1:cc:96:be:86:66:d2:d9:
66:0c:6d:30:48:e3:ce:69:37:8c:2f:d6:84:9b:81:
00:a3:45:f0:81:fc:f1:e1:81:74:df:d8:38:f9:e5:
c3:10:ca:3f:31:db:c1:c1:b8:f2:ed:41:6b:72:bf:
03:0b:fc:72:96:80:ce:df:ef:08:24:ae:f8:ab:ad:
b6:be:9a:f0:70:c9:87:14:09:e2:a4:2c:ae:6e:8a:
d9:32:15:a2:c2:d2:5e:83:4f:3f:11:14:cb:f8:de:
bb:55:d2:e8:c1:be:fc:0e:2d:cd:6a:92:32:73:4f:
52:78:87:cc:24:dd:ff:93:41:da:56:4b:a2:96:cd:
4b:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:9D:E1:7A:C2:22:1B:55:B1:EF:A9:86:B8:A0:91:25:6A:2B:F7:A6
X509v3 Authority Key Identifier:
keyid:54:B0:BE:C8:F5:8D:B0:CE:5B:91:F3:45:05:27:7E:40:BF:D3:AE:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VLC-yPWNsM5bkfNFBSd-QL_TrhE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/2ad34e-b1e5-4d8c-948e-0f4dbb890bd0/1/nZ3hesIiG1Wx76mGuKCRJWor96Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/2ad34e-b1e5-4d8c-948e-0f4dbb890bd0/1/VLC-yPWNsM5bkfNFBSd-QL_TrhE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.85.192.0/18
Signature Algorithm: sha256WithRSAEncryption
57:57:00:14:4f:73:37:d1:c2:5b:20:55:48:f7:0c:c4:8e:70:
b4:2e:45:05:5f:b5:18:2e:6a:33:c8:bf:1b:6a:c7:4a:49:8f:
2e:1f:ae:ff:cc:04:5e:92:5b:fb:09:e6:ec:a3:82:17:d8:3e:
98:df:2d:47:e5:44:84:3e:81:a9:29:23:b9:12:8c:d5:2a:f5:
8c:e0:d0:a0:5e:4f:8b:cb:d1:83:67:f1:8e:db:23:35:57:d9:
9e:f9:32:e0:b6:6c:a5:15:3f:67:e3:3c:fb:a8:ed:61:d2:7c:
ac:94:9b:db:ca:18:92:f5:e3:e8:93:68:36:36:9f:95:12:31:
9d:c4:13:5b:5a:6c:19:44:5d:77:5b:30:0a:4b:9b:8d:16:5d:
e5:2f:81:a0:2b:b4:5c:e0:1a:2a:ed:c8:14:8c:65:d0:d9:7d:
3d:c4:9b:a6:48:d8:eb:21:6c:97:b4:37:a8:7e:59:0c:57:3a:
98:ae:49:ab:4f:df:15:fc:c9:96:c3:f8:77:a8:89:9c:67:df:
b4:28:f3:2a:a0:94:a3:f0:a7:ad:3c:fd:d9:4b:73:18:f6:bb:
69:02:bc:b4:71:19:0a:c4:48:1c:2c:84:d3:1a:17:23:4b:7c:
c0:8d:78:75:1c:1e:fd:bd:3b:1c:3d:d4:96:3b:4c:72:84:c1:
c6:22:3e:a9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZbsYNK86tozOF6CFOMfgss1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0YjBiZWM4ZjU4ZGIwY2U1YjkxZjM0NTA1Mjc3ZTQwYmZk
M2FlMTEwHhcNMjUwNTIwMDYyODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDlkZTE3YWMyMjIxYjU1YjFlZmE5ODZiOGEwOTEyNTZhMmJmN2E2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAth14/kgMXhM4kUelIK2Wd0njiW6M
ySg0k0Og+EWVn1o9N2OTID/D33qrCfNKJ7+McMyPlHHdtOyjzSnToBXn72BLK0Ph
e4lPv9L+jtVXZgJrv4s4CJH+dfMwatSiK/x7OfUXqcYUJA6A39MDD8Hwiy9FVHny
+P2pJ080csHx4cyWvoZm0tlmDG0wSOPOaTeML9aEm4EAo0Xwgfzx4YF039g4+eXD
EMo/MdvBwbjy7UFrcr8DC/xyloDO3+8IJK74q622vprwcMmHFAnipCyuborZMhWi
wtJeg08/ERTL+N67VdLowb78Di3NapIyc09SeIfMJN3/k0HaVkuils1LvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ2d4XrCIhtVse+phrigkSVqK/emMB8GA1UdIwQY
MBaAFFSwvsj1jbDOW5HzRQUnfkC/064RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkxDLXlQV05zTTVia2ZORkJTZC1RTF9UcmhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni8yYWQzNGUtYjFlNS00ZDhjLTk0OGUt
MGY0ZGJiODkwYmQwLzEvblozaGVzSWlHMVd4NzZtR3VLQ1JKV29yOTZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni8yYWQzNGUtYjFlNS00ZDhjLTk0OGUtMGY0ZGJiODkwYmQw
LzEvVkxDLXlQV05zTTVia2ZORkJTZC1RTF9UcmhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGX1XAMA0G
CSqGSIb3DQEBCwUAA4IBAQBXVwAUT3M30cJbIFVI9wzEjnC0LkUFX7UYLmozyL8b
asdKSY8uH67/zAReklv7Cebso4IX2D6Y3y1H5USEPoGpKSO5EozVKvWM4NCgXk+L
y9GDZ/GO2yM1V9me+TLgtmylFT9n4zz7qO1h0nyslJvbyhiS9ePok2g2Np+VEjGd
xBNbWmwZRF13WzAKS5uNFl3lL4GgK7Rc4Boq7cgUjGXQ2X09xJumSNjrIWyXtDeo
flkMVzqYrkmrT98V/MmWw/h3qImcZ9+0KPMqoJSj8KetPP3ZS3MY9rtpAry0cRkK
xEgcLITTGhcjS3zAjXh1HB79vTscPdSWO0xyhMHGIj6p
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:17:56 2025 by rpki-client