Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/8f3942-17f7-493c-bc6b-4f4fe803b015/1/vW7DUjE-0Cv-h8KS7tNAlAyJ8NE.roa
File: vW7DUjE-0Cv-h8KS7tNAlAyJ8NE.roa (raw, json)
Hash identifier: 4hd6m2NzgQu+Vt+RrIORBy2f2YddyIOedL/nC7wQSd8=
Subject key identifier: BD:6E:C3:52:31:3E:D0:2B:FE:87:C2:92:EE:D3:40:94:0C:89:F0:D1
Certificate issuer: /CN=bb9b56d8d96ebcb5fcf87de2ec2b52c194ccf9f9
Certificate serial: 018CC801C2E4C8A81854C80B77FDCB484FEB
Authority key identifier: BB:9B:56:D8:D9:6E:BC:B5:FC:F8:7D:E2:EC:2B:52:C1:94:CC:F9:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u5tW2NluvLX8-H3i7CtSwZTM-fk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/8f3942-17f7-493c-bc6b-4f4fe803b015/1/vW7DUjE-0Cv-h8KS7tNAlAyJ8NE.roa
Signing time: Tue 02 Jan 2024 02:30:07 +0000
ROA not before: Tue 02 Jan 2024 02:30:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48944
IP address blocks: 91.232.72.0/23 maxlen: 23
185.222.120.0/22 maxlen: 22
185.222.120.0/24 maxlen: 24
185.222.123.0/24 maxlen: 24
185.222.122.0/24 maxlen: 24
185.222.121.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 29 Jul 2024 11:21:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:c2:e4:c8:a8:18:54:c8:0b:77:fd:cb:48:4f:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb9b56d8d96ebcb5fcf87de2ec2b52c194ccf9f9
Validity
Not Before: Jan 2 02:30:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bd6ec352313ed02bfe87c292eed340940c89f0d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:b7:63:78:78:3c:e3:46:1e:f5:06:9e:40:6d:
5f:12:b2:78:5e:42:64:d9:e3:bd:d2:33:76:d4:11:
80:55:c4:ae:a5:d4:7a:de:bf:c6:79:6f:82:fe:ae:
91:b3:54:2e:95:63:bb:9e:c0:ca:fd:41:fb:34:97:
b6:17:12:bb:f6:a4:08:6b:42:6d:50:2e:4b:a2:f0:
6b:12:90:14:f5:06:26:4a:c5:c9:ff:3e:fc:86:db:
2e:15:60:94:1d:8c:76:b2:24:6c:94:42:38:02:60:
9a:92:71:11:d7:9d:51:2b:57:0a:a4:cd:18:f0:a0:
1a:66:08:ee:ab:d6:82:92:16:1a:24:e9:a5:ae:93:
9e:d6:32:5b:8c:2b:d6:f3:ce:4e:1c:a1:34:89:57:
c0:17:1a:e5:1d:b1:c0:3b:c2:25:86:45:7b:f3:c5:
cb:61:02:54:4d:43:b1:b2:22:45:af:05:cc:55:f1:
bf:a6:3a:d4:cd:0a:28:ee:23:91:93:4d:60:81:c8:
8e:56:81:88:04:e8:5f:b6:da:c6:3b:c5:21:53:f8:
d4:4f:43:fe:a1:be:b4:b3:0a:b1:e7:0a:3e:c2:07:
89:59:5b:43:6b:74:f7:bb:c6:8a:f9:12:e4:b7:20:
25:b0:13:ac:e8:ad:18:52:e3:6c:5d:e9:de:cc:74:
2d:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:6E:C3:52:31:3E:D0:2B:FE:87:C2:92:EE:D3:40:94:0C:89:F0:D1
X509v3 Authority Key Identifier:
keyid:BB:9B:56:D8:D9:6E:BC:B5:FC:F8:7D:E2:EC:2B:52:C1:94:CC:F9:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u5tW2NluvLX8-H3i7CtSwZTM-fk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/8f3942-17f7-493c-bc6b-4f4fe803b015/1/vW7DUjE-0Cv-h8KS7tNAlAyJ8NE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/8f3942-17f7-493c-bc6b-4f4fe803b015/1/u5tW2NluvLX8-H3i7CtSwZTM-fk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.232.72.0/23
185.222.120.0/22
Signature Algorithm: sha256WithRSAEncryption
c5:81:a5:9b:f8:7b:96:58:a9:3f:63:fb:77:f7:c8:83:6b:06:
1c:5c:ea:4c:00:c6:29:24:cb:af:26:bf:23:31:58:53:da:4f:
8a:3e:fe:ae:dc:d7:d5:c3:63:4d:8f:5c:64:2d:09:b0:b3:40:
8f:f0:64:43:97:ae:9b:dd:52:0a:a8:e7:2a:1d:80:4b:f2:30:
0b:c3:30:e7:0b:de:7b:66:26:5f:a1:86:6b:b2:2d:33:f0:cd:
ba:d4:1e:f3:4e:d8:6d:77:33:d3:9a:e7:20:b6:6a:31:c0:df:
a2:94:57:f2:aa:ff:81:fb:ff:4b:c8:26:b7:bd:4e:01:86:fd:
44:5e:60:70:fa:1b:d7:dd:65:e3:0b:c8:e2:6a:30:a6:49:e5:
10:35:5a:19:ca:dd:21:fd:57:96:4b:15:7d:0a:3e:47:44:0a:
74:d2:92:4d:5a:b8:71:7c:51:16:2b:d5:62:57:ad:e0:e6:72:
c3:fa:7e:ab:ae:cb:a2:36:73:dc:99:10:89:2e:8c:d4:74:32:
2a:e5:29:44:6a:b7:81:5d:4b:5c:a6:c2:7e:fd:ea:a5:05:19:
91:69:2e:3f:be:7f:90:03:47:bf:13:93:44:dc:66:22:b0:b9:
5a:9f:b7:da:a1:23:c0:32:80:ba:19:f0:4a:1c:8f:f2:5c:2f:
45:a8:f6:0b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIAcLkyKgYVMgLd/3LSE/rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiOWI1NmQ4ZDk2ZWJjYjVmY2Y4N2RlMmVjMmI1MmMxOTRj
Y2Y5ZjkwHhcNMjQwMTAyMDIzMDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDZlYzM1MjMxM2VkMDJiZmU4N2MyOTJlZWQzNDA5NDBjODlmMGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxLdjeHg840Ye9QaeQG1fErJ4XkJk
2eO90jN21BGAVcSupdR63r/GeW+C/q6Rs1QulWO7nsDK/UH7NJe2FxK79qQIa0Jt
UC5LovBrEpAU9QYmSsXJ/z78htsuFWCUHYx2siRslEI4AmCaknER151RK1cKpM0Y
8KAaZgjuq9aCkhYaJOmlrpOe1jJbjCvW885OHKE0iVfAFxrlHbHAO8IlhkV788XL
YQJUTUOxsiJFrwXMVfG/pjrUzQoo7iORk01ggciOVoGIBOhfttrGO8UhU/jUT0P+
ob60swqx5wo+wgeJWVtDa3T3u8aK+RLktyAlsBOs6K0YUuNsXenezHQtYQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFL1uw1IxPtAr/ofCku7TQJQMifDRMB8GA1UdIwQY
MBaAFLubVtjZbry1/Ph94uwrUsGUzPn5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTV0VzJObHV2TFg4LUgzaTdDdFN3WlRNLWZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84ZjM5NDItMTdmNy00OTNjLWJjNmIt
NGY0ZmU4MDNiMDE1LzEvdlc3RFVqRS0wQ3YtaDhLUzd0TkFsQXlKOE5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84ZjM5NDItMTdmNy00OTNjLWJjNmItNGY0ZmU4MDNiMDE1
LzEvdTV0VzJObHV2TFg4LUgzaTdDdFN3WlRNLWZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW+hIAwQC
ud54MA0GCSqGSIb3DQEBCwUAA4IBAQDFgaWb+HuWWKk/Y/t398iDawYcXOpMAMYp
JMuvJr8jMVhT2k+KPv6u3NfVw2NNj1xkLQmws0CP8GRDl66b3VIKqOcqHYBL8jAL
wzDnC957ZiZfoYZrsi0z8M261B7zTthtdzPTmucgtmoxwN+ilFfyqv+B+/9LyCa3
vU4Bhv1EXmBw+hvX3WXjC8jiajCmSeUQNVoZyt0h/VeWSxV9Cj5HRAp00pJNWrhx
fFEWK9ViV63g5nLD+n6rrsuiNnPcmRCJLozUdDIq5SlEareBXUtcpsJ+/eqlBRmR
aS4/vn+QA0e/E5NE3GYisLlan7faoSPAMoC6GfBKHI/yXC9FqPYL
-----END CERTIFICATE-----
Generated at Mon Jul 29 13:52:11 2024 by rpki-client on console-fra.rpki-client.org