Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/VCeqP45nfzev320w0TnbxDTtJng.roa
File: VCeqP45nfzev320w0TnbxDTtJng.roa (raw, json)
Hash identifier: S6th+WI2DbywWzriaJcja8DqGBlSIe+zjD1iNH/vHO8=
Subject key identifier: 54:27:AA:3F:8E:67:7F:37:AF:DF:6D:30:D1:39:DB:C4:34:ED:26:78
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 018755927AD0D2EBFE15DC8A7164FD8EBA78
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/VCeqP45nfzev320w0TnbxDTtJng.roa
Signing time: Thu 06 Apr 2023 07:57:55 +0000
ROA not before: Thu 06 Apr 2023 07:57:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52000
IP address blocks: 95.164.16.0/24 maxlen: 24
94.131.101.0/24 maxlen: 24
94.131.110.0/24 maxlen: 24
94.131.109.0/24 maxlen: 24
94.131.111.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:55:92:7a:d0:d2:eb:fe:15:dc:8a:71:64:fd:8e:ba:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Apr 6 07:57:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5427aa3f8e677f37afdf6d30d139dbc434ed2678
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:a4:c6:aa:43:0f:fe:7e:25:e7:58:0d:e0:a0:
0d:be:8c:e7:16:d4:01:0e:12:88:e3:2d:4b:e1:af:
f8:0d:c0:56:b4:5e:c8:bd:2e:5c:e8:0b:30:d8:4e:
1d:03:81:7b:54:9e:f4:75:1f:f3:5f:ab:5c:76:7a:
09:97:dd:82:e1:87:9c:0f:e7:b1:ac:e9:ec:51:28:
bd:c5:82:c2:97:c1:66:b0:68:c5:0d:6b:7f:50:cf:
a2:83:88:5f:5c:b9:77:08:ea:5c:7c:eb:49:d7:79:
b3:e4:aa:bc:63:e2:fa:72:6e:d4:95:14:b3:90:dc:
80:38:df:3b:7b:fb:d1:68:4a:96:b3:d5:14:2f:61:
8e:c5:80:70:47:91:9b:cc:92:0c:02:51:63:97:7b:
62:d3:3c:89:8c:76:8d:a6:d2:77:38:7d:dd:3f:9b:
05:c9:98:85:7e:8c:35:cb:ad:c8:87:f5:15:99:2f:
37:41:b2:06:0a:77:45:a7:4d:24:f0:71:0f:2a:67:
22:41:3f:7a:0a:9d:7d:6e:80:11:2d:db:1c:ad:f2:
3b:a4:0a:6b:81:f0:69:d3:3f:1d:50:fa:4d:49:e4:
ed:6a:99:45:0d:c0:7c:2b:61:3f:0c:3e:c2:a7:6d:
52:3b:a5:bf:d2:88:b6:30:1d:5f:3b:ee:12:a6:63:
a0:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:27:AA:3F:8E:67:7F:37:AF:DF:6D:30:D1:39:DB:C4:34:ED:26:78
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/VCeqP45nfzev320w0TnbxDTtJng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.131.101.0/24
94.131.109.0-94.131.111.255
95.164.16.0/24
Signature Algorithm: sha256WithRSAEncryption
45:fe:bc:87:1d:48:c6:46:bc:0f:9d:5a:88:30:23:12:64:1d:
29:ee:4e:2c:18:5c:4d:23:23:6c:7a:99:52:18:2d:9b:cc:b3:
76:47:0f:59:0f:6f:3b:28:b1:a2:23:e3:1b:0d:e1:4b:2b:2c:
ea:41:fe:a1:2c:20:5c:b7:7f:e6:07:c6:2c:b8:14:e0:b6:49:
5c:f3:ef:5a:28:97:04:49:ac:2f:d4:e2:78:dd:03:df:fd:be:
3c:60:73:f0:bf:57:ec:b3:62:3d:e3:94:07:74:39:3c:fb:67:
9d:0c:fb:c8:70:92:7b:d9:02:c7:12:b9:d9:86:3c:b7:db:07:
98:33:c7:53:9a:45:34:1d:03:22:29:d3:0f:55:47:d3:88:5f:
76:0f:68:99:c2:6d:7a:29:ca:08:5c:c7:9f:f1:63:80:05:db:
94:1f:74:2e:22:e7:da:7a:80:97:21:78:67:3d:43:a1:f0:aa:
89:90:6c:40:29:6d:9f:a7:b1:cb:e4:86:6f:36:58:6c:84:c2:
16:c4:76:9f:18:18:3a:d4:47:09:2b:61:19:25:72:9a:dc:c9:
42:33:bc:d7:0d:74:db:9f:85:ff:2a:f3:57:3b:e6:ff:1a:c3:
ff:6f:27:c7:18:bb:2b:21:07:2f:b9:bf:d7:c7:2e:7a:a6:c9:
db:22:94:c4
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYdVknrQ0uv+FdyKcWT9jrp4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjMwNDA2MDc1NzU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDI3YWEzZjhlNjc3ZjM3YWZkZjZkMzBkMTM5ZGJjNDM0ZWQyNjc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq6TGqkMP/n4l51gN4KANvoznFtQB
DhKI4y1L4a/4DcBWtF7IvS5c6Asw2E4dA4F7VJ70dR/zX6tcdnoJl92C4YecD+ex
rOnsUSi9xYLCl8FmsGjFDWt/UM+ig4hfXLl3COpcfOtJ13mz5Kq8Y+L6cm7UlRSz
kNyAON87e/vRaEqWs9UUL2GOxYBwR5GbzJIMAlFjl3ti0zyJjHaNptJ3OH3dP5sF
yZiFfow1y63Ih/UVmS83QbIGCndFp00k8HEPKmciQT96Cp19boARLdscrfI7pApr
gfBp0z8dUPpNSeTtaplFDcB8K2E/DD7Cp21SO6W/0oi2MB1fO+4SpmOgEQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFFQnqj+OZ383r99tMNE528Q07SZ4MB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvVkNlcVA0NW5memV2MzIwdzBUbmJ4RFR0Sm5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAXoNlMAwD
BABeg20DBAReg2ADBABfpBAwDQYJKoZIhvcNAQELBQADggEBAEX+vIcdSMZGvA+d
WogwIxJkHSnuTiwYXE0jI2x6mVIYLZvMs3ZHD1kPbzsosaIj4xsN4UsrLOpB/qEs
IFy3f+YHxiy4FOC2SVzz71oolwRJrC/U4njdA9/9vjxgc/C/V+yzYj3jlAd0OTz7
Z50M+8hwknvZAscSudmGPLfbB5gzx1OaRTQdAyIp0w9VR9OIX3YPaJnCbXopyghc
x5/xY4AF25QfdC4i59p6gJcheGc9Q6HwqomQbEApbZ+nscvkhm82WGyEwhbEdp8Y
GDrURwkrYRklcprcyUIzvNcNdNufhf8q81c75v8aw/9vJ8cYuyshBy+5v9fHLnqm
ydsilMQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:49 2024 by rpki-client on console-ams.rpki-client.org