Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/32e925-6fe6-4b26-a498-75304f9f5c24/1/vjLWqB_m7Ceyia9cITc3CadvFsw.roa
File: vjLWqB_m7Ceyia9cITc3CadvFsw.roa (raw, json)
Hash identifier: dFtL90zP5oz4us/hg3IkIuoiK6zdz30gtJLI5rvyO9k=
Subject key identifier: BE:32:D6:A8:1F:E6:EC:27:B2:89:AF:5C:21:37:37:09:A7:6F:16:CC
Certificate issuer: /CN=19f5e04b6555f1e2c92d7a41ac106a75dea928a2
Certificate serial: 018C2B77826909A32E3AA4B62CE785255907
Authority key identifier: 19:F5:E0:4B:65:55:F1:E2:C9:2D:7A:41:AC:10:6A:75:DE:A9:28:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GfXgS2VV8eLJLXpBrBBqdd6pKKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/32e925-6fe6-4b26-a498-75304f9f5c24/1/vjLWqB_m7Ceyia9cITc3CadvFsw.roa
Signing time: Sat 02 Dec 2023 16:58:21 +0000
ROA not before: Sat 02 Dec 2023 16:58:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204453
IP address blocks: 193.104.170.0/24 maxlen: 24
91.199.54.0/24 maxlen: 24
194.145.202.0/24 maxlen: 24
194.242.59.0/24 maxlen: 24
91.214.126.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:2b:77:82:69:09:a3:2e:3a:a4:b6:2c:e7:85:25:59:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19f5e04b6555f1e2c92d7a41ac106a75dea928a2
Validity
Not Before: Dec 2 16:58:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=be32d6a81fe6ec27b289af5c21373709a76f16cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:d6:dc:d7:14:28:f0:ef:32:dd:00:ff:b5:b1:
ea:95:29:14:24:f0:a3:c7:2b:0d:a9:7c:c6:59:2f:
e6:72:ff:1e:56:ca:d0:29:1b:16:e0:06:59:24:c6:
7a:0e:c5:05:7f:7d:a5:42:7a:b6:c2:6d:1a:eb:14:
36:3e:7a:89:97:11:a7:09:16:80:5d:d3:03:f3:2c:
33:1e:e9:a6:1d:36:9c:ef:ab:ee:af:38:30:19:66:
f6:d8:2e:e4:e8:e2:ba:af:9f:6b:5a:3c:69:d3:d0:
0e:ea:5d:95:9d:32:6f:a9:a2:59:4c:17:40:42:3c:
d6:2c:05:b8:22:92:51:15:18:6e:3f:77:a2:a8:a5:
10:6f:94:19:76:77:d4:11:d7:31:4a:21:d1:c9:09:
cf:3e:ee:65:57:73:57:6f:06:9e:5c:b5:7f:09:02:
3c:53:a4:aa:d3:13:63:ad:89:ce:0b:68:7b:5f:1b:
b6:d4:23:b3:b2:31:3e:51:1f:dc:12:45:7c:c9:b7:
02:06:b0:1e:20:a7:e4:10:49:27:96:3e:7d:f3:56:
be:1d:f7:b2:57:a9:ca:5f:44:b1:38:2b:8b:28:d2:
46:50:c2:65:6a:2c:1d:b3:21:3f:9a:a3:a1:e4:7c:
d8:13:67:f4:35:0f:d3:76:5d:52:a9:c5:54:0a:1d:
de:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:32:D6:A8:1F:E6:EC:27:B2:89:AF:5C:21:37:37:09:A7:6F:16:CC
X509v3 Authority Key Identifier:
keyid:19:F5:E0:4B:65:55:F1:E2:C9:2D:7A:41:AC:10:6A:75:DE:A9:28:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GfXgS2VV8eLJLXpBrBBqdd6pKKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/32e925-6fe6-4b26-a498-75304f9f5c24/1/vjLWqB_m7Ceyia9cITc3CadvFsw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/32e925-6fe6-4b26-a498-75304f9f5c24/1/GfXgS2VV8eLJLXpBrBBqdd6pKKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.54.0/24
91.214.126.0/24
193.104.170.0/24
194.145.202.0/24
194.242.59.0/24
Signature Algorithm: sha256WithRSAEncryption
92:c3:67:bd:09:bc:4d:c5:cc:bd:38:ea:19:b1:3a:dd:b5:bf:
08:cf:94:55:eb:03:3b:9c:db:92:95:ac:b3:3b:e3:df:d4:3e:
c7:c8:27:d5:35:9e:08:bd:76:9d:29:34:46:6a:38:60:e6:1d:
37:d9:67:27:fb:e4:86:7e:5d:be:76:6b:7d:78:c9:b3:9c:c0:
81:d1:46:63:1e:44:fc:1c:37:9f:9d:d5:3d:f3:1a:82:61:42:
67:cf:ee:63:77:26:87:61:f4:26:ac:44:53:fb:b5:32:8d:34:
03:70:5e:ac:54:7f:71:1c:d2:62:cc:13:84:89:3d:b7:1c:3a:
ac:40:b8:07:f3:92:00:e8:b3:dd:ce:22:f2:e6:96:6c:49:58:
03:55:27:3b:72:16:44:1f:b7:67:bd:24:10:5d:e7:19:34:49:
86:7d:f2:85:a8:e9:86:20:98:89:67:ff:9f:fe:15:67:79:0f:
f7:aa:3a:97:0b:d1:03:76:39:83:15:e4:6c:3d:9a:5a:3e:d0:
04:f0:58:eb:a2:19:7d:df:59:05:6d:e8:9d:0d:26:ae:27:60:
81:38:d0:8d:2e:22:ae:f1:60:5b:0e:58:c2:a3:74:b5:f4:3c:
02:ab:4a:e0:e1:68:f8:95:de:1f:63:46:ff:29:55:69:bb:8c:
fa:73:23:8f
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYwrd4JpCaMuOqS2LOeFJVkHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5ZjVlMDRiNjU1NWYxZTJjOTJkN2E0MWFjMTA2YTc1ZGVh
OTI4YTIwHhcNMjMxMjAyMTY1ODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTMyZDZhODFmZTZlYzI3YjI4OWFmNWMyMTM3MzcwOWE3NmYxNmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAodbc1xQo8O8y3QD/tbHqlSkUJPCj
xysNqXzGWS/mcv8eVsrQKRsW4AZZJMZ6DsUFf32lQnq2wm0a6xQ2PnqJlxGnCRaA
XdMD8ywzHummHTac76vurzgwGWb22C7k6OK6r59rWjxp09AO6l2VnTJvqaJZTBdA
QjzWLAW4IpJRFRhuP3eiqKUQb5QZdnfUEdcxSiHRyQnPPu5lV3NXbwaeXLV/CQI8
U6Sq0xNjrYnOC2h7Xxu21COzsjE+UR/cEkV8ybcCBrAeIKfkEEknlj5981a+Hfey
V6nKX0SxOCuLKNJGUMJlaiwdsyE/mqOh5HzYE2f0NQ/Tdl1SqcVUCh3eZQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFL4y1qgf5uwnsomvXCE3NwmnbxbMMB8GA1UdIwQY
MBaAFBn14EtlVfHiyS16QawQanXeqSiiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2ZYZ1MyVlY4ZUxKTFhwQnJCQnFkZDZwS0tJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi8zMmU5MjUtNmZlNi00YjI2LWE0OTgt
NzUzMDRmOWY1YzI0LzEvdmpMV3FCX203Q2V5aWE5Y0lUYzNDYWR2RnN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi8zMmU5MjUtNmZlNi00YjI2LWE0OTgtNzUzMDRmOWY1YzI0
LzEvR2ZYZ1MyVlY4ZUxKTFhwQnJCQnFkZDZwS0tJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAW8c2AwQA
W9Z+AwQAwWiqAwQAwpHKAwQAwvI7MA0GCSqGSIb3DQEBCwUAA4IBAQCSw2e9CbxN
xcy9OOoZsTrdtb8Iz5RV6wM7nNuSlayzO+Pf1D7HyCfVNZ4IvXadKTRGajhg5h03
2Wcn++SGfl2+dmt9eMmznMCB0UZjHkT8HDefndU98xqCYUJnz+5jdyaHYfQmrERT
+7UyjTQDcF6sVH9xHNJizBOEiT23HDqsQLgH85IA6LPdziLy5pZsSVgDVSc7chZE
H7dnvSQQXecZNEmGffKFqOmGIJiJZ/+f/hVneQ/3qjqXC9EDdjmDFeRsPZpaPtAE
8Fjrohl931kFbeidDSauJ2CBONCNLiKu8WBbDljCo3S19DwCq0rg4Wj4ld4fY0b/
KVVpu4z6cyOP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:00 2024 by rpki-client on console-fra.rpki-client.org