Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/48c9f6-5b5f-41d4-8e56-08e4b79387c0/1/VmT459R5sVHyzx3izB1J5mHsPb0.roa
File: VmT459R5sVHyzx3izB1J5mHsPb0.roa (raw, json)
Hash identifier: J4JWbdSfHnDFuwUGUpBX+8Nk5cZunPlrBZtOTczO5RY=
Subject key identifier: 56:64:F8:E7:D4:79:B1:51:F2:CF:1D:E2:CC:1D:49:E6:61:EC:3D:BD
Certificate issuer: /CN=4ee1713e16b4fd8f3301887de6a111980449b29e
Certificate serial: 0185708CD6DA658963E2EB6122E9B1BAD757
Authority key identifier: 4E:E1:71:3E:16:B4:FD:8F:33:01:88:7D:E6:A1:11:98:04:49:B2:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TuFxPha0_Y8zAYh95qERmARJsp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/48c9f6-5b5f-41d4-8e56-08e4b79387c0/1/VmT459R5sVHyzx3izB1J5mHsPb0.roa
Signing time: Mon 02 Jan 2023 03:35:56 +0000
ROA not before: Mon 02 Jan 2023 03:35:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 196903
IP address blocks: 109.207.48.0/24 maxlen: 24
109.207.48.0/20 maxlen: 20
109.207.50.0/24 maxlen: 24
109.207.49.0/24 maxlen: 24
109.207.51.0/24 maxlen: 24
109.207.58.0/24 maxlen: 24
109.207.55.0/24 maxlen: 24
109.207.54.0/24 maxlen: 24
109.207.57.0/24 maxlen: 24
109.207.56.0/24 maxlen: 24
109.207.53.0/24 maxlen: 24
109.207.52.0/24 maxlen: 24
109.207.62.0/24 maxlen: 24
109.207.61.0/24 maxlen: 24
109.207.63.0/24 maxlen: 24
109.207.60.0/24 maxlen: 24
109.207.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:d6:da:65:89:63:e2:eb:61:22:e9:b1:ba:d7:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ee1713e16b4fd8f3301887de6a111980449b29e
Validity
Not Before: Jan 2 03:35:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5664f8e7d479b151f2cf1de2cc1d49e661ec3dbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:aa:ce:63:2c:15:62:fc:45:31:af:f8:32:f9:
b1:59:91:3f:d4:3d:22:ee:21:43:db:7a:55:fa:b4:
93:61:dd:fa:85:ca:f5:80:16:22:d2:c7:e4:df:5f:
29:a6:9d:d3:e3:ad:3e:ec:a2:23:7e:85:e8:b3:39:
ab:a8:93:f0:d7:a1:5b:f6:3d:8b:81:1a:db:72:73:
90:8c:c7:65:8f:d9:33:5c:78:de:fa:d2:5b:9f:b6:
20:c0:43:5d:89:52:77:11:4a:7c:90:9a:87:27:c0:
a5:22:5e:eb:ab:d6:2c:16:eb:09:e0:c9:b5:56:57:
3e:8d:83:8d:89:46:2a:1c:d2:28:3e:a5:12:02:a9:
7d:fb:70:de:76:1c:b0:2a:1f:d2:33:f6:5d:dc:a3:
3c:8e:49:e9:9a:46:ab:ad:02:84:9d:c5:c4:04:f9:
a1:6a:58:49:fb:ac:35:a7:1c:9e:4b:88:55:fa:7d:
c3:8e:90:c3:c9:16:a8:86:8c:8d:5a:00:68:28:84:
3f:f0:26:9b:83:01:1e:a2:da:b9:57:3f:67:73:29:
c0:aa:14:3b:2f:58:b0:4f:4f:9c:fc:f0:3f:66:db:
1c:07:56:d5:93:6f:53:a1:cf:18:55:28:2c:6c:59:
0e:7b:f9:d8:d1:3d:e0:6a:1f:6b:20:86:b4:1d:5b:
5c:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:64:F8:E7:D4:79:B1:51:F2:CF:1D:E2:CC:1D:49:E6:61:EC:3D:BD
X509v3 Authority Key Identifier:
keyid:4E:E1:71:3E:16:B4:FD:8F:33:01:88:7D:E6:A1:11:98:04:49:B2:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TuFxPha0_Y8zAYh95qERmARJsp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/48c9f6-5b5f-41d4-8e56-08e4b79387c0/1/VmT459R5sVHyzx3izB1J5mHsPb0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/48c9f6-5b5f-41d4-8e56-08e4b79387c0/1/TuFxPha0_Y8zAYh95qERmARJsp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.207.48.0/20
Signature Algorithm: sha256WithRSAEncryption
40:81:d2:75:96:24:b8:aa:ea:17:26:d1:ba:c5:20:51:5b:b6:
d2:ae:4c:ce:34:0b:6a:af:7c:5b:cd:d4:1f:a8:52:b9:ff:b1:
4e:50:39:62:5e:66:aa:53:20:8c:c8:34:49:02:4b:75:2a:19:
be:45:3f:3b:d9:60:86:99:a3:18:0d:b5:14:39:7b:2d:84:2c:
fe:54:4a:4e:23:4f:12:31:5d:fd:f8:d4:9e:ed:87:7a:df:b1:
a1:0a:38:ce:d4:1e:79:ce:8d:1f:73:80:d7:01:c5:a5:c3:d3:
bb:03:82:eb:1e:7c:8d:73:60:3d:0c:9e:f3:d3:05:b3:16:30:
42:fc:5b:fc:88:12:81:bf:1a:5e:42:ce:41:67:0c:7e:64:1e:
f2:d5:23:60:12:d7:70:96:64:a6:94:ca:ab:d7:2b:ca:53:91:
7f:7b:58:d6:21:46:46:e3:70:f1:90:dd:b0:c7:d6:5d:22:9f:
a0:9d:44:26:59:6b:7e:ab:9f:aa:15:e9:d0:fa:1b:34:a2:df:
68:bc:da:62:50:03:c1:90:9a:45:ff:9d:e3:5c:f2:7a:b4:e6:
8d:ed:a7:00:71:d4:86:84:7e:b4:20:f3:4f:15:9f:ad:a2:f9:
22:f1:bd:33:25:f9:e2:b3:be:a5:33:19:94:27:8a:15:4a:be:
b3:85:9c:af
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwjNbaZYlj4uthIumxutdXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlZTE3MTNlMTZiNGZkOGYzMzAxODg3ZGU2YTExMTk4MDQ0
OWIyOWUwHhcNMjMwMTAyMDMzNTU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjY0ZjhlN2Q0NzliMTUxZjJjZjFkZTJjYzFkNDllNjYxZWMzZGJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7qrOYywVYvxFMa/4MvmxWZE/1D0i
7iFD23pV+rSTYd36hcr1gBYi0sfk318ppp3T460+7KIjfoXoszmrqJPw16Fb9j2L
gRrbcnOQjMdlj9kzXHje+tJbn7YgwENdiVJ3EUp8kJqHJ8ClIl7rq9YsFusJ4Mm1
Vlc+jYONiUYqHNIoPqUSAql9+3DedhywKh/SM/Zd3KM8jknpmkarrQKEncXEBPmh
alhJ+6w1pxyeS4hV+n3DjpDDyRaohoyNWgBoKIQ/8CabgwEeotq5Vz9ncynAqhQ7
L1iwT0+c/PA/ZtscB1bVk29Toc8YVSgsbFkOe/nY0T3gah9rIIa0HVtcfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFZk+OfUebFR8s8d4swdSeZh7D29MB8GA1UdIwQY
MBaAFE7hcT4WtP2PMwGIfeahEZgESbKeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHVGeFBoYTBfWTh6QVloOTVxRVJtQVJKc3A0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC80OGM5ZjYtNWI1Zi00MWQ0LThlNTYt
MDhlNGI3OTM4N2MwLzEvVm1UNDU5UjVzVkh5engzaXpCMUo1bUhzUGIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC80OGM5ZjYtNWI1Zi00MWQ0LThlNTYtMDhlNGI3OTM4N2Mw
LzEvVHVGeFBoYTBfWTh6QVloOTVxRVJtQVJKc3A0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEbc8wMA0G
CSqGSIb3DQEBCwUAA4IBAQBAgdJ1liS4quoXJtG6xSBRW7bSrkzONAtqr3xbzdQf
qFK5/7FOUDliXmaqUyCMyDRJAkt1Khm+RT872WCGmaMYDbUUOXsthCz+VEpOI08S
MV39+NSe7Yd637GhCjjO1B55zo0fc4DXAcWlw9O7A4LrHnyNc2A9DJ7z0wWzFjBC
/Fv8iBKBvxpeQs5BZwx+ZB7y1SNgEtdwlmSmlMqr1yvKU5F/e1jWIUZG43DxkN2w
x9ZdIp+gnUQmWWt+q5+qFenQ+hs0ot9ovNpiUAPBkJpF/53jXPJ6tOaN7acAcdSG
hH60IPNPFZ+tovki8b0zJfnis76lMxmUJ4oVSr6zhZyv
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:53 2024 by rpki-client on console-fra.rpki-client.org