Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/9b6d9b-8541-44bc-961a-cee5be87a46b/1/VqfuqMgXtMk7qu987QTT13HmgCc.roa
File: VqfuqMgXtMk7qu987QTT13HmgCc.roa (raw, json)
Hash identifier: UhguUw1pK/ssJFTilPcTsjl/3TOypA6a2BGPiS7+b1Q=
Subject key identifier: 56:A7:EE:A8:C8:17:B4:C9:3B:AA:EF:7C:ED:04:D3:D7:71:E6:80:27
Certificate issuer: /CN=c1ee603b78ad72ba7855682ca2b806ac0e7e98fd
Certificate serial: 01856E142983F7BB97B8AD25287D2A40C46B
Authority key identifier: C1:EE:60:3B:78:AD:72:BA:78:55:68:2C:A2:B8:06:AC:0E:7E:98:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/we5gO3itcrp4VWgsorgGrA5-mP0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/9b6d9b-8541-44bc-961a-cee5be87a46b/1/VqfuqMgXtMk7qu987QTT13HmgCc.roa
Signing time: Sun 01 Jan 2023 16:04:53 +0000
ROA not before: Sun 01 Jan 2023 16:04:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1126
IP address blocks: 185.33.68.0/22 maxlen: 24
37.60.192.0/21 maxlen: 24
85.90.64.0/19 maxlen: 24
2001:4d60::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:14:29:83:f7:bb:97:b8:ad:25:28:7d:2a:40:c4:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1ee603b78ad72ba7855682ca2b806ac0e7e98fd
Validity
Not Before: Jan 1 16:04:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=56a7eea8c817b4c93baaef7ced04d3d771e68027
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:17:e6:43:e9:ef:9a:0f:e3:62:c9:37:39:0a:
3e:00:af:ba:a1:71:67:2b:e0:ef:da:3f:ff:a5:79:
fd:01:28:ae:3c:a1:84:71:19:57:9c:a7:96:dc:2d:
de:c5:49:57:0d:d6:60:6c:e6:95:ca:51:e4:99:25:
32:73:78:fc:ee:7a:38:70:f5:24:23:e8:42:55:db:
3d:af:a3:6c:26:65:02:5e:e3:d9:dc:a7:76:d7:aa:
f5:7e:33:96:23:02:c9:79:31:41:6a:35:e6:39:ac:
68:e7:5b:20:fe:d0:61:5f:21:06:46:e8:2e:cc:f0:
41:2c:50:da:a3:e2:07:19:12:74:0a:3d:ac:a9:b1:
84:42:bd:be:a2:20:66:fa:71:01:3e:6f:7d:01:d4:
fc:7d:4f:2d:77:39:f5:33:37:47:c4:e9:cc:bc:75:
a9:c0:c6:c2:cc:a9:19:b7:77:1e:c1:f3:28:c2:32:
b1:49:7f:95:06:93:9e:24:2c:0d:e5:dc:ee:ec:2d:
15:d1:f9:52:44:ef:31:e3:39:c3:db:0d:07:67:0b:
f0:d5:c4:e8:36:20:70:49:76:6b:b6:ac:b4:26:79:
80:bb:c9:8c:e9:b8:1f:12:8f:f6:35:a5:69:6a:2f:
9f:11:d1:6c:67:68:c4:85:be:b1:a4:3d:a1:3a:e6:
f6:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:A7:EE:A8:C8:17:B4:C9:3B:AA:EF:7C:ED:04:D3:D7:71:E6:80:27
X509v3 Authority Key Identifier:
keyid:C1:EE:60:3B:78:AD:72:BA:78:55:68:2C:A2:B8:06:AC:0E:7E:98:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/we5gO3itcrp4VWgsorgGrA5-mP0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/9b6d9b-8541-44bc-961a-cee5be87a46b/1/VqfuqMgXtMk7qu987QTT13HmgCc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/9b6d9b-8541-44bc-961a-cee5be87a46b/1/we5gO3itcrp4VWgsorgGrA5-mP0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.60.192.0/21
85.90.64.0/19
185.33.68.0/22
IPv6:
2001:4d60::/32
Signature Algorithm: sha256WithRSAEncryption
af:ee:0f:5a:d4:e3:66:21:42:b3:4c:a7:1c:cf:47:c4:28:97:
6e:01:c8:98:76:e8:05:74:b9:b7:6d:b1:77:c1:72:04:ee:ba:
d0:7d:22:15:68:a4:9c:2a:8f:19:5d:ab:61:e6:e5:76:fd:15:
a3:42:a6:eb:8b:8d:05:03:6d:cb:08:4e:c2:c8:14:07:37:0b:
c9:18:a3:23:bf:f8:aa:2f:f8:2c:7d:76:49:23:b4:aa:95:17:
66:d0:77:7d:0d:64:19:b5:ff:72:29:d3:06:e8:31:48:e8:44:
44:31:e1:87:2e:f8:ec:31:aa:58:ef:fe:4b:05:d3:2f:05:16:
a8:92:72:83:9a:7b:8a:6f:94:14:74:57:22:b0:bb:e2:10:f9:
c0:49:35:70:e4:9d:65:fa:c3:a8:59:0a:b2:d6:c7:d1:3b:95:
da:81:99:11:0a:9d:71:ca:dd:d3:6e:2d:b8:be:61:28:4f:e4:
65:51:85:15:ba:c5:45:3c:ad:c7:ae:4b:a0:6a:2d:2d:bf:c9:
bb:5a:25:a4:08:23:0e:e7:df:7e:71:bd:bc:d6:d1:09:af:26:
d7:b4:94:fe:3e:a7:b7:51:63:9e:3e:7b:ce:f0:ea:6e:a1:aa:
f2:7e:90:c9:80:a1:8d:f0:35:a8:7d:58:8f:d1:c1:1e:86:2e:
e2:86:cb:2a
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVuFCmD97uXuK0lKH0qQMRrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxZWU2MDNiNzhhZDcyYmE3ODU1NjgyY2EyYjgwNmFjMGU3
ZTk4ZmQwHhcNMjMwMTAxMTYwNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmE3ZWVhOGM4MTdiNGM5M2JhYWVmN2NlZDA0ZDNkNzcxZTY4MDI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlBfmQ+nvmg/jYsk3OQo+AK+6oXFn
K+Dv2j//pXn9ASiuPKGEcRlXnKeW3C3exUlXDdZgbOaVylHkmSUyc3j87no4cPUk
I+hCVds9r6NsJmUCXuPZ3Kd216r1fjOWIwLJeTFBajXmOaxo51sg/tBhXyEGRugu
zPBBLFDao+IHGRJ0Cj2sqbGEQr2+oiBm+nEBPm99AdT8fU8tdzn1MzdHxOnMvHWp
wMbCzKkZt3cewfMowjKxSX+VBpOeJCwN5dzu7C0V0flSRO8x4znD2w0HZwvw1cTo
NiBwSXZrtqy0JnmAu8mM6bgfEo/2NaVpai+fEdFsZ2jEhb6xpD2hOub2NwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFFan7qjIF7TJO6rvfO0E09dx5oAnMB8GA1UdIwQY
MBaAFMHuYDt4rXK6eFVoLKK4BqwOfpj9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2U1Z08zaXRjcnA0Vldnc29yZ0dyQTUtbVAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy85YjZkOWItODU0MS00NGJjLTk2MWEt
Y2VlNWJlODdhNDZiLzEvVnFmdXFNZ1h0TWs3cXU5ODdRVFQxM0htZ0NjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy85YjZkOWItODU0MS00NGJjLTk2MWEtY2VlNWJlODdhNDZi
LzEvd2U1Z08zaXRjcnA0Vldnc29yZ0dyQTUtbVAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDJTzAAwQF
VVpAAwQCuSFEMA0EAgACMAcDBQAgAU1gMA0GCSqGSIb3DQEBCwUAA4IBAQCv7g9a
1ONmIUKzTKccz0fEKJduAciYdugFdLm3bbF3wXIE7rrQfSIVaKScKo8ZXath5uV2
/RWjQqbri40FA23LCE7CyBQHNwvJGKMjv/iqL/gsfXZJI7SqlRdm0Hd9DWQZtf9y
KdMG6DFI6EREMeGHLvjsMapY7/5LBdMvBRaoknKDmnuKb5QUdFcisLviEPnASTVw
5J1l+sOoWQqy1sfRO5XagZkRCp1xyt3Tbi24vmEoT+RlUYUVusVFPK3Hrkugai0t
v8m7WiWkCCMO599+cb281tEJrybXtJT+Pqe3UWOePnvO8OpuoaryfpDJgKGN8DWo
fViP0cEehi7ihssq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:34 2024 by rpki-client on console-fra.rpki-client.org