Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/Vk-KrCJP0duk0D2Z3BTClbszqoA.roa
File: Vk-KrCJP0duk0D2Z3BTClbszqoA.roa (raw, json)
Hash identifier: N601hGlVANZiQ4aMX+vJ3u6O+JbuILZoAImWgiJrYLA=
Subject key identifier: 56:4F:8A:AC:22:4F:D1:DB:A4:D0:3D:99:DC:14:C2:95:BB:33:AA:80
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 018BC2DA24028FC2C45BE83362015D08E9A8
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/Vk-KrCJP0duk0D2Z3BTClbszqoA.roa
Signing time: Sun 12 Nov 2023 09:25:57 +0000
ROA not before: Sun 12 Nov 2023 09:25:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62206
IP address blocks: 91.228.15.0/24 maxlen: 24
91.228.13.0/24 maxlen: 24
94.154.38.0/24 maxlen: 24
94.154.36.0/24 maxlen: 24
94.154.32.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:c2:da:24:02:8f:c2:c4:5b:e8:33:62:01:5d:08:e9:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: Nov 12 09:25:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=564f8aac224fd1dba4d03d99dc14c295bb33aa80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:ad:5d:ce:cc:03:09:ed:47:b2:ea:83:d6:eb:
6e:1d:6b:4b:22:e5:be:e1:04:5a:46:e3:ec:34:3d:
15:4d:c8:cb:a0:56:4d:c3:67:21:89:ea:7e:2e:a1:
f5:28:61:cc:ae:e8:cf:10:71:28:aa:c8:bf:e3:a8:
74:fe:8d:ca:7d:27:f7:d9:47:81:2f:08:a8:6a:c8:
40:6d:53:20:0b:70:fb:1a:51:64:cc:98:e0:ed:8a:
f2:52:d3:4b:8c:97:9b:ac:be:0e:e5:b1:ba:49:f5:
13:9a:43:29:40:bf:d5:39:36:86:35:69:28:03:00:
8c:c2:3b:8f:a9:4e:3c:ae:0f:e1:15:95:03:9c:c9:
09:8c:40:c4:93:2e:50:ec:7d:57:68:0b:6c:c1:81:
60:2c:f0:cf:78:85:b1:cd:79:45:b7:91:3f:9c:c9:
66:d6:cf:b5:fb:d1:5f:84:b5:a7:b4:c7:1a:33:51:
b6:0b:f7:5d:54:64:c6:f0:c6:81:60:5a:04:8c:11:
36:3b:88:6c:b2:99:1c:a7:93:d4:f5:7e:69:2d:96:
bf:5a:c9:d7:7f:77:86:ff:f6:4b:ed:c9:c6:32:7d:
32:48:b2:ca:25:9b:3d:cb:90:4c:af:41:97:81:b5:
70:33:a5:d1:c5:fd:74:c8:ba:7e:96:f6:77:25:3f:
0b:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:4F:8A:AC:22:4F:D1:DB:A4:D0:3D:99:DC:14:C2:95:BB:33:AA:80
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/Vk-KrCJP0duk0D2Z3BTClbszqoA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.13.0/24
91.228.15.0/24
94.154.32.0-94.154.36.255
94.154.38.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:38:3f:53:98:ba:3e:cf:41:ab:b3:9c:6b:ae:03:dd:c4:4e:
0b:93:4d:4c:ef:01:f7:9f:70:1d:53:5c:de:df:57:f9:51:12:
fa:98:b6:ef:b8:36:6d:1d:6e:14:2f:e6:8d:d3:bf:ad:5a:cc:
31:15:a3:58:a2:a3:44:a0:3a:61:49:7b:9e:a6:1d:69:0b:93:
2e:89:53:6e:ee:71:22:9c:e5:10:f8:29:58:ba:32:73:aa:03:
07:f5:1d:81:28:d3:07:84:7a:4d:41:42:c6:35:b9:68:30:48:
d8:e3:3c:9b:cb:b6:3b:c9:b2:0d:2a:26:b8:30:56:d3:80:a5:
3a:f1:2a:12:6f:f4:e5:7f:8c:f2:6a:b3:a8:dd:e1:9a:3d:fa:
14:af:89:7d:49:13:e3:da:6c:e5:f2:18:99:a7:3c:9c:1b:9d:
de:5f:fd:78:d1:f8:74:d6:be:0c:22:99:65:8b:bb:bd:2e:03:
74:ff:63:12:20:76:f6:36:44:a5:9a:23:d2:a1:e5:32:72:e5:
90:fc:fc:4a:1e:b3:f6:6d:91:8e:c0:04:f0:45:65:cb:47:47:
28:fb:f5:4e:7b:ae:5e:95:cf:ce:d2:df:7c:dd:52:93:93:99:
78:e3:ab:34:79:5e:a9:da:3b:56:33:e3:04:8a:9b:e6:c4:0d:
53:17:61:56
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYvC2iQCj8LEW+gzYgFdCOmoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjMxMTEyMDkyNTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjRmOGFhYzIyNGZkMWRiYTRkMDNkOTlkYzE0YzI5NWJiMzNhYTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuK1dzswDCe1HsuqD1utuHWtLIuW+
4QRaRuPsND0VTcjLoFZNw2chiep+LqH1KGHMrujPEHEoqsi/46h0/o3KfSf32UeB
LwioashAbVMgC3D7GlFkzJjg7YryUtNLjJebrL4O5bG6SfUTmkMpQL/VOTaGNWko
AwCMwjuPqU48rg/hFZUDnMkJjEDEky5Q7H1XaAtswYFgLPDPeIWxzXlFt5E/nMlm
1s+1+9FfhLWntMcaM1G2C/ddVGTG8MaBYFoEjBE2O4hsspkcp5PU9X5pLZa/WsnX
f3eG//ZL7cnGMn0ySLLKJZs9y5BMr0GXgbVwM6XRxf10yLp+lvZ3JT8L7wIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFFZPiqwiT9HbpNA9mdwUwpW7M6qAMB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvVmstS3JDSlAwZHVrMEQyWjNCVENsYnN6cW9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAW+QNAwQA
W+QPMAwDBAVemiADBABemiQDBABemiYwDQYJKoZIhvcNAQELBQADggEBAE84P1OY
uj7PQauznGuuA93ETguTTUzvAfefcB1TXN7fV/lREvqYtu+4Nm0dbhQv5o3Tv61a
zDEVo1iio0SgOmFJe56mHWkLky6JU27ucSKc5RD4KVi6MnOqAwf1HYEo0weEek1B
QsY1uWgwSNjjPJvLtjvJsg0qJrgwVtOApTrxKhJv9OV/jPJqs6jd4Zo9+hSviX1J
E+PabOXyGJmnPJwbnd5f/XjR+HTWvgwimWWLu70uA3T/YxIgdvY2RKWaI9Kh5TJy
5ZD8/Eoes/ZtkY7ABPBFZctHRyj79U57rl6Vz87S33zdUpOTmXjjqzR5XqnaO1Yz
4wSKm+bEDVMXYVY=
-----END CERTIFICATE-----
Generated at Tue Nov 14 11:40:41 2023 by rpki-client on console-ams.rpki-client.org