Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/964411-d327-4136-ab43-306905fafe0e/1/VLu8qXaB6nMyQI0IrTkn42lYGs8.roa
File: VLu8qXaB6nMyQI0IrTkn42lYGs8.roa (raw, json)
Hash identifier: IHfapnZhT9q3vBWij3E9p9XWs/z9gR6tNKdantbH3Ks=
Subject key identifier: 54:BB:BC:A9:76:81:EA:73:32:40:8D:08:AD:39:27:E3:69:58:1A:CF
Certificate issuer: /CN=efc34233ed96424a516e2bf9d39171b62e44b441
Certificate serial: 018CC5DBF220DD7C72BFD30D521259448E31
Authority key identifier: EF:C3:42:33:ED:96:42:4A:51:6E:2B:F9:D3:91:71:B6:2E:44:B4:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/78NCM-2WQkpRbiv505Fxti5EtEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/964411-d327-4136-ab43-306905fafe0e/1/VLu8qXaB6nMyQI0IrTkn42lYGs8.roa
Signing time: Mon 01 Jan 2024 16:29:35 +0000
ROA not before: Mon 01 Jan 2024 16:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57928
IP address blocks: 37.157.8.0/21 maxlen: 21
193.41.95.0/24 maxlen: 24
2a00:bf40::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 31 May 2024 09:36:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:db:f2:20:dd:7c:72:bf:d3:0d:52:12:59:44:8e:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=efc34233ed96424a516e2bf9d39171b62e44b441
Validity
Not Before: Jan 1 16:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=54bbbca97681ea7332408d08ad3927e369581acf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:b8:67:26:0b:f1:b7:b7:e5:04:0d:61:55:de:
12:b5:8d:e0:1a:5b:c7:8f:f9:58:a8:01:da:93:27:
d5:bb:a4:ae:91:e6:e2:e7:f4:60:1a:98:9f:f9:ed:
71:d2:4c:15:bb:74:1d:d9:14:d2:a8:01:cf:18:81:
28:90:f6:88:ac:b3:cb:75:4f:1d:2b:58:4c:b0:06:
dd:f6:49:17:2e:0a:95:e2:df:b2:8a:7e:63:f1:80:
90:ec:07:05:5b:68:26:97:87:7f:d4:a9:f9:ec:ca:
e1:6c:8e:5e:79:75:e2:c5:a7:dd:f9:35:04:2c:f9:
9f:d1:72:19:7f:ac:8c:68:b2:70:aa:89:64:e4:ac:
5b:88:ab:f1:9f:78:e1:50:0e:59:1c:e3:b0:3c:24:
ff:64:da:c4:68:21:d0:6a:06:bf:5d:cb:22:cc:01:
0d:3a:02:f5:95:dd:38:ed:cc:fe:f0:0b:d7:af:1c:
73:1d:e7:0c:7e:1d:8e:83:45:75:66:7b:48:9c:fe:
3b:32:d3:ac:ea:55:3f:8c:8e:cb:ee:8b:69:cc:25:
76:b5:77:24:64:0c:43:ef:a9:fb:d3:0d:ee:5e:de:
dc:be:b7:96:2d:4f:34:cd:e9:79:72:4c:15:2e:f8:
73:32:c6:f0:09:f4:e2:c4:b8:e9:0a:e0:36:01:b1:
ac:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:BB:BC:A9:76:81:EA:73:32:40:8D:08:AD:39:27:E3:69:58:1A:CF
X509v3 Authority Key Identifier:
keyid:EF:C3:42:33:ED:96:42:4A:51:6E:2B:F9:D3:91:71:B6:2E:44:B4:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/78NCM-2WQkpRbiv505Fxti5EtEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/964411-d327-4136-ab43-306905fafe0e/1/VLu8qXaB6nMyQI0IrTkn42lYGs8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/964411-d327-4136-ab43-306905fafe0e/1/78NCM-2WQkpRbiv505Fxti5EtEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.157.8.0/21
193.41.95.0/24
IPv6:
2a00:bf40::/32
Signature Algorithm: sha256WithRSAEncryption
16:80:5a:d4:12:c8:fd:51:1d:cd:2d:8f:03:d3:06:00:ca:d1:
8a:c4:67:07:94:ca:51:a4:f6:b2:a5:f1:10:d9:b3:6e:59:56:
42:da:e4:6c:9a:0a:cf:6e:c6:07:72:8c:f5:09:08:5a:60:5c:
81:46:c5:37:80:db:31:e8:74:af:fc:35:a8:04:15:29:b7:aa:
f5:b0:87:f7:89:4b:ea:df:1e:65:f5:62:54:a1:28:68:b3:f9:
a1:61:b2:77:f4:78:4b:f9:34:62:b9:1a:ee:37:87:66:8f:26:
25:29:32:38:4d:59:72:58:3b:68:c6:e2:b3:49:b4:91:fd:69:
7b:ef:52:60:90:34:ec:13:80:a7:95:66:db:16:11:76:54:fa:
78:ba:d4:19:a9:dc:32:f2:c9:2b:9a:e3:8e:81:02:35:68:ec:
b2:cd:83:10:a3:d9:a8:45:f6:3e:c2:87:e1:4f:6f:a5:78:78:
42:ec:29:e5:ab:d8:85:35:78:14:1d:fc:21:df:b9:13:9e:77:
ce:ae:af:5e:d2:ee:b4:56:28:56:dd:a7:76:81:9c:1e:2d:17:
f1:f0:30:1a:be:67:b0:31:1c:70:4e:11:2b:1e:4c:4d:55:92:
52:56:ad:07:c7:79:63:f3:4d:33:39:2c:ba:04:6b:da:9c:54:
d9:28:be:cc
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzF2/Ig3Xxyv9MNUhJZRI4xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmYzM0MjMzZWQ5NjQyNGE1MTZlMmJmOWQzOTE3MWI2MmU0
NGI0NDEwHhcNMjQwMTAxMTYyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NGJiYmNhOTc2ODFlYTczMzI0MDhkMDhhZDM5MjdlMzY5NTgxYWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqbhnJgvxt7flBA1hVd4StY3gGlvH
j/lYqAHakyfVu6Sukebi5/RgGpif+e1x0kwVu3Qd2RTSqAHPGIEokPaIrLPLdU8d
K1hMsAbd9kkXLgqV4t+yin5j8YCQ7AcFW2gml4d/1Kn57MrhbI5eeXXixafd+TUE
LPmf0XIZf6yMaLJwqolk5KxbiKvxn3jhUA5ZHOOwPCT/ZNrEaCHQaga/XcsizAEN
OgL1ld047cz+8AvXrxxzHecMfh2Og0V1ZntInP47MtOs6lU/jI7L7otpzCV2tXck
ZAxD76n70w3uXt7cvreWLU80zel5ckwVLvhzMsbwCfTixLjpCuA2AbGstwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFS7vKl2gepzMkCNCK05J+NpWBrPMB8GA1UdIwQY
MBaAFO/DQjPtlkJKUW4r+dORcbYuRLRBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzhOQ00tMldRa3BSYml2NTA1Rnh0aTVFdEVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS85NjQ0MTEtZDMyNy00MTM2LWFiNDMt
MzA2OTA1ZmFmZTBlLzEvVkx1OHFYYUI2bk15UUkwSXJUa240MmxZR3M4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS85NjQ0MTEtZDMyNy00MTM2LWFiNDMtMzA2OTA1ZmFmZTBl
LzEvNzhOQ00tMldRa3BSYml2NTA1Rnh0aTVFdEVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDJZ0IAwQA
wSlfMA0EAgACMAcDBQAqAL9AMA0GCSqGSIb3DQEBCwUAA4IBAQAWgFrUEsj9UR3N
LY8D0wYAytGKxGcHlMpRpPaypfEQ2bNuWVZC2uRsmgrPbsYHcoz1CQhaYFyBRsU3
gNsx6HSv/DWoBBUpt6r1sIf3iUvq3x5l9WJUoShos/mhYbJ39HhL+TRiuRruN4dm
jyYlKTI4TVlyWDtoxuKzSbSR/Wl771JgkDTsE4CnlWbbFhF2VPp4utQZqdwy8skr
muOOgQI1aOyyzYMQo9moRfY+wofhT2+leHhC7Cnlq9iFNXgUHfwh37kTnnfOrq9e
0u60VihW3ad2gZweLRfx8DAavmewMRxwThErHkxNVZJSVq0Hx3lj800zOSy6BGva
nFTZKL7M
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:29 2024 by rpki-client on console-fra.rpki-client.org