Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/VnjVbZSONpyEeAhfr8pnkesuSw0.roa
File: VnjVbZSONpyEeAhfr8pnkesuSw0.roa (raw, json)
Hash identifier: AExrepfx5x1k8hQelPXqwP/SHTfyaw7/qdEaFt2l78M=
Subject key identifier: 56:78:D5:6D:94:8E:36:9C:84:78:08:5F:AF:CA:67:91:EB:2E:4B:0D
Certificate issuer: /CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Certificate serial: 018CC6B81A99B1BE3D1CC2DB13CB67CFFD11
Authority key identifier: AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/VnjVbZSONpyEeAhfr8pnkesuSw0.roa
Signing time: Mon 01 Jan 2024 20:30:03 +0000
ROA not before: Mon 01 Jan 2024 20:30:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209024
IP address blocks: 176.109.68.0/24 maxlen: 24
176.109.66.0/24 maxlen: 24
176.109.69.0/24 maxlen: 24
2a02:28:d::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 May 2024 09:36:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:1a:99:b1:be:3d:1c:c2:db:13:cb:67:cf:fd:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Validity
Not Before: Jan 1 20:30:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5678d56d948e369c8478085fafca6791eb2e4b0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:c7:56:5f:d3:76:64:6c:a3:71:ed:fd:35:25:
0b:2c:a0:ac:01:01:db:09:c2:48:aa:cd:19:62:7d:
1a:86:e7:8e:0c:ec:5b:9a:c9:ca:23:39:bd:f8:8a:
3d:e4:10:af:bf:26:57:c6:50:3a:09:7e:20:18:1e:
44:52:ff:e5:c0:82:35:a8:ea:74:40:6d:db:f7:f8:
4e:01:c9:4a:d2:9a:c2:7a:25:42:db:10:14:f4:ec:
c5:40:c2:51:ad:9f:3f:88:ce:c7:e0:37:b7:1f:06:
b7:26:cb:8a:20:2a:e2:e3:81:5c:46:1b:b9:40:d0:
d3:28:55:23:2d:89:59:bd:66:21:2d:52:1f:32:fe:
8e:f5:c2:cc:27:a2:b3:3d:68:1b:c5:92:21:0c:5b:
07:54:72:bb:3a:5e:fa:ca:18:64:4c:f9:62:ec:60:
59:31:b5:59:24:f9:a2:dc:58:fa:87:9e:7d:a5:4e:
e5:6d:af:e9:bb:aa:91:c6:1f:0c:8f:0b:a7:4e:dd:
7d:06:bf:d7:e2:d1:d9:43:ad:32:cd:42:53:83:4b:
87:de:60:5d:2e:cc:84:83:57:47:f1:9d:5f:d5:db:
93:2e:d7:56:30:db:3b:fd:0c:36:5c:13:3d:94:38:
d8:b9:47:8a:e6:b9:f7:2b:8b:75:80:2d:c5:0c:9f:
a4:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:78:D5:6D:94:8E:36:9C:84:78:08:5F:AF:CA:67:91:EB:2E:4B:0D
X509v3 Authority Key Identifier:
keyid:AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/VnjVbZSONpyEeAhfr8pnkesuSw0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/rv4chZQJrF3nQUxI-Gc5kTvmt-U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.109.66.0/24
176.109.68.0/23
IPv6:
2a02:28:d::/48
Signature Algorithm: sha256WithRSAEncryption
40:7e:e7:4d:d4:e3:a2:a9:c5:81:a0:d6:c7:90:0a:c1:e2:41:
9a:eb:19:78:99:d6:c1:cf:eb:ed:bb:cb:e4:c2:7c:e5:4f:c3:
f3:6e:57:7f:0b:81:7a:ef:3e:11:d9:1d:17:4b:5d:40:b2:60:
f2:5e:d9:76:75:3f:a1:28:3a:98:7e:a8:96:b3:31:dc:ce:f4:
4e:66:f4:fe:b5:2e:bd:90:92:98:85:f3:96:67:37:cc:4c:b1:
dd:16:4e:78:d4:75:84:c0:1c:a1:ae:06:27:04:1f:5f:f5:1a:
b5:fe:44:b5:d1:6f:fe:ac:7a:57:57:b5:90:f4:59:37:c1:a9:
b7:ae:91:98:55:38:d9:fa:5f:ea:9a:8f:e3:f2:af:e2:ec:76:
c1:20:1d:c0:94:f5:91:de:ad:b5:fb:a2:d5:c4:3e:1c:65:02:
c5:eb:39:aa:ec:4c:fd:24:85:00:ec:23:7d:a0:27:e7:48:ea:
1f:14:99:91:09:2f:60:5d:75:d4:e0:a9:ea:ef:81:1b:b2:1f:
13:22:9b:3f:46:fe:1d:98:1b:fa:35:4d:1c:74:a0:d7:f1:2d:
6b:a4:a4:c6:ee:87:7a:65:fc:cf:5e:44:2d:9c:15:18:d4:c6:
ed:c2:f3:66:a0:65:9d:2a:fe:51:a1:78:cd:be:3f:82:89:6b:
37:36:aa:e6
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzGuBqZsb49HMLbE8tnz/0RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZmUxYzg1OTQwOWFjNWRlNzQxNGM0OGY4NjczOTkxM2Jl
NmI3ZTUwHhcNMjQwMTAxMjAzMDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Njc4ZDU2ZDk0OGUzNjljODQ3ODA4NWZhZmNhNjc5MWViMmU0YjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgMdWX9N2ZGyjce39NSULLKCsAQHb
CcJIqs0ZYn0ahueODOxbmsnKIzm9+Io95BCvvyZXxlA6CX4gGB5EUv/lwII1qOp0
QG3b9/hOAclK0prCeiVC2xAU9OzFQMJRrZ8/iM7H4De3Hwa3JsuKICri44FcRhu5
QNDTKFUjLYlZvWYhLVIfMv6O9cLMJ6KzPWgbxZIhDFsHVHK7Ol76yhhkTPli7GBZ
MbVZJPmi3Fj6h559pU7lba/pu6qRxh8MjwunTt19Br/X4tHZQ60yzUJTg0uH3mBd
LsyEg1dH8Z1f1duTLtdWMNs7/Qw2XBM9lDjYuUeK5rn3K4t1gC3FDJ+kKwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFFZ41W2UjjachHgIX6/KZ5HrLksNMB8GA1UdIwQY
MBaAFK7+HIWUCaxd50FMSPhnOZE75rflMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEt
NDI4NDU4Njc5Y2U0LzEvVm5qVmJaU09OcHlFZUFoZnI4cG5rZXN1U3cwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEtNDI4NDU4Njc5Y2U0
LzEvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAsG1CAwQB
sG1EMA8EAgACMAkDBwAqAgAoAA0wDQYJKoZIhvcNAQELBQADggEBAEB+503U46Kp
xYGg1seQCsHiQZrrGXiZ1sHP6+27y+TCfOVPw/NuV38LgXrvPhHZHRdLXUCyYPJe
2XZ1P6EoOph+qJazMdzO9E5m9P61Lr2QkpiF85ZnN8xMsd0WTnjUdYTAHKGuBicE
H1/1GrX+RLXRb/6seldXtZD0WTfBqbeukZhVONn6X+qaj+Pyr+LsdsEgHcCU9ZHe
rbX7otXEPhxlAsXrOarsTP0khQDsI32gJ+dI6h8UmZEJL2BdddTgqervgRuyHxMi
mz9G/h2YG/o1TRx0oNfxLWukpMbuh3pl/M9eRC2cFRjUxu3C82agZZ0q/lGheM2+
P4KJazc2quY=
-----END CERTIFICATE-----
Generated at Thu May 2 13:51:19 2024 by rpki-client on console-fra.rpki-client.org