Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/VNlqZFjwLZPJ6sOcc8TvbaTfvJY.roa
File: VNlqZFjwLZPJ6sOcc8TvbaTfvJY.roa (raw, json)
Hash identifier: 7mqigJfqt27UTdgOXQKk9NmkG6oQR+HK2Jn2HtH1dGE=
Subject key identifier: 54:D9:6A:64:58:F0:2D:93:C9:EA:C3:9C:73:C4:EF:6D:A4:DF:BC:96
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 0185727A342BFBF90C97B23C2B0524BF8BBB
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/VNlqZFjwLZPJ6sOcc8TvbaTfvJY.roa
Signing time: Mon 02 Jan 2023 12:34:49 +0000
ROA not before: Mon 02 Jan 2023 12:34:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48024
IP address blocks: 178.173.224.0/19 maxlen: 24
91.132.57.0/24 maxlen: 24
213.173.32.0/24 maxlen: 24
213.173.34.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 27 Feb 2023 12:12:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:7a:34:2b:fb:f9:0c:97:b2:3c:2b:05:24:bf:8b:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jan 2 12:34:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=54d96a6458f02d93c9eac39c73c4ef6da4dfbc96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:66:fb:84:6e:3d:a8:73:5d:eb:df:c4:2e:f2:
17:79:ac:49:df:15:25:b1:19:6f:df:ce:d9:43:2c:
cd:bd:1b:75:cb:98:62:0c:08:22:92:b0:9e:41:46:
2b:56:e2:e0:77:8f:4b:29:23:7d:97:1c:10:02:88:
34:29:d8:43:20:0c:5a:ab:eb:29:0b:21:6d:ab:cd:
60:84:4f:86:44:de:a5:bb:8b:5a:7d:05:89:bf:15:
a0:b7:85:01:bb:81:e8:c4:dd:f0:13:41:58:4b:00:
3f:e7:24:e4:cc:a4:d4:39:6b:b0:cb:46:18:59:5e:
8a:83:38:7c:d2:e9:bf:89:5f:49:4a:2e:0e:4d:c6:
96:25:03:fe:f8:76:8c:d7:3c:fd:8a:8c:a1:92:2c:
51:d8:73:6b:40:04:f8:cc:f9:26:51:98:90:29:ae:
65:57:59:64:b2:b4:1d:4f:f5:6b:9e:c9:4f:58:c8:
e6:2c:ce:fd:9d:cd:0c:56:68:80:d5:c2:a6:37:45:
06:9a:0e:14:49:32:06:33:60:1d:fd:63:10:b1:55:
84:a3:97:e9:9c:83:62:e8:78:82:8d:04:4a:99:14:
b0:c9:f7:6e:ac:5d:4a:12:b6:f0:3a:e0:69:71:b0:
3a:f8:c2:60:bf:3b:07:72:25:d2:e5:3d:5c:76:2a:
20:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:D9:6A:64:58:F0:2D:93:C9:EA:C3:9C:73:C4:EF:6D:A4:DF:BC:96
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/VNlqZFjwLZPJ6sOcc8TvbaTfvJY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.132.57.0/24
178.173.224.0/19
213.173.32.0/24
213.173.34.0/23
Signature Algorithm: sha256WithRSAEncryption
51:af:59:c0:61:b5:09:bc:67:4c:34:81:39:bd:aa:b6:06:48:
7c:30:76:2c:02:e5:58:12:47:70:ce:26:da:f7:09:cb:e2:c4:
4b:3d:7b:0f:06:dc:14:9d:c3:17:62:c6:c0:3d:66:56:4d:e4:
bd:c9:eb:a7:19:3b:12:88:07:90:98:12:f3:44:1f:9f:a7:64:
a8:fe:6c:97:7c:9a:c8:b7:48:e8:40:ce:ff:93:bb:3a:d9:a4:
cf:e9:4f:4f:74:40:33:29:f8:f3:00:df:f7:e5:eb:08:6e:da:
8a:f4:a8:b1:8c:9a:94:cc:de:15:90:4a:df:88:32:12:bb:95:
b4:37:70:78:e1:ba:c5:d3:7f:29:23:2e:b7:db:47:bc:25:11:
a7:f2:86:90:5a:96:fa:d6:b8:bb:da:1c:ac:4c:d9:ad:58:d5:
47:70:32:bd:9d:4b:4d:05:a8:ef:57:03:86:42:21:a8:46:fc:
46:8d:0f:2c:35:ad:04:84:0e:63:a8:55:8e:d8:f7:45:0a:75:
a9:70:69:88:ab:f0:0b:bb:93:bb:d5:53:13:b4:6f:a5:4d:87:
2d:37:f0:c5:7a:1a:b2:19:68:5b:4f:0b:81:96:a8:81:b8:5a:
98:65:c2:f8:9b:11:d0:69:8a:ee:4e:65:5b:73:18:f3:1b:3c:
0f:ca:b5:6c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVyejQr+/kMl7I8KwUkv4u7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjMwMTAyMTIzNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NGQ5NmE2NDU4ZjAyZDkzYzllYWMzOWM3M2M0ZWY2ZGE0ZGZiYzk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqGb7hG49qHNd69/ELvIXeaxJ3xUl
sRlv387ZQyzNvRt1y5hiDAgikrCeQUYrVuLgd49LKSN9lxwQAog0KdhDIAxaq+sp
CyFtq81ghE+GRN6lu4tafQWJvxWgt4UBu4HoxN3wE0FYSwA/5yTkzKTUOWuwy0YY
WV6Kgzh80um/iV9JSi4OTcaWJQP++HaM1zz9ioyhkixR2HNrQAT4zPkmUZiQKa5l
V1lksrQdT/VrnslPWMjmLM79nc0MVmiA1cKmN0UGmg4USTIGM2Ad/WMQsVWEo5fp
nINi6HiCjQRKmRSwyfdurF1KErbwOuBpcbA6+MJgvzsHciXS5T1cdiogfwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFTZamRY8C2TyerDnHPE722k37yWMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvVk5scVpGandMWlBKNnNPY2M4VHZiYVRmdkpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW4Q5AwQF
sq3gAwQA1a0gAwQB1a0iMA0GCSqGSIb3DQEBCwUAA4IBAQBRr1nAYbUJvGdMNIE5
vaq2Bkh8MHYsAuVYEkdwziba9wnL4sRLPXsPBtwUncMXYsbAPWZWTeS9yeunGTsS
iAeQmBLzRB+fp2So/myXfJrIt0joQM7/k7s62aTP6U9PdEAzKfjzAN/35esIbtqK
9KixjJqUzN4VkErfiDISu5W0N3B44brF038pIy6320e8JRGn8oaQWpb61ri72hys
TNmtWNVHcDK9nUtNBajvVwOGQiGoRvxGjQ8sNa0EhA5jqFWO2PdFCnWpcGmIq/AL
u5O71VMTtG+lTYctN/DFehqyGWhbTwuBlqiBuFqYZcL4mxHQaYruTmVbcxjzGzwP
yrVs
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:35 2024 by rpki-client on console-fra.rpki-client.org