Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/54bb50-01be-4ec6-9418-eee7fae5c037/1/vYCRwnZ-U0jnE6wgEARtm2kClPc.roa
File: vYCRwnZ-U0jnE6wgEARtm2kClPc.roa (raw, json)
Hash identifier: pk4/5Ic/ZIFXbdY46XMNL7hLGOEmJkAMnxQNt8gxC1U=
Subject key identifier: BD:80:91:C2:76:7E:53:48:E7:13:AC:20:10:04:6D:9B:69:02:94:F7
Certificate issuer: /CN=828672cd736b57e1e3dfc7dd736f3bd8a616ba81
Certificate serial: 018571B9F5345B4BB5CD5A13BF773410E2A7
Authority key identifier: 82:86:72:CD:73:6B:57:E1:E3:DF:C7:DD:73:6F:3B:D8:A6:16:BA:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/goZyzXNrV-Hj38fdc2872KYWuoE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/54bb50-01be-4ec6-9418-eee7fae5c037/1/vYCRwnZ-U0jnE6wgEARtm2kClPc.roa
Signing time: Mon 02 Jan 2023 09:04:50 +0000
ROA not before: Mon 02 Jan 2023 09:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56561
IP address blocks: 5.39.206.0/24 maxlen: 24
5.39.204.0/22 maxlen: 22
5.39.204.0/23 maxlen: 23
5.39.204.0/24 maxlen: 24
5.39.206.0/23 maxlen: 23
5.39.205.0/24 maxlen: 24
5.39.207.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b9:f5:34:5b:4b:b5:cd:5a:13:bf:77:34:10:e2:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=828672cd736b57e1e3dfc7dd736f3bd8a616ba81
Validity
Not Before: Jan 2 09:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bd8091c2767e5348e713ac2010046d9b690294f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:32:de:0c:3f:61:18:b7:37:7a:dd:58:9e:25:
24:a4:85:00:41:2d:d5:0e:5a:bc:b7:54:bd:7c:86:
13:c8:1f:2e:8e:69:87:55:58:34:f6:a8:f6:da:b7:
0d:19:0c:f7:09:a1:7d:bf:5e:49:14:9c:61:8b:5b:
c3:5d:4b:ed:c0:65:68:3a:00:12:9f:29:25:5c:e2:
8f:95:4e:1c:f4:9c:6f:81:d5:30:da:f3:78:c7:ef:
ac:82:93:05:ba:9b:a2:08:f0:0d:71:ed:da:05:b0:
cf:9b:8f:6b:51:9f:d6:20:34:67:a8:3e:3a:53:e0:
9e:d3:d0:48:e5:9d:12:b1:80:4b:38:c0:ea:24:07:
53:ea:78:42:8d:25:f1:5a:c3:cb:c8:87:5a:8f:0d:
c9:72:23:02:68:b6:ed:ef:1d:cd:71:2f:1e:aa:92:
ba:82:06:a3:1c:4f:b3:2e:88:81:23:ef:1d:4d:fe:
3a:66:3e:83:1b:dc:73:0d:18:a0:7b:ec:dd:29:c4:
4d:9b:5e:4a:a1:bc:b6:ad:4d:6a:9c:9f:f0:9f:b9:
a3:a0:41:60:ee:4b:86:78:e7:2b:04:9a:4b:39:6f:
d5:6a:e0:b8:b6:54:83:f9:10:dc:d5:4e:07:48:d4:
b0:b2:88:d2:80:70:bb:7a:82:8b:a8:d0:56:20:8e:
46:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:80:91:C2:76:7E:53:48:E7:13:AC:20:10:04:6D:9B:69:02:94:F7
X509v3 Authority Key Identifier:
keyid:82:86:72:CD:73:6B:57:E1:E3:DF:C7:DD:73:6F:3B:D8:A6:16:BA:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/goZyzXNrV-Hj38fdc2872KYWuoE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/54bb50-01be-4ec6-9418-eee7fae5c037/1/vYCRwnZ-U0jnE6wgEARtm2kClPc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/54bb50-01be-4ec6-9418-eee7fae5c037/1/goZyzXNrV-Hj38fdc2872KYWuoE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.39.204.0/22
Signature Algorithm: sha256WithRSAEncryption
76:e3:c2:0e:79:45:d8:d3:c7:88:8b:32:14:79:e6:80:2e:35:
56:49:fd:ec:7a:d3:9c:62:19:74:6c:8b:79:49:68:1b:6c:af:
ee:e2:ae:52:ae:8c:b5:2c:71:7a:8c:67:5c:bc:03:d9:6c:bf:
dc:ad:6d:a1:f4:90:8b:a8:20:92:a3:ae:97:76:45:2a:fe:f8:
8c:12:60:22:f9:af:bf:e7:46:6a:8e:74:77:59:58:62:44:68:
d5:00:20:18:9a:e5:45:b5:c4:cc:36:d6:2f:62:b9:a0:a0:ba:
75:3e:12:ac:88:a0:37:b8:08:ed:61:00:18:42:d0:73:95:16:
2c:71:27:dc:f4:d8:6e:3e:54:c0:fd:09:8e:af:de:88:fe:5b:
e9:2e:aa:8f:69:49:2e:03:aa:bd:65:fa:79:61:78:0f:0d:c9:
3d:2d:08:6c:af:77:2b:02:14:4e:f0:7b:ff:3f:0f:17:e9:5d:
13:23:50:fc:17:60:c4:30:44:d1:90:7d:e6:b2:c5:55:75:f0:
5d:6b:ee:38:6c:de:2f:56:f2:cb:1e:5c:7f:99:10:f4:11:7e:
52:b1:1e:0e:3e:80:ca:21:b9:9a:1c:a8:28:5b:d1:39:88:df:
d9:dc:08:22:c8:ff:9e:84:15:59:04:ea:c4:81:85:98:39:60:
aa:e0:f0:aa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxufU0W0u1zVoTv3c0EOKnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyODY3MmNkNzM2YjU3ZTFlM2RmYzdkZDczNmYzYmQ4YTYx
NmJhODEwHhcNMjMwMTAyMDkwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDgwOTFjMjc2N2U1MzQ4ZTcxM2FjMjAxMDA0NmQ5YjY5MDI5NGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiDLeDD9hGLc3et1YniUkpIUAQS3V
Dlq8t1S9fIYTyB8ujmmHVVg09qj22rcNGQz3CaF9v15JFJxhi1vDXUvtwGVoOgAS
nyklXOKPlU4c9JxvgdUw2vN4x++sgpMFupuiCPANce3aBbDPm49rUZ/WIDRnqD46
U+Ce09BI5Z0SsYBLOMDqJAdT6nhCjSXxWsPLyIdajw3JciMCaLbt7x3NcS8eqpK6
ggajHE+zLoiBI+8dTf46Zj6DG9xzDRige+zdKcRNm15Koby2rU1qnJ/wn7mjoEFg
7kuGeOcrBJpLOW/VauC4tlSD+RDc1U4HSNSwsojSgHC7eoKLqNBWII5G+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL2AkcJ2flNI5xOsIBAEbZtpApT3MB8GA1UdIwQY
MBaAFIKGcs1za1fh49/H3XNvO9imFrqBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ29aeXpYTnJWLUhqMzhmZGMyODcyS1lXdW9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC81NGJiNTAtMDFiZS00ZWM2LTk0MTgt
ZWVlN2ZhZTVjMDM3LzEvdllDUnduWi1VMGpuRTZ3Z0VBUnRtMmtDbFBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC81NGJiNTAtMDFiZS00ZWM2LTk0MTgtZWVlN2ZhZTVjMDM3
LzEvZ29aeXpYTnJWLUhqMzhmZGMyODcyS1lXdW9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBSfMMA0G
CSqGSIb3DQEBCwUAA4IBAQB248IOeUXY08eIizIUeeaALjVWSf3setOcYhl0bIt5
SWgbbK/u4q5Sroy1LHF6jGdcvAPZbL/crW2h9JCLqCCSo66XdkUq/viMEmAi+a+/
50ZqjnR3WVhiRGjVACAYmuVFtcTMNtYvYrmgoLp1PhKsiKA3uAjtYQAYQtBzlRYs
cSfc9NhuPlTA/QmOr96I/lvpLqqPaUkuA6q9Zfp5YXgPDck9LQhsr3crAhRO8Hv/
Pw8X6V0TI1D8F2DEMETRkH3mssVVdfBda+44bN4vVvLLHlx/mRD0EX5SsR4OPoDK
IbmaHKgoW9E5iN/Z3AgiyP+ehBVZBOrEgYWYOWCq4PCq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:22 2024 by rpki-client on console-ams.rpki-client.org