Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/vfQRFphkyrUaDVWbRC8wQb4sB9c.roa
File: vfQRFphkyrUaDVWbRC8wQb4sB9c.roa (raw, json)
Hash identifier: l9rcXZcQjSVWdb5lcy3JzBoQbacm9KfUuG6FyqWyr0Y=
Subject key identifier: BD:F4:11:16:98:64:CA:B5:1A:0D:55:9B:44:2F:30:41:BE:2C:07:D7
Certificate issuer: /CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Certificate serial: 0189BC7125F60405DAD0F688887284CC62DB
Authority key identifier: 29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/vfQRFphkyrUaDVWbRC8wQb4sB9c.roa
Signing time: Thu 03 Aug 2023 17:27:59 +0000
ROA not before: Thu 03 Aug 2023 17:27:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208485
IP address blocks: 85.239.148.0/24 maxlen: 24
185.95.157.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 29 Sep 2023 19:30:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:bc:71:25:f6:04:05:da:d0:f6:88:88:72:84:cc:62:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Validity
Not Before: Aug 3 17:27:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bdf411169864cab51a0d559b442f3041be2c07d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:19:c9:a9:ed:c3:83:7c:f7:24:9f:19:b4:af:
23:f6:98:6a:d5:9d:81:1b:39:7b:6a:37:94:ba:aa:
3a:f8:21:55:f4:87:d8:41:15:9a:ff:1e:14:cd:6b:
01:44:0e:56:d4:2c:2d:6e:3b:66:c7:15:fe:59:c4:
8f:ea:22:43:af:21:52:89:a6:6f:cd:d1:29:4d:52:
c4:01:0a:44:68:eb:63:8c:27:3c:8c:9a:09:f5:b8:
9e:16:f2:ef:08:30:43:86:e4:ba:a4:01:2b:5a:02:
63:26:7c:5c:28:45:d9:7a:e4:6e:79:8d:ba:77:f9:
bf:5e:f7:e0:73:1c:03:c2:e3:da:ed:aa:aa:74:b1:
f4:6b:d6:7a:17:5e:c5:cf:a4:cd:90:c1:de:4a:44:
63:7e:b6:65:95:e1:ea:87:76:a9:72:cd:2f:c2:23:
00:90:3e:39:d6:49:75:5d:8c:28:ad:f7:d3:ee:d4:
33:fe:1b:36:86:0e:8a:1f:33:9e:2b:4a:17:8a:e7:
2b:d1:53:42:fb:8c:24:4b:ae:83:d8:71:5d:b0:29:
5a:65:6b:3d:21:40:69:7b:95:fd:fa:f3:38:2f:0a:
bb:1b:d6:1e:db:9a:e1:f9:6a:f4:29:23:e4:e9:bc:
23:2e:f2:1f:2f:7c:47:d8:e0:af:cf:97:7b:7a:84:
f3:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:F4:11:16:98:64:CA:B5:1A:0D:55:9B:44:2F:30:41:BE:2C:07:D7
X509v3 Authority Key Identifier:
keyid:29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/vfQRFphkyrUaDVWbRC8wQb4sB9c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.148.0/24
185.95.157.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:c2:a4:01:2c:87:b3:f9:18:5d:8e:d8:c1:68:7b:4b:18:b1:
f8:f5:c2:b1:9e:f3:2c:42:ab:37:7e:b2:a1:77:18:4c:2f:c9:
be:11:48:f8:a2:77:24:98:53:3c:31:0d:a8:bf:6d:b4:0b:26:
6d:d3:50:fc:6d:45:db:94:5f:f9:0b:56:ac:42:66:8a:11:93:
0d:bf:3c:79:17:28:09:83:c0:5e:3f:8f:c6:f5:77:0f:d2:76:
ec:96:e3:6b:c9:49:c9:b7:f8:ba:85:73:d9:a1:83:2c:70:0d:
17:c0:54:bb:ba:9b:02:8f:33:5e:e9:ac:97:29:b0:25:b0:92:
2f:73:49:c5:5a:26:cd:b5:62:3d:4c:f8:ff:3c:60:94:5c:0b:
6b:66:19:3b:b4:5a:e1:88:ee:55:c9:eb:62:33:f1:b2:5b:a7:
1c:9c:a0:b0:27:74:df:34:04:57:7a:a4:d3:87:4f:e5:2f:65:
02:12:ec:34:eb:39:14:50:6e:3b:8a:d3:03:31:f7:6d:ec:f0:
87:29:a3:f0:cc:e6:7a:ff:de:f5:a9:62:f2:ec:61:e9:f3:b0:
02:60:eb:1f:dc:6f:f0:d3:a1:ae:c2:87:a3:9f:8b:bc:8c:b8:
e2:6c:9f:49:69:20:8c:f2:7d:cd:16:30:2d:cb:2e:ef:55:a8:
e0:bb:d3:c9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYm8cSX2BAXa0PaIiHKEzGLbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDJkYWZmMWM1YmI2MWEwYWM4YjNjYWVhZDRiOGExZmEy
ODRkMGYwHhcNMjMwODAzMTcyNzU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGY0MTExNjk4NjRjYWI1MWEwZDU1OWI0NDJmMzA0MWJlMmMwN2Q3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAihnJqe3Dg3z3JJ8ZtK8j9phq1Z2B
Gzl7ajeUuqo6+CFV9IfYQRWa/x4UzWsBRA5W1CwtbjtmxxX+WcSP6iJDryFSiaZv
zdEpTVLEAQpEaOtjjCc8jJoJ9bieFvLvCDBDhuS6pAErWgJjJnxcKEXZeuRueY26
d/m/XvfgcxwDwuPa7aqqdLH0a9Z6F17Fz6TNkMHeSkRjfrZlleHqh3apcs0vwiMA
kD451kl1XYworffT7tQz/hs2hg6KHzOeK0oXiucr0VNC+4wkS66D2HFdsClaZWs9
IUBpe5X9+vM4Lwq7G9Ye25rh+Wr0KSPk6bwjLvIfL3xH2OCvz5d7eoTz5wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFL30ERaYZMq1Gg1Vm0QvMEG+LAfXMB8GA1UdIwQY
MBaAFCnS2v8cW7YaCsizyurUuKH6KE0PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3Zjgt
NGY1N2Q5Y2Y1Y2FhLzEvdmZRUkZwaGt5clVhRFZXYlJDOHdRYjRzQjljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3ZjgtNGY1N2Q5Y2Y1Y2Fh
LzEvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVe+UAwQA
uV+dMA0GCSqGSIb3DQEBCwUAA4IBAQCjwqQBLIez+RhdjtjBaHtLGLH49cKxnvMs
Qqs3frKhdxhML8m+EUj4onckmFM8MQ2ov220CyZt01D8bUXblF/5C1asQmaKEZMN
vzx5FygJg8BeP4/G9XcP0nbsluNryUnJt/i6hXPZoYMscA0XwFS7upsCjzNe6ayX
KbAlsJIvc0nFWibNtWI9TPj/PGCUXAtrZhk7tFrhiO5VyetiM/GyW6ccnKCwJ3Tf
NARXeqTTh0/lL2UCEuw06zkUUG47itMDMfdt7PCHKaPwzOZ6/971qWLy7GHp87AC
YOsf3G/w06Guwoejn4u8jLjibJ9JaSCM8n3NFjAtyy7vVajgu9PJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:53 2024 by rpki-client on console-fra.rpki-client.org