Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/VKLnx_gBYt70MOZ90MTSmV2Rs6E.roa
File: VKLnx_gBYt70MOZ90MTSmV2Rs6E.roa (raw, json)
Hash identifier: dpA9eBuI8x5EZ6GJugDEi/viDmpBHQ6pFBkt7rO2u0k=
Subject key identifier: 54:A2:E7:C7:F8:01:62:DE:F4:30:E6:7D:D0:C4:D2:99:5D:91:B3:A1
Certificate issuer: /CN=8bdf76c54b9e6935c30a9b4c9ba9309ac470ec02
Certificate serial: 018A4792E832689A1E2A927BDFA19FBA2263
Authority key identifier: 8B:DF:76:C5:4B:9E:69:35:C3:0A:9B:4C:9B:A9:30:9A:C4:70:EC:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i992xUueaTXDCptMm6kwmsRw7AI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/VKLnx_gBYt70MOZ90MTSmV2Rs6E.roa
Signing time: Wed 30 Aug 2023 17:52:04 +0000
ROA not before: Wed 30 Aug 2023 17:52:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39130
IP address blocks: 5.102.36.0/24 maxlen: 24
5.102.37.0/24 maxlen: 24
5.102.38.0/24 maxlen: 24
5.102.39.0/24 maxlen: 24
195.5.124.0/24 maxlen: 24
195.5.124.0/23 maxlen: 24
195.222.124.0/24 maxlen: 24
195.222.124.0/22 maxlen: 22
195.222.125.0/24 maxlen: 24
195.222.126.0/24 maxlen: 24
195.222.127.0/24 maxlen: 24
2a10:d80::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 31 Aug 2023 19:26:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:47:92:e8:32:68:9a:1e:2a:92:7b:df:a1:9f:ba:22:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bdf76c54b9e6935c30a9b4c9ba9309ac470ec02
Validity
Not Before: Aug 30 17:52:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=54a2e7c7f80162def430e67dd0c4d2995d91b3a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:a0:37:07:11:38:63:08:cc:10:1b:23:d7:65:
2c:be:42:fd:62:98:33:5e:6b:b9:ac:cb:a0:9c:3e:
52:88:99:45:9c:28:d4:c6:87:8b:99:64:0a:a1:7c:
6b:13:45:58:03:07:59:f2:9a:07:10:6a:44:7a:e3:
e6:dc:97:b0:df:44:b9:ee:66:af:8e:f1:8f:ca:05:
4d:91:9b:90:42:33:5a:a3:23:c9:c8:36:bf:4a:c1:
7d:0c:e7:7e:b9:f7:65:20:3a:e3:60:29:2b:fc:cd:
61:bd:c1:ec:de:3e:aa:ba:80:00:70:c4:59:b8:04:
fa:a3:bf:01:c9:42:82:a0:62:9b:a3:4e:af:30:f0:
05:60:1e:6a:26:5b:00:94:61:97:fb:b9:9c:69:38:
4c:e2:b0:34:7a:bc:66:c6:19:10:45:8e:18:4b:f9:
ca:79:0c:6f:67:6c:08:cc:d0:20:50:59:10:16:10:
ae:dd:35:9f:c7:19:9f:8b:44:63:cd:e8:85:05:dd:
20:b8:aa:a7:1e:e5:98:65:3d:82:2a:bd:b6:ec:93:
ce:78:5c:e4:6e:01:c1:e5:f0:e5:b8:fd:a9:99:b5:
df:fe:25:57:6c:9e:9e:d7:4d:b1:f9:19:3e:38:9e:
10:6e:6d:35:ca:ab:8a:4b:62:26:4c:6d:27:ee:77:
d1:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:A2:E7:C7:F8:01:62:DE:F4:30:E6:7D:D0:C4:D2:99:5D:91:B3:A1
X509v3 Authority Key Identifier:
keyid:8B:DF:76:C5:4B:9E:69:35:C3:0A:9B:4C:9B:A9:30:9A:C4:70:EC:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i992xUueaTXDCptMm6kwmsRw7AI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/VKLnx_gBYt70MOZ90MTSmV2Rs6E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/i992xUueaTXDCptMm6kwmsRw7AI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.36.0/22
195.5.124.0/23
195.222.124.0/22
IPv6:
2a10:d80::/29
Signature Algorithm: sha256WithRSAEncryption
20:c9:57:99:76:24:91:f9:55:c4:17:b9:09:07:ac:19:16:bf:
b9:0b:ef:98:02:dc:a6:4e:ba:5e:83:18:b1:8d:43:ba:25:b1:
c0:46:58:a5:ce:8c:70:bc:a4:21:7a:1b:fe:24:b3:10:d3:92:
e4:86:53:f1:a5:c4:27:66:8f:52:67:57:cf:a4:df:3d:5e:35:
06:62:72:04:9b:c7:2a:65:a4:ea:7e:b6:cc:fa:a6:46:92:ab:
9b:09:14:fb:65:cc:a9:e5:0c:cb:9f:92:a3:01:0f:3c:bc:bf:
7a:96:94:45:b9:d3:0c:74:c8:69:e4:02:55:00:04:a2:78:8a:
61:c4:3b:b3:46:a3:86:e3:05:c2:38:ae:63:29:92:21:d7:0d:
a3:a4:77:e8:0c:22:f3:70:fd:48:82:59:f9:ff:8f:7b:71:ca:
cf:0a:a0:a6:b9:26:6b:00:cb:c0:fe:66:c7:2c:a3:9b:9a:81:
d4:fa:9e:5b:85:56:0e:bf:63:9e:0f:3d:eb:bd:bc:5b:61:40:
e6:27:83:5f:99:13:9b:08:a6:0a:d8:b9:94:aa:2f:73:d1:dd:
d6:49:34:f3:7c:de:d3:0c:3d:53:10:8c:f1:05:48:0c:fd:39:
eb:2c:a2:4c:c1:98:8d:4d:25:d0:a5:b6:f2:bc:b6:fa:01:1e:
57:da:4d:80
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYpHkugyaJoeKpJ736GfuiJjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiZGY3NmM1NGI5ZTY5MzVjMzBhOWI0YzliYTkzMDlhYzQ3
MGVjMDIwHhcNMjMwODMwMTc1MjA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NGEyZTdjN2Y4MDE2MmRlZjQzMGU2N2RkMGM0ZDI5OTVkOTFiM2ExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6A3BxE4YwjMEBsj12UsvkL9Ypgz
Xmu5rMugnD5SiJlFnCjUxoeLmWQKoXxrE0VYAwdZ8poHEGpEeuPm3Jew30S57mav
jvGPygVNkZuQQjNaoyPJyDa/SsF9DOd+ufdlIDrjYCkr/M1hvcHs3j6quoAAcMRZ
uAT6o78ByUKCoGKbo06vMPAFYB5qJlsAlGGX+7mcaThM4rA0erxmxhkQRY4YS/nK
eQxvZ2wIzNAgUFkQFhCu3TWfxxmfi0RjzeiFBd0guKqnHuWYZT2CKr227JPOeFzk
bgHB5fDluP2pmbXf/iVXbJ6e102x+Rk+OJ4Qbm01yquKS2ImTG0n7nfR9wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFFSi58f4AWLe9DDmfdDE0pldkbOhMB8GA1UdIwQY
MBaAFIvfdsVLnmk1wwqbTJupMJrEcOwCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTk5MnhVdWVhVFhEQ3B0TW02a3dtc1J3N0FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS8yMTUxOWUtYjhkYy00MjQwLWFhNzgt
OGQyMTg2NjUwMjdkLzEvVktMbnhfZ0JZdDcwTU9aOTBNVFNtVjJSczZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS8yMTUxOWUtYjhkYy00MjQwLWFhNzgtOGQyMTg2NjUwMjdk
LzEvaTk5MnhVdWVhVFhEQ3B0TW02a3dtc1J3N0FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCBWYkAwQB
wwV8AwQCw958MA0EAgACMAcDBQMqEA2AMA0GCSqGSIb3DQEBCwUAA4IBAQAgyVeZ
diSR+VXEF7kJB6wZFr+5C++YAtymTrpegxixjUO6JbHARlilzoxwvKQhehv+JLMQ
05LkhlPxpcQnZo9SZ1fPpN89XjUGYnIEm8cqZaTqfrbM+qZGkqubCRT7Zcyp5QzL
n5KjAQ88vL96lpRFudMMdMhp5AJVAASieIphxDuzRqOG4wXCOK5jKZIh1w2jpHfo
DCLzcP1Igln5/497ccrPCqCmuSZrAMvA/mbHLKObmoHU+p5bhVYOv2OeDz3rvbxb
YUDmJ4NfmRObCKYK2LmUqi9z0d3WSTTzfN7TDD1TEIzxBUgM/TnrLKJMwZiNTSXQ
pbbyvLb6AR5X2k2A
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:50 2024 by rpki-client on console-fra.rpki-client.org