Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/vgqfDUIys_x1JmwDZFwSMA2B2zM.roa
File: vgqfDUIys_x1JmwDZFwSMA2B2zM.roa (raw, json)
Hash identifier: nTlHykrmhKmUNdB/mL6doJ/ImJ8l/I+PNfJwsYsqYzc=
Subject key identifier: BE:0A:9F:0D:42:32:B3:FC:75:26:6C:03:64:5C:12:30:0D:81:DB:33
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 019652D67C9D695F7B55F8249625015C94C3
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/vgqfDUIys_x1JmwDZFwSMA2B2zM.roa
Signing time: Sun 20 Apr 2025 10:55:10 +0000
ROA not before: Sun 20 Apr 2025 10:55:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 63023
IP address blocks: 85.133.236.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 22 Apr 2025 12:46:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:52:d6:7c:9d:69:5f:7b:55:f8:24:96:25:01:5c:94:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Apr 20 10:55:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=be0a9f0d4232b3fc75266c03645c12300d81db33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:5f:37:0a:b3:62:70:48:c2:d7:7e:de:54:50:
4d:96:8d:1c:12:14:8f:a9:85:69:a6:77:da:7f:26:
07:f5:a4:26:be:1c:06:85:aa:c2:ab:b6:2f:01:3b:
8a:1c:7b:e6:1e:27:e1:88:b8:30:b6:82:07:68:d9:
e8:75:6d:32:fc:71:de:80:d0:70:eb:c1:bb:1c:80:
a9:c8:c1:a5:65:4f:47:4f:87:a2:52:c3:10:32:56:
94:99:7f:20:07:56:34:b5:c0:5b:ee:95:8b:44:8e:
ab:1c:69:12:8e:88:df:4f:65:a0:0b:e6:1a:38:2a:
e7:b4:d2:1a:84:31:2a:c4:31:c3:64:ed:47:f5:b0:
0b:47:8a:24:26:f0:da:4b:37:3d:67:82:4f:7f:cf:
6a:b0:b7:52:c6:0c:c5:0d:32:fd:39:8d:e9:6e:95:
7c:d2:45:ef:32:ba:5f:f0:7c:d6:d8:93:3b:05:f7:
36:78:35:46:2a:bc:20:2f:30:c1:28:b6:5e:3d:b3:
98:0e:2b:3a:f0:7f:84:19:c3:bf:b2:4c:ce:e4:80:
41:39:05:e7:5d:55:fa:a6:72:3d:9e:b1:e7:d2:a2:
30:59:88:f3:96:80:a4:f4:b5:86:c6:0e:1e:6f:14:
0b:1c:76:86:72:af:b3:4d:32:5a:58:d6:bb:3b:65:
f8:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:0A:9F:0D:42:32:B3:FC:75:26:6C:03:64:5C:12:30:0D:81:DB:33
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/vgqfDUIys_x1JmwDZFwSMA2B2zM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.236.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:c2:8b:77:b0:bd:14:8c:3d:b4:e7:2f:24:19:45:fe:0f:f6:
14:45:7f:a7:39:ab:b9:2e:83:71:9f:17:39:b8:de:f6:85:dc:
64:bb:3e:84:57:56:74:0f:39:59:1e:4d:f1:8e:b2:c4:6b:cb:
4d:1d:c0:c3:ba:b8:2f:42:84:58:0f:08:b5:be:67:6d:20:f5:
19:2b:1c:c5:81:e6:74:89:bc:e4:85:f8:83:e1:31:b9:94:e9:
8f:09:9f:df:de:7e:bb:c3:27:be:09:44:ae:02:b4:6a:20:45:
a8:44:0c:30:b3:17:d1:15:eb:a2:e7:d1:e2:ab:25:ac:4c:f3:
92:81:7d:4a:69:d3:87:f3:93:99:33:20:05:d6:6e:07:ec:c4:
e4:dd:03:3c:0b:45:bd:0e:15:cd:2c:e0:70:7d:73:56:09:5d:
c3:e1:8a:c0:39:20:0f:e8:23:b5:34:02:90:7f:9f:99:5c:17:
a4:3c:9d:0b:94:e3:02:18:50:16:fd:25:3b:ee:79:29:7d:da:
e6:87:20:9c:60:ff:78:16:e5:a0:f5:b8:e3:8f:ff:51:9d:5f:
a4:67:0e:38:65:82:77:ca:b1:63:a1:8d:19:e4:3a:0f:cf:73:
6c:d8:3a:ba:5d:c5:31:8e:e5:f4:c8:0d:cb:89:8d:98:ae:b9:
32:fd:e4:89
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZZS1nydaV97VfgkliUBXJTDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjUwNDIwMTA1NTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTBhOWYwZDQyMzJiM2ZjNzUyNjZjMDM2NDVjMTIzMDBkODFkYjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsF83CrNicEjC137eVFBNlo0cEhSP
qYVppnfafyYH9aQmvhwGharCq7YvATuKHHvmHifhiLgwtoIHaNnodW0y/HHegNBw
68G7HICpyMGlZU9HT4eiUsMQMlaUmX8gB1Y0tcBb7pWLRI6rHGkSjojfT2WgC+Ya
OCrntNIahDEqxDHDZO1H9bALR4okJvDaSzc9Z4JPf89qsLdSxgzFDTL9OY3pbpV8
0kXvMrpf8HzW2JM7Bfc2eDVGKrwgLzDBKLZePbOYDis68H+EGcO/skzO5IBBOQXn
XVX6pnI9nrHn0qIwWYjzloCk9LWGxg4ebxQLHHaGcq+zTTJaWNa7O2X4mQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL4Knw1CMrP8dSZsA2RcEjANgdszMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvdmdxZkRVSXlzX3gxSm13RFpGd1NNQTJCMnpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVYXsMA0G
CSqGSIb3DQEBCwUAA4IBAQB7wot3sL0UjD205y8kGUX+D/YURX+nOau5LoNxnxc5
uN72hdxkuz6EV1Z0DzlZHk3xjrLEa8tNHcDDurgvQoRYDwi1vmdtIPUZKxzFgeZ0
ibzkhfiD4TG5lOmPCZ/f3n67wye+CUSuArRqIEWoRAwwsxfRFeui59HiqyWsTPOS
gX1KadOH85OZMyAF1m4H7MTk3QM8C0W9DhXNLOBwfXNWCV3D4YrAOSAP6CO1NAKQ
f5+ZXBekPJ0LlOMCGFAW/SU77nkpfdrmhyCcYP94FuWg9bjjj/9RnV+kZw44ZYJ3
yrFjoY0Z5DoPz3Ns2Dq6XcUxjuX0yA3LiY2Yrrky/eSJ
-----END CERTIFICATE-----
Generated at Tue Apr 29 12:18:46 2025 by rpki-client