Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/e1171c-5270-49cd-9379-b95b08a23ae1/1/VVS1JT0eV-yyQdQFQk_jIujKSFc.roa
File: VVS1JT0eV-yyQdQFQk_jIujKSFc.roa (raw, json)
Hash identifier: 8DEHH9Za7SuAnpmuAVJl42U46Qs0NhDOfcoOBVj5bGY=
Subject key identifier: 55:54:B5:25:3D:1E:57:EC:B2:41:D4:05:42:4F:E3:22:E8:CA:48:57
Certificate issuer: /CN=408af485b4fd0f03717cd4a709ef11c61d3ef46e
Certificate serial: 0186929C4ED6B48A1F1022CC08788C2C1211
Authority key identifier: 40:8A:F4:85:B4:FD:0F:03:71:7C:D4:A7:09:EF:11:C6:1D:3E:F4:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QIr0hbT9DwNxfNSnCe8Rxh0-9G4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/e1171c-5270-49cd-9379-b95b08a23ae1/1/VVS1JT0eV-yyQdQFQk_jIujKSFc.roa
Signing time: Mon 27 Feb 2023 11:22:42 +0000
ROA not before: Mon 27 Feb 2023 11:22:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59854
IP address blocks: 188.214.142.0/24 maxlen: 24
89.35.173.0/24 maxlen: 24
93.119.227.0/24 maxlen: 24
185.171.185.0/24 maxlen: 24
185.171.184.0/24 maxlen: 24
185.171.187.0/24 maxlen: 24
77.81.164.0/23 maxlen: 23
128.0.46.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:92:9c:4e:d6:b4:8a:1f:10:22:cc:08:78:8c:2c:12:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=408af485b4fd0f03717cd4a709ef11c61d3ef46e
Validity
Not Before: Feb 27 11:22:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5554b5253d1e57ecb241d405424fe322e8ca4857
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:db:b0:28:53:25:5b:aa:6d:95:ff:40:62:98:
15:9c:2d:be:74:23:24:c0:e8:60:31:d4:6c:c2:2a:
ee:84:ed:6c:4f:d4:f8:16:11:2e:3a:0a:e6:f3:a4:
ca:1b:bd:95:27:d8:b2:2e:2b:f8:08:0e:56:2d:4c:
3d:61:49:e6:69:98:e7:ea:86:cb:b7:5e:19:1d:f7:
2b:16:84:aa:f7:b0:2b:e6:87:e9:1d:44:79:be:6d:
90:e2:6c:3c:01:19:ac:e3:39:95:6c:2f:96:48:5d:
e6:e4:10:37:c2:e9:0d:20:e8:b4:05:78:49:56:30:
89:72:99:37:d3:33:72:d5:89:c9:fd:87:87:4c:ee:
25:66:5f:2f:29:8b:8d:87:73:ff:fa:c7:18:b5:99:
25:c7:cc:09:b6:68:35:77:ae:b9:bc:d4:1b:64:d2:
85:d5:12:e7:73:67:0c:65:fd:a5:dc:96:0d:87:f0:
e8:10:24:24:d5:81:5c:da:4f:a8:56:41:d4:dd:63:
99:3b:c9:74:5e:92:3f:fc:b4:17:7e:71:48:ca:80:
1c:c5:b1:b9:88:fe:81:f7:c8:8a:fe:b7:d4:77:04:
1c:c5:77:f6:48:cd:97:48:8d:b7:70:13:a4:2d:26:
47:7a:09:30:bd:47:b8:3e:46:69:ef:95:34:a2:94:
48:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:54:B5:25:3D:1E:57:EC:B2:41:D4:05:42:4F:E3:22:E8:CA:48:57
X509v3 Authority Key Identifier:
keyid:40:8A:F4:85:B4:FD:0F:03:71:7C:D4:A7:09:EF:11:C6:1D:3E:F4:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QIr0hbT9DwNxfNSnCe8Rxh0-9G4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/e1171c-5270-49cd-9379-b95b08a23ae1/1/VVS1JT0eV-yyQdQFQk_jIujKSFc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/e1171c-5270-49cd-9379-b95b08a23ae1/1/QIr0hbT9DwNxfNSnCe8Rxh0-9G4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.81.164.0/23
89.35.173.0/24
93.119.227.0/24
128.0.46.0/23
185.171.184.0/23
185.171.187.0/24
188.214.142.0/24
Signature Algorithm: sha256WithRSAEncryption
64:a8:e1:54:f8:8f:4e:19:b0:4d:5c:47:c6:cd:83:7a:e9:ea:
32:17:c5:7e:b2:b1:cb:60:22:b0:1d:70:98:7e:bc:39:16:fa:
09:31:b6:f4:0d:f7:b8:a7:c0:30:87:76:bd:d4:01:88:92:05:
ae:90:b6:fe:82:76:60:b9:eb:86:38:52:ba:81:5d:7c:71:e3:
aa:5c:0a:8b:83:78:8d:de:3d:be:7a:a4:8e:6f:55:6c:61:0e:
82:c2:8a:c8:db:d5:7d:6b:c1:36:c1:c8:bf:da:2b:28:37:23:
6d:9e:58:85:07:ce:1c:a3:61:a3:a2:b0:9a:b1:dd:fd:d4:15:
78:1b:22:0a:43:6a:a3:b3:a5:4e:26:f0:b7:e8:83:1c:fc:d0:
6b:9e:4c:3a:9e:4a:27:0a:be:d9:ff:d3:9d:8e:1c:07:2f:fb:
ab:30:af:11:b8:46:19:45:e2:fb:9f:ce:46:df:17:6c:78:de:
79:95:03:2d:c0:d5:15:d0:dc:7f:b2:3a:00:ed:27:e9:39:77:
6a:15:57:45:55:be:2e:9d:4c:af:36:f1:19:59:b8:56:b7:2a:
af:0e:17:05:cb:85:39:ef:97:3d:b0:0b:7f:90:d4:ac:50:ec:
51:97:ab:74:8d:07:5c:0a:0c:0f:9b:55:a2:3b:33:c2:73:8f:
2d:5d:91:63
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYaSnE7WtIofECLMCHiMLBIRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwOGFmNDg1YjRmZDBmMDM3MTdjZDRhNzA5ZWYxMWM2MWQz
ZWY0NmUwHhcNMjMwMjI3MTEyMjQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTU0YjUyNTNkMWU1N2VjYjI0MWQ0MDU0MjRmZTMyMmU4Y2E0ODU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA19uwKFMlW6ptlf9AYpgVnC2+dCMk
wOhgMdRswiruhO1sT9T4FhEuOgrm86TKG72VJ9iyLiv4CA5WLUw9YUnmaZjn6obL
t14ZHfcrFoSq97Ar5ofpHUR5vm2Q4mw8ARms4zmVbC+WSF3m5BA3wukNIOi0BXhJ
VjCJcpk30zNy1YnJ/YeHTO4lZl8vKYuNh3P/+scYtZklx8wJtmg1d665vNQbZNKF
1RLnc2cMZf2l3JYNh/DoECQk1YFc2k+oVkHU3WOZO8l0XpI//LQXfnFIyoAcxbG5
iP6B98iK/rfUdwQcxXf2SM2XSI23cBOkLSZHegkwvUe4PkZp75U0opRIuQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFFVUtSU9HlfsskHUBUJP4yLoykhXMB8GA1UdIwQY
MBaAFECK9IW0/Q8DcXzUpwnvEcYdPvRuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUlyMGhiVDlEd054Zk5TbkNlOFJ4aDAtOUc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9lMTE3MWMtNTI3MC00OWNkLTkzNzkt
Yjk1YjA4YTIzYWUxLzEvVlZTMUpUMGVWLXl5UWRRRlFrX2pJdWpLU0ZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9lMTE3MWMtNTI3MC00OWNkLTkzNzktYjk1YjA4YTIzYWUx
LzEvUUlyMGhiVDlEd054Zk5TbkNlOFJ4aDAtOUc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBTVGkAwQA
WSOtAwQAXXfjAwQBgAAuAwQBuau4AwQAuau7AwQAvNaOMA0GCSqGSIb3DQEBCwUA
A4IBAQBkqOFU+I9OGbBNXEfGzYN66eoyF8V+srHLYCKwHXCYfrw5FvoJMbb0Dfe4
p8Awh3a91AGIkgWukLb+gnZgueuGOFK6gV18ceOqXAqLg3iN3j2+eqSOb1VsYQ6C
worI29V9a8E2wci/2isoNyNtnliFB84co2GjorCasd391BV4GyIKQ2qjs6VOJvC3
6IMc/NBrnkw6nkonCr7Z/9OdjhwHL/urMK8RuEYZReL7n85G3xdseN55lQMtwNUV
0Nx/sjoA7SfpOXdqFVdFVb4unUyvNvEZWbhWtyqvDhcFy4U575c9sAt/kNSsUOxR
l6t0jQdcCgwPm1WiOzPCc48tXZFj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:27 2024 by rpki-client on console-fra.rpki-client.org