Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/vkmlnvHyAIZAys4ZtsyUu4feVgU.roa
File: vkmlnvHyAIZAys4ZtsyUu4feVgU.roa (raw, json)
Hash identifier: 4wyAihICS0kp5rxLxAlDyJ/ce4bODx3MPbLOXT0pqnc=
Subject key identifier: BE:49:A5:9E:F1:F2:00:86:40:CA:CE:19:B6:CC:94:BB:87:DE:56:05
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018A16E6E415043AEC1D978A4AB1A2812089
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/vkmlnvHyAIZAys4ZtsyUu4feVgU.roa
Signing time: Mon 21 Aug 2023 07:02:24 +0000
ROA not before: Mon 21 Aug 2023 07:02:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 77.83.39.0/24 maxlen: 24
85.209.120.0/23 maxlen: 24
45.94.171.0/24 maxlen: 24
45.138.183.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:16:e6:e4:15:04:3a:ec:1d:97:8a:4a:b1:a2:81:20:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Aug 21 07:02:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=be49a59ef1f2008640cace19b6cc94bb87de5605
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:4f:6a:9e:54:35:8f:8c:5a:66:d7:8c:11:52:
78:2f:96:30:f5:5a:5e:f5:19:74:5a:e1:94:43:b5:
97:ec:44:db:e1:13:b0:7d:23:eb:09:5f:df:4f:8b:
ce:a2:f0:20:0d:c0:1a:20:0d:63:c1:bd:5c:6d:11:
4c:92:5a:56:54:c5:0c:f1:bf:d7:2d:18:06:51:55:
f1:46:77:16:a1:4b:ad:d3:80:c1:0d:94:23:69:71:
a3:71:98:6c:b1:69:87:b1:24:6a:91:0c:ef:0c:ee:
b0:e5:e5:16:ef:7e:6a:dc:3e:ed:65:71:e4:7c:9a:
1a:68:9d:f2:a5:34:62:30:28:37:12:d2:a0:3f:bc:
4c:f5:e6:81:11:70:9c:c5:1f:63:f1:41:76:1a:19:
7a:a4:99:af:2f:f5:9b:bf:c7:e6:00:92:37:08:97:
d4:79:aa:ee:9f:85:52:dc:18:4b:19:2c:46:c3:1e:
2d:e5:20:51:cc:a5:c4:b8:74:8f:e9:7e:f5:5e:cb:
55:d1:96:2c:50:fb:27:d4:76:09:cd:4b:58:52:d2:
f2:a0:c3:e9:f2:6e:10:b4:f2:ee:37:25:ad:78:06:
bc:59:75:cd:14:7e:3a:d1:99:48:92:0c:c4:5f:79:
e9:3f:20:d6:87:cb:0e:e8:96:80:cd:b7:b5:7b:7f:
58:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:49:A5:9E:F1:F2:00:86:40:CA:CE:19:B6:CC:94:BB:87:DE:56:05
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/vkmlnvHyAIZAys4ZtsyUu4feVgU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.171.0/24
45.138.183.0/24
77.83.39.0/24
85.209.120.0/23
Signature Algorithm: sha256WithRSAEncryption
47:49:89:d7:b9:df:2a:a3:81:f5:70:78:0b:e7:78:4a:e4:fd:
46:a0:59:01:07:f3:57:67:aa:7d:b0:d1:70:84:df:87:b1:13:
d3:81:ef:06:fa:ae:c8:99:02:94:29:b6:ff:46:d2:dd:88:ad:
49:d0:e4:76:8f:02:5d:97:ed:86:7c:34:af:b4:82:6c:f1:af:
24:b3:ac:2a:70:3d:b2:d9:1f:be:cb:d2:56:e5:88:f7:3b:9e:
a0:07:0f:eb:4e:e4:c8:0d:a6:b3:78:3f:e6:b3:e3:e0:06:62:
2b:4b:97:10:61:8a:e1:29:05:a5:d9:c9:12:a2:8f:f9:76:b0:
75:87:47:e3:ad:ff:29:ef:e8:39:36:95:53:8c:69:8e:a5:3b:
eb:c9:73:b6:7e:3e:b8:21:f9:68:2a:e1:0a:b5:bf:55:a8:1f:
ce:62:18:da:52:50:ce:68:34:e5:d0:68:d4:09:08:89:4e:4b:
b5:9d:0a:16:e3:b2:0c:46:43:b0:bf:ea:e3:d9:52:2b:a1:45:
02:25:3c:6f:0f:13:0d:82:1c:97:f0:7a:99:ca:25:b9:56:0b:
e6:70:da:ec:2e:19:9b:96:c6:67:b9:d0:16:97:f0:4d:6a:83:
2b:57:e3:e1:00:ea:33:da:3e:d5:57:94:4a:f8:b1:f7:00:02:
e6:40:09:76
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYoW5uQVBDrsHZeKSrGigSCJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwODIxMDcwMjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTQ5YTU5ZWYxZjIwMDg2NDBjYWNlMTliNmNjOTRiYjg3ZGU1NjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAok9qnlQ1j4xaZteMEVJ4L5Yw9Vpe
9Rl0WuGUQ7WX7ETb4ROwfSPrCV/fT4vOovAgDcAaIA1jwb1cbRFMklpWVMUM8b/X
LRgGUVXxRncWoUut04DBDZQjaXGjcZhssWmHsSRqkQzvDO6w5eUW735q3D7tZXHk
fJoaaJ3ypTRiMCg3EtKgP7xM9eaBEXCcxR9j8UF2Ghl6pJmvL/Wbv8fmAJI3CJfU
earun4VS3BhLGSxGwx4t5SBRzKXEuHSP6X71XstV0ZYsUPsn1HYJzUtYUtLyoMPp
8m4QtPLuNyWteAa8WXXNFH460ZlIkgzEX3npPyDWh8sO6JaAzbe1e39YeQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFL5JpZ7x8gCGQMrOGbbMlLuH3lYFMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvdmttbG52SHlBSVpBeXM0WnRzeVV1NGZlVmdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALV6rAwQA
LYq3AwQATVMnAwQBVdF4MA0GCSqGSIb3DQEBCwUAA4IBAQBHSYnXud8qo4H1cHgL
53hK5P1GoFkBB/NXZ6p9sNFwhN+HsRPTge8G+q7ImQKUKbb/RtLdiK1J0OR2jwJd
l+2GfDSvtIJs8a8ks6wqcD2y2R++y9JW5Yj3O56gBw/rTuTIDaazeD/ms+PgBmIr
S5cQYYrhKQWl2ckSoo/5drB1h0fjrf8p7+g5NpVTjGmOpTvryXO2fj64IfloKuEK
tb9VqB/OYhjaUlDOaDTl0GjUCQiJTku1nQoW47IMRkOwv+rj2VIroUUCJTxvDxMN
ghyX8HqZyiW5VgvmcNrsLhmblsZnudAWl/BNaoMrV+PhAOoz2j7VV5RK+LH3AALm
QAl2
-----END CERTIFICATE-----
Generated at Thu Aug 24 10:05:56 2023 by rpki-client on console-fra.rpki-client.org