Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/VZDuI_6gRy6Y6Bq1mL8GAUBSNIM.roa
File: VZDuI_6gRy6Y6Bq1mL8GAUBSNIM.roa (raw, json)
Hash identifier: 94mwnX3t7+QSv3egICVMHaLQsB0YkOAlXjTkFcq+U7Y=
Subject key identifier: 55:90:EE:23:FE:A0:47:2E:98:E8:1A:B5:98:BF:06:01:40:52:34:83
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 018BAF37E431B3E61AF1166537FB1E997522
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/VZDuI_6gRy6Y6Bq1mL8GAUBSNIM.roa
Signing time: Wed 08 Nov 2023 13:55:57 +0000
ROA not before: Wed 08 Nov 2023 13:55:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 91.228.14.0/23 maxlen: 24
91.228.12.0/24 maxlen: 24
94.154.36.0/24 maxlen: 24
94.154.33.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:af:37:e4:31:b3:e6:1a:f1:16:65:37:fb:1e:99:75:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: Nov 8 13:55:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5590ee23fea0472e98e81ab598bf060140523483
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:2f:5c:d4:0f:23:dc:21:f7:8b:1b:f5:5d:90:
d9:2e:53:dc:0f:83:18:61:4b:d4:67:d0:7c:f7:cb:
5e:58:12:e4:45:6b:3f:58:d3:ab:b2:4b:4c:31:ab:
65:31:5d:d5:ff:68:05:c7:89:79:91:ad:8a:f8:39:
b7:c2:7c:20:fc:bb:79:1a:06:24:e3:a1:d4:63:ff:
48:50:e2:33:74:90:59:9e:1c:f5:b4:b2:eb:6b:78:
54:1a:fd:a3:a6:ff:76:73:2a:c9:a4:1c:11:f5:ab:
6c:c1:34:9f:fc:bf:d4:07:57:c9:e9:da:5d:53:fb:
32:a7:a4:b6:b5:ce:68:17:f9:07:f7:57:4a:13:c1:
dc:36:70:24:5b:70:3a:92:e5:d8:d3:86:78:cb:fd:
b6:7d:be:f2:6e:67:b2:18:49:ab:2f:a6:3d:1d:81:
77:52:0e:dd:6e:3e:08:12:fb:1a:88:3f:0a:76:8d:
e6:16:50:d0:6e:45:05:44:3f:e7:a8:96:87:df:30:
5d:91:91:2e:0b:36:31:01:87:37:f9:2f:d5:c8:8e:
e4:15:84:e9:1b:9a:40:14:6d:6c:94:08:2c:7e:38:
7f:6b:78:c0:37:6a:21:f9:51:57:0b:6c:0e:63:9b:
a9:5b:2e:82:01:66:ea:98:7d:8a:10:14:0a:b9:e8:
31:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:90:EE:23:FE:A0:47:2E:98:E8:1A:B5:98:BF:06:01:40:52:34:83
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/VZDuI_6gRy6Y6Bq1mL8GAUBSNIM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.12.0/24
91.228.14.0/23
94.154.33.0/24
94.154.36.0/24
Signature Algorithm: sha256WithRSAEncryption
81:ef:97:91:28:a1:f9:cc:d6:ca:82:08:d6:52:16:d6:49:cf:
f9:4d:84:fa:6d:a5:7d:5d:0d:e3:f6:88:d8:39:d1:45:b4:b2:
7f:e7:ff:58:a3:3f:79:de:9c:4d:67:fb:69:ad:64:2e:c6:ac:
0f:6f:d5:de:a2:5f:5b:1d:26:aa:8b:0a:8b:9c:78:90:a6:7c:
1c:3c:e9:dc:01:aa:67:6f:81:ff:2d:f8:0c:c6:f0:18:09:f9:
3f:de:8c:6a:5a:bd:e9:bb:7b:e6:3a:b9:49:69:88:ce:87:7e:
27:7c:cc:a8:ee:bb:ae:a9:df:4a:df:f5:14:f4:00:e0:59:4e:
e8:4c:61:67:a0:c1:03:df:f5:45:ce:9e:a2:7a:fb:27:04:82:
92:0c:dc:8a:09:bf:d3:23:4f:a8:aa:06:d1:49:25:52:3a:22:
57:55:7b:a8:b6:ca:52:b7:5c:c1:1f:e4:b0:39:7b:4b:23:32:
ff:38:32:ef:b1:ae:d1:94:48:0d:9c:bf:dc:df:b7:b0:61:2b:
7a:a0:8e:15:cb:77:5f:c9:c6:ab:1b:f9:01:3c:26:8c:63:26:
16:c0:d7:1e:52:07:40:2c:8c:8e:28:e1:02:ef:3d:6c:97:b6:
59:8a:c8:97:da:57:51:4b:dd:86:c2:03:c1:1f:40:d9:e2:2d:
bd:38:54:85
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYuvN+Qxs+Ya8RZlN/semXUiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjMxMTA4MTM1NTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTkwZWUyM2ZlYTA0NzJlOThlODFhYjU5OGJmMDYwMTQwNTIzNDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmC9c1A8j3CH3ixv1XZDZLlPcD4MY
YUvUZ9B898teWBLkRWs/WNOrsktMMatlMV3V/2gFx4l5ka2K+Dm3wnwg/Lt5GgYk
46HUY/9IUOIzdJBZnhz1tLLra3hUGv2jpv92cyrJpBwR9atswTSf/L/UB1fJ6dpd
U/syp6S2tc5oF/kH91dKE8HcNnAkW3A6kuXY04Z4y/22fb7ybmeyGEmrL6Y9HYF3
Ug7dbj4IEvsaiD8Kdo3mFlDQbkUFRD/nqJaH3zBdkZEuCzYxAYc3+S/VyI7kFYTp
G5pAFG1slAgsfjh/a3jAN2oh+VFXC2wOY5upWy6CAWbqmH2KEBQKuegx6QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFWQ7iP+oEcumOgatZi/BgFAUjSDMB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvVlpEdUlfNmdSeTZZNkJxMW1MOEdBVUJTTklNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW+QMAwQB
W+QOAwQAXpohAwQAXpokMA0GCSqGSIb3DQEBCwUAA4IBAQCB75eRKKH5zNbKggjW
UhbWSc/5TYT6baV9XQ3j9ojYOdFFtLJ/5/9Yoz953pxNZ/tprWQuxqwPb9Xeol9b
HSaqiwqLnHiQpnwcPOncAapnb4H/LfgMxvAYCfk/3oxqWr3pu3vmOrlJaYjOh34n
fMyo7ruuqd9K3/UU9ADgWU7oTGFnoMED3/VFzp6ievsnBIKSDNyKCb/TI0+oqgbR
SSVSOiJXVXuotspSt1zBH+SwOXtLIzL/ODLvsa7RlEgNnL/c37ewYSt6oI4Vy3df
ycarG/kBPCaMYyYWwNceUgdALIyOKOEC7z1sl7ZZisiX2ldRS92GwgPBH0DZ4i29
OFSF
-----END CERTIFICATE-----
Generated at Sun Nov 12 10:04:30 2023 by rpki-client on console-fra.rpki-client.org