Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/vTViNeMEYOiYHLIU3GuWtkEgIGA.roa
File: vTViNeMEYOiYHLIU3GuWtkEgIGA.roa (raw, json)
Hash identifier: 8TlRSsVwB02MzZZX37mHgtRTqV4UFIvqeAVI2TTIStY=
Subject key identifier: BD:35:62:35:E3:04:60:E8:98:1C:B2:14:DC:6B:96:B6:41:20:20:60
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 019242249EE74854E94BEA3B77CAA9EDEA4C
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/vTViNeMEYOiYHLIU3GuWtkEgIGA.roa
Signing time: Mon 30 Sep 2024 08:55:49 +0000
ROA not before: Mon 30 Sep 2024 08:55:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214790
IP address blocks: 5.8.44.0/24 maxlen: 24
5.188.51.0/24 maxlen: 24
5.188.203.0/24 maxlen: 24
5.189.254.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 11 Oct 2024 08:27:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:42:24:9e:e7:48:54:e9:4b:ea:3b:77:ca:a9:ed:ea:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Sep 30 08:55:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bd356235e30460e8981cb214dc6b96b641202060
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:73:57:0a:3d:2c:38:3f:cd:51:f7:f6:16:fd:
08:93:62:02:38:68:3e:64:33:21:a7:a4:83:0c:2e:
1b:4d:d2:dc:86:be:5e:71:34:12:29:c7:1c:e0:e1:
01:a2:fa:b5:24:a2:16:10:01:5d:c0:41:74:72:67:
6a:41:58:e1:34:f5:7d:a6:d0:4a:1b:65:70:23:9d:
3e:68:55:62:d9:83:6f:59:16:90:ed:bf:05:81:a1:
b2:e4:36:9a:c5:10:f0:a7:c8:13:15:83:2d:3a:52:
f7:aa:17:68:fa:75:f4:7e:4d:05:9c:9b:20:94:84:
c8:58:38:bd:9a:c8:2b:31:1d:07:40:7a:0a:30:ad:
3c:d1:46:6c:d2:60:63:72:29:ef:52:a5:91:27:6a:
fe:e6:12:fe:d0:ad:11:ae:b7:a3:40:15:50:05:2b:
7b:2b:f7:2f:75:2e:94:2e:88:3d:f6:63:39:f5:95:
06:13:96:ab:0c:b5:87:16:8e:73:66:fb:12:a5:12:
4a:8c:a1:8e:28:c3:03:67:99:39:dd:0a:8f:63:f1:
e8:93:bf:9a:98:0d:da:8a:f8:16:fe:50:05:7e:c9:
9c:df:f3:a4:13:ce:c0:af:9c:66:1a:2b:67:f2:c5:
f4:a1:dc:01:d1:5f:9e:90:e4:c4:e3:c6:cc:98:78:
a2:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:35:62:35:E3:04:60:E8:98:1C:B2:14:DC:6B:96:B6:41:20:20:60
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/vTViNeMEYOiYHLIU3GuWtkEgIGA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.44.0/24
5.188.51.0/24
5.188.203.0/24
5.189.254.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:58:63:9d:ee:d0:c7:5c:bd:b8:d1:73:72:5d:40:e5:11:f8:
1d:6e:6d:63:c1:e1:21:c5:22:59:b6:65:ef:ff:bf:a3:85:9f:
ad:e5:ef:a4:1c:41:42:3b:01:50:5f:a6:4b:48:b9:84:aa:e4:
23:5d:6e:0b:45:86:72:3e:cb:5f:96:d6:ca:6c:b3:ad:01:2c:
fd:44:b0:c1:6f:e5:6c:54:6f:71:5d:aa:33:42:09:e6:d2:86:
27:62:c5:b6:7e:43:57:8d:42:fc:79:f3:c6:11:1f:83:32:09:
1a:58:c4:cd:53:ce:0a:98:9e:94:f4:1d:b3:f2:6e:29:5d:12:
0e:49:a7:38:bb:39:11:8f:3f:24:ef:08:49:67:6e:f3:d2:b0:
32:36:e2:ff:3c:e7:7c:32:74:8c:c9:b3:d7:b6:0a:9b:56:94:
b5:2e:93:da:6e:6a:e2:c1:f5:b5:76:f1:93:bb:dd:cd:2d:9d:
d6:f9:fe:20:4d:84:8a:32:51:f4:c9:4c:a5:41:b3:95:2c:32:
f1:9a:db:ad:62:8b:d8:aa:2e:02:57:20:42:84:8e:d2:2b:7a:
f2:6b:d0:b0:42:1a:bd:c5:9a:c4:83:e7:04:f5:05:22:73:f7:
6a:a8:f1:9b:48:73:c8:81:91:d1:3e:5a:f7:69:20:26:ae:0d:
bb:43:d7:03
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZJCJJ7nSFTpS+o7d8qp7epMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjQwOTMwMDg1NTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDM1NjIzNWUzMDQ2MGU4OTgxY2IyMTRkYzZiOTZiNjQxMjAyMDYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2HNXCj0sOD/NUff2Fv0Ik2ICOGg+
ZDMhp6SDDC4bTdLchr5ecTQSKccc4OEBovq1JKIWEAFdwEF0cmdqQVjhNPV9ptBK
G2VwI50+aFVi2YNvWRaQ7b8FgaGy5DaaxRDwp8gTFYMtOlL3qhdo+nX0fk0FnJsg
lITIWDi9msgrMR0HQHoKMK080UZs0mBjcinvUqWRJ2r+5hL+0K0RrrejQBVQBSt7
K/cvdS6ULog99mM59ZUGE5arDLWHFo5zZvsSpRJKjKGOKMMDZ5k53QqPY/Hok7+a
mA3aivgW/lAFfsmc3/OkE87Ar5xmGitn8sX0odwB0V+ekOTE48bMmHii8wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFL01YjXjBGDomByyFNxrlrZBICBgMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvdlRWaU5lTUVZT2lZSExJVTNHdVd0a0VnSUdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABQgsAwQA
BbwzAwQABbzLAwQABb3+MA0GCSqGSIb3DQEBCwUAA4IBAQCsWGOd7tDHXL240XNy
XUDlEfgdbm1jweEhxSJZtmXv/7+jhZ+t5e+kHEFCOwFQX6ZLSLmEquQjXW4LRYZy
PstfltbKbLOtASz9RLDBb+VsVG9xXaozQgnm0oYnYsW2fkNXjUL8efPGER+DMgka
WMTNU84KmJ6U9B2z8m4pXRIOSac4uzkRjz8k7whJZ27z0rAyNuL/POd8MnSMybPX
tgqbVpS1LpPabmriwfW1dvGTu93NLZ3W+f4gTYSKMlH0yUylQbOVLDLxmtutYovY
qi4CVyBChI7SK3rya9CwQhq9xZrEg+cE9QUic/dqqPGbSHPIgZHRPlr3aSAmrg27
Q9cD
-----END CERTIFICATE-----
Generated at Fri Oct 11 13:27:56 2024 by rpki-client on console-ams.rpki-client.org