Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/VnkKQmuPYptPuJW-WzpG5SwdI_k.roa
File: VnkKQmuPYptPuJW-WzpG5SwdI_k.roa (raw, json)
Hash identifier: bI8PDkzzbVsIM/L9fgPD+JPQ/43LVhNczsIfWvEroOM=
Subject key identifier: 56:79:0A:42:6B:8F:62:9B:4F:B8:95:BE:5B:3A:46:E5:2C:1D:23:F9
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018A2BC31479C021FD0A519B9CB834AF2A2F
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/VnkKQmuPYptPuJW-WzpG5SwdI_k.roa
Signing time: Fri 25 Aug 2023 08:15:19 +0000
ROA not before: Fri 25 Aug 2023 08:15:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 77.83.39.0/24 maxlen: 24
85.209.120.0/23 maxlen: 24
45.94.171.0/24 maxlen: 24
45.138.183.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 30 Aug 2023 14:02:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:2b:c3:14:79:c0:21:fd:0a:51:9b:9c:b8:34:af:2a:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Aug 25 08:15:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=56790a426b8f629b4fb895be5b3a46e52c1d23f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:7b:e9:13:4d:68:35:b3:2a:c4:36:9f:73:3b:
32:c9:f1:e5:06:4c:05:0a:5a:23:87:42:20:c0:49:
b9:b8:40:84:96:38:89:f2:83:c0:ba:ec:7f:ee:4e:
ae:67:a4:7d:ed:97:52:c0:07:8d:35:99:1a:d6:d5:
04:dc:5c:2c:54:d1:d8:46:5e:38:c6:c9:8d:b4:4c:
57:e5:b0:4f:03:5a:81:48:2b:3c:b4:13:a4:f2:6b:
02:10:13:05:c0:b3:94:8b:01:a0:fd:22:ed:5d:5b:
04:ef:de:19:5d:f2:13:ab:59:5e:72:be:94:4f:d9:
f0:4f:0b:a1:85:87:81:d0:73:71:f2:5f:b8:d9:c6:
ee:af:b0:df:32:e0:dd:76:97:e2:4b:e2:d9:b0:1b:
6a:3d:b2:e4:0c:1f:e2:32:03:68:29:bb:10:e5:78:
52:54:7f:d4:be:21:fe:d1:f0:98:72:8e:ed:1e:72:
2b:61:f3:c4:02:36:19:80:08:9c:7d:e9:36:8f:b6:
ee:66:7e:13:0b:33:7b:9e:72:b9:76:43:75:82:c4:
88:22:ae:43:bf:67:13:7d:a2:97:66:20:33:a0:ea:
4a:2c:c5:b0:aa:a6:bc:6b:0e:42:5b:bf:e5:c6:40:
28:42:85:7b:b6:05:ba:be:a8:7e:9a:23:8c:d2:e7:
b7:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:79:0A:42:6B:8F:62:9B:4F:B8:95:BE:5B:3A:46:E5:2C:1D:23:F9
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/VnkKQmuPYptPuJW-WzpG5SwdI_k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.171.0/24
45.138.183.0/24
77.83.39.0/24
85.209.120.0/23
Signature Algorithm: sha256WithRSAEncryption
8a:49:10:d3:db:9a:d2:87:ea:42:73:50:ca:f6:07:70:2f:c0:
1a:11:ad:3c:2a:8f:c8:9c:86:90:35:0d:c4:76:65:e3:7c:7f:
6a:a9:2b:ba:00:d9:b9:45:32:88:f8:4a:0e:f5:df:dc:ae:bb:
1a:00:2e:bb:a1:bf:71:87:64:db:f2:9b:67:e8:27:20:cb:80:
60:59:43:19:2a:cf:84:24:7e:49:29:64:88:f6:22:a5:3b:21:
05:16:15:cc:1a:52:b9:26:47:82:bc:aa:80:38:a1:f3:c4:2f:
d4:75:70:fc:0e:28:bc:f2:d3:2f:fc:b2:32:38:03:b7:af:b3:
79:f7:61:7c:27:d7:9f:ad:d5:fd:6a:65:41:50:bf:f5:d2:ee:
43:05:39:62:55:17:18:f1:a2:07:22:1b:b6:3b:6d:20:5e:80:
b8:ed:48:88:9f:59:fb:97:d4:89:8f:6d:1d:53:e1:a4:dc:31:
56:ad:80:cf:88:ed:11:21:01:d0:62:e7:93:19:19:aa:da:67:
86:ed:b8:49:27:fc:3f:5a:13:80:bb:bc:f9:6b:d3:13:74:06:
22:e6:de:8f:03:b5:10:ab:a2:c3:56:80:b7:93:59:70:1e:e7:
de:fd:37:bc:88:86:fd:dd:4d:98:7a:c4:00:5b:3f:05:a8:be:
36:c8:b7:39
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYorwxR5wCH9ClGbnLg0ryovMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwODI1MDgxNTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Njc5MGE0MjZiOGY2MjliNGZiODk1YmU1YjNhNDZlNTJjMWQyM2Y5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsnvpE01oNbMqxDafczsyyfHlBkwF
Clojh0IgwEm5uECEljiJ8oPAuux/7k6uZ6R97ZdSwAeNNZka1tUE3FwsVNHYRl44
xsmNtExX5bBPA1qBSCs8tBOk8msCEBMFwLOUiwGg/SLtXVsE794ZXfITq1lecr6U
T9nwTwuhhYeB0HNx8l+42cbur7DfMuDddpfiS+LZsBtqPbLkDB/iMgNoKbsQ5XhS
VH/UviH+0fCYco7tHnIrYfPEAjYZgAicfek2j7buZn4TCzN7nnK5dkN1gsSIIq5D
v2cTfaKXZiAzoOpKLMWwqqa8aw5CW7/lxkAoQoV7tgW6vqh+miOM0ue3PQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFZ5CkJrj2KbT7iVvls6RuUsHSP5MB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvVm5rS1FtdVBZcHRQdUpXLVd6cEc1U3dkSV9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALV6rAwQA
LYq3AwQATVMnAwQBVdF4MA0GCSqGSIb3DQEBCwUAA4IBAQCKSRDT25rSh+pCc1DK
9gdwL8AaEa08Ko/InIaQNQ3EdmXjfH9qqSu6ANm5RTKI+EoO9d/crrsaAC67ob9x
h2Tb8ptn6Ccgy4BgWUMZKs+EJH5JKWSI9iKlOyEFFhXMGlK5JkeCvKqAOKHzxC/U
dXD8Dii88tMv/LIyOAO3r7N592F8J9efrdX9amVBUL/10u5DBTliVRcY8aIHIhu2
O20gXoC47UiIn1n7l9SJj20dU+Gk3DFWrYDPiO0RIQHQYueTGRmq2meG7bhJJ/w/
WhOAu7z5a9MTdAYi5t6PA7UQq6LDVoC3k1lwHufe/Te8iIb93U2YesQAWz8FqL42
yLc5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:31 2024 by rpki-client on console-fra.rpki-client.org