Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/36703a-122b-4116-b317-ca5fccbf7a8c/1/VPvzrrRbs9xgrzyTJv1NUvSuZmk.roa
File: VPvzrrRbs9xgrzyTJv1NUvSuZmk.roa (raw, json)
Hash identifier: ADIfzPJyfdGsdqBEwWPY6l10TuBO3J5rcNYsKW5qEJU=
Subject key identifier: 54:FB:F3:AE:B4:5B:B3:DC:60:AF:3C:93:26:FD:4D:52:F4:AE:66:69
Certificate issuer: /CN=193743467b4da41c6295e9351153309586ba2399
Certificate serial: 018C658C5B7144BD7C1F2FD653588789FFF9
Authority key identifier: 19:37:43:46:7B:4D:A4:1C:62:95:E9:35:11:53:30:95:86:BA:23:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GTdDRntNpBxilek1EVMwlYa6I5k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/36703a-122b-4116-b317-ca5fccbf7a8c/1/VPvzrrRbs9xgrzyTJv1NUvSuZmk.roa
Signing time: Wed 13 Dec 2023 23:39:06 +0000
ROA not before: Wed 13 Dec 2023 23:39:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199702
IP address blocks: 88.80.127.0/24 maxlen: 24
77.77.49.0/24 maxlen: 24
213.149.154.0/24 maxlen: 24
213.149.156.0/24 maxlen: 24
213.149.157.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:65:8c:5b:71:44:bd:7c:1f:2f:d6:53:58:87:89:ff:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=193743467b4da41c6295e9351153309586ba2399
Validity
Not Before: Dec 13 23:39:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=54fbf3aeb45bb3dc60af3c9326fd4d52f4ae6669
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:65:2f:01:4a:2d:67:76:39:54:d9:47:2a:13:
58:0b:cf:e5:0f:f3:d3:99:1d:ce:ea:26:08:f0:54:
80:80:54:2e:30:59:a5:00:66:f2:17:7a:82:52:48:
d3:f1:3a:f6:e3:a4:0d:a2:4c:85:91:e2:eb:65:b7:
61:7e:cd:a7:18:5c:9f:32:4d:5e:d9:e7:5d:3f:31:
f6:01:3d:6f:27:4c:ea:dd:f1:87:f7:4d:53:4b:21:
8f:78:c5:1b:82:03:18:f4:dd:5c:2e:5a:a4:48:3f:
33:20:76:16:4e:1f:41:a6:c9:a9:c1:b0:66:ec:82:
87:16:e0:bf:81:18:d7:5a:0f:6e:d2:d3:7c:e6:67:
8b:80:3a:8c:29:f5:17:9f:f4:e3:14:dc:9c:a5:23:
91:d5:1b:b1:bb:0d:1e:70:d3:e3:e6:5f:26:03:fc:
79:8f:54:c9:ec:33:fe:29:dd:8d:02:fc:5a:58:96:
e7:62:a0:a0:9b:79:98:76:4b:99:12:87:f4:94:fd:
67:37:64:ba:23:15:a6:60:6f:ea:b2:42:7d:01:31:
48:8d:54:b3:e0:b7:6c:17:52:f7:d2:97:3d:e3:d0:
f8:8e:8a:60:8b:82:d7:3c:98:49:cd:51:e3:43:6d:
d1:8a:94:9a:31:ec:3e:aa:09:47:e8:8e:96:1b:f6:
3f:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:FB:F3:AE:B4:5B:B3:DC:60:AF:3C:93:26:FD:4D:52:F4:AE:66:69
X509v3 Authority Key Identifier:
keyid:19:37:43:46:7B:4D:A4:1C:62:95:E9:35:11:53:30:95:86:BA:23:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GTdDRntNpBxilek1EVMwlYa6I5k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/36703a-122b-4116-b317-ca5fccbf7a8c/1/VPvzrrRbs9xgrzyTJv1NUvSuZmk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/36703a-122b-4116-b317-ca5fccbf7a8c/1/GTdDRntNpBxilek1EVMwlYa6I5k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.77.49.0/24
88.80.127.0/24
213.149.154.0/24
213.149.156.0/23
Signature Algorithm: sha256WithRSAEncryption
4c:45:05:86:05:89:41:69:51:51:e2:73:a3:74:bd:61:63:8a:
5f:8a:05:43:c9:1a:64:bc:82:16:d9:9b:7b:95:3e:06:65:71:
af:d8:f1:5a:78:4d:fb:d1:59:41:e4:16:65:bf:33:0b:fe:da:
a4:0d:1d:74:4e:d8:fe:1e:4a:31:af:94:fa:87:8e:e7:0b:49:
46:04:7c:ce:e5:c1:e3:0a:71:55:a6:6a:f0:33:75:6f:b9:7f:
11:52:eb:ad:2a:eb:b2:01:c8:55:bb:32:8c:84:70:29:c2:9a:
23:a1:a0:cb:14:88:32:cb:76:bb:ff:ca:f8:d7:66:87:23:70:
7b:10:d8:3b:8b:63:df:1e:96:e5:95:50:1b:dd:8c:20:55:d4:
ec:16:22:be:15:7d:4c:55:89:05:cf:a0:83:5d:ec:71:d1:7d:
9a:fb:4c:8a:4b:96:b5:0f:8e:27:ca:a0:9b:38:98:f9:a3:aa:
7b:2e:dc:30:d7:17:7c:7f:52:d2:7b:4c:ef:ad:ee:06:9b:d9:
4f:56:08:13:84:b7:d9:ee:d5:d2:a1:2c:da:1a:ed:c6:a1:17:
7b:5f:ba:ac:10:11:b5:45:8c:b6:f1:17:cb:03:22:4a:5b:5b:
fa:73:dc:48:b7:b6:b5:fa:2f:0b:d5:4b:9d:a5:c0:87:d2:0c:
41:19:c1:e7
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYxljFtxRL18Hy/WU1iHif/5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5Mzc0MzQ2N2I0ZGE0MWM2Mjk1ZTkzNTExNTMzMDk1ODZi
YTIzOTkwHhcNMjMxMjEzMjMzOTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NGZiZjNhZWI0NWJiM2RjNjBhZjNjOTMyNmZkNGQ1MmY0YWU2NjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmmUvAUotZ3Y5VNlHKhNYC8/lD/PT
mR3O6iYI8FSAgFQuMFmlAGbyF3qCUkjT8Tr246QNokyFkeLrZbdhfs2nGFyfMk1e
2eddPzH2AT1vJ0zq3fGH901TSyGPeMUbggMY9N1cLlqkSD8zIHYWTh9BpsmpwbBm
7IKHFuC/gRjXWg9u0tN85meLgDqMKfUXn/TjFNycpSOR1Ruxuw0ecNPj5l8mA/x5
j1TJ7DP+Kd2NAvxaWJbnYqCgm3mYdkuZEof0lP1nN2S6IxWmYG/qskJ9ATFIjVSz
4LdsF1L30pc949D4jopgi4LXPJhJzVHjQ23RipSaMew+qglH6I6WG/Y/xwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFT78660W7PcYK88kyb9TVL0rmZpMB8GA1UdIwQY
MBaAFBk3Q0Z7TaQcYpXpNRFTMJWGuiOZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1RkRFJudE5wQnhpbGVrMUVWTXdsWWE2STVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8zNjcwM2EtMTIyYi00MTE2LWIzMTct
Y2E1ZmNjYmY3YThjLzEvVlB2enJyUmJzOXhncnp5VEp2MU5VdlN1Wm1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8zNjcwM2EtMTIyYi00MTE2LWIzMTctY2E1ZmNjYmY3YThj
LzEvR1RkRFJudE5wQnhpbGVrMUVWTXdsWWE2STVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQATU0xAwQA
WFB/AwQA1ZWaAwQB1ZWcMA0GCSqGSIb3DQEBCwUAA4IBAQBMRQWGBYlBaVFR4nOj
dL1hY4pfigVDyRpkvIIW2Zt7lT4GZXGv2PFaeE370VlB5BZlvzML/tqkDR10Ttj+
Hkoxr5T6h47nC0lGBHzO5cHjCnFVpmrwM3VvuX8RUuutKuuyAchVuzKMhHApwpoj
oaDLFIgyy3a7/8r412aHI3B7ENg7i2PfHpbllVAb3YwgVdTsFiK+FX1MVYkFz6CD
Xexx0X2a+0yKS5a1D44nyqCbOJj5o6p7Ltww1xd8f1LSe0zvre4Gm9lPVggThLfZ
7tXSoSzaGu3GoRd7X7qsEBG1RYy28RfLAyJKW1v6c9xIt7a1+i8L1UudpcCH0gxB
GcHn
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:29:34 2024 by rpki-client on console-ams.rpki-client.org