Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/VSyF0k9v0GlCpYuf6M1Q4u14GWo.roa
File: VSyF0k9v0GlCpYuf6M1Q4u14GWo.roa (raw, json)
Hash identifier: pj7J4R/eWkPEpkI+b7BGN6QYFZXtGyoLegpsuyXMGFE=
Subject key identifier: 55:2C:85:D2:4F:6F:D0:69:42:A5:8B:9F:E8:CD:50:E2:ED:78:19:6A
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018571A7A72D322B0A19632E896CE895D932
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/VSyF0k9v0GlCpYuf6M1Q4u14GWo.roa
Signing time: Mon 02 Jan 2023 08:44:50 +0000
ROA not before: Mon 02 Jan 2023 08:44:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60581
IP address blocks: 91.242.118.0/24 maxlen: 24
91.242.119.0/24 maxlen: 24
185.173.244.0/22 maxlen: 24
185.173.246.0/24 maxlen: 24
185.173.245.0/24 maxlen: 24
185.173.247.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:a7:a7:2d:32:2b:0a:19:63:2e:89:6c:e8:95:d9:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jan 2 08:44:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=552c85d24f6fd06942a58b9fe8cd50e2ed78196a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:d3:78:8f:cb:9c:10:9a:87:aa:6b:c6:0d:73:
f9:25:ee:a8:56:58:8b:df:e5:e9:ba:b6:bb:c8:9b:
ff:35:8c:f3:ce:68:b3:5d:43:f8:42:7c:21:9d:01:
69:05:af:24:88:1b:07:bd:c8:de:b4:a6:5f:c3:a0:
ad:0b:38:b9:87:a1:1b:42:ce:0d:34:03:d6:dc:1e:
7f:82:f0:05:74:ad:8e:07:52:99:b4:25:2d:70:fc:
b9:a6:11:2a:e5:e9:ac:1a:60:81:65:a5:8b:0d:b8:
52:98:52:9c:05:de:f1:05:f7:78:79:a6:90:ae:54:
ad:dd:aa:b7:0d:6f:80:19:2c:61:e4:b4:e3:ff:c4:
2d:d0:27:7f:1b:c1:ff:ae:27:e8:d5:ac:98:d9:39:
44:99:d5:12:93:e9:2c:77:00:96:39:d2:69:87:f2:
85:5f:6f:f2:47:2f:df:53:c6:65:39:c0:bc:6e:cf:
de:f5:5e:ae:3b:48:1f:a5:61:ec:92:88:15:1a:d0:
8e:ba:58:e7:9c:d5:c8:8e:f8:0d:75:ec:63:e7:49:
e8:3e:84:a3:33:d2:24:b9:e1:8e:ec:8c:2f:d6:b6:
1d:64:24:aa:de:66:2a:92:2c:ee:18:79:c0:1f:58:
df:15:a3:07:59:b5:20:f9:55:19:5a:1f:35:c0:1c:
09:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:2C:85:D2:4F:6F:D0:69:42:A5:8B:9F:E8:CD:50:E2:ED:78:19:6A
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/VSyF0k9v0GlCpYuf6M1Q4u14GWo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.242.118.0/23
185.173.244.0/22
Signature Algorithm: sha256WithRSAEncryption
22:30:4c:fd:7b:1e:c3:92:92:bf:fe:55:1d:38:3e:73:4d:03:
40:ac:67:81:3f:49:70:19:62:ff:b7:2f:de:1e:20:a1:03:29:
75:e9:00:db:a3:44:64:5b:21:0a:47:c6:2d:1a:71:69:7d:69:
f0:7f:2e:fd:3e:67:5f:73:66:14:0d:70:dd:27:47:59:07:ec:
96:21:3e:a5:ae:c2:6d:2b:45:e5:e0:0d:0b:f8:00:fa:5c:25:
ed:12:22:e6:20:91:3a:08:52:6c:5c:d2:6c:9f:61:91:b1:7c:
7d:7a:8d:94:26:34:c8:7c:ae:b5:41:eb:cd:90:10:70:96:cf:
2a:58:80:76:da:27:5b:4f:8a:69:88:56:25:eb:e5:55:f7:58:
d3:f7:02:4b:cd:ee:83:dc:58:fe:f5:aa:42:07:8c:e7:dd:7d:
ad:1d:0b:e8:76:c2:b5:12:e0:35:68:19:58:10:c4:6c:98:29:
64:fc:2f:16:b3:04:53:b7:69:8f:c0:d2:bb:11:cb:98:7e:58:
78:93:25:6a:78:7c:17:8d:57:e0:d2:9b:4b:1b:62:26:ff:bb:
b0:83:98:02:38:b8:3f:64:a2:54:96:af:30:28:b6:d5:53:1a:
43:61:bd:13:58:36:c9:65:5a:16:0a:50:b5:43:a0:89:fa:5c:
ee:bd:62:b8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxp6ctMisKGWMuiWzoldkyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMwMTAyMDg0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTJjODVkMjRmNmZkMDY5NDJhNThiOWZlOGNkNTBlMmVkNzgxOTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtdN4j8ucEJqHqmvGDXP5Je6oVliL
3+Xpura7yJv/NYzzzmizXUP4QnwhnQFpBa8kiBsHvcjetKZfw6CtCzi5h6EbQs4N
NAPW3B5/gvAFdK2OB1KZtCUtcPy5phEq5emsGmCBZaWLDbhSmFKcBd7xBfd4eaaQ
rlSt3aq3DW+AGSxh5LTj/8Qt0Cd/G8H/rifo1ayY2TlEmdUSk+ksdwCWOdJph/KF
X2/yRy/fU8ZlOcC8bs/e9V6uO0gfpWHskogVGtCOuljnnNXIjvgNdexj50noPoSj
M9IkueGO7Iwv1rYdZCSq3mYqkizuGHnAH1jfFaMHWbUg+VUZWh81wBwJ7wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFUshdJPb9BpQqWLn+jNUOLteBlqMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvVlN5RjBrOXYwR2xDcFl1ZjZNMVE0dTE0R1dvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW/J2AwQC
ua30MA0GCSqGSIb3DQEBCwUAA4IBAQAiMEz9ex7DkpK//lUdOD5zTQNArGeBP0lw
GWL/ty/eHiChAyl16QDbo0RkWyEKR8YtGnFpfWnwfy79Pmdfc2YUDXDdJ0dZB+yW
IT6lrsJtK0Xl4A0L+AD6XCXtEiLmIJE6CFJsXNJsn2GRsXx9eo2UJjTIfK61QevN
kBBwls8qWIB22idbT4ppiFYl6+VV91jT9wJLze6D3Fj+9apCB4zn3X2tHQvodsK1
EuA1aBlYEMRsmClk/C8WswRTt2mPwNK7EcuYflh4kyVqeHwXjVfg0ptLG2Im/7uw
g5gCOLg/ZKJUlq8wKLbVUxpDYb0TWDbJZVoWClC1Q6CJ+lzuvWK4
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:49 2023 by rpki-client on console-fra.rpki-client.org