Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/VNqoN5d5dFNnY920lI9JI1g2dt0.roa
File: VNqoN5d5dFNnY920lI9JI1g2dt0.roa (raw, json)
Hash identifier: TnJATulkHsF4KS7RdbIJJg+0i4k6Z8QF1trGirI0Oqg=
Subject key identifier: 54:DA:A8:37:97:79:74:53:67:63:DD:B4:94:8F:49:23:58:36:76:DD
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018FE7DB6BC77A0BA2DA992E4397A8B79EA0
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/VNqoN5d5dFNnY920lI9JI1g2dt0.roa
Signing time: Wed 05 Jun 2024 10:04:27 +0000
ROA not before: Wed 05 Jun 2024 10:04:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 400866
IP address blocks: 89.251.20.0/24 maxlen: 24
109.122.44.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 21 Jul 2024 09:34:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e7:db:6b:c7:7a:0b:a2:da:99:2e:43:97:a8:b7:9e:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Jun 5 10:04:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=54daa837977974536763ddb4948f4923583676dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:59:0c:f6:01:ef:88:de:2f:48:49:3b:61:93:
67:04:1c:65:32:d0:79:1d:bb:66:2d:94:3d:a0:78:
ea:a7:df:07:f3:db:b0:01:de:ae:e2:62:35:ec:dd:
ef:c7:f9:36:02:89:40:55:53:ec:5f:b1:0b:ee:6a:
10:c9:f4:93:2b:4a:00:d9:56:16:f0:50:60:27:68:
a2:34:b3:de:a5:74:1c:d4:7d:99:6a:33:7c:08:83:
80:b5:ea:74:f1:69:ee:26:bc:c5:a8:c2:0b:54:25:
17:a3:4d:da:9b:28:c5:66:b9:6d:6a:67:28:4f:5b:
18:dd:38:67:0d:98:60:fe:00:7a:bb:e4:bf:79:48:
1f:06:32:dd:ca:7e:5e:32:1e:95:1f:47:11:3f:5f:
fc:23:05:cb:8f:f9:22:76:57:4d:d3:01:d0:44:c6:
93:00:11:01:ef:63:31:bc:d6:f2:1b:48:d9:a0:f6:
da:0f:b2:80:e2:55:3f:50:a5:cd:e3:20:77:01:f6:
93:65:e3:d5:0d:7f:dc:ab:59:e3:08:ec:b7:3c:ef:
58:ea:1a:dd:ff:e7:ad:6f:8e:f4:9b:73:ed:48:72:
c1:29:e1:3d:53:15:63:31:cd:e4:fd:bd:15:c5:45:
04:bf:d5:d3:ac:8f:f0:75:5e:69:0d:bb:84:f8:ff:
33:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:DA:A8:37:97:79:74:53:67:63:DD:B4:94:8F:49:23:58:36:76:DD
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/VNqoN5d5dFNnY920lI9JI1g2dt0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.20.0/24
109.122.44.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:8c:ed:32:4e:4d:31:5c:45:6b:3d:9c:d3:8b:b4:5b:c9:0a:
1d:c1:5f:9d:ec:9d:95:b4:44:c8:d6:37:bc:26:3d:d0:b9:38:
dc:0d:6b:3b:60:9f:30:c7:de:58:d9:df:bc:7d:48:8f:04:37:
ec:03:ec:ec:79:ec:61:31:96:9c:e0:8f:b5:fa:dd:a8:c3:37:
ae:40:24:0b:98:b5:ad:35:52:23:86:9b:db:7f:8c:c8:45:42:
41:81:c9:bb:20:89:42:22:d8:47:fe:73:fa:b2:56:27:3c:82:
9c:a7:8c:81:4d:6a:6e:bc:14:f0:ad:f1:94:55:39:73:bc:f3:
d0:6a:03:c1:7f:0f:8b:36:53:57:e0:e5:33:d2:e0:61:19:ab:
44:7b:b5:36:c3:f9:93:d3:82:25:8a:7b:63:13:30:75:f1:33:
ee:95:27:53:83:4a:8e:52:6c:45:f8:c0:29:3d:8f:ae:73:74:
54:cb:9f:ca:d6:cb:ca:c1:a1:e4:89:c6:d1:11:72:e8:29:46:
74:e8:9a:dc:27:bd:4b:7d:a7:21:af:a0:b0:60:19:dd:76:ab:
70:9b:f7:b0:83:c2:55:09:6c:30:c7:c4:e8:d6:ae:d4:d4:75:
52:23:74:0b:41:bd:ad:85:5f:db:14:10:da:09:c2:48:96:fa:
cd:8b:35:c8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY/n22vHegui2pkuQ5eot56gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQwNjA1MTAwNDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NGRhYTgzNzk3Nzk3NDUzNjc2M2RkYjQ5NDhmNDkyMzU4MzY3NmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuVkM9gHviN4vSEk7YZNnBBxlMtB5
HbtmLZQ9oHjqp98H89uwAd6u4mI17N3vx/k2AolAVVPsX7EL7moQyfSTK0oA2VYW
8FBgJ2iiNLPepXQc1H2ZajN8CIOAtep08WnuJrzFqMILVCUXo03amyjFZrltamco
T1sY3ThnDZhg/gB6u+S/eUgfBjLdyn5eMh6VH0cRP1/8IwXLj/kidldN0wHQRMaT
ABEB72MxvNbyG0jZoPbaD7KA4lU/UKXN4yB3AfaTZePVDX/cq1njCOy3PO9Y6hrd
/+etb470m3PtSHLBKeE9UxVjMc3k/b0VxUUEv9XTrI/wdV5pDbuE+P8zBQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFTaqDeXeXRTZ2PdtJSPSSNYNnbdMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvVk5xb041ZDVkRk5uWTkyMGxJOUpJMWcyZHQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWfsUAwQA
bXosMA0GCSqGSIb3DQEBCwUAA4IBAQCLjO0yTk0xXEVrPZzTi7RbyQodwV+d7J2V
tETI1je8Jj3QuTjcDWs7YJ8wx95Y2d+8fUiPBDfsA+zseexhMZac4I+1+t2owzeu
QCQLmLWtNVIjhpvbf4zIRUJBgcm7IIlCIthH/nP6slYnPIKcp4yBTWpuvBTwrfGU
VTlzvPPQagPBfw+LNlNX4OUz0uBhGatEe7U2w/mT04IlintjEzB18TPulSdTg0qO
UmxF+MApPY+uc3RUy5/K1svKwaHkicbREXLoKUZ06JrcJ71Lfachr6CwYBnddqtw
m/ewg8JVCWwwx8To1q7U1HVSI3QLQb2thV/bFBDaCcJIlvrNizXI
-----END CERTIFICATE-----
Generated at Sun Jul 21 10:29:13 2024 by rpki-client on console-fra.rpki-client.org