Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/90f62b-7ae2-49d6-a42c-899f1e1b7360/1/VMaA5exYvDZNVqnuNWf7fwaIJSA.roa
File: VMaA5exYvDZNVqnuNWf7fwaIJSA.roa (raw, json)
Hash identifier: iPYWaTHm03OOX4FTD1JsF9Fy1vEp51pexa2Zw5O9Zik=
Subject key identifier: 54:C6:80:E5:EC:58:BC:36:4D:56:A9:EE:35:67:FB:7F:06:88:25:20
Certificate issuer: /CN=59c4cfbd871c42dd55a57bd0ff567134f322b23e
Certificate serial: 018CB50D51A5F04B57C8DE036285365FEC8A
Authority key identifier: 59:C4:CF:BD:87:1C:42:DD:55:A5:7B:D0:FF:56:71:34:F3:22:B2:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WcTPvYccQt1VpXvQ_1ZxNPMisj4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/90f62b-7ae2-49d6-a42c-899f1e1b7360/1/VMaA5exYvDZNVqnuNWf7fwaIJSA.roa
Signing time: Fri 29 Dec 2023 10:09:58 +0000
ROA not before: Fri 29 Dec 2023 10:09:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210869
IP address blocks: 45.13.68.0/22 maxlen: 23
2a0e:df00::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:b5:0d:51:a5:f0:4b:57:c8:de:03:62:85:36:5f:ec:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=59c4cfbd871c42dd55a57bd0ff567134f322b23e
Validity
Not Before: Dec 29 10:09:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=54c680e5ec58bc364d56a9ee3567fb7f06882520
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:72:13:d9:79:6d:b7:df:7d:a9:1b:f8:16:5d:
a4:e2:9b:40:9f:fe:a5:72:e9:91:28:80:3f:a3:75:
44:b8:01:5f:f8:49:8b:02:bc:09:18:0c:88:e2:75:
7a:ad:50:af:96:aa:3c:93:da:07:50:02:4e:77:8e:
b2:b1:a5:c1:ef:9a:e6:14:13:d3:fb:ef:50:fa:d4:
eb:5f:c0:7a:58:e8:37:d6:9b:2f:00:e2:9b:4d:21:
65:35:47:9a:8f:c8:0c:26:87:30:91:75:11:53:75:
36:c9:6a:2b:1d:d4:c3:13:76:3a:e3:1d:2f:3c:06:
73:70:8d:98:11:7a:e2:4a:22:99:f6:e0:27:01:7c:
1c:40:3e:a1:8c:42:d2:66:66:00:3b:02:ee:79:1e:
25:d5:81:4f:25:e2:9f:50:dd:47:f5:7f:80:1d:24:
03:44:40:49:80:af:bb:66:7e:73:4a:f7:3b:cc:59:
09:57:6a:f3:8f:8a:ab:86:0f:a4:ec:fd:20:db:a6:
7d:a9:1e:ea:25:7e:78:4f:70:2d:c9:e8:51:78:f1:
9a:fe:11:68:ef:a0:27:d5:12:16:23:b6:16:31:be:
67:73:ae:0a:5c:71:43:43:f8:eb:f8:b7:55:ee:ba:
77:f8:f0:98:fc:f2:13:5e:08:9f:12:d1:95:4d:a9:
f1:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:C6:80:E5:EC:58:BC:36:4D:56:A9:EE:35:67:FB:7F:06:88:25:20
X509v3 Authority Key Identifier:
keyid:59:C4:CF:BD:87:1C:42:DD:55:A5:7B:D0:FF:56:71:34:F3:22:B2:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WcTPvYccQt1VpXvQ_1ZxNPMisj4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/90f62b-7ae2-49d6-a42c-899f1e1b7360/1/VMaA5exYvDZNVqnuNWf7fwaIJSA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/90f62b-7ae2-49d6-a42c-899f1e1b7360/1/WcTPvYccQt1VpXvQ_1ZxNPMisj4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.68.0/22
IPv6:
2a0e:df00::/32
Signature Algorithm: sha256WithRSAEncryption
06:b4:65:dc:26:55:0c:4d:2a:a5:2e:ae:1f:9b:de:d7:56:40:
37:2c:15:9c:fe:1e:f9:1b:c7:cc:e3:09:10:3a:46:cb:ba:ed:
f7:37:6d:9a:14:9a:ed:32:6a:7f:04:5d:2b:5e:d6:5f:17:16:
a5:dd:9c:a7:ae:08:a0:cb:87:1b:db:9c:0f:9d:f5:26:75:e0:
e5:47:80:c2:39:69:43:92:fe:9c:d8:9d:8e:1a:04:e8:53:bf:
b6:bf:62:c8:2f:07:37:a4:b7:f6:c6:2b:2a:27:11:5c:6d:c3:
1f:12:f2:9f:8d:84:d0:63:d1:ed:42:24:0a:64:f5:bb:52:0f:
45:a2:86:48:41:76:a4:fa:8c:91:05:4c:d8:ce:cd:5e:42:e2:
ca:78:58:e1:ef:1e:09:35:bc:b0:84:28:1b:db:c5:bc:04:53:
e2:8d:a7:41:ea:a8:44:46:72:f3:2e:1c:0b:7e:7a:74:2b:d7:
07:53:f5:9e:05:b6:c6:31:66:34:70:62:5c:79:f3:4e:7a:04:
29:a6:50:e9:ed:89:a2:2b:86:b8:8b:9b:f1:a1:51:1d:44:09:
c7:7e:ad:01:27:18:6e:ea:de:81:ff:75:2d:d5:61:e5:7c:51:
74:e1:9c:4f:25:8e:96:cc:4b:c5:b8:6d:be:c3:31:02:7b:3b:
28:b4:8b:b7
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYy1DVGl8EtXyN4DYoU2X+yKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5YzRjZmJkODcxYzQyZGQ1NWE1N2JkMGZmNTY3MTM0ZjMy
MmIyM2UwHhcNMjMxMjI5MTAwOTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NGM2ODBlNWVjNThiYzM2NGQ1NmE5ZWUzNTY3ZmI3ZjA2ODgyNTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA03IT2Xltt999qRv4Fl2k4ptAn/6l
cumRKIA/o3VEuAFf+EmLArwJGAyI4nV6rVCvlqo8k9oHUAJOd46ysaXB75rmFBPT
++9Q+tTrX8B6WOg31psvAOKbTSFlNUeaj8gMJocwkXURU3U2yWorHdTDE3Y64x0v
PAZzcI2YEXriSiKZ9uAnAXwcQD6hjELSZmYAOwLueR4l1YFPJeKfUN1H9X+AHSQD
REBJgK+7Zn5zSvc7zFkJV2rzj4qrhg+k7P0g26Z9qR7qJX54T3AtyehRePGa/hFo
76An1RIWI7YWMb5nc64KXHFDQ/jr+LdV7rp3+PCY/PITXgifEtGVTanxbwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFTGgOXsWLw2TVap7jVn+38GiCUgMB8GA1UdIwQY
MBaAFFnEz72HHELdVaV70P9WcTTzIrI+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2NUUHZZY2NRdDFWcFh2UV8xWnhOUE1pc2o0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy85MGY2MmItN2FlMi00OWQ2LWE0MmMt
ODk5ZjFlMWI3MzYwLzEvVk1hQTVleFl2RFpOVnFudU5XZjdmd2FJSlNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy85MGY2MmItN2FlMi00OWQ2LWE0MmMtODk5ZjFlMWI3MzYw
LzEvV2NUUHZZY2NRdDFWcFh2UV8xWnhOUE1pc2o0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLQ1EMA0E
AgACMAcDBQAqDt8AMA0GCSqGSIb3DQEBCwUAA4IBAQAGtGXcJlUMTSqlLq4fm97X
VkA3LBWc/h75G8fM4wkQOkbLuu33N22aFJrtMmp/BF0rXtZfFxal3Zynrgigy4cb
25wPnfUmdeDlR4DCOWlDkv6c2J2OGgToU7+2v2LILwc3pLf2xisqJxFcbcMfEvKf
jYTQY9HtQiQKZPW7Ug9FooZIQXak+oyRBUzYzs1eQuLKeFjh7x4JNbywhCgb28W8
BFPijadB6qhERnLzLhwLfnp0K9cHU/WeBbbGMWY0cGJcefNOegQpplDp7YmiK4a4
i5vxoVEdRAnHfq0BJxhu6t6B/3Ut1WHlfFF04ZxPJY6WzEvFuG2+wzECezsotIu3
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:09 2024 by rpki-client on console-ams.rpki-client.org