Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/59fcf0-1d5c-4ecb-bf87-3bcb8bf8bbfe/1/vlfLcufo_bYbjm36qBfFO31zVDY.roa
File: vlfLcufo_bYbjm36qBfFO31zVDY.roa (raw, json)
Hash identifier: 040g4zteAmRlhYGz/SB2CY6OJKN5K2SSJax+T8s2III=
Subject key identifier: BE:57:CB:72:E7:E8:FD:B6:1B:8E:6D:FA:A8:17:C5:3B:7D:73:54:36
Certificate issuer: /CN=151453f482cda78ebc99625d80b0ffc3660f95f2
Certificate serial: 018CC5DC638F2484C06B4D7DEF20752B9BD1
Authority key identifier: 15:14:53:F4:82:CD:A7:8E:BC:99:62:5D:80:B0:FF:C3:66:0F:95:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FRRT9ILNp468mWJdgLD_w2YPlfI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/59fcf0-1d5c-4ecb-bf87-3bcb8bf8bbfe/1/vlfLcufo_bYbjm36qBfFO31zVDY.roa
Signing time: Mon 01 Jan 2024 16:30:03 +0000
ROA not before: Mon 01 Jan 2024 16:30:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215992
IP address blocks: 147.78.88.0/22 maxlen: 22
147.78.91.0/24 maxlen: 24
2a09:2040:ffff::/48 maxlen: 48
2a09:2040::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 13 Jul 2024 07:30:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:63:8f:24:84:c0:6b:4d:7d:ef:20:75:2b:9b:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=151453f482cda78ebc99625d80b0ffc3660f95f2
Validity
Not Before: Jan 1 16:30:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=be57cb72e7e8fdb61b8e6dfaa817c53b7d735436
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:4e:50:47:ad:0d:ef:fb:17:82:c3:19:e7:60:
7b:d8:f0:69:fb:ab:d2:71:2c:80:c4:98:eb:65:fe:
d0:36:9b:2b:b7:fa:5b:f4:fb:66:3e:c9:49:de:53:
cb:eb:8d:56:44:33:91:2b:8d:39:7e:42:68:a3:7a:
df:10:78:40:0b:ad:c8:f9:21:98:71:1f:ab:30:10:
d3:4b:b6:f1:9e:25:15:4e:5f:ed:7a:95:d9:66:2a:
d2:70:5f:14:73:ec:45:b6:b1:7a:45:78:cf:14:8d:
ca:8a:59:56:35:5b:3a:1a:44:fb:cd:05:b7:44:e1:
a4:3c:3f:e9:2c:39:58:d5:63:10:cd:e5:8b:6a:47:
18:6f:cc:b9:c7:30:df:b4:a3:b4:b1:b7:fc:26:45:
fb:af:26:3d:c7:81:39:74:a7:2c:7d:99:71:b5:c4:
07:49:71:e0:0b:f6:40:c2:7b:46:cf:4d:3c:d7:ad:
66:15:44:2e:e4:1e:d0:99:9d:2a:ae:f8:1c:41:78:
cf:81:03:62:13:1d:83:af:d3:50:c7:b9:34:f0:a2:
03:0f:98:bc:ff:96:f6:71:79:2e:86:f3:9a:bc:57:
3e:8b:4e:0a:09:76:d1:a4:d8:0c:5f:41:62:05:ca:
81:cd:cd:a0:1e:ca:41:51:ff:45:a8:b4:96:ba:cb:
01:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:57:CB:72:E7:E8:FD:B6:1B:8E:6D:FA:A8:17:C5:3B:7D:73:54:36
X509v3 Authority Key Identifier:
keyid:15:14:53:F4:82:CD:A7:8E:BC:99:62:5D:80:B0:FF:C3:66:0F:95:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FRRT9ILNp468mWJdgLD_w2YPlfI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/59fcf0-1d5c-4ecb-bf87-3bcb8bf8bbfe/1/vlfLcufo_bYbjm36qBfFO31zVDY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/59fcf0-1d5c-4ecb-bf87-3bcb8bf8bbfe/1/FRRT9ILNp468mWJdgLD_w2YPlfI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.88.0/22
IPv6:
2a09:2040::/29
Signature Algorithm: sha256WithRSAEncryption
8e:79:40:97:2f:a0:d6:09:f5:29:a1:f0:3a:cb:55:52:e7:b6:
a0:c8:42:46:f4:b5:f1:be:d0:26:3f:1d:da:8c:4e:a0:5c:1b:
2b:65:41:3d:c0:fe:29:3d:5d:81:1e:16:fd:2f:9e:b7:cc:86:
f7:ed:f1:92:04:35:0d:d1:30:98:8c:a9:85:39:27:d1:8c:89:
45:fc:7a:d8:25:61:6d:09:06:2b:73:7a:b0:61:f5:b8:64:bb:
be:bf:e8:46:75:5d:32:2a:7d:5a:39:6e:99:b3:ff:75:2f:76:
d1:bc:88:18:2b:af:07:f5:f8:ea:c1:b8:9e:3d:ef:58:e1:71:
3c:ca:dc:d7:c4:2b:ee:f2:d2:af:04:17:51:0a:bb:37:00:d3:
e0:52:4f:b9:dc:51:7e:c1:e0:1e:7b:5d:08:dc:66:4f:bf:0a:
97:3b:2e:fe:4e:cd:85:4f:ab:de:e2:30:f4:84:be:de:97:80:
e5:55:bd:71:19:11:52:27:e1:cd:85:33:a6:04:16:db:78:e3:
3b:78:e0:ab:93:6a:e5:8f:42:bf:d0:cc:d9:ab:7c:80:62:ef:
e6:14:f3:be:d8:14:c3:2d:ce:8b:d6:d1:a8:1c:1b:60:46:1e:
13:e0:52:21:70:84:ad:88:87:34:cf:c0:55:bb:0e:19:10:2b:
99:23:83:bd
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzF3GOPJITAa0197yB1K5vRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1MTQ1M2Y0ODJjZGE3OGViYzk5NjI1ZDgwYjBmZmMzNjYw
Zjk1ZjIwHhcNMjQwMTAxMTYzMDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTU3Y2I3MmU3ZThmZGI2MWI4ZTZkZmFhODE3YzUzYjdkNzM1NDM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl05QR60N7/sXgsMZ52B72PBp+6vS
cSyAxJjrZf7QNpsrt/pb9PtmPslJ3lPL641WRDORK405fkJoo3rfEHhAC63I+SGY
cR+rMBDTS7bxniUVTl/tepXZZirScF8Uc+xFtrF6RXjPFI3KillWNVs6GkT7zQW3
ROGkPD/pLDlY1WMQzeWLakcYb8y5xzDftKO0sbf8JkX7ryY9x4E5dKcsfZlxtcQH
SXHgC/ZAwntGz008161mFUQu5B7QmZ0qrvgcQXjPgQNiEx2Dr9NQx7k08KIDD5i8
/5b2cXkuhvOavFc+i04KCXbRpNgMX0FiBcqBzc2gHspBUf9FqLSWussBfwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFL5Xy3Ln6P22G45t+qgXxTt9c1Q2MB8GA1UdIwQY
MBaAFBUUU/SCzaeOvJliXYCw/8NmD5XyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRlJSVDlJTE5wNDY4bVdKZGdMRF93MllQbGZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC81OWZjZjAtMWQ1Yy00ZWNiLWJmODct
M2JjYjhiZjhiYmZlLzEvdmxmTGN1Zm9fYlliam0zNnFCZkZPMzF6VkRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC81OWZjZjAtMWQ1Yy00ZWNiLWJmODctM2JjYjhiZjhiYmZl
LzEvRlJSVDlJTE5wNDY4bVdKZGdMRF93MllQbGZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCk05YMA0E
AgACMAcDBQMqCSBAMA0GCSqGSIb3DQEBCwUAA4IBAQCOeUCXL6DWCfUpofA6y1VS
57agyEJG9LXxvtAmPx3ajE6gXBsrZUE9wP4pPV2BHhb9L563zIb37fGSBDUN0TCY
jKmFOSfRjIlF/HrYJWFtCQYrc3qwYfW4ZLu+v+hGdV0yKn1aOW6Zs/91L3bRvIgY
K68H9fjqwbiePe9Y4XE8ytzXxCvu8tKvBBdRCrs3ANPgUk+53FF+weAee10I3GZP
vwqXOy7+Ts2FT6ve4jD0hL7el4DlVb1xGRFSJ+HNhTOmBBbbeOM7eOCrk2rlj0K/
0MzZq3yAYu/mFPO+2BTDLc6L1tGoHBtgRh4T4FIhcIStiIc0z8BVuw4ZECuZI4O9
-----END CERTIFICATE-----
Generated at Sat Jul 13 08:46:16 2024 by rpki-client on console-fra.rpki-client.org