Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/vmuswTBJJppmC-hgaZWntfCxXUA.roa
File: vmuswTBJJppmC-hgaZWntfCxXUA.roa (raw, json)
Hash identifier: 0Y/HOlMlq0mjjcS9kzZLyg/N/PYA/gzJaPy1xkcjcXY=
Subject key identifier: BE:6B:AC:C1:30:49:26:9A:66:0B:E8:60:69:95:A7:B5:F0:B1:5D:40
Certificate issuer: /CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b
Certificate serial: 0197551B3CAF6FA7BCEB0BE3F1AB9FFD798F
Authority key identifier: 7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/vmuswTBJJppmC-hgaZWntfCxXUA.roa
Signing time: Mon 09 Jun 2025 14:32:17 +0000
ROA not before: Mon 09 Jun 2025 14:32:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207350
IP address blocks: 45.159.148.0/24 maxlen: 24
195.254.165.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 15 Jun 2025 04:16:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:55:1b:3c:af:6f:a7:bc:eb:0b:e3:f1:ab:9f:fd:79:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b
Validity
Not Before: Jun 9 14:32:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=be6bacc13049269a660be8606995a7b5f0b15d40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:53:b1:36:12:e4:5a:ef:08:86:21:f1:2b:93:
da:47:6f:b9:33:07:31:00:4b:c6:b2:7f:f5:f1:eb:
f6:ac:9f:61:77:8b:95:5b:b6:70:8f:b3:f6:8f:64:
a8:3b:ef:7a:4c:13:4a:fd:07:fe:33:de:9e:fb:e9:
d4:22:3e:2f:a9:1e:12:e3:01:2d:c8:55:d3:d1:f5:
3d:f2:f9:d7:bd:b4:fc:8d:f3:ab:1b:69:4a:ff:6a:
4a:4b:89:84:5c:1a:c6:35:99:3f:5c:f4:7d:37:76:
c7:00:d0:48:6f:5e:94:f6:f5:6c:23:9b:dd:4e:6e:
3b:93:ee:9a:b0:58:18:df:24:ab:62:1a:c5:f5:fc:
9a:ea:dc:6c:f9:2c:05:46:21:32:5d:e8:ec:5b:c8:
ed:06:8d:4c:cd:40:29:f2:31:9a:23:df:32:f4:ed:
6d:97:1d:c8:5c:47:0d:b6:14:9a:13:7c:99:ad:98:
3b:ef:89:fd:34:d2:db:8c:ec:58:72:28:51:e3:b2:
de:17:e4:86:c6:37:18:92:19:ad:c6:74:0f:6f:1b:
1e:e4:dd:33:5d:99:4d:c2:d4:f9:4c:25:31:ed:6d:
40:a3:84:40:ce:2c:97:da:df:2e:53:df:90:2d:bb:
47:6f:49:d0:7e:20:89:13:89:cd:bf:d2:e3:37:75:
d9:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:6B:AC:C1:30:49:26:9A:66:0B:E8:60:69:95:A7:B5:F0:B1:5D:40
X509v3 Authority Key Identifier:
keyid:7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/vmuswTBJJppmC-hgaZWntfCxXUA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.148.0/24
195.254.165.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:62:00:f5:67:85:c3:9f:58:86:6b:bc:c3:3f:c5:9e:f0:b2:
e9:0a:cc:b9:99:81:e1:f4:d8:21:0c:76:35:3a:ec:fe:4b:d2:
c0:62:3f:57:8d:e2:db:a9:8b:7c:da:00:38:2e:41:cf:6c:fc:
ab:71:b5:a5:ea:9f:81:ad:14:37:47:ea:ba:5e:1f:e9:9c:eb:
8a:60:ba:33:a9:37:93:1d:a8:88:4d:43:2d:c1:6e:db:a2:17:
23:35:5b:8e:ac:12:58:ec:a6:bd:9c:c0:fd:11:8a:6c:9b:64:
89:bd:3a:dc:04:78:d7:74:06:5f:46:7b:14:f1:b9:b4:bb:ee:
ba:bd:8e:bc:fb:33:85:43:c6:0f:06:d9:b0:d0:a0:ba:d4:ef:
16:31:5c:74:13:17:35:3c:0c:45:9d:61:29:3c:d7:ae:81:15:
5f:95:bd:55:be:fb:c6:ad:85:1e:0c:ed:4b:11:6a:2d:52:b4:
78:39:d4:cf:fd:62:2e:83:eb:9c:1f:85:cb:11:88:0e:30:ae:
f5:00:27:2b:7f:70:97:c5:1f:82:eb:d8:7c:da:9c:82:ee:e2:
48:5c:8b:f0:d7:28:9b:b3:bf:22:12:e9:33:cf:71:c1:16:04:
b6:de:30:e8:0a:40:83:c6:cc:19:46:5c:66:d6:5e:9b:4c:33:
26:f0:d1:d4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZdVGzyvb6e86wvj8auf/XmPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjM2QwMjJhMjQwY2U3MWUwYTZlMWU5YWFlMDExMmRhODQw
Y2MzNGIwHhcNMjUwNjA5MTQzMjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTZiYWNjMTMwNDkyNjlhNjYwYmU4NjA2OTk1YTdiNWYwYjE1ZDQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu1OxNhLkWu8IhiHxK5PaR2+5Mwcx
AEvGsn/18ev2rJ9hd4uVW7Zwj7P2j2SoO+96TBNK/Qf+M96e++nUIj4vqR4S4wEt
yFXT0fU98vnXvbT8jfOrG2lK/2pKS4mEXBrGNZk/XPR9N3bHANBIb16U9vVsI5vd
Tm47k+6asFgY3ySrYhrF9fya6txs+SwFRiEyXejsW8jtBo1MzUAp8jGaI98y9O1t
lx3IXEcNthSaE3yZrZg774n9NNLbjOxYcihR47LeF+SGxjcYkhmtxnQPbxse5N0z
XZlNwtT5TCUx7W1Ao4RAziyX2t8uU9+QLbtHb0nQfiCJE4nNv9LjN3XZdwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFL5rrMEwSSaaZgvoYGmVp7XwsV1AMB8GA1UdIwQY
MBaAFHw9AiokDOceCm4emq4BEtqEDMNLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYt
MDk0ODk4OWU2ZDU1LzEvdm11c3dUQkpKcHBtQy1oZ2FaV250ZkN4WFVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYtMDk0ODk4OWU2ZDU1
LzEvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZ+UAwQA
w/6lMA0GCSqGSIb3DQEBCwUAA4IBAQB9YgD1Z4XDn1iGa7zDP8We8LLpCsy5mYHh
9NghDHY1Ouz+S9LAYj9XjeLbqYt82gA4LkHPbPyrcbWl6p+BrRQ3R+q6Xh/pnOuK
YLozqTeTHaiITUMtwW7bohcjNVuOrBJY7Ka9nMD9EYpsm2SJvTrcBHjXdAZfRnsU
8bm0u+66vY68+zOFQ8YPBtmw0KC61O8WMVx0Exc1PAxFnWEpPNeugRVflb1VvvvG
rYUeDO1LEWotUrR4OdTP/WIug+ucH4XLEYgOMK71ACcrf3CXxR+C69h82pyC7uJI
XIvw1yibs78iEukzz3HBFgS23jDoCkCDxswZRlxm1l6bTDMm8NHU
-----END CERTIFICATE-----
Generated at Sun Jun 15 11:45:52 2025 by rpki-client