Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/VpGKkpHnfj-VCg2brD33OGQRlwo.roa
File: VpGKkpHnfj-VCg2brD33OGQRlwo.roa (raw, json)
Hash identifier: QUuzMEvHTpUZsDinRf5BbX28jVbIOqJVT/+U4q5b7Zs=
Subject key identifier: 56:91:8A:92:91:E7:7E:3F:95:0A:0D:9B:AC:3D:F7:38:64:11:97:0A
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018FE8160319CBF8B967C379CDEE9D2EE2C9
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/VpGKkpHnfj-VCg2brD33OGQRlwo.roa
Signing time: Wed 05 Jun 2024 11:08:27 +0000
ROA not before: Wed 05 Jun 2024 11:08:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 91.210.145.0/24 maxlen: 24
109.122.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 06 Jun 2024 12:10:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e8:16:03:19:cb:f8:b9:67:c3:79:cd:ee:9d:2e:e2:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Jun 5 11:08:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=56918a9291e77e3f950a0d9bac3df7386411970a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:bb:dc:51:d7:2c:95:0f:77:41:2f:89:f0:4a:
f0:48:d0:d4:92:2d:db:68:62:4d:fc:8b:ad:c1:ea:
64:60:e4:d8:99:6a:4d:4e:e3:ad:ab:eb:98:e2:06:
f8:0a:11:a8:e6:ff:65:70:a9:fb:7e:3d:72:ee:f5:
3d:c9:17:9b:68:94:9d:0e:c7:b3:dc:f4:07:f0:e6:
7e:f3:a5:dc:9d:6e:99:8c:2b:3e:61:a1:1c:0b:9d:
2f:76:bd:87:d2:98:63:20:21:92:44:05:c2:a8:21:
bb:1e:d4:70:5f:f5:72:f4:18:d6:36:e7:36:4e:ba:
81:9f:8d:0a:82:76:e3:b0:14:aa:b5:71:18:4a:9b:
9b:6f:9e:d9:c9:51:a2:e4:98:9f:b8:9f:03:14:55:
d4:b3:97:02:c5:bc:da:93:63:0e:32:4d:13:b6:f7:
c7:c7:16:79:98:c0:89:e8:d7:b7:01:9d:ca:d6:25:
6d:75:e6:61:39:63:c7:18:48:e0:3c:ad:9f:40:ec:
c7:dd:01:7a:cd:80:a8:ec:4c:ea:8d:fd:36:55:85:
a3:6f:ee:42:ed:ba:5d:ef:f6:e7:a7:67:36:3c:c4:
71:7c:82:2c:de:9c:f0:16:b0:91:7d:a2:17:79:d8:
8b:15:6a:25:ee:a8:0a:82:dd:31:11:0f:97:09:b1:
7d:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:91:8A:92:91:E7:7E:3F:95:0A:0D:9B:AC:3D:F7:38:64:11:97:0A
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/VpGKkpHnfj-VCg2brD33OGQRlwo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.210.145.0/24
109.122.46.0/24
Signature Algorithm: sha256WithRSAEncryption
07:dd:5a:e0:7f:fb:20:0f:28:ef:4c:c5:b1:b8:92:b5:6d:9b:
f4:c5:1b:78:c6:99:19:c6:8d:f4:af:01:4f:a2:55:5b:bd:8a:
9c:32:75:21:c6:33:f9:13:ff:14:eb:65:5a:96:72:1c:bb:a1:
99:30:d1:90:7b:76:86:f1:f8:b2:d2:30:ac:df:64:5a:42:c4:
56:5a:d4:6a:4f:30:33:42:22:86:6d:d8:70:19:72:57:55:ce:
e0:25:de:da:0f:8d:2c:6f:93:be:00:6a:24:06:bb:d4:59:f4:
aa:cf:ff:6e:2d:2c:1c:55:a4:3b:93:6f:ab:2a:10:d8:35:59:
a6:31:7c:99:04:68:74:4b:9a:c6:7b:60:bb:81:98:04:a0:cc:
3a:2d:6e:84:6b:1f:c4:ca:35:3c:50:ed:72:77:e8:56:15:8f:
d5:0a:00:b5:80:4e:e0:67:e4:cf:c3:cb:35:1c:16:83:ab:24:
68:af:4b:bb:0b:ee:c4:95:58:96:18:5a:03:dc:22:e1:d9:cc:
ca:22:5c:a7:66:36:ea:ac:ae:99:0f:73:9b:a7:ae:13:66:4f:
4c:9c:b5:68:cf:98:91:7d:b7:6b:b2:5d:4c:14:16:a5:05:c0:
e5:d8:50:e9:9d:f2:6b:37:8a:f9:e7:a9:06:1d:f5:51:0e:4f:
94:78:17:c1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY/oFgMZy/i5Z8N5ze6dLuLJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQwNjA1MTEwODI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjkxOGE5MjkxZTc3ZTNmOTUwYTBkOWJhYzNkZjczODY0MTE5NzBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsbvcUdcslQ93QS+J8ErwSNDUki3b
aGJN/IutwepkYOTYmWpNTuOtq+uY4gb4ChGo5v9lcKn7fj1y7vU9yRebaJSdDsez
3PQH8OZ+86XcnW6ZjCs+YaEcC50vdr2H0phjICGSRAXCqCG7HtRwX/Vy9BjWNuc2
TrqBn40KgnbjsBSqtXEYSpubb57ZyVGi5JifuJ8DFFXUs5cCxbzak2MOMk0TtvfH
xxZ5mMCJ6Ne3AZ3K1iVtdeZhOWPHGEjgPK2fQOzH3QF6zYCo7Ezqjf02VYWjb+5C
7bpd7/bnp2c2PMRxfIIs3pzwFrCRfaIXediLFWol7qgKgt0xEQ+XCbF9TQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFaRipKR534/lQoNm6w99zhkEZcKMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvVnBHS2twSG5mai1WQ2cyYnJEMzNPR1FSbHdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9KRAwQA
bXouMA0GCSqGSIb3DQEBCwUAA4IBAQAH3Vrgf/sgDyjvTMWxuJK1bZv0xRt4xpkZ
xo30rwFPolVbvYqcMnUhxjP5E/8U62ValnIcu6GZMNGQe3aG8fiy0jCs32RaQsRW
WtRqTzAzQiKGbdhwGXJXVc7gJd7aD40sb5O+AGokBrvUWfSqz/9uLSwcVaQ7k2+r
KhDYNVmmMXyZBGh0S5rGe2C7gZgEoMw6LW6Eax/EyjU8UO1yd+hWFY/VCgC1gE7g
Z+TPw8s1HBaDqyRor0u7C+7ElViWGFoD3CLh2czKIlynZjbqrK6ZD3Obp64TZk9M
nLVoz5iRfbdrsl1MFBalBcDl2FDpnfJrN4r556kGHfVRDk+UeBfB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:36 2024 by rpki-client on console-fra.rpki-client.org