Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/vdnmIpmbdesk21srPTgy567F_mk.roa
File: vdnmIpmbdesk21srPTgy567F_mk.roa (raw, json)
Hash identifier: wwIGUlb9jzcd6tZiYVqxWr42n9ZmIqc7qHtdQR7V5zM=
Subject key identifier: BD:D9:E6:22:99:9B:75:EB:24:DB:5B:2B:3D:38:32:E7:AE:C5:FE:69
Certificate issuer: /CN=af801984cc38f0a4fc5afe1adeab680c1b89e95b
Certificate serial: 0196817462692BB0A90AC11AA29F1EC2831B
Authority key identifier: AF:80:19:84:CC:38:F0:A4:FC:5A:FE:1A:DE:AB:68:0C:1B:89:E9:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/vdnmIpmbdesk21srPTgy567F_mk.roa
Signing time: Tue 29 Apr 2025 12:10:10 +0000
ROA not before: Tue 29 Apr 2025 12:10:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5430
IP address blocks: 62.104.0.0/16 maxlen: 16
62.104.16.0/24 maxlen: 24
62.104.20.0/23 maxlen: 24
62.104.20.0/24 maxlen: 24
62.104.45.0/24 maxlen: 24
62.104.46.0/23 maxlen: 23
62.104.48.0/23 maxlen: 23
62.104.50.0/24 maxlen: 24
62.104.56.0/24 maxlen: 24
62.104.95.0/24 maxlen: 24
62.104.96.0/21 maxlen: 22
62.104.174.0/24 maxlen: 24
62.104.175.0/24 maxlen: 24
89.58.120.0/21 maxlen: 21
194.97.0.0/18 maxlen: 18
194.97.58.0/24 maxlen: 24
194.97.96.0/19 maxlen: 19
194.97.96.0/24 maxlen: 24
194.97.102.0/24 maxlen: 24
194.97.118.0/24 maxlen: 24
194.97.119.0/24 maxlen: 24
194.97.120.0/23 maxlen: 23
194.97.122.0/24 maxlen: 24
194.97.160.0/19 maxlen: 19
195.4.0.0/17 maxlen: 17
195.4.16.0/22 maxlen: 22
195.4.16.0/24 maxlen: 24
195.4.27.0/24 maxlen: 24
195.4.70.0/24 maxlen: 24
195.4.71.0/24 maxlen: 24
195.4.176.0/21 maxlen: 24
195.4.176.0/24 maxlen: 24
195.4.178.0/23 maxlen: 23
195.4.216.0/21 maxlen: 21
195.4.224.0/19 maxlen: 19
2001:748::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 30 Apr 2025 08:11:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:81:74:62:69:2b:b0:a9:0a:c1:1a:a2:9f:1e:c2:83:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af801984cc38f0a4fc5afe1adeab680c1b89e95b
Validity
Not Before: Apr 29 12:10:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bdd9e622999b75eb24db5b2b3d3832e7aec5fe69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:63:cd:8a:fe:39:4f:6d:4a:c7:1a:98:47:37:
95:f6:25:8e:a9:9f:d4:d4:7f:1f:5f:0b:8e:23:fa:
32:7b:20:50:1d:e1:95:aa:fd:8a:d4:0a:35:b3:f4:
77:1a:bf:58:56:d1:e1:eb:9c:9a:96:c9:01:d1:eb:
9b:1a:fa:be:9b:5d:dc:16:83:cd:83:95:27:8f:8d:
72:dc:1c:ca:5c:e7:8f:48:74:1d:d2:5b:56:6e:c6:
2c:51:a5:4a:73:1d:f5:bf:63:d8:0c:81:01:15:f9:
51:bf:fe:a8:c4:09:1e:1f:42:19:50:a6:c3:32:8d:
5e:17:cc:a7:25:10:bf:44:f9:57:96:3d:bf:83:1f:
2f:e6:86:52:15:2c:90:07:3c:c5:44:af:d4:91:dd:
b1:10:3c:09:e6:8e:16:11:38:3c:95:e4:be:d5:71:
58:c2:36:ff:38:ff:2e:2b:a7:8b:14:8e:1d:66:c9:
c8:0a:4d:63:6b:f9:b3:69:cd:14:af:d2:31:e3:94:
d4:25:3e:d7:f1:f6:d6:3c:ba:c7:3b:bd:6d:36:66:
85:82:3f:ea:88:23:56:42:c4:c3:99:1c:62:d5:4f:
06:32:bd:a9:5e:99:56:34:47:08:04:88:f6:d5:3e:
2b:31:23:dc:05:9b:ff:c4:a3:56:f8:81:08:5b:71:
95:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:D9:E6:22:99:9B:75:EB:24:DB:5B:2B:3D:38:32:E7:AE:C5:FE:69
X509v3 Authority Key Identifier:
keyid:AF:80:19:84:CC:38:F0:A4:FC:5A:FE:1A:DE:AB:68:0C:1B:89:E9:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/vdnmIpmbdesk21srPTgy567F_mk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.104.0.0/16
89.58.120.0/21
194.97.0.0/18
194.97.96.0/19
194.97.160.0/19
195.4.0.0/17
195.4.176.0/21
195.4.216.0-195.4.255.255
IPv6:
2001:748::/32
Signature Algorithm: sha256WithRSAEncryption
59:34:34:48:1c:b7:67:5f:f8:7c:15:51:3b:a5:80:df:c9:de:
7d:7b:c3:c2:bc:97:81:b7:04:e0:42:40:6c:04:38:9d:df:61:
a1:9b:54:c2:f0:67:83:d0:1e:da:de:b0:e0:ef:7f:6d:4c:da:
f8:d0:a7:5a:f2:88:42:25:73:91:c1:4d:67:56:ef:8f:f4:e3:
dc:5e:26:fb:46:42:85:52:7f:b2:82:82:16:88:81:9f:11:34:
43:b9:76:c1:3a:95:e4:07:2a:bd:41:75:f1:38:90:4a:cd:7a:
b6:ec:e9:3f:e6:fb:da:fa:ac:05:1b:d4:a6:7a:2d:92:cb:4d:
81:c6:f5:c3:95:5e:0e:6d:fd:e5:ab:31:6d:3f:a7:fa:d8:f0:
ac:17:85:e7:ba:ce:5a:fb:b0:31:9b:bd:ad:97:f2:f6:95:41:
a9:b1:bb:81:aa:a8:72:90:fe:c0:63:d7:e1:e4:30:2c:ee:a4:
c3:2c:f5:a0:af:aa:c5:c7:ce:d3:47:52:95:ff:d2:ad:fa:32:
d3:2d:0f:b9:d8:2a:58:e5:d2:0d:10:57:fb:c0:0c:0f:32:c9:
2a:62:8f:20:3c:f1:28:90:69:82:0e:80:1d:f5:25:0d:32:25:
be:3f:64:a4:32:f9:25:83:10:28:ef:a9:33:99:51:b5:60:ca:
67:7c:83:98
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAZaBdGJpK7CpCsEaop8ewoMbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmODAxOTg0Y2MzOGYwYTRmYzVhZmUxYWRlYWI2ODBjMWI4
OWU5NWIwHhcNMjUwNDI5MTIxMDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGQ5ZTYyMjk5OWI3NWViMjRkYjViMmIzZDM4MzJlN2FlYzVmZTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz2PNiv45T21KxxqYRzeV9iWOqZ/U
1H8fXwuOI/oyeyBQHeGVqv2K1Ao1s/R3Gr9YVtHh65yalskB0eubGvq+m13cFoPN
g5Unj41y3BzKXOePSHQd0ltWbsYsUaVKcx31v2PYDIEBFflRv/6oxAkeH0IZUKbD
Mo1eF8ynJRC/RPlXlj2/gx8v5oZSFSyQBzzFRK/Ukd2xEDwJ5o4WETg8leS+1XFY
wjb/OP8uK6eLFI4dZsnICk1ja/mzac0Ur9Ix45TUJT7X8fbWPLrHO71tNmaFgj/q
iCNWQsTDmRxi1U8GMr2pXplWNEcIBIj21T4rMSPcBZv/xKNW+IEIW3GViQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFL3Z5iKZm3XrJNtbKz04Mueuxf5pMB8GA1UdIwQY
MBaAFK+AGYTMOPCk/Fr+Gt6raAwbielbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjRBWmhNdzQ4S1Q4V3Y0YTNxdG9EQnVKNlZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9iZmQzN2MtY2IxMi00YTljLThmNWQt
NDAyMTI2NWMzOWIwLzEvdmRubUlwbWJkZXNrMjFzclBUZ3k1NjdGX21rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9iZmQzN2MtY2IxMi00YTljLThmNWQtNDAyMTI2NWMzOWIw
LzEvcjRBWmhNdzQ4S1Q4V3Y0YTNxdG9EQnVKNlZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwMAPmgDBANZ
OngDBAbCYQADBAXCYWADBAXCYaADBAfDBAADBAPDBLAwCwMEA8ME2AMDAMMEMA0E
AgACMAcDBQAgAQdIMA0GCSqGSIb3DQEBCwUAA4IBAQBZNDRIHLdnX/h8FVE7pYDf
yd59e8PCvJeBtwTgQkBsBDid32Ghm1TC8GeD0B7a3rDg739tTNr40Kda8ohCJXOR
wU1nVu+P9OPcXib7RkKFUn+ygoIWiIGfETRDuXbBOpXkByq9QXXxOJBKzXq27Ok/
5vva+qwFG9Smei2Sy02BxvXDlV4Obf3lqzFtP6f62PCsF4Xnus5a+7Axm72tl/L2
lUGpsbuBqqhykP7AY9fh5DAs7qTDLPWgr6rFx87TR1KV/9Kt+jLTLQ+52CpY5dIN
EFf7wAwPMskqYo8gPPEokGmCDoAd9SUNMiW+P2SkMvklgxAo76kzmVG1YMpnfIOY
-----END CERTIFICATE-----
Generated at Sun Jun 15 01:56:23 2025 by rpki-client