Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/VFyEMZQVqQKGn1_m2cb6XffWpnU.roa
File: VFyEMZQVqQKGn1_m2cb6XffWpnU.roa (raw, json)
Hash identifier: PRznJV2s3aDM/yrddVhe9XWnrPHvplsDjAa5ZLxRq88=
Subject key identifier: 54:5C:84:31:94:15:A9:02:86:9F:5F:E6:D9:C6:FA:5D:F7:D6:A6:75
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 018DD60A306B005A14BF064D141EE1D29AC0
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/VFyEMZQVqQKGn1_m2cb6XffWpnU.roa
Signing time: Fri 23 Feb 2024 12:56:48 +0000
ROA not before: Fri 23 Feb 2024 12:56:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48031
IP address blocks: 91.246.48.0/24 maxlen: 24
91.247.166.0/24 maxlen: 24
91.247.173.0/24 maxlen: 24
176.97.203.0/24 maxlen: 24
193.160.219.0/24 maxlen: 24
194.105.60.0/24 maxlen: 24
194.107.92.0/24 maxlen: 24
217.198.179.0/24 maxlen: 24
217.198.180.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 26 Feb 2024 18:35:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:d6:0a:30:6b:00:5a:14:bf:06:4d:14:1e:e1:d2:9a:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Feb 23 12:56:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=545c84319415a902869f5fe6d9c6fa5df7d6a675
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:20:c9:2b:38:94:22:f7:7e:7d:3d:1c:44:57:
05:19:63:a7:85:4c:b1:aa:44:b2:10:22:a7:b9:9b:
47:93:f5:00:d3:e5:26:e5:85:05:89:c6:b0:ca:fa:
e3:cf:1d:03:b9:c5:d0:a0:b4:2e:c2:b3:f5:dc:28:
26:50:4a:f6:a4:fb:c5:1a:44:f7:93:c0:b5:3a:33:
e0:bf:b2:2a:b8:ea:48:6a:ee:b3:53:e5:ae:80:48:
bd:68:fc:65:58:00:22:b3:ed:1d:17:4e:a9:ac:6c:
0e:eb:55:75:bb:19:24:36:08:09:f6:64:aa:81:c5:
66:db:47:a4:f0:86:f5:6a:ea:f9:df:67:ca:27:4e:
db:b6:e7:62:86:f9:5b:4e:07:9a:48:5e:fb:12:a4:
08:ce:a9:8c:44:86:aa:36:4a:85:c1:d6:f7:c0:b1:
5f:82:ea:f6:21:1f:59:92:8d:45:63:56:bb:51:c8:
b7:df:b3:65:2f:58:5a:89:cd:25:57:d4:a8:3d:61:
ab:97:79:f2:7a:ed:cf:e9:27:d6:10:c3:62:a2:04:
f7:0e:68:4e:39:09:2a:b6:f0:bc:2f:6a:4f:d8:de:
c2:ff:f9:65:24:9e:fd:dd:03:71:1d:ee:68:15:5d:
7e:72:a8:c2:bb:c7:03:e2:7d:c2:c2:4a:87:22:74:
3e:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:5C:84:31:94:15:A9:02:86:9F:5F:E6:D9:C6:FA:5D:F7:D6:A6:75
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/VFyEMZQVqQKGn1_m2cb6XffWpnU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.246.48.0/24
91.247.166.0/24
91.247.173.0/24
176.97.203.0/24
193.160.219.0/24
194.105.60.0/24
194.107.92.0/24
217.198.179.0-217.198.180.255
Signature Algorithm: sha256WithRSAEncryption
68:a6:3e:58:ed:50:d4:cb:0b:eb:04:83:5e:27:05:75:1e:e0:
d9:5c:af:8c:83:d1:96:69:15:f6:0f:6a:45:e2:b0:2d:75:b5:
92:f4:be:46:aa:72:86:48:a7:73:2d:ef:2b:0e:f2:24:36:0c:
bc:fe:f4:36:e9:69:be:bb:cd:a9:33:07:6a:b3:84:d3:59:ce:
e7:54:62:15:d6:ed:d1:81:d4:4e:04:d0:bf:fa:78:36:58:d6:
44:a3:ae:f0:33:64:9b:89:78:15:e2:d6:ea:ed:15:a0:31:f7:
bf:13:c1:42:ba:50:b3:10:19:bb:ab:ba:43:c9:dd:dc:d5:4e:
39:a1:a3:42:58:35:1a:9d:ae:56:a3:fb:2e:20:2d:2a:21:b9:
46:b5:0e:9b:35:b6:8e:86:9f:42:09:77:8f:ae:53:ea:91:15:
de:65:6d:5b:32:26:a6:b8:7c:01:de:78:65:d7:a4:fc:1d:8f:
26:05:02:d1:cd:cb:9f:58:31:a9:12:52:d5:f9:9a:80:22:10:
2d:20:c1:36:db:7a:0f:34:4a:cf:cf:2b:5f:33:e6:99:51:6a:
df:a1:ab:71:1e:51:ae:a8:1f:f6:5a:d6:47:a3:23:68:98:74:
6d:1f:33:d3:ef:28:de:b8:83:05:f6:c5:4d:42:c5:e5:56:ba:
1c:19:7a:70
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAY3WCjBrAFoUvwZNFB7h0prAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwMjIzMTI1NjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDVjODQzMTk0MTVhOTAyODY5ZjVmZTZkOWM2ZmE1ZGY3ZDZhNjc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvyDJKziUIvd+fT0cRFcFGWOnhUyx
qkSyECKnuZtHk/UA0+Um5YUFicawyvrjzx0DucXQoLQuwrP13CgmUEr2pPvFGkT3
k8C1OjPgv7IquOpIau6zU+WugEi9aPxlWAAis+0dF06prGwO61V1uxkkNggJ9mSq
gcVm20ek8Ib1aur532fKJ07btudihvlbTgeaSF77EqQIzqmMRIaqNkqFwdb3wLFf
gur2IR9Zko1FY1a7Uci337NlL1haic0lV9SoPWGrl3nyeu3P6SfWEMNiogT3DmhO
OQkqtvC8L2pP2N7C//llJJ793QNxHe5oFV1+cqjCu8cD4n3CwkqHInQ+KwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFFRchDGUFakChp9f5tnG+l331qZ1MB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvVkZ5RU1aUVZxUUtHbjFfbTJjYjZYZmZXcG5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAW/YwAwQA
W/emAwQAW/etAwQAsGHLAwQAwaDbAwQAwmk8AwQAwmtcMAwDBADZxrMDBADZxrQw
DQYJKoZIhvcNAQELBQADggEBAGimPljtUNTLC+sEg14nBXUe4Nlcr4yD0ZZpFfYP
akXisC11tZL0vkaqcoZIp3Mt7ysO8iQ2DLz+9Dbpab67zakzB2qzhNNZzudUYhXW
7dGB1E4E0L/6eDZY1kSjrvAzZJuJeBXi1urtFaAx978TwUK6ULMQGburukPJ3dzV
Tjmho0JYNRqdrlaj+y4gLSohuUa1Dps1to6Gn0IJd4+uU+qRFd5lbVsyJqa4fAHe
eGXXpPwdjyYFAtHNy59YMakSUtX5moAiEC0gwTbbeg80Ss/PK18z5plRat+hq3Ee
Ua6oH/Za1kejI2iYdG0fM9PvKN64gwX2xU1CxeVWuhwZenA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:48 2024 by rpki-client on console-ams.rpki-client.org