Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/51f9a1-4368-4568-b029-dd22530e15a4/1/VvGjThsHR5PfwA04k0mkaKGATFo.roa
File: VvGjThsHR5PfwA04k0mkaKGATFo.roa (raw, json)
Hash identifier: +kJEbX3P11LegMFHtdBKC/fsl2EjYstoq8jeJsvN/kE=
Subject key identifier: 56:F1:A3:4E:1B:07:47:93:DF:C0:0D:38:93:49:A4:68:A1:80:4C:5A
Certificate issuer: /CN=3f230752f3ba0026fbb20c5e4c963b1129ac9d34
Certificate serial: 019416EBE86370B17DDE089409ED832C3D22
Authority key identifier: 3F:23:07:52:F3:BA:00:26:FB:B2:0C:5E:4C:96:3B:11:29:AC:9D:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PyMHUvO6ACb7sgxeTJY7ESmsnTQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/51f9a1-4368-4568-b029-dd22530e15a4/1/VvGjThsHR5PfwA04k0mkaKGATFo.roa
Signing time: Mon 30 Dec 2024 09:35:46 +0000
ROA not before: Mon 30 Dec 2024 09:35:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39305
IP address blocks: 89.40.176.0/22 maxlen: 22
94.24.24.0/22 maxlen: 22
94.24.30.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:49:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:16:eb:e8:63:70:b1:7d:de:08:94:09:ed:83:2c:3d:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3f230752f3ba0026fbb20c5e4c963b1129ac9d34
Validity
Not Before: Dec 30 09:35:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=56f1a34e1b074793dfc00d389349a468a1804c5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:c6:c1:5e:51:98:4a:75:e5:db:b7:47:53:72:
2c:99:51:50:12:c0:a1:e2:34:8d:e9:f1:b7:b7:17:
19:8a:df:16:27:0e:b9:9c:27:e9:70:52:e9:1e:be:
c2:ce:15:53:23:ea:16:8e:32:62:a6:f1:a5:c3:7c:
2f:dc:a1:ce:c7:00:dc:cf:d2:f5:6b:39:88:ea:af:
bd:f4:eb:33:39:1b:ca:3d:82:0a:9d:64:64:4f:64:
26:18:a0:8f:1f:dc:4b:a5:5b:cb:eb:c6:47:c7:8b:
70:6e:f2:c0:86:91:46:e6:8a:e5:f4:a8:0f:13:f4:
90:71:27:ac:b6:6e:61:40:69:d7:11:f8:cb:69:bf:
fd:0d:80:3d:af:4f:65:69:a7:f2:ab:0d:02:9c:2a:
67:46:27:27:01:9f:c6:29:2c:dd:63:b9:ba:b0:92:
24:6c:c6:fa:cd:47:a7:5e:d8:0e:c1:9d:f1:00:08:
4e:c4:22:1c:72:99:0d:92:e2:45:93:d0:7d:60:7f:
b3:d4:b7:b5:75:b8:a0:2d:8f:0f:6a:0d:f1:04:fc:
78:3d:18:6f:ca:cd:fe:5a:f8:94:71:87:a3:65:6d:
72:b7:8a:1e:e3:a3:6e:31:a2:25:c0:0b:0a:0d:8e:
9e:f8:6a:95:6f:7e:88:24:a4:5f:6d:36:fd:94:44:
12:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:F1:A3:4E:1B:07:47:93:DF:C0:0D:38:93:49:A4:68:A1:80:4C:5A
X509v3 Authority Key Identifier:
keyid:3F:23:07:52:F3:BA:00:26:FB:B2:0C:5E:4C:96:3B:11:29:AC:9D:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PyMHUvO6ACb7sgxeTJY7ESmsnTQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/51f9a1-4368-4568-b029-dd22530e15a4/1/VvGjThsHR5PfwA04k0mkaKGATFo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/51f9a1-4368-4568-b029-dd22530e15a4/1/PyMHUvO6ACb7sgxeTJY7ESmsnTQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.40.176.0/22
94.24.24.0/22
94.24.30.0/23
Signature Algorithm: sha256WithRSAEncryption
3b:72:d8:a1:7e:d3:dc:a8:53:ea:1e:af:2c:ef:28:53:fa:6c:
d6:79:f4:b0:25:55:31:4a:ec:ae:53:05:49:f8:da:14:42:15:
93:be:24:46:5d:c6:4f:41:14:b3:b9:d1:08:21:01:f1:f7:bb:
c2:e4:fc:e2:b3:ef:9b:ec:49:a3:68:c0:3d:b6:ed:0a:fe:f1:
cf:2c:d5:3c:ea:59:46:ac:1f:d6:22:37:59:b6:3c:09:41:50:
e3:35:5b:7a:f6:74:62:29:ab:d4:28:06:3f:8d:31:f7:f0:3e:
cc:3d:10:eb:44:e8:4b:95:8a:7c:a2:55:54:e3:4c:79:f0:c7:
47:28:a8:db:47:bb:45:19:94:d9:41:ad:12:4b:62:27:d2:b0:
a3:86:f9:35:b6:37:a3:e3:39:80:4f:36:7f:10:70:5c:93:82:
db:44:f3:0b:ac:e2:06:fa:3d:1e:40:ac:27:bd:f4:6b:63:41:
93:30:35:41:45:57:67:24:17:39:0c:3f:c4:7b:c2:ac:96:90:
ff:18:cf:d1:7d:ca:3b:94:14:0b:be:e7:e8:ab:4c:58:bd:b4:
57:2c:56:c8:af:83:ed:f4:99:34:b6:45:8e:b8:23:3f:51:d0:
8d:bd:7e:01:98:56:a7:f2:44:81:62:c1:7b:2d:a1:2f:5c:ea:
51:ce:40:0d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQW6+hjcLF93giUCe2DLD0iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmMjMwNzUyZjNiYTAwMjZmYmIyMGM1ZTRjOTYzYjExMjlh
YzlkMzQwHhcNMjQxMjMwMDkzNTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmYxYTM0ZTFiMDc0NzkzZGZjMDBkMzg5MzQ5YTQ2OGExODA0YzVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApcbBXlGYSnXl27dHU3IsmVFQEsCh
4jSN6fG3txcZit8WJw65nCfpcFLpHr7CzhVTI+oWjjJipvGlw3wv3KHOxwDcz9L1
azmI6q+99OszORvKPYIKnWRkT2QmGKCPH9xLpVvL68ZHx4twbvLAhpFG5orl9KgP
E/SQcSestm5hQGnXEfjLab/9DYA9r09laafyqw0CnCpnRicnAZ/GKSzdY7m6sJIk
bMb6zUenXtgOwZ3xAAhOxCIccpkNkuJFk9B9YH+z1Le1dbigLY8Pag3xBPx4PRhv
ys3+WviUcYejZW1yt4oe46NuMaIlwAsKDY6e+GqVb36IJKRfbTb9lEQSXwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFbxo04bB0eT38ANOJNJpGihgExaMB8GA1UdIwQY
MBaAFD8jB1LzugAm+7IMXkyWOxEprJ00MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHlNSFV2TzZBQ2I3c2d4ZVRKWTdFU21zblRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy81MWY5YTEtNDM2OC00NTY4LWIwMjkt
ZGQyMjUzMGUxNWE0LzEvVnZHalRoc0hSNVBmd0EwNGswbWthS0dBVEZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy81MWY5YTEtNDM2OC00NTY4LWIwMjktZGQyMjUzMGUxNWE0
LzEvUHlNSFV2TzZBQ2I3c2d4ZVRKWTdFU21zblRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCWSiwAwQC
XhgYAwQBXhgeMA0GCSqGSIb3DQEBCwUAA4IBAQA7ctihftPcqFPqHq8s7yhT+mzW
efSwJVUxSuyuUwVJ+NoUQhWTviRGXcZPQRSzudEIIQHx97vC5Pzis++b7EmjaMA9
tu0K/vHPLNU86llGrB/WIjdZtjwJQVDjNVt69nRiKavUKAY/jTH38D7MPRDrROhL
lYp8olVU40x58MdHKKjbR7tFGZTZQa0SS2In0rCjhvk1tjej4zmATzZ/EHBck4Lb
RPMLrOIG+j0eQKwnvfRrY0GTMDVBRVdnJBc5DD/Ee8KslpD/GM/Rfco7lBQLvufo
q0xYvbRXLFbIr4Pt9Jk0tkWOuCM/UdCNvX4BmFan8kSBYsF7LaEvXOpRzkAN
-----END CERTIFICATE-----
Generated at Fri May 2 14:02:34 2025 by rpki-client