Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/b929ce-ec17-4d50-a6ae-79d934e4a99a/1/vTR2EJuy_CsSSQI5FTELiDEoVJs.roa
File: vTR2EJuy_CsSSQI5FTELiDEoVJs.roa (raw, json)
Hash identifier: n/3a3yecW+ws9LVolJKQpjReYPlGSXPeL47t5cCnaQE=
Subject key identifier: BD:34:76:10:9B:B2:FC:2B:12:49:02:39:15:31:0B:88:31:28:54:9B
Certificate issuer: /CN=5353a9a85fa11fc4bf156fab4d8d84a08e5d66f9
Certificate serial: 018BD391AAF2E69D7400EEF6D1F03E48BA31
Authority key identifier: 53:53:A9:A8:5F:A1:1F:C4:BF:15:6F:AB:4D:8D:84:A0:8E:5D:66:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U1OpqF-hH8S_FW-rTY2EoI5dZvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/b929ce-ec17-4d50-a6ae-79d934e4a99a/1/vTR2EJuy_CsSSQI5FTELiDEoVJs.roa
Signing time: Wed 15 Nov 2023 15:20:20 +0000
ROA not before: Wed 15 Nov 2023 15:20:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24642
IP address blocks: 185.70.212.0/22 maxlen: 23
81.18.160.0/20 maxlen: 20
2001:1aa8::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d3:91:aa:f2:e6:9d:74:00:ee:f6:d1:f0:3e:48:ba:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5353a9a85fa11fc4bf156fab4d8d84a08e5d66f9
Validity
Not Before: Nov 15 15:20:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bd3476109bb2fc2b1249023915310b883128549b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:1c:4c:e7:98:da:ac:0c:6b:d4:91:60:2b:6f:
74:f5:3c:36:4b:16:fd:f3:5a:26:92:5f:5b:71:da:
34:64:88:b3:a9:0a:c7:e1:7e:54:85:02:f5:a1:ea:
15:fe:6f:dd:e7:cb:b7:99:db:52:80:fe:a0:d1:71:
49:37:35:c9:d3:48:f5:64:f7:c0:d0:3d:b5:ac:32:
47:80:f3:71:6e:b1:f7:3c:d0:c6:51:24:9b:3d:7d:
07:cd:cf:3f:3e:82:7e:67:57:ae:4f:fa:2b:00:bc:
ef:47:e2:9e:fa:e9:2d:5e:8b:a9:8b:a8:23:c1:5a:
e9:b0:42:59:36:79:f3:63:2d:81:13:25:fd:3d:de:
a4:02:e0:f9:ca:23:3b:7a:30:67:ab:ba:3d:eb:08:
7f:46:5f:4b:8f:67:4c:ff:7c:4f:1a:52:68:ee:0d:
20:59:b7:5f:28:24:1d:07:54:42:41:2b:8a:33:ec:
f5:9f:4c:0d:4c:6e:10:3d:f3:87:c0:fb:54:32:1a:
fe:4d:5c:1e:60:4f:40:ff:96:58:48:e1:83:12:ed:
d4:06:ca:ec:80:de:1e:16:f0:7c:21:92:bd:00:98:
19:9f:4c:33:3d:6e:0a:b5:fe:ad:04:2b:9e:b1:66:
ce:b0:13:6b:7e:f7:03:92:2c:18:57:00:6a:42:6f:
d5:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:34:76:10:9B:B2:FC:2B:12:49:02:39:15:31:0B:88:31:28:54:9B
X509v3 Authority Key Identifier:
keyid:53:53:A9:A8:5F:A1:1F:C4:BF:15:6F:AB:4D:8D:84:A0:8E:5D:66:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U1OpqF-hH8S_FW-rTY2EoI5dZvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/b929ce-ec17-4d50-a6ae-79d934e4a99a/1/vTR2EJuy_CsSSQI5FTELiDEoVJs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/b929ce-ec17-4d50-a6ae-79d934e4a99a/1/U1OpqF-hH8S_FW-rTY2EoI5dZvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.18.160.0/20
185.70.212.0/22
IPv6:
2001:1aa8::/32
Signature Algorithm: sha256WithRSAEncryption
17:e7:34:79:7f:9f:ac:83:25:2d:15:d5:73:9e:51:a3:12:07:
d6:79:74:1a:0e:48:df:4d:e8:eb:7d:3e:be:bf:ce:31:e7:d6:
8a:3c:6f:b6:b6:b8:c6:83:f5:f4:c5:62:3d:55:3d:25:0b:5f:
91:39:61:ed:df:3a:6d:53:29:e5:e0:33:e8:9d:37:ee:c3:ca:
b1:8f:8a:cd:7f:cb:96:2c:37:29:28:3d:e8:91:45:43:be:a2:
f9:3d:63:9b:5e:c3:7f:7d:44:af:5e:09:32:e4:c8:80:95:8c:
1c:a1:ee:50:66:b7:2b:9a:d1:8c:3f:df:9f:ce:91:75:01:37:
96:fb:63:6a:f9:fc:78:37:91:11:a6:c8:1f:da:1e:25:12:d1:
bb:e7:7b:29:80:3f:ad:a0:65:57:83:51:61:f4:39:63:31:39:
48:8f:0b:e1:57:33:a5:37:1e:03:f3:af:a5:0d:7c:ce:0d:32:
09:f5:59:55:79:a9:4e:c7:b8:22:dd:71:b8:65:23:4b:38:9a:
b3:f9:ce:d4:bb:2c:b5:66:07:5a:8f:83:b9:63:b5:f4:a3:40:
9d:24:2a:68:5f:d6:22:c9:1a:e5:63:c3:6e:ea:42:dc:47:1f:
b1:ac:b7:65:20:b0:34:5f:1c:8b:60:24:e4:b5:83:c3:b7:86:
79:1c:13:95
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYvTkary5p10AO720fA+SLoxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzNTNhOWE4NWZhMTFmYzRiZjE1NmZhYjRkOGQ4NGEwOGU1
ZDY2ZjkwHhcNMjMxMTE1MTUyMDIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDM0NzYxMDliYjJmYzJiMTI0OTAyMzkxNTMxMGI4ODMxMjg1NDliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8BxM55jarAxr1JFgK2909Tw2Sxb9
81omkl9bcdo0ZIizqQrH4X5UhQL1oeoV/m/d58u3mdtSgP6g0XFJNzXJ00j1ZPfA
0D21rDJHgPNxbrH3PNDGUSSbPX0Hzc8/PoJ+Z1euT/orALzvR+Ke+uktXoupi6gj
wVrpsEJZNnnzYy2BEyX9Pd6kAuD5yiM7ejBnq7o96wh/Rl9Lj2dM/3xPGlJo7g0g
WbdfKCQdB1RCQSuKM+z1n0wNTG4QPfOHwPtUMhr+TVweYE9A/5ZYSOGDEu3UBsrs
gN4eFvB8IZK9AJgZn0wzPW4Ktf6tBCuesWbOsBNrfvcDkiwYVwBqQm/VnwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFL00dhCbsvwrEkkCORUxC4gxKFSbMB8GA1UdIwQY
MBaAFFNTqahfoR/EvxVvq02NhKCOXWb5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTFPcHFGLWhIOFNfRlctclRZMkVvSTVkWnZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9iOTI5Y2UtZWMxNy00ZDUwLWE2YWUt
NzlkOTM0ZTRhOTlhLzEvdlRSMkVKdXlfQ3NTU1FJNUZURUxpREVvVkpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9iOTI5Y2UtZWMxNy00ZDUwLWE2YWUtNzlkOTM0ZTRhOTlh
LzEvVTFPcHFGLWhIOFNfRlctclRZMkVvSTVkWnZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEURKgAwQC
uUbUMA0EAgACMAcDBQAgARqoMA0GCSqGSIb3DQEBCwUAA4IBAQAX5zR5f5+sgyUt
FdVznlGjEgfWeXQaDkjfTejrfT6+v84x59aKPG+2trjGg/X0xWI9VT0lC1+ROWHt
3zptUynl4DPonTfuw8qxj4rNf8uWLDcpKD3okUVDvqL5PWObXsN/fUSvXgky5MiA
lYwcoe5QZrcrmtGMP9+fzpF1ATeW+2Nq+fx4N5ERpsgf2h4lEtG753spgD+toGVX
g1Fh9DljMTlIjwvhVzOlNx4D86+lDXzODTIJ9VlVealOx7gi3XG4ZSNLOJqz+c7U
uyy1Zgdaj4O5Y7X0o0CdJCpoX9YiyRrlY8Nu6kLcRx+xrLdlILA0XxyLYCTktYPD
t4Z5HBOV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:16 2024 by rpki-client on console-fra.rpki-client.org