Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/vkrkh-bfuyiF9kyFxrnmmgepz-0.roa
File: vkrkh-bfuyiF9kyFxrnmmgepz-0.roa (raw, json)
Hash identifier: zNzE44jI5A+JOdBvGfk7MyajKZTq64FOGDg2EDtvh/8=
Subject key identifier: BE:4A:E4:87:E6:DF:BB:28:85:F6:4C:85:C6:B9:E6:9A:07:A9:CF:ED
Certificate issuer: /CN=347b487848fff63533d87c324ecc51c2c3ea2adb
Certificate serial: 01856C53CE39EEE6874875C0C19CE828BE0A
Authority key identifier: 34:7B:48:78:48:FF:F6:35:33:D8:7C:32:4E:CC:51:C2:C3:EA:2A:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NHtIeEj_9jUz2HwyTsxRwsPqKts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/vkrkh-bfuyiF9kyFxrnmmgepz-0.roa
Signing time: Sun 01 Jan 2023 07:55:09 +0000
ROA not before: Sun 01 Jan 2023 07:55:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6134
IP address blocks: 45.131.179.0/24 maxlen: 24
91.217.160.0/24 maxlen: 24
193.227.103.0/24 maxlen: 24
193.227.109.0/24 maxlen: 24
193.227.114.0/24 maxlen: 24
193.200.149.0/24 maxlen: 24
193.200.152.0/24 maxlen: 24
45.132.238.0/24 maxlen: 24
45.132.239.0/24 maxlen: 24
91.238.207.0/24 maxlen: 24
45.128.146.0/24 maxlen: 24
45.128.147.0/24 maxlen: 24
45.137.11.0/24 maxlen: 24
45.137.10.0/24 maxlen: 24
2a12:a380::/29 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Mar 2023 18:06:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:53:ce:39:ee:e6:87:48:75:c0:c1:9c:e8:28:be:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=347b487848fff63533d87c324ecc51c2c3ea2adb
Validity
Not Before: Jan 1 07:55:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=be4ae487e6dfbb2885f64c85c6b9e69a07a9cfed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:72:8b:28:77:be:4c:a1:c0:c1:af:7b:ff:c3:
a3:76:d1:b5:aa:83:73:41:27:3e:af:04:22:de:1f:
c7:aa:96:e9:26:e5:73:46:0f:13:02:fa:8b:12:8b:
d7:52:98:dd:e7:2f:b8:66:4a:e1:46:84:02:55:f7:
8a:0f:61:de:ed:30:a2:fd:45:6e:e6:cd:91:58:9a:
1b:35:ea:f4:66:48:71:c7:0d:6f:9e:25:7a:d9:d8:
21:64:cf:21:b5:17:a3:aa:72:28:2e:93:04:ec:d8:
9d:2f:90:57:c2:49:11:7b:05:a0:0e:30:46:8a:1e:
63:96:d7:ee:96:65:4c:60:a4:48:f4:14:6b:65:38:
20:5f:f9:c2:d2:b8:cd:d3:c0:a1:92:11:54:70:35:
3d:1a:53:f8:5f:a2:52:67:5b:ad:80:26:3d:38:5e:
56:4f:71:15:8e:5a:4c:9d:f1:4e:17:96:0b:b3:d8:
99:fb:c1:15:49:c8:8d:f8:ba:4e:3d:bd:7d:36:6d:
b1:db:09:22:06:f0:f6:b5:f8:53:70:30:b1:a7:0d:
9a:18:cb:eb:fc:5d:6c:49:4e:c0:ce:28:c1:74:5d:
7e:e7:e3:7f:20:a6:e7:7c:07:75:f9:03:da:a1:aa:
ca:bf:66:2b:9c:6b:1d:39:0a:f7:84:4c:20:ad:6c:
a3:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:4A:E4:87:E6:DF:BB:28:85:F6:4C:85:C6:B9:E6:9A:07:A9:CF:ED
X509v3 Authority Key Identifier:
keyid:34:7B:48:78:48:FF:F6:35:33:D8:7C:32:4E:CC:51:C2:C3:EA:2A:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NHtIeEj_9jUz2HwyTsxRwsPqKts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/vkrkh-bfuyiF9kyFxrnmmgepz-0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/NHtIeEj_9jUz2HwyTsxRwsPqKts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.146.0/23
45.131.179.0/24
45.132.238.0/23
45.137.10.0/23
91.217.160.0/24
91.238.207.0/24
193.200.149.0/24
193.200.152.0/24
193.227.103.0/24
193.227.109.0/24
193.227.114.0/24
IPv6:
2a12:a380::/29
Signature Algorithm: sha256WithRSAEncryption
4b:3f:74:41:df:72:4f:27:8a:50:fa:56:c6:c5:f7:04:61:68:
96:d1:a9:9f:80:fe:92:db:b4:7d:7b:6e:61:46:77:4f:5f:c0:
3d:ad:01:90:70:9c:44:56:63:f7:fa:84:f7:78:de:20:71:df:
85:d9:c5:2c:43:34:3b:db:d7:33:56:4f:23:8c:17:29:9c:30:
a0:67:af:01:66:20:50:d8:18:02:b6:94:87:fd:3c:bb:68:f5:
41:b4:92:34:eb:72:01:b9:ca:77:05:72:9b:30:82:ab:84:52:
22:7d:8b:12:c7:cd:1e:1d:e4:b8:9a:6c:cf:56:d6:5f:14:1e:
36:ee:f9:d6:5b:9e:8b:43:7c:82:77:c5:76:d8:a3:5a:af:24:
97:7b:1b:46:5c:e2:e2:da:1e:be:13:a7:c3:75:6b:5e:1e:08:
66:f6:90:f9:58:bf:0a:d7:c1:9b:74:94:84:75:ca:30:6a:5f:
e5:71:df:29:14:3c:bb:19:d2:a8:bd:bc:17:c8:5b:1c:fb:f4:
4e:73:62:04:17:8e:a1:e3:5a:96:fd:a3:b5:30:91:d7:a4:ef:
82:42:11:5f:d5:42:47:cb:aa:ed:ba:12:d8:e4:ea:3e:c6:e1:
e9:5e:ac:72:b9:12:36:50:50:7c:7c:7d:1e:40:bc:0c:71:0c:
81:b7:ec:f8
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAYVsU8457uaHSHXAwZzoKL4KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0N2I0ODc4NDhmZmY2MzUzM2Q4N2MzMjRlY2M1MWMyYzNl
YTJhZGIwHhcNMjMwMTAxMDc1NTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTRhZTQ4N2U2ZGZiYjI4ODVmNjRjODVjNmI5ZTY5YTA3YTljZmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhXKLKHe+TKHAwa97/8OjdtG1qoNz
QSc+rwQi3h/HqpbpJuVzRg8TAvqLEovXUpjd5y+4ZkrhRoQCVfeKD2He7TCi/UVu
5s2RWJobNer0Zkhxxw1vniV62dghZM8htRejqnIoLpME7NidL5BXwkkRewWgDjBG
ih5jltfulmVMYKRI9BRrZTggX/nC0rjN08ChkhFUcDU9GlP4X6JSZ1utgCY9OF5W
T3EVjlpMnfFOF5YLs9iZ+8EVSciN+LpOPb19Nm2x2wkiBvD2tfhTcDCxpw2aGMvr
/F1sSU7AzijBdF1+5+N/IKbnfAd1+QPaoarKv2YrnGsdOQr3hEwgrWyjQQIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFL5K5Ifm37sohfZMhca55poHqc/tMB8GA1UdIwQY
MBaAFDR7SHhI//Y1M9h8Mk7MUcLD6irbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkh0SWVFal85alV6Mkh3eVRzeFJ3c1BxS3RzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9iYzcxMjItNGQxYi00NmE3LWFlY2It
MjMwYjNiNzJhMTc1LzEvdmtya2gtYmZ1eWlGOWt5Rnhybm1tZ2Vwei0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9iYzcxMjItNGQxYi00NmE3LWFlY2ItMjMwYjNiNzJhMTc1
LzEvTkh0SWVFal85alV6Mkh3eVRzeFJ3c1BxS3RzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBIBAIAATBCAwQBLYCSAwQA
LYOzAwQBLYTuAwQBLYkKAwQAW9mgAwQAW+7PAwQAwciVAwQAwciYAwQAweNnAwQA
weNtAwQAweNyMA0EAgACMAcDBQMqEqOAMA0GCSqGSIb3DQEBCwUAA4IBAQBLP3RB
33JPJ4pQ+lbGxfcEYWiW0amfgP6S27R9e25hRndPX8A9rQGQcJxEVmP3+oT3eN4g
cd+F2cUsQzQ729czVk8jjBcpnDCgZ68BZiBQ2BgCtpSH/Ty7aPVBtJI063IBucp3
BXKbMIKrhFIifYsSx80eHeS4mmzPVtZfFB427vnWW56LQ3yCd8V22KNarySXextG
XOLi2h6+E6fDdWteHghm9pD5WL8K18GbdJSEdcowal/lcd8pFDy7GdKovbwXyFsc
+/ROc2IEF46h41qW/aO1MJHXpO+CQhFf1UJHy6rtuhLY5Oo+xuHpXqxyuRI2UFB8
fH0eQLwMcQyBt+z4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:00 2024 by rpki-client on console-fra.rpki-client.org