Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/60b472-dada-42e6-9f34-24bf30eddbe1/1/VCLIhcipjdxzLRzN1cAu3rKmvCs.roa
File: VCLIhcipjdxzLRzN1cAu3rKmvCs.roa (raw, json)
Hash identifier: f4vzjTJHrOplVGCAUawVpUo9j6clP8RkSIIep4xdi5c=
Subject key identifier: 54:22:C8:85:C8:A9:8D:DC:73:2D:1C:CD:D5:C0:2E:DE:B2:A6:BC:2B
Certificate issuer: /CN=a928da8a616cbac4c942746693a161e498c462cf
Certificate serial: 019687AE512BB6254783BC663CD5725BB836
Authority key identifier: A9:28:DA:8A:61:6C:BA:C4:C9:42:74:66:93:A1:61:E4:98:C4:62:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qSjaimFsusTJQnRmk6Fh5JjEYs8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/60b472-dada-42e6-9f34-24bf30eddbe1/1/VCLIhcipjdxzLRzN1cAu3rKmvCs.roa
Signing time: Wed 30 Apr 2025 17:11:10 +0000
ROA not before: Wed 30 Apr 2025 17:11:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8902
IP address blocks: 31.25.160.0/21 maxlen: 21
194.105.160.0/19 maxlen: 19
2a00:1670::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 30 Apr 2025 17:24:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:87:ae:51:2b:b6:25:47:83:bc:66:3c:d5:72:5b:b8:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a928da8a616cbac4c942746693a161e498c462cf
Validity
Not Before: Apr 30 17:11:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5422c885c8a98ddc732d1ccdd5c02edeb2a6bc2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:8c:d1:a9:41:d0:5a:26:3b:61:d5:c2:fa:01:
40:79:6f:bd:83:37:94:4e:5a:d1:c3:74:2f:0c:45:
19:ba:16:35:a0:48:af:da:11:38:41:20:d0:46:64:
fb:8e:dc:41:b7:19:71:9d:c0:46:91:55:2a:43:62:
94:77:35:f8:a6:b1:81:b6:a8:a1:cb:85:1d:13:9a:
89:bc:8f:ef:10:0e:fb:cd:4b:27:c7:ae:f9:d8:e1:
91:43:3d:8a:77:ea:84:3e:8d:6b:7a:e9:d8:0a:92:
5e:f2:9d:1d:e8:84:cc:9b:87:e4:30:f4:b1:96:4f:
94:3c:7f:a6:c6:82:38:5d:bc:e9:0c:04:ee:9b:a0:
44:71:3e:9d:d2:0a:20:66:4d:80:47:b7:a8:91:cc:
73:64:34:50:b5:c0:d5:dc:1f:13:8c:16:76:30:a6:
0b:84:61:16:58:83:3d:00:07:16:b8:76:ab:10:4e:
28:96:d6:3c:64:6f:58:51:10:cc:f9:54:93:c7:e4:
af:2c:c6:6f:bb:40:f2:2e:1b:96:7e:3b:05:86:36:
96:4e:16:8b:e1:b2:0f:70:c2:45:87:13:87:39:08:
ce:2b:76:5a:a9:95:a0:05:a2:6b:34:1f:43:75:6c:
aa:9d:42:3a:24:cd:56:1d:3b:bb:fb:4f:18:b3:ca:
a2:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:22:C8:85:C8:A9:8D:DC:73:2D:1C:CD:D5:C0:2E:DE:B2:A6:BC:2B
X509v3 Authority Key Identifier:
keyid:A9:28:DA:8A:61:6C:BA:C4:C9:42:74:66:93:A1:61:E4:98:C4:62:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qSjaimFsusTJQnRmk6Fh5JjEYs8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/60b472-dada-42e6-9f34-24bf30eddbe1/1/VCLIhcipjdxzLRzN1cAu3rKmvCs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/60b472-dada-42e6-9f34-24bf30eddbe1/1/qSjaimFsusTJQnRmk6Fh5JjEYs8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.160.0/21
194.105.160.0/19
IPv6:
2a00:1670::/32
Signature Algorithm: sha256WithRSAEncryption
34:7d:41:81:b6:8a:11:2f:db:bb:af:ae:c7:89:6b:7e:e0:26:
59:8a:f5:0e:41:1b:df:95:0c:0d:8a:bf:5a:be:6e:d5:d1:9a:
e4:f6:db:9c:ca:1c:1b:b0:9f:80:84:2f:6e:30:05:b4:fd:b5:
08:ec:49:9c:0e:12:f5:64:be:8a:9b:f6:fc:39:2f:b4:1a:82:
35:9e:76:65:c1:89:90:41:1e:dc:c1:ce:bc:81:e4:ba:09:3a:
1c:bc:27:26:6f:59:4b:cf:a4:4f:96:e0:f9:75:92:57:43:33:
c2:37:08:28:bd:75:f2:1f:e4:40:51:91:35:c2:50:de:6b:8b:
70:04:34:bc:bd:01:7b:5d:c5:05:9c:c5:fc:be:9c:03:f4:3b:
3e:f2:54:6b:ad:2c:51:06:93:a8:6c:88:e6:9d:5b:64:1c:cb:
e4:88:5c:95:82:2e:c7:73:c3:8d:07:5a:8c:0d:d8:61:4b:14:
ca:ae:b8:30:ae:b6:af:0b:de:6b:b3:78:7f:c7:be:e2:b5:5d:
19:b6:47:6a:88:fd:29:1d:42:ac:3b:c3:26:46:c8:74:2b:30:
09:50:56:45:82:35:c0:83:f7:53:95:12:8d:a1:a8:a9:70:c9:
f0:0b:88:48:58:f2:a8:15:81:59:88:86:14:12:dc:a7:77:68:
f4:95:8c:9f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZaHrlErtiVHg7xmPNVyW7g2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5MjhkYThhNjE2Y2JhYzRjOTQyNzQ2NjkzYTE2MWU0OThj
NDYyY2YwHhcNMjUwNDMwMTcxMTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDIyYzg4NWM4YTk4ZGRjNzMyZDFjY2RkNWMwMmVkZWIyYTZiYzJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoozRqUHQWiY7YdXC+gFAeW+9gzeU
TlrRw3QvDEUZuhY1oEiv2hE4QSDQRmT7jtxBtxlxncBGkVUqQ2KUdzX4prGBtqih
y4UdE5qJvI/vEA77zUsnx6752OGRQz2Kd+qEPo1reunYCpJe8p0d6ITMm4fkMPSx
lk+UPH+mxoI4XbzpDATum6BEcT6d0gogZk2AR7eokcxzZDRQtcDV3B8TjBZ2MKYL
hGEWWIM9AAcWuHarEE4oltY8ZG9YURDM+VSTx+SvLMZvu0DyLhuWfjsFhjaWThaL
4bIPcMJFhxOHOQjOK3ZaqZWgBaJrNB9DdWyqnUI6JM1WHTu7+08Ys8qicwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFQiyIXIqY3ccy0czdXALt6yprwrMB8GA1UdIwQY
MBaAFKko2ophbLrEyUJ0ZpOhYeSYxGLPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVNqYWltRnN1c1RKUW5SbWs2Rmg1SmpFWXM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy82MGI0NzItZGFkYS00MmU2LTlmMzQt
MjRiZjMwZWRkYmUxLzEvVkNMSWhjaXBqZHh6TFJ6TjFjQXUzckttdkNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy82MGI0NzItZGFkYS00MmU2LTlmMzQtMjRiZjMwZWRkYmUx
LzEvcVNqYWltRnN1c1RKUW5SbWs2Rmg1SmpFWXM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDHxmgAwQF
wmmgMA0EAgACMAcDBQAqABZwMA0GCSqGSIb3DQEBCwUAA4IBAQA0fUGBtooRL9u7
r67HiWt+4CZZivUOQRvflQwNir9avm7V0Zrk9tucyhwbsJ+AhC9uMAW0/bUI7Emc
DhL1ZL6Km/b8OS+0GoI1nnZlwYmQQR7cwc68geS6CTocvCcmb1lLz6RPluD5dZJX
QzPCNwgovXXyH+RAUZE1wlDea4twBDS8vQF7XcUFnMX8vpwD9Ds+8lRrrSxRBpOo
bIjmnVtkHMvkiFyVgi7Hc8ONB1qMDdhhSxTKrrgwrravC95rs3h/x77itV0Ztkdq
iP0pHUKsO8MmRsh0KzAJUFZFgjXAg/dTlRKNoaipcMnwC4hIWPKoFYFZiIYUEtyn
d2j0lYyf
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:46:35 2025 by rpki-client