Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/8387a7-068c-4832-aa26-db5b1f89a50d/1/VVNCbNDf9YGlCvkxtPYnVR3VHM4.roa
File: VVNCbNDf9YGlCvkxtPYnVR3VHM4.roa (raw, json)
Hash identifier: sCAP6GemGEB1BLUx2hFAAzFRO+V0R/3s50KJZzOzOqg=
Subject key identifier: 55:53:42:6C:D0:DF:F5:81:A5:0A:F9:31:B4:F6:27:55:1D:D5:1C:CE
Certificate issuer: /CN=fb5602802a8793a24fda4d0edcc30a196c0f77e0
Certificate serial: 01856D53FE7432B0701279B805826F782FD4
Authority key identifier: FB:56:02:80:2A:87:93:A2:4F:DA:4D:0E:DC:C3:0A:19:6C:0F:77:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-1YCgCqHk6JP2k0O3MMKGWwPd-A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/8387a7-068c-4832-aa26-db5b1f89a50d/1/VVNCbNDf9YGlCvkxtPYnVR3VHM4.roa
Signing time: Sun 01 Jan 2023 12:34:59 +0000
ROA not before: Sun 01 Jan 2023 12:34:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203046
IP address blocks: 91.208.191.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 14:35:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:53:fe:74:32:b0:70:12:79:b8:05:82:6f:78:2f:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb5602802a8793a24fda4d0edcc30a196c0f77e0
Validity
Not Before: Jan 1 12:34:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5553426cd0dff581a50af931b4f627551dd51cce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:c3:ca:9b:c1:9c:87:dd:ce:1a:7a:14:f6:97:
fc:fa:6f:d7:33:5a:2b:c9:3a:75:4f:2a:e3:fb:d6:
a7:fc:fd:51:8a:74:ad:e5:75:54:20:37:30:c1:af:
a6:7d:ac:03:20:a6:14:50:b8:b2:c6:6d:57:d4:ac:
70:f3:a1:5d:d1:32:45:5b:47:17:45:da:e4:76:f5:
b7:a2:98:e9:24:3b:88:46:f7:d8:81:f8:52:be:87:
56:1c:a9:54:20:b1:81:63:cc:bd:6b:53:f2:7e:c8:
12:6a:56:b0:16:d6:fe:3c:b1:a4:e5:d8:e9:36:df:
9a:16:ed:9c:27:24:b8:3d:81:2d:8c:21:46:37:bc:
a6:94:06:6d:5a:0d:f5:17:3d:89:dd:e0:4c:a1:77:
2c:53:b7:5f:b4:05:ce:e6:9b:2b:a2:41:f2:16:a4:
de:53:f5:b9:5d:12:29:0b:34:3d:8b:d1:5c:ab:49:
50:1b:95:d1:af:1d:5a:23:90:bd:14:0d:e4:3b:6e:
53:4f:40:44:6f:53:37:8c:c8:45:95:b7:d1:ed:55:
06:9a:8c:59:5e:d1:1d:68:45:75:6c:42:75:02:bd:
d4:9c:73:40:d8:a5:0d:26:ee:e4:31:0d:ba:01:6e:
95:a2:92:35:21:54:39:0e:74:81:bd:61:3b:57:43:
91:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:53:42:6C:D0:DF:F5:81:A5:0A:F9:31:B4:F6:27:55:1D:D5:1C:CE
X509v3 Authority Key Identifier:
keyid:FB:56:02:80:2A:87:93:A2:4F:DA:4D:0E:DC:C3:0A:19:6C:0F:77:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-1YCgCqHk6JP2k0O3MMKGWwPd-A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/8387a7-068c-4832-aa26-db5b1f89a50d/1/VVNCbNDf9YGlCvkxtPYnVR3VHM4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/8387a7-068c-4832-aa26-db5b1f89a50d/1/1-1YCgCqHk6JP2k0O3MMKGWwPd-A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.191.0/24
Signature Algorithm: sha256WithRSAEncryption
93:17:dd:6f:65:19:25:fa:4c:bc:e0:27:e7:89:bd:6d:46:8c:
8d:e9:cc:07:c3:36:d1:0b:a1:13:af:1d:18:bd:32:5d:b3:f7:
d7:c0:f9:44:fd:51:0d:15:63:1d:55:de:36:72:13:21:4d:13:
c2:c3:40:93:ac:d2:92:8b:d0:09:1c:fc:0d:ed:fd:ed:f0:bf:
b6:9a:a9:e4:15:5a:11:73:d2:bd:0c:e7:fa:07:77:6f:8c:d0:
28:0a:6c:1e:86:51:9e:a2:10:30:b9:48:af:08:42:64:18:6f:
29:5a:17:dc:ff:fd:e5:d1:48:7e:22:aa:25:9d:d2:7e:fb:5e:
05:03:47:2f:3a:4f:87:f2:14:85:5d:67:26:3a:72:3a:82:ba:
39:04:06:86:51:dd:f0:7a:de:d2:e2:f5:d9:a9:23:7c:97:87:
13:40:1d:4e:d1:0e:74:15:e1:40:7d:40:0b:03:1d:e4:18:ae:
01:93:db:85:8a:08:df:d5:eb:cb:32:39:1b:ab:31:4a:8c:63:
8c:02:c3:94:91:4b:eb:6a:58:44:27:35:07:11:5c:9d:d9:20:
e6:e3:c7:8b:85:9a:8a:d4:a8:fc:26:5c:1a:d7:57:cf:72:25:
f9:18:fe:2d:24:8f:33:67:f7:17:48:87:84:08:5b:64:08:34:
84:49:33:7c
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVtU/50MrBwEnm4BYJveC/UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiNTYwMjgwMmE4NzkzYTI0ZmRhNGQwZWRjYzMwYTE5NmMw
Zjc3ZTAwHhcNMjMwMTAxMTIzNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTUzNDI2Y2QwZGZmNTgxYTUwYWY5MzFiNGY2Mjc1NTFkZDUxY2NlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs8PKm8Gch93OGnoU9pf8+m/XM1or
yTp1Tyrj+9an/P1RinSt5XVUIDcwwa+mfawDIKYUULiyxm1X1Kxw86Fd0TJFW0cX
RdrkdvW3opjpJDuIRvfYgfhSvodWHKlUILGBY8y9a1PyfsgSalawFtb+PLGk5djp
Nt+aFu2cJyS4PYEtjCFGN7ymlAZtWg31Fz2J3eBMoXcsU7dftAXO5psrokHyFqTe
U/W5XRIpCzQ9i9Fcq0lQG5XRrx1aI5C9FA3kO25TT0BEb1M3jMhFlbfR7VUGmoxZ
XtEdaEV1bEJ1Ar3UnHNA2KUNJu7kMQ26AW6VopI1IVQ5DnSBvWE7V0ORqwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFFVTQmzQ3/WBpQr5MbT2J1Ud1RzOMB8GA1UdIwQY
MBaAFPtWAoAqh5OiT9pNDtzDChlsD3fgMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS0xWUNnQ3FIazZKUDJrME8zTU1LR1d3UGQtQS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjgvODM4N2E3LTA2OGMtNDgzMi1hYTI2
LWRiNWIxZjg5YTUwZC8xL1ZWTkNiTkRmOVlHbEN2a3h0UFluVlIzVkhNNC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYjgvODM4N2E3LTA2OGMtNDgzMi1hYTI2LWRiNWIxZjg5YTUw
ZC8xLzEtMVlDZ0NxSGs2SlAyazBPM01NS0dXd1BkLUEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABb0L8w
DQYJKoZIhvcNAQELBQADggEBAJMX3W9lGSX6TLzgJ+eJvW1GjI3pzAfDNtELoROv
HRi9Ml2z99fA+UT9UQ0VYx1V3jZyEyFNE8LDQJOs0pKL0Akc/A3t/e3wv7aaqeQV
WhFz0r0M5/oHd2+M0CgKbB6GUZ6iEDC5SK8IQmQYbylaF9z//eXRSH4iqiWd0n77
XgUDRy86T4fyFIVdZyY6cjqCujkEBoZR3fB63tLi9dmpI3yXhxNAHU7RDnQV4UB9
QAsDHeQYrgGT24WKCN/V68syORurMUqMY4wCw5SRS+tqWEQnNQcRXJ3ZIObjx4uF
morUqPwmXBrXV89yJfkY/i0kjzNn9xdIh4QIW2QINIRJM3w=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:12 2024 by rpki-client on console-fra.rpki-client.org