Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/vkpPoC2wR_ub0fgj-KeXRvHSbSY.roa
File: vkpPoC2wR_ub0fgj-KeXRvHSbSY.roa (raw, json)
Hash identifier: NclwLMN6CU4Q5reaazN2fxhKgJkvdgza7Z4eYJ9ogOc=
Subject key identifier: BE:4A:4F:A0:2D:B0:47:FB:9B:D1:F8:23:F8:A7:97:46:F1:D2:6D:26
Certificate issuer: /CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
Certificate serial: 018CC2DB65777A0EB95EA631C95328A374B8
Authority key identifier: 77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/vkpPoC2wR_ub0fgj-KeXRvHSbSY.roa
Signing time: Mon 01 Jan 2024 02:30:07 +0000
ROA not before: Mon 01 Jan 2024 02:30:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59962
IP address blocks: 87.248.140.0/24 maxlen: 24
87.248.141.0/24 maxlen: 24
87.248.154.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 22 Jun 2024 17:16:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:65:77:7a:0e:b9:5e:a6:31:c9:53:28:a3:74:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
Validity
Not Before: Jan 1 02:30:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=be4a4fa02db047fb9bd1f823f8a79746f1d26d26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:04:91:03:8e:24:53:83:07:d0:ae:92:00:be:
02:8f:72:be:ce:fd:fb:09:d4:c5:f3:a0:cb:2c:66:
2f:d5:f4:58:b3:bc:59:5c:3b:cd:a8:d7:f8:71:09:
f0:7b:04:e2:ab:f5:13:ca:20:8c:2e:32:b4:63:80:
05:ee:fe:04:c8:d2:43:9b:5e:ed:63:90:7a:bd:38:
82:5d:73:d5:e8:3d:70:41:47:c9:4e:5c:e9:dd:dd:
03:0d:fd:fb:cd:50:1f:f5:39:cb:6b:81:db:3f:0b:
87:7b:3b:2f:90:48:c0:df:29:97:3b:dc:54:e6:04:
bc:be:3d:2d:8f:96:28:f4:45:d3:ce:37:59:c7:fa:
5f:df:3a:fc:8f:fd:58:4e:6a:26:ff:ad:f3:9b:0d:
a2:42:12:26:98:d3:0f:80:d4:70:84:5f:f0:bc:5f:
d8:6e:60:13:43:2d:8f:0f:9d:58:19:28:c3:57:73:
24:82:62:fb:3b:94:b2:94:31:4d:27:24:df:6d:fd:
54:bd:27:25:d7:e5:17:89:56:22:c7:25:5a:22:f4:
02:59:70:18:c9:6f:01:a4:f5:af:3f:78:4e:bc:55:
73:3f:e4:12:8a:a1:b9:b4:a1:ea:47:92:5c:c1:9b:
2b:a8:19:c9:5b:4b:c2:5b:25:7e:de:8a:04:03:1b:
c4:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:4A:4F:A0:2D:B0:47:FB:9B:D1:F8:23:F8:A7:97:46:F1:D2:6D:26
X509v3 Authority Key Identifier:
keyid:77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/vkpPoC2wR_ub0fgj-KeXRvHSbSY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.248.140.0/23
87.248.154.0/24
Signature Algorithm: sha256WithRSAEncryption
21:0b:3c:8a:c7:59:e9:56:42:45:29:9d:99:81:0f:41:3f:b8:
71:a1:73:05:60:63:ee:b3:5c:51:f1:87:93:59:c7:ce:80:3b:
af:94:96:75:41:b8:99:35:0c:fa:4c:bb:74:ad:6e:f7:e9:67:
c4:42:39:bd:08:67:a1:60:d9:19:5e:3a:3b:af:b3:a2:ce:c2:
19:e9:20:41:e2:3c:d8:e6:e2:1a:dd:d4:86:04:07:42:6d:79:
c9:78:1d:2a:b5:5d:3e:bd:c3:ce:34:5c:3e:6c:95:8d:60:44:
17:dc:86:ae:e4:30:96:38:1e:b3:5d:83:b5:da:c1:a7:71:6d:
41:19:f1:bf:7b:16:9f:e8:51:36:f9:28:15:23:e9:ed:7a:d1:
f0:10:1f:87:9c:58:f7:f8:e6:fe:8c:1f:c3:ad:ea:ac:29:8a:
4f:be:72:5d:48:fe:7b:6b:36:32:2c:5a:55:1a:8b:cc:7f:d5:
2e:af:d6:8b:52:b1:1e:95:7c:e9:52:61:c5:43:fe:54:6b:e0:
3f:59:a8:21:c9:9b:a7:96:99:36:19:f5:d0:ca:c5:71:4c:46:
e6:ac:cc:37:de:32:86:e9:f3:a9:61:6e:41:09:4a:83:f5:fe:
d1:8f:ec:e8:90:6f:0a:54:eb:37:81:bd:5f:48:53:ed:1c:40:
eb:bb:44:9b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzC22V3eg65XqYxyVMoo3S4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZjYxZmM3YzBhYjQxY2UxNTRlN2JjYjA4ZWY5NjIzNTFh
NDY3ODQwHhcNMjQwMTAxMDIzMDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTRhNGZhMDJkYjA0N2ZiOWJkMWY4MjNmOGE3OTc0NmYxZDI2ZDI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhASRA44kU4MH0K6SAL4Cj3K+zv37
CdTF86DLLGYv1fRYs7xZXDvNqNf4cQnwewTiq/UTyiCMLjK0Y4AF7v4EyNJDm17t
Y5B6vTiCXXPV6D1wQUfJTlzp3d0DDf37zVAf9TnLa4HbPwuHezsvkEjA3ymXO9xU
5gS8vj0tj5Yo9EXTzjdZx/pf3zr8j/1YTmom/63zmw2iQhImmNMPgNRwhF/wvF/Y
bmATQy2PD51YGSjDV3MkgmL7O5SylDFNJyTfbf1UvScl1+UXiVYixyVaIvQCWXAY
yW8BpPWvP3hOvFVzP+QSiqG5tKHqR5JcwZsrqBnJW0vCWyV+3ooEAxvEZwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFL5KT6AtsEf7m9H4I/inl0bx0m0mMB8GA1UdIwQY
MBaAFHf2H8fAq0HOFU57ywjvliNRpGeEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZF9ZZng4Q3JRYzRWVG52TENPLVdJMUdrWjRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC85MjEzZWMtODVhOS00OGQ2LWFhNjkt
ZWRjOWQwMmZhZjU0LzEvdmtwUG9DMndSX3ViMGZnai1LZVhSdkhTYlNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC85MjEzZWMtODVhOS00OGQ2LWFhNjktZWRjOWQwMmZhZjU0
LzEvZF9ZZng4Q3JRYzRWVG52TENPLVdJMUdrWjRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBV/iMAwQA
V/iaMA0GCSqGSIb3DQEBCwUAA4IBAQAhCzyKx1npVkJFKZ2ZgQ9BP7hxoXMFYGPu
s1xR8YeTWcfOgDuvlJZ1QbiZNQz6TLt0rW736WfEQjm9CGehYNkZXjo7r7OizsIZ
6SBB4jzY5uIa3dSGBAdCbXnJeB0qtV0+vcPONFw+bJWNYEQX3Iau5DCWOB6zXYO1
2sGncW1BGfG/exaf6FE2+SgVI+ntetHwEB+HnFj3+Ob+jB/DreqsKYpPvnJdSP57
azYyLFpVGovMf9Uur9aLUrEelXzpUmHFQ/5Ua+A/WaghyZunlpk2GfXQysVxTEbm
rMw33jKG6fOpYW5BCUqD9f7Rj+zokG8KVOs3gb1fSFPtHEDru0Sb
-----END CERTIFICATE-----
Generated at Sat Jun 22 18:54:42 2024 by rpki-client on console-fra.rpki-client.org