Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/a21c9e-87f1-4983-8394-de37673c409c/1/vKqJ8WMpu5oJurGqca6CepfgUOs.roa
File: vKqJ8WMpu5oJurGqca6CepfgUOs.roa (raw, json)
Hash identifier: CO4lmSxBB8U0qAGB+mhLlEygquW5tALZGIx3ZoT0GaA=
Subject key identifier: BC:AA:89:F1:63:29:BB:9A:09:BA:B1:AA:71:AE:82:7A:97:E0:50:EB
Certificate issuer: /CN=aa54c4763ea018c3dc70203d04efe71fd4b1b066
Certificate serial: 01856D8AF565AC4515678DC1D5EF01CC16D8
Authority key identifier: AA:54:C4:76:3E:A0:18:C3:DC:70:20:3D:04:EF:E7:1F:D4:B1:B0:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qlTEdj6gGMPccCA9BO_nH9SxsGY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/a21c9e-87f1-4983-8394-de37673c409c/1/vKqJ8WMpu5oJurGqca6CepfgUOs.roa
Signing time: Sun 01 Jan 2023 13:35:01 +0000
ROA not before: Sun 01 Jan 2023 13:35:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42010
IP address blocks: 185.136.72.0/22 maxlen: 24
5.175.56.0/21 maxlen: 24
Validation: Failed, certificate revoked on Fri 17 Nov 2023 08:50:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:8a:f5:65:ac:45:15:67:8d:c1:d5:ef:01:cc:16:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa54c4763ea018c3dc70203d04efe71fd4b1b066
Validity
Not Before: Jan 1 13:35:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bcaa89f16329bb9a09bab1aa71ae827a97e050eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:20:8f:b7:be:89:cb:5b:bd:b3:d9:52:f0:37:
4a:ab:19:5e:83:ec:47:0f:f4:99:5b:3e:37:82:87:
80:8d:e8:a5:e4:4f:bb:c1:db:db:9c:f4:bc:ff:9e:
e3:76:f2:46:f4:98:86:f7:8e:18:c6:b4:f9:37:3d:
02:e5:16:18:96:b7:ab:c0:2e:b8:5c:61:04:1d:47:
ed:5c:00:65:9b:43:ec:50:62:17:f4:4c:ea:33:4b:
9a:32:f2:ab:63:a6:72:ce:c2:a2:fc:fd:38:c2:9c:
ef:0d:63:9f:87:2b:d5:36:32:9f:dc:96:ff:63:b8:
4e:5e:4b:39:57:42:df:ad:e8:d6:cc:b4:ba:d5:d1:
2a:46:47:1b:f2:67:70:ba:57:25:5d:86:f3:36:36:
7c:68:79:eb:6c:eb:c9:e5:a9:74:1f:39:3b:47:87:
3f:e2:b8:48:38:d0:df:d3:15:23:ee:6b:f4:53:4e:
9b:a5:eb:93:6c:2c:f1:d8:75:23:66:e4:b1:a8:46:
5a:f8:5f:13:e9:d3:3b:57:86:7f:11:c5:dd:e6:b1:
d3:7b:db:d3:c8:f1:46:7b:2d:52:22:5e:87:48:a0:
4b:f3:6f:37:69:88:4b:d3:75:48:c9:11:7b:ab:62:
7b:68:1e:14:94:28:06:d0:2b:0f:be:cc:b9:bb:65:
e4:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:AA:89:F1:63:29:BB:9A:09:BA:B1:AA:71:AE:82:7A:97:E0:50:EB
X509v3 Authority Key Identifier:
keyid:AA:54:C4:76:3E:A0:18:C3:DC:70:20:3D:04:EF:E7:1F:D4:B1:B0:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qlTEdj6gGMPccCA9BO_nH9SxsGY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/a21c9e-87f1-4983-8394-de37673c409c/1/vKqJ8WMpu5oJurGqca6CepfgUOs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/a21c9e-87f1-4983-8394-de37673c409c/1/qlTEdj6gGMPccCA9BO_nH9SxsGY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.175.56.0/21
185.136.72.0/22
Signature Algorithm: sha256WithRSAEncryption
c4:6f:a2:36:d4:98:e0:cf:01:7a:d4:3b:45:5e:db:a3:52:97:
88:2e:e6:5a:b8:18:77:53:68:8a:6e:e2:de:1e:b7:db:0c:a0:
11:d0:3a:a9:97:9a:fa:76:61:58:47:c9:ba:30:c6:a3:ee:51:
10:45:8d:15:29:72:48:f8:82:89:5a:d0:96:3f:a3:70:db:63:
73:81:48:2b:25:81:df:79:13:27:74:f1:8a:32:c0:c7:4a:9e:
fe:63:a5:5d:4f:37:32:86:c5:00:0f:63:1c:4d:b0:17:fc:52:
f9:17:11:36:4e:9c:f1:77:c1:15:d9:1a:14:b7:35:b8:2e:c2:
1c:53:39:d9:ec:ae:6e:d7:85:90:2f:5c:49:21:e3:24:5f:54:
fd:ef:43:f0:e3:cb:ed:1b:5a:a1:eb:5d:b8:4e:4f:f3:d3:0a:
c2:99:64:c9:92:87:b6:16:5e:d6:b2:65:89:a0:bd:67:5d:b1:
74:6c:73:22:a0:11:4d:62:f9:09:da:d1:a4:7a:27:be:d7:d3:
40:01:40:7d:32:94:fe:ba:be:ef:c3:04:bd:dc:cf:92:6e:94:
51:54:be:34:52:ca:c0:22:89:e7:28:93:bd:59:28:4a:e7:53:
37:25:e5:e7:4e:8a:67:41:8f:15:77:25:f6:f0:2f:cf:a3:84:
21:ba:21:d2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtivVlrEUVZ43B1e8BzBbYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhNTRjNDc2M2VhMDE4YzNkYzcwMjAzZDA0ZWZlNzFmZDRi
MWIwNjYwHhcNMjMwMTAxMTMzNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2FhODlmMTYzMjliYjlhMDliYWIxYWE3MWFlODI3YTk3ZTA1MGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApyCPt76Jy1u9s9lS8DdKqxleg+xH
D/SZWz43goeAjeil5E+7wdvbnPS8/57jdvJG9JiG944YxrT5Nz0C5RYYlrerwC64
XGEEHUftXABlm0PsUGIX9EzqM0uaMvKrY6ZyzsKi/P04wpzvDWOfhyvVNjKf3Jb/
Y7hOXks5V0LfrejWzLS61dEqRkcb8mdwulclXYbzNjZ8aHnrbOvJ5al0Hzk7R4c/
4rhIONDf0xUj7mv0U06bpeuTbCzx2HUjZuSxqEZa+F8T6dM7V4Z/EcXd5rHTe9vT
yPFGey1SIl6HSKBL8283aYhL03VIyRF7q2J7aB4UlCgG0CsPvsy5u2XkuQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLyqifFjKbuaCbqxqnGugnqX4FDrMB8GA1UdIwQY
MBaAFKpUxHY+oBjD3HAgPQTv5x/UsbBmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWxURWRqNmdHTVBjY0NBOUJPX25IOVN4c0dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9hMjFjOWUtODdmMS00OTgzLTgzOTQt
ZGUzNzY3M2M0MDljLzEvdktxSjhXTXB1NW9KdXJHcWNhNkNlcGZnVU9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9hMjFjOWUtODdmMS00OTgzLTgzOTQtZGUzNzY3M2M0MDlj
LzEvcWxURWRqNmdHTVBjY0NBOUJPX25IOVN4c0dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDBa84AwQC
uYhIMA0GCSqGSIb3DQEBCwUAA4IBAQDEb6I21JjgzwF61DtFXtujUpeILuZauBh3
U2iKbuLeHrfbDKAR0Dqpl5r6dmFYR8m6MMaj7lEQRY0VKXJI+IKJWtCWP6Nw22Nz
gUgrJYHfeRMndPGKMsDHSp7+Y6VdTzcyhsUAD2McTbAX/FL5FxE2Tpzxd8EV2RoU
tzW4LsIcUznZ7K5u14WQL1xJIeMkX1T970Pw48vtG1qh6124Tk/z0wrCmWTJkoe2
Fl7WsmWJoL1nXbF0bHMioBFNYvkJ2tGkeie+19NAAUB9MpT+ur7vwwS93M+SbpRR
VL40UsrAIonnKJO9WShK51M3JeXnTopnQY8VdyX28C/Po4QhuiHS
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:56 2024 by rpki-client on console-fra.rpki-client.org