Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/f35406-d8c4-4f5c-92ac-256da95d1345/1/vHVTFVBZzyQAGjot3zz95OEsWO8.roa
File: vHVTFVBZzyQAGjot3zz95OEsWO8.roa (raw, json)
Hash identifier: GrhQMDg3ukDwsjnG3sH/lEXUGAvBlifKIf7zVRcnW8M=
Subject key identifier: BC:75:53:15:50:59:CF:24:00:1A:3A:2D:DF:3C:FD:E4:E1:2C:58:EF
Certificate issuer: /CN=91381bc969de6adc3d1ddc0eb89bdeeace9805cd
Certificate serial: 018925D2FA4CC30CEF7B485A34844780904C
Authority key identifier: 91:38:1B:C9:69:DE:6A:DC:3D:1D:DC:0E:B8:9B:DE:EA:CE:98:05:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kTgbyWneatw9HdwOuJve6s6YBc0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/f35406-d8c4-4f5c-92ac-256da95d1345/1/vHVTFVBZzyQAGjot3zz95OEsWO8.roa
Signing time: Wed 05 Jul 2023 11:32:10 +0000
ROA not before: Wed 05 Jul 2023 11:32:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3561
IP address blocks: 82.112.174.0/24 maxlen: 24
82.112.175.0/24 maxlen: 24
185.143.78.0/24 maxlen: 24
185.143.76.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:25:d2:fa:4c:c3:0c:ef:7b:48:5a:34:84:47:80:90:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91381bc969de6adc3d1ddc0eb89bdeeace9805cd
Validity
Not Before: Jul 5 11:32:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bc7553155059cf24001a3a2ddf3cfde4e12c58ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:ca:3f:56:a9:e9:d3:67:f2:f1:35:34:7b:9c:
77:86:74:9d:01:e6:a4:78:9f:cd:7b:d6:7d:66:2a:
7a:c8:33:0a:d8:27:17:d4:e5:c4:3d:d6:10:64:07:
ee:11:44:24:e2:c1:f2:15:52:6c:cb:d8:1d:a5:a8:
41:82:6f:db:c6:74:a2:8b:8e:22:40:64:66:26:57:
3e:04:c6:ee:77:cc:c2:04:80:18:05:b8:37:be:52:
97:1d:7b:51:0a:fc:36:06:4f:b8:81:3b:db:ba:c8:
2c:53:dc:80:e6:50:4c:e0:e8:75:34:6c:0c:90:ae:
73:18:3b:bb:f9:02:e2:b8:24:e9:b7:00:a8:cf:ed:
df:85:d9:a5:a6:cb:b7:64:3c:83:da:fd:f5:77:d6:
17:41:66:bb:83:22:dd:ce:b4:6e:eb:2d:3f:a3:f6:
13:7d:eb:53:0f:a6:de:3a:73:c2:c2:23:b9:ec:00:
d3:04:8b:f0:a7:c5:f8:e9:7e:bb:32:ea:c5:29:fd:
74:28:8c:06:c1:1e:a8:bc:6a:95:9a:2c:27:4d:5a:
a7:6e:21:7e:33:7f:e9:a9:13:ca:a1:20:9a:74:15:
ff:d5:26:e9:b4:8d:86:0d:6b:55:7c:28:9c:54:67:
c7:0e:35:c5:a4:fb:2a:ca:f6:4b:1c:65:97:5d:bb:
ee:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:75:53:15:50:59:CF:24:00:1A:3A:2D:DF:3C:FD:E4:E1:2C:58:EF
X509v3 Authority Key Identifier:
keyid:91:38:1B:C9:69:DE:6A:DC:3D:1D:DC:0E:B8:9B:DE:EA:CE:98:05:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kTgbyWneatw9HdwOuJve6s6YBc0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/f35406-d8c4-4f5c-92ac-256da95d1345/1/vHVTFVBZzyQAGjot3zz95OEsWO8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/f35406-d8c4-4f5c-92ac-256da95d1345/1/kTgbyWneatw9HdwOuJve6s6YBc0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.112.174.0/23
185.143.76.0/24
185.143.78.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:d4:41:3c:f5:a5:7e:0f:23:fb:a8:28:84:bf:d9:a3:c4:b3:
3d:05:78:49:54:51:fc:37:e4:11:f7:d7:02:eb:20:ba:22:23:
01:a5:0b:80:b2:8a:82:5a:d1:da:b6:a9:d2:f7:29:38:95:22:
ba:05:cb:47:c3:cf:6d:b7:b5:78:66:a2:93:68:a2:20:40:d6:
a7:1b:ff:24:6f:97:e7:9f:1b:0a:6f:91:34:d6:10:bb:ca:a0:
47:f1:22:b8:c0:8d:ab:df:09:77:ee:85:d8:ce:62:4f:da:e2:
85:fa:50:de:81:08:7a:9b:67:40:6b:e8:db:44:16:92:c8:eb:
e1:91:ec:3e:57:0a:92:5e:ae:ab:fb:5c:a2:d3:6d:bf:3f:76:
be:88:9f:6c:9f:38:43:2f:17:13:d4:6c:bc:1e:38:9f:79:49:
2d:51:5d:8c:2d:a0:64:0a:76:d5:7f:33:37:52:e4:d9:d1:2b:
e1:ff:96:7c:70:17:51:7b:fd:d8:c7:0a:b0:2e:e8:9f:df:cf:
1d:06:4a:4a:1b:fa:78:5b:39:8a:2c:4f:12:8a:80:70:08:1e:
a0:fd:dd:ea:bf:6d:63:da:ec:ad:56:63:bf:50:f7:7a:71:3d:
98:4a:7d:f5:5b:57:4a:10:67:a6:d8:46:cc:67:f5:7f:1c:9f:
91:e6:40:29
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYkl0vpMwwzve0haNIRHgJBMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxMzgxYmM5NjlkZTZhZGMzZDFkZGMwZWI4OWJkZWVhY2U5
ODA1Y2QwHhcNMjMwNzA1MTEzMjEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzc1NTMxNTUwNTljZjI0MDAxYTNhMmRkZjNjZmRlNGUxMmM1OGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiso/Vqnp02fy8TU0e5x3hnSdAeak
eJ/Ne9Z9Zip6yDMK2CcX1OXEPdYQZAfuEUQk4sHyFVJsy9gdpahBgm/bxnSii44i
QGRmJlc+BMbud8zCBIAYBbg3vlKXHXtRCvw2Bk+4gTvbusgsU9yA5lBM4Oh1NGwM
kK5zGDu7+QLiuCTptwCoz+3fhdmlpsu3ZDyD2v31d9YXQWa7gyLdzrRu6y0/o/YT
fetTD6beOnPCwiO57ADTBIvwp8X46X67MurFKf10KIwGwR6ovGqVmiwnTVqnbiF+
M3/pqRPKoSCadBX/1SbptI2GDWtVfCicVGfHDjXFpPsqyvZLHGWXXbvuwwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLx1UxVQWc8kABo6Ld88/eThLFjvMB8GA1UdIwQY
MBaAFJE4G8lp3mrcPR3cDrib3urOmAXNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1RnYnlXbmVhdHc5SGR3T3VKdmU2czZZQmMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9mMzU0MDYtZDhjNC00ZjVjLTkyYWMt
MjU2ZGE5NWQxMzQ1LzEvdkhWVEZWQlp6eVFBR2pvdDN6ejk1T0VzV084LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9mMzU0MDYtZDhjNC00ZjVjLTkyYWMtMjU2ZGE5NWQxMzQ1
LzEva1RnYnlXbmVhdHc5SGR3T3VKdmU2czZZQmMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBUnCuAwQA
uY9MAwQAuY9OMA0GCSqGSIb3DQEBCwUAA4IBAQCr1EE89aV+DyP7qCiEv9mjxLM9
BXhJVFH8N+QR99cC6yC6IiMBpQuAsoqCWtHatqnS9yk4lSK6BctHw89tt7V4ZqKT
aKIgQNanG/8kb5fnnxsKb5E01hC7yqBH8SK4wI2r3wl37oXYzmJP2uKF+lDegQh6
m2dAa+jbRBaSyOvhkew+VwqSXq6r+1yi022/P3a+iJ9snzhDLxcT1Gy8HjifeUkt
UV2MLaBkCnbVfzM3UuTZ0Svh/5Z8cBdRe/3YxwqwLuif388dBkpKG/p4WzmKLE8S
ioBwCB6g/d3qv21j2uytVmO/UPd6cT2YSn31W1dKEGem2EbMZ/V/HJ+R5kAp
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:05 2023 by rpki-client on console-fra.rpki-client.org