Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/VKLhQbtUSXxyWKENK81TSREodqI.roa
File: VKLhQbtUSXxyWKENK81TSREodqI.roa (raw, json)
Hash identifier: Odw1xRNTy46Nnu5zh14mnnmDB0wk0Jt7Rwk7ZbRFb1M=
Subject key identifier: 54:A2:E1:41:BB:54:49:7C:72:58:A1:0D:2B:CD:53:49:11:28:76:A2
Certificate issuer: /CN=8778ad8168e09cf92d4e0498257f8e9ceabf0692
Certificate serial: 018D9E5CDB14E2CF93F3E3B4C4BED2C86572
Authority key identifier: 87:78:AD:81:68:E0:9C:F9:2D:4E:04:98:25:7F:8E:9C:EA:BF:06:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h3itgWjgnPktTgSYJX-OnOq_BpI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/VKLhQbtUSXxyWKENK81TSREodqI.roa
Signing time: Mon 12 Feb 2024 17:28:21 +0000
ROA not before: Mon 12 Feb 2024 17:28:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49549
IP address blocks: 146.19.128.0/24 maxlen: 24
193.0.230.0/24 maxlen: 24
193.163.203.0/24 maxlen: 24
217.119.129.0/24 maxlen: 24
2a0f:cdc2::/32 maxlen: 32
2a0f:cdc4::/32 maxlen: 32
2a0f:cdc5::/32 maxlen: 32
Validation: Failed, certificate revoked on Sat 27 Apr 2024 11:50:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:9e:5c:db:14:e2:cf:93:f3:e3:b4:c4:be:d2:c8:65:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8778ad8168e09cf92d4e0498257f8e9ceabf0692
Validity
Not Before: Feb 12 17:28:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=54a2e141bb54497c7258a10d2bcd5349112876a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:a1:27:12:b6:8f:b9:d1:00:d5:49:03:e3:46:
d0:ff:bd:83:89:f6:32:5a:c3:cf:c3:ef:f6:c4:66:
92:67:80:68:35:91:3d:20:c7:1c:38:f4:e7:3e:39:
3f:3f:7b:d7:a1:ef:d6:cb:d9:88:2e:ba:33:12:3d:
41:8d:66:46:24:87:fd:24:d6:29:a9:4e:0f:4d:66:
60:13:ed:b0:39:da:b4:d8:71:8a:51:0d:b5:ad:e2:
6b:95:70:8d:8b:14:05:5d:69:b0:48:a7:da:3b:e4:
09:79:40:49:a1:cb:b7:cf:6a:c8:10:65:44:8c:63:
f2:37:e0:32:c8:ea:cf:52:3b:97:11:60:a5:4c:45:
ea:52:93:10:41:ae:2e:a2:c8:d6:b6:a6:49:49:a2:
b6:a5:2e:8b:fa:e6:96:75:f7:8c:9f:b1:4d:60:9f:
79:34:a2:6c:b4:1a:47:e1:14:fd:55:34:39:92:3d:
96:97:54:4b:0e:5d:b9:f0:72:05:b8:c6:70:c7:75:
b3:9b:3a:69:a8:fe:a0:3b:47:87:d6:5f:aa:63:e5:
c5:d6:0d:f3:6b:00:6c:09:b4:73:05:93:a9:c2:41:
86:9c:96:45:24:3f:5f:6c:dd:3f:33:a5:1c:3a:e8:
43:cf:7c:25:51:8a:63:7d:82:1d:13:26:44:1f:3d:
12:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:A2:E1:41:BB:54:49:7C:72:58:A1:0D:2B:CD:53:49:11:28:76:A2
X509v3 Authority Key Identifier:
keyid:87:78:AD:81:68:E0:9C:F9:2D:4E:04:98:25:7F:8E:9C:EA:BF:06:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h3itgWjgnPktTgSYJX-OnOq_BpI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/VKLhQbtUSXxyWKENK81TSREodqI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/h3itgWjgnPktTgSYJX-OnOq_BpI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.128.0/24
193.0.230.0/24
193.163.203.0/24
217.119.129.0/24
IPv6:
2a0f:cdc2::/32
2a0f:cdc4::/31
Signature Algorithm: sha256WithRSAEncryption
a4:4d:4f:e5:4f:eb:e7:bc:51:57:d1:ce:2c:3a:1f:c6:ad:21:
ab:26:34:35:7b:9e:04:50:38:4c:8b:e5:36:1c:a5:aa:3e:9a:
af:03:60:b1:b8:3d:b9:aa:b2:b4:44:79:18:2a:cf:02:0d:ae:
4b:f1:69:60:37:2d:8d:54:fe:ff:6f:4e:ed:d7:97:7a:c8:72:
5b:86:a7:75:70:1a:c0:45:eb:06:1f:25:0f:5a:b5:da:84:6a:
82:25:34:5e:4f:7f:41:fd:cd:ad:7b:41:98:ef:7c:c3:77:80:
f0:85:71:f7:21:33:d8:e7:bf:c4:ab:16:47:ac:8f:8f:65:3d:
f5:00:1f:67:2d:8f:30:6e:0e:70:ad:8b:ec:3b:62:ad:ec:e8:
fb:b0:8f:0b:07:8e:73:e7:24:1b:7b:98:e8:a2:46:a0:3f:ca:
97:f3:52:f8:30:c9:9d:3a:2f:3c:ee:6c:ae:c7:b9:94:34:5e:
b6:e2:0e:77:70:e3:b1:14:26:83:a4:fe:42:53:9b:9c:c0:b7:
37:01:af:2a:f3:84:2b:b3:1e:93:b3:0c:14:49:87:a1:cf:e4:
76:68:2d:75:14:2f:7a:4c:5b:6b:1a:e2:9a:54:14:38:2d:1a:
96:c7:ea:62:bb:09:36:80:71:ef:71:54:42:b8:91:e9:fa:7f:
62:1a:d9:f5
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAY2eXNsU4s+T8+O0xL7SyGVyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NzhhZDgxNjhlMDljZjkyZDRlMDQ5ODI1N2Y4ZTljZWFi
ZjA2OTIwHhcNMjQwMjEyMTcyODIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NGEyZTE0MWJiNTQ0OTdjNzI1OGExMGQyYmNkNTM0OTExMjg3NmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqaEnEraPudEA1UkD40bQ/72DifYy
WsPPw+/2xGaSZ4BoNZE9IMccOPTnPjk/P3vXoe/Wy9mILrozEj1BjWZGJIf9JNYp
qU4PTWZgE+2wOdq02HGKUQ21reJrlXCNixQFXWmwSKfaO+QJeUBJocu3z2rIEGVE
jGPyN+AyyOrPUjuXEWClTEXqUpMQQa4uosjWtqZJSaK2pS6L+uaWdfeMn7FNYJ95
NKJstBpH4RT9VTQ5kj2Wl1RLDl258HIFuMZwx3WzmzppqP6gO0eH1l+qY+XF1g3z
awBsCbRzBZOpwkGGnJZFJD9fbN0/M6UcOuhDz3wlUYpjfYIdEyZEHz0S9QIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFFSi4UG7VEl8clihDSvNU0kRKHaiMB8GA1UdIwQY
MBaAFId4rYFo4Jz5LU4EmCV/jpzqvwaSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDNpdGdXamduUGt0VGdTWUpYLU9uT3FfQnBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9mMDdmOGQtOWRmMC00OWM2LWIyZjAt
YWE5ZDY5MTgxMWU3LzEvVktMaFFidFVTWHh5V0tFTks4MVRTUkVvZHFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9mMDdmOGQtOWRmMC00OWM2LWIyZjAtYWE5ZDY5MTgxMWU3
LzEvaDNpdGdXamduUGt0VGdTWUpYLU9uT3FfQnBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQAkhOAAwQA
wQDmAwQAwaPLAwQA2XeBMBQEAgACMA4DBQAqD83CAwUBKg/NxDANBgkqhkiG9w0B
AQsFAAOCAQEApE1P5U/r57xRV9HOLDofxq0hqyY0NXueBFA4TIvlNhylqj6arwNg
sbg9uaqytER5GCrPAg2uS/FpYDctjVT+/29O7deXeshyW4andXAawEXrBh8lD1q1
2oRqgiU0Xk9/Qf3NrXtBmO98w3eA8IVx9yEz2Oe/xKsWR6yPj2U99QAfZy2PMG4O
cK2L7Dtirezo+7CPCweOc+ckG3uY6KJGoD/Kl/NS+DDJnTovPO5srse5lDRetuIO
d3DjsRQmg6T+QlObnMC3NwGvKvOEK7Mek7MMFEmHoc/kdmgtdRQvekxbaxrimlQU
OC0alsfqYrsJNoBx73FUQriR6fp/YhrZ9Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:33 2024 by rpki-client on console-fra.rpki-client.org