Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/9c27e4-d7b1-43c1-a38f-94914f5ddb3c/1/TVcpilekL7bva_VP60JR5-PfP7s.roa
File: TVcpilekL7bva_VP60JR5-PfP7s.roa (raw, json)
Hash identifier: 6eEYQsxRqAq8DzI5190p7Zb++SPHqwQkWMYF3KIINUo=
Subject key identifier: 4D:57:29:8A:57:A4:2F:B6:EF:6B:F5:4F:EB:42:51:E7:E3:DF:3F:BB
Certificate issuer: /CN=320b24a740f2e61632050adc146c1ee6a3e686c5
Certificate serial: 01856D81C1AD1340CC76AE60BCDFCCFD3F77
Authority key identifier: 32:0B:24:A7:40:F2:E6:16:32:05:0A:DC:14:6C:1E:E6:A3:E6:86:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mgskp0Dy5hYyBQrcFGwe5qPmhsU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/9c27e4-d7b1-43c1-a38f-94914f5ddb3c/1/TVcpilekL7bva_VP60JR5-PfP7s.roa
Signing time: Sun 01 Jan 2023 13:24:58 +0000
ROA not before: Sun 01 Jan 2023 13:24:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13242
IP address blocks: 85.254.240.0/21 maxlen: 21
85.254.204.0/23 maxlen: 23
85.254.200.0/22 maxlen: 22
85.254.238.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:81:c1:ad:13:40:cc:76:ae:60:bc:df:cc:fd:3f:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=320b24a740f2e61632050adc146c1ee6a3e686c5
Validity
Not Before: Jan 1 13:24:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4d57298a57a42fb6ef6bf54feb4251e7e3df3fbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:28:01:d9:5f:73:ad:eb:65:b9:80:12:a6:62:
e0:f0:40:b9:51:64:5a:8b:8e:0a:bc:b3:15:00:77:
d9:4b:7f:f3:c1:76:6b:e3:1f:75:69:70:ab:06:f4:
2b:9d:eb:b5:8c:a8:ef:64:5d:50:96:ee:52:3c:b1:
7e:b6:0a:f5:07:d7:a9:bd:f1:e4:6b:90:61:db:fa:
6d:d4:3e:f9:22:05:11:93:7e:51:4d:a6:e9:17:03:
05:8e:6d:eb:2a:6c:24:cf:63:a6:06:bb:a6:4b:ca:
96:19:46:ee:a7:df:14:ca:10:7f:38:80:4d:63:31:
07:61:1c:28:cd:da:eb:f8:c1:10:88:b5:4a:d1:86:
a5:83:32:4c:65:76:f2:d1:c7:cd:8c:e3:c4:a5:c7:
ca:c3:ca:bb:40:c3:b7:d0:2d:a7:41:4b:be:07:74:
e7:85:bd:be:4c:88:e7:ef:06:29:b8:ec:11:76:63:
4a:ef:3c:83:81:14:34:34:03:d1:40:d4:0e:20:1a:
80:4d:5e:a1:a4:26:f0:50:80:f8:ca:36:85:b3:4b:
3c:ed:12:e9:a9:00:d9:9c:69:85:a6:0d:f4:8c:21:
e5:8f:5e:1c:c9:d1:4d:99:40:06:7c:eb:ce:12:ad:
bd:96:a6:70:60:dd:b8:cd:e3:f9:78:dc:09:64:ea:
f8:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:57:29:8A:57:A4:2F:B6:EF:6B:F5:4F:EB:42:51:E7:E3:DF:3F:BB
X509v3 Authority Key Identifier:
keyid:32:0B:24:A7:40:F2:E6:16:32:05:0A:DC:14:6C:1E:E6:A3:E6:86:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mgskp0Dy5hYyBQrcFGwe5qPmhsU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/9c27e4-d7b1-43c1-a38f-94914f5ddb3c/1/TVcpilekL7bva_VP60JR5-PfP7s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/9c27e4-d7b1-43c1-a38f-94914f5ddb3c/1/Mgskp0Dy5hYyBQrcFGwe5qPmhsU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.254.200.0-85.254.205.255
85.254.238.0-85.254.247.255
Signature Algorithm: sha256WithRSAEncryption
b9:d6:7e:d9:b1:c4:67:b2:57:d6:09:83:22:98:2f:7b:03:99:
19:64:82:2a:12:15:ec:d2:fa:1a:c3:89:11:c2:1d:89:17:11:
1a:4b:05:66:59:34:0d:85:1d:7e:8a:b3:e0:0d:ed:66:1f:03:
62:2f:51:bd:04:cf:cb:b1:eb:3d:2a:05:47:76:c3:53:7a:44:
b5:ca:1c:c0:f0:b2:10:41:8e:7b:02:91:d2:28:d2:2e:63:4d:
40:1c:ac:ec:17:61:0e:ef:27:c1:10:a5:82:63:df:0f:f1:68:
0a:fa:e8:25:0a:8a:8f:e0:41:db:8c:a2:b7:3b:0e:2b:cd:da:
6d:36:9f:75:b2:09:e7:0e:d2:22:ad:30:89:4e:9a:73:62:2a:
30:e5:03:89:dc:86:2b:e9:78:eb:93:bd:89:53:73:68:9a:7a:
1e:4a:8e:d3:3d:ce:aa:0d:f9:ea:a7:f2:14:07:1c:51:09:9f:
ab:64:6d:39:f9:c7:7d:ac:42:7e:a9:ad:23:28:5f:95:d6:4e:
32:3f:68:bc:22:cc:68:33:6e:0a:6b:40:f7:a0:16:9a:df:8f:
54:da:87:16:b9:97:f7:4f:47:85:25:18:22:c7:61:b0:6f:c4:
f7:cd:a2:91:9c:e9:f9:d6:c5:56:be:71:6c:94:b3:e5:ea:74:
2b:6d:a5:c7
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYVtgcGtE0DMdq5gvN/M/T93MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyMGIyNGE3NDBmMmU2MTYzMjA1MGFkYzE0NmMxZWU2YTNl
Njg2YzUwHhcNMjMwMTAxMTMyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDU3Mjk4YTU3YTQyZmI2ZWY2YmY1NGZlYjQyNTFlN2UzZGYzZmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiCgB2V9zretluYASpmLg8EC5UWRa
i44KvLMVAHfZS3/zwXZr4x91aXCrBvQrneu1jKjvZF1Qlu5SPLF+tgr1B9epvfHk
a5Bh2/pt1D75IgURk35RTabpFwMFjm3rKmwkz2OmBrumS8qWGUbup98UyhB/OIBN
YzEHYRwozdrr+MEQiLVK0YalgzJMZXby0cfNjOPEpcfKw8q7QMO30C2nQUu+B3Tn
hb2+TIjn7wYpuOwRdmNK7zyDgRQ0NAPRQNQOIBqATV6hpCbwUID4yjaFs0s87RLp
qQDZnGmFpg30jCHlj14cydFNmUAGfOvOEq29lqZwYN24zeP5eNwJZOr4BQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFE1XKYpXpC+272v1T+tCUefj3z+7MB8GA1UdIwQY
MBaAFDILJKdA8uYWMgUK3BRsHuaj5obFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWdza3AwRHk1aFl5QlFyY0ZHd2U1cVBtaHNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy85YzI3ZTQtZDdiMS00M2MxLWEzOGYt
OTQ5MTRmNWRkYjNjLzEvVFZjcGlsZWtMN2J2YV9WUDYwSlI1LVBmUDdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy85YzI3ZTQtZDdiMS00M2MxLWEzOGYtOTQ5MTRmNWRkYjNj
LzEvTWdza3AwRHk1aFl5QlFyY0ZHd2U1cVBtaHNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBANV/sgD
BAFV/swwDAMEAVX+7gMEA1X+8DANBgkqhkiG9w0BAQsFAAOCAQEAudZ+2bHEZ7JX
1gmDIpgvewOZGWSCKhIV7NL6GsOJEcIdiRcRGksFZlk0DYUdfoqz4A3tZh8DYi9R
vQTPy7HrPSoFR3bDU3pEtcocwPCyEEGOewKR0ijSLmNNQBys7BdhDu8nwRClgmPf
D/FoCvroJQqKj+BB24yitzsOK83abTafdbIJ5w7SIq0wiU6ac2IqMOUDidyGK+l4
65O9iVNzaJp6HkqO0z3Oqg356qfyFAccUQmfq2RtOfnHfaxCfqmtIyhfldZOMj9o
vCLMaDNuCmtA96AWmt+PVNqHFrmX909HhSUYIsdhsG/E982ikZzp+dbFVr5xbJSz
5ep0K22lxw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:51 2024 by rpki-client on console-fra.rpki-client.org