Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/Vh40PVCeyrdj6IP9kup_nOXlu9k.roa
File: Vh40PVCeyrdj6IP9kup_nOXlu9k.roa (raw, json)
Hash identifier: 2MF3BrjgDmsi7o0zPc5WtaReL+F8sWQFwkP0jPPxG0o=
Subject key identifier: 56:1E:34:3D:50:9E:CA:B7:63:E8:83:FD:92:EA:7F:9C:E5:E5:BB:D9
Certificate issuer: /CN=76a75826e991225a429ff8a1e7ffdc80466420df
Certificate serial: 01856F54AC065CA8D2E80E8E02A17C58DD2B
Authority key identifier: 76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/Vh40PVCeyrdj6IP9kup_nOXlu9k.roa
Signing time: Sun 01 Jan 2023 21:54:58 +0000
ROA not before: Sun 01 Jan 2023 21:54:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60824
IP address blocks: 129.233.192.0/24 maxlen: 24
129.233.194.0/23 maxlen: 23
129.233.193.0/24 maxlen: 24
129.233.196.0/24 maxlen: 24
192.44.7.0/24 maxlen: 24
153.96.60.0/24 maxlen: 24
192.44.14.0/24 maxlen: 24
192.44.16.0/24 maxlen: 24
153.96.70.0/23 maxlen: 23
192.44.22.0/24 maxlen: 24
192.44.19.0/24 maxlen: 24
153.96.72.0/22 maxlen: 22
192.44.27.0/24 maxlen: 24
153.96.88.0/22 maxlen: 22
153.96.28.0/22 maxlen: 22
192.107.236.0/24 maxlen: 24
192.107.235.0/24 maxlen: 24
153.96.32.0/21 maxlen: 21
153.96.204.0/23 maxlen: 23
153.96.206.0/24 maxlen: 24
153.96.114.0/23 maxlen: 23
153.96.128.0/22 maxlen: 22
194.113.96.0/22 maxlen: 22
2a03:db80:4810::/48 maxlen: 48
2a03:db80:4814::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:54:ac:06:5c:a8:d2:e8:0e:8e:02:a1:7c:58:dd:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76a75826e991225a429ff8a1e7ffdc80466420df
Validity
Not Before: Jan 1 21:54:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=561e343d509ecab763e883fd92ea7f9ce5e5bbd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:fa:fc:04:31:4b:a9:68:64:b8:f3:dc:2b:9a:
7e:05:a0:52:08:ce:e4:cf:65:e1:45:19:c1:e9:9e:
5e:9e:ec:78:0f:10:08:7a:3c:9c:be:2e:73:b0:c5:
f6:fd:d8:47:ae:8d:43:36:d9:8b:57:41:6b:b0:75:
da:79:0c:12:d0:12:21:05:78:b9:6e:69:37:ea:d0:
1f:03:83:32:60:18:1e:de:dd:a8:f2:bd:81:cc:01:
3f:67:68:de:47:63:b1:0e:2f:b4:2b:bb:8f:9c:37:
0f:bf:a7:42:48:b7:c3:ba:96:7b:d8:60:26:55:32:
73:e3:29:a1:c0:16:f8:f4:76:ab:cd:99:ca:53:7f:
18:b1:75:10:40:ff:82:e8:95:36:26:ba:1d:3e:1b:
9a:02:85:b4:7e:b0:3a:c3:c6:56:c1:b8:61:5a:04:
bb:05:80:08:c2:c4:63:c7:5d:d5:62:70:e8:28:c4:
d5:63:70:f3:bd:eb:dc:0b:16:0a:c5:2a:97:b4:e3:
f8:1d:d8:63:71:56:09:13:74:cc:76:94:cd:48:87:
9a:91:5c:86:b5:d3:00:5e:1c:4d:a3:a1:d0:07:a6:
6c:73:64:36:8c:bc:f9:5f:f8:9e:18:a6:ea:fc:a8:
d3:6f:c1:c7:92:1d:92:b8:d8:6b:11:a6:d2:d6:39:
20:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:1E:34:3D:50:9E:CA:B7:63:E8:83:FD:92:EA:7F:9C:E5:E5:BB:D9
X509v3 Authority Key Identifier:
keyid:76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/Vh40PVCeyrdj6IP9kup_nOXlu9k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/dqdYJumRIlpCn_ih5__cgEZkIN8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
129.233.192.0-129.233.196.255
153.96.28.0-153.96.39.255
153.96.60.0/24
153.96.70.0-153.96.75.255
153.96.88.0/22
153.96.114.0/23
153.96.128.0/22
153.96.204.0-153.96.206.255
192.44.7.0/24
192.44.14.0/24
192.44.16.0/24
192.44.19.0/24
192.44.22.0/24
192.44.27.0/24
192.107.235.0-192.107.236.255
194.113.96.0/22
IPv6:
2a03:db80:4810::/48
2a03:db80:4814::/48
Signature Algorithm: sha256WithRSAEncryption
b3:22:87:17:2e:2d:18:a0:20:fc:cd:9b:cd:5b:91:7b:82:32:
86:2a:88:72:13:b4:1a:78:a2:cb:5c:51:4c:d2:cc:a3:61:3f:
6a:59:9b:9f:92:93:af:14:25:b4:f3:ea:3c:cf:9c:b8:d5:1e:
95:1c:13:92:04:90:b0:56:ec:1e:c2:71:22:63:bd:85:05:30:
76:f2:e7:9a:7c:3d:0f:3c:23:c0:45:a7:6d:41:5e:e8:f9:39:
56:b3:13:46:21:e4:02:44:94:0f:57:0e:1e:1f:2e:5c:a3:0e:
39:53:41:af:44:2b:d7:a8:ad:59:4f:5a:e5:ed:53:b4:28:9f:
1d:0b:32:e2:ed:3a:f4:82:7d:e3:e9:fd:ff:ad:89:b5:57:04:
be:75:a8:85:d9:1f:68:87:13:7b:fa:ca:a6:b8:e1:8f:95:9d:
58:78:c3:64:c8:f7:0e:f3:d0:e9:cb:68:c2:fe:48:bd:08:17:
04:aa:7e:13:d7:dc:d6:7d:e9:61:14:b4:16:96:03:2e:c1:8c:
b2:a5:3c:ac:88:4c:6d:d1:98:4d:21:1b:a0:36:82:dd:b1:46:
fa:f5:b5:c2:fd:48:d4:2f:55:74:7f:28:c7:2c:ab:e6:85:13:
f2:c7:86:8f:d5:25:ad:1e:4e:6f:35:1b:00:3c:63:b0:89:e6:
84:06:4f:8a
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgISAYVvVKwGXKjS6A6OAqF8WN0rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2YTc1ODI2ZTk5MTIyNWE0MjlmZjhhMWU3ZmZkYzgwNDY2
NDIwZGYwHhcNMjMwMTAxMjE1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjFlMzQzZDUwOWVjYWI3NjNlODgzZmQ5MmVhN2Y5Y2U1ZTViYmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgvr8BDFLqWhkuPPcK5p+BaBSCM7k
z2XhRRnB6Z5enux4DxAIejycvi5zsMX2/dhHro1DNtmLV0FrsHXaeQwS0BIhBXi5
bmk36tAfA4MyYBge3t2o8r2BzAE/Z2jeR2OxDi+0K7uPnDcPv6dCSLfDupZ72GAm
VTJz4ymhwBb49HarzZnKU38YsXUQQP+C6JU2JrodPhuaAoW0frA6w8ZWwbhhWgS7
BYAIwsRjx13VYnDoKMTVY3DzvevcCxYKxSqXtOP4HdhjcVYJE3TMdpTNSIeakVyG
tdMAXhxNo6HQB6Zsc2Q2jLz5X/ieGKbq/KjTb8HHkh2SuNhrEabS1jkgLQIDAQAB
o4ICqjCCAqYwHQYDVR0OBBYEFFYeND1Qnsq3Y+iD/ZLqf5zl5bvZMB8GA1UdIwQY
MBaAFHanWCbpkSJaQp/4oef/3IBGZCDfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHFkWUp1bVJJbHBDbl9paDVfX2NnRVprSU44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS8xZDMzY2EtOGQxYy00OWMwLWJlOTct
YWQ4ZmJlYWE4ZGQ5LzEvVmg0MFBWQ2V5cmRqNklQOWt1cF9uT1hsdTlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS8xZDMzY2EtOGQxYy00OWMwLWJlOTctYWQ4ZmJlYWE4ZGQ5
LzEvZHFkWUp1bVJJbHBDbl9paDVfX2NnRVprSU44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG/BggrBgEFBQcBBwEB/wSBrzCBrDCBjwQCAAEwgYgwDAME
BoHpwAMEAIHpxDAMAwQCmWAcAwQDmWAgAwQAmWA8MAwDBAGZYEYDBAKZYEgDBAKZ
YFgDBAGZYHIDBAKZYIAwDAMEAplgzAMEAJlgzgMEAMAsBwMEAMAsDgMEAMAsEAME
AMAsEwMEAMAsFgMEAMAsGzAMAwQAwGvrAwQAwGvsAwQCwnFgMBgEAgACMBIDBwAq
A9uASBADBwAqA9uASBQwDQYJKoZIhvcNAQELBQADggEBALMihxcuLRigIPzNm81b
kXuCMoYqiHITtBp4ostcUUzSzKNhP2pZm5+Sk68UJbTz6jzPnLjVHpUcE5IEkLBW
7B7CcSJjvYUFMHby55p8PQ88I8BFp21BXuj5OVazE0Yh5AJElA9XDh4fLlyjDjlT
Qa9EK9eorVlPWuXtU7Qonx0LMuLtOvSCfePp/f+tibVXBL51qIXZH2iHE3v6yqa4
4Y+VnVh4w2TI9w7z0OnLaML+SL0IFwSqfhPX3NZ96WEUtBaWAy7BjLKlPKyITG3R
mE0hG6A2gt2xRvr1tcL9SNQvVXR/KMcsq+aFE/LHho/VJa0eTm81GwA8Y7CJ5oQG
T4o=
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:32:15 2024 by rpki-client on console-ams.rpki-client.org