Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/5cffd2-b568-4d55-a124-21fc9afc8ac1/1/VFTHxChEiYYAKIdVuoDXmmOTx0w.roa
File: VFTHxChEiYYAKIdVuoDXmmOTx0w.roa (raw, json)
Hash identifier: ZQMp2qOeQUZz8GNCkj91fv2ykRzp7aunpvdiumkrSTU=
Subject key identifier: 54:54:C7:C4:28:44:89:86:00:28:87:55:BA:80:D7:9A:63:93:C7:4C
Certificate issuer: /CN=969ceda5bf37901fe9e44f73b5bf82b687b34572
Certificate serial: 018CCA99573F8D1ED81708C90B1C5F03A874
Authority key identifier: 96:9C:ED:A5:BF:37:90:1F:E9:E4:4F:73:B5:BF:82:B6:87:B3:45:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lpztpb83kB_p5E9ztb-CtoezRXI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/5cffd2-b568-4d55-a124-21fc9afc8ac1/1/VFTHxChEiYYAKIdVuoDXmmOTx0w.roa
Signing time: Tue 02 Jan 2024 14:34:56 +0000
ROA not before: Tue 02 Jan 2024 14:34:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39662
IP address blocks: 87.239.120.0/21 maxlen: 24
93.190.96.0/21 maxlen: 24
2a00:13f0::/32 maxlen: 64
Validation: Failed, certificate revoked on Tue 16 Jan 2024 12:14:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:57:3f:8d:1e:d8:17:08:c9:0b:1c:5f:03:a8:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=969ceda5bf37901fe9e44f73b5bf82b687b34572
Validity
Not Before: Jan 2 14:34:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5454c7c42844898600288755ba80d79a6393c74c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:94:92:f3:34:ab:ee:b2:ce:74:df:05:24:cb:
53:97:4d:35:b4:dc:01:12:27:fd:4c:8d:f0:55:8f:
7a:b9:3f:4a:03:4b:80:b8:c8:a7:66:49:06:47:bb:
d4:a8:0d:3c:11:86:61:4e:db:21:b0:74:b7:d7:39:
39:42:a7:ec:fc:33:78:4c:16:54:22:03:f6:a6:8e:
a0:c8:42:0f:7c:21:a1:f7:28:95:d3:e5:69:b4:29:
da:af:55:29:15:b7:3b:c8:7d:17:7f:2c:ef:08:07:
cf:c1:ff:15:39:ba:89:3e:70:41:ad:b2:9a:e4:78:
e7:0f:77:43:76:eb:fc:70:e6:7e:04:88:f4:e2:96:
aa:82:f2:85:bd:94:e5:87:f5:37:02:3e:83:a9:9d:
10:9a:39:ee:b3:0a:6b:28:a8:68:3b:e9:2a:bc:f5:
5f:c1:d8:cb:0f:a4:37:00:20:f0:1e:6c:7a:de:ab:
eb:ad:09:22:2f:32:e2:93:a9:82:4b:7b:51:00:a5:
ba:4e:f1:e5:7c:25:04:93:c3:22:2b:09:1d:59:b2:
ea:be:22:91:84:b6:26:7f:7c:bb:d7:3c:2d:b3:ee:
e5:84:ea:ec:8d:d8:2d:cb:a9:a4:40:8d:bb:8a:75:
3a:dc:89:ea:8f:3f:24:19:37:8b:05:d3:13:a2:00:
f3:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:54:C7:C4:28:44:89:86:00:28:87:55:BA:80:D7:9A:63:93:C7:4C
X509v3 Authority Key Identifier:
keyid:96:9C:ED:A5:BF:37:90:1F:E9:E4:4F:73:B5:BF:82:B6:87:B3:45:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lpztpb83kB_p5E9ztb-CtoezRXI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/5cffd2-b568-4d55-a124-21fc9afc8ac1/1/VFTHxChEiYYAKIdVuoDXmmOTx0w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/5cffd2-b568-4d55-a124-21fc9afc8ac1/1/lpztpb83kB_p5E9ztb-CtoezRXI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.239.120.0/21
93.190.96.0/21
IPv6:
2a00:13f0::/32
Signature Algorithm: sha256WithRSAEncryption
75:b9:07:12:18:c6:39:99:2f:04:16:4e:4b:17:46:a7:5c:31:
0a:a3:82:92:b7:d8:39:b6:9e:2b:da:94:1f:45:e3:db:e0:b8:
08:9c:f0:fe:17:11:2d:61:a3:0d:6b:7c:2c:fc:cc:19:01:50:
c5:75:cd:da:51:9b:cf:71:b2:c9:92:0a:6a:b3:6c:56:d7:90:
f7:56:5f:40:02:04:ee:c5:f5:3c:d2:ac:14:5a:06:8c:83:96:
22:22:ff:c9:4b:aa:b8:da:9e:e3:f7:88:45:ca:a7:26:98:cd:
96:40:dc:26:7d:ce:99:16:18:6c:61:64:c0:30:53:de:7c:49:
38:dc:0b:47:7a:c0:9b:68:64:a2:80:6b:e0:29:c9:52:91:41:
6a:5a:df:32:07:d0:1b:cf:6f:97:38:0c:29:97:b2:1c:ac:96:
95:24:95:49:fb:e2:36:6a:34:54:00:6f:80:fb:97:fc:1c:66:
88:95:3c:a5:07:5c:be:45:8a:41:0d:b4:21:41:37:9a:f7:89:
78:ed:5d:ca:00:3c:cd:93:a5:93:07:6c:00:56:8a:45:67:f0:
4a:ab:a1:ad:3f:91:aa:a8:c5:4f:25:0a:04:ce:dc:03:fa:56:
29:3c:2d:71:d4:7e:68:78:66:b8:92:e5:65:b0:03:57:0d:a7:
59:3d:4c:30
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzKmVc/jR7YFwjJCxxfA6h0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2OWNlZGE1YmYzNzkwMWZlOWU0NGY3M2I1YmY4MmI2ODdi
MzQ1NzIwHhcNMjQwMTAyMTQzNDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDU0YzdjNDI4NDQ4OTg2MDAyODg3NTViYTgwZDc5YTYzOTNjNzRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnZSS8zSr7rLOdN8FJMtTl001tNwB
Eif9TI3wVY96uT9KA0uAuMinZkkGR7vUqA08EYZhTtshsHS31zk5Qqfs/DN4TBZU
IgP2po6gyEIPfCGh9yiV0+VptCnar1UpFbc7yH0XfyzvCAfPwf8VObqJPnBBrbKa
5HjnD3dDduv8cOZ+BIj04paqgvKFvZTlh/U3Aj6DqZ0QmjnuswprKKhoO+kqvPVf
wdjLD6Q3ACDwHmx63qvrrQkiLzLik6mCS3tRAKW6TvHlfCUEk8MiKwkdWbLqviKR
hLYmf3y71zwts+7lhOrsjdgty6mkQI27inU63Inqjz8kGTeLBdMTogDzpQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFRUx8QoRImGACiHVbqA15pjk8dMMB8GA1UdIwQY
MBaAFJac7aW/N5Af6eRPc7W/graHs0VyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHB6dHBiODNrQl9wNUU5enRiLUN0b2V6UlhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS81Y2ZmZDItYjU2OC00ZDU1LWExMjQt
MjFmYzlhZmM4YWMxLzEvVkZUSHhDaEVpWVlBS0lkVnVvRFhtbU9UeDB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS81Y2ZmZDItYjU2OC00ZDU1LWExMjQtMjFmYzlhZmM4YWMx
LzEvbHB6dHBiODNrQl9wNUU5enRiLUN0b2V6UlhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDV+94AwQD
Xb5gMA0EAgACMAcDBQAqABPwMA0GCSqGSIb3DQEBCwUAA4IBAQB1uQcSGMY5mS8E
Fk5LF0anXDEKo4KSt9g5tp4r2pQfRePb4LgInPD+FxEtYaMNa3ws/MwZAVDFdc3a
UZvPcbLJkgpqs2xW15D3Vl9AAgTuxfU80qwUWgaMg5YiIv/JS6q42p7j94hFyqcm
mM2WQNwmfc6ZFhhsYWTAMFPefEk43AtHesCbaGSigGvgKclSkUFqWt8yB9Abz2+X
OAwpl7IcrJaVJJVJ++I2ajRUAG+A+5f8HGaIlTylB1y+RYpBDbQhQTea94l47V3K
ADzNk6WTB2wAVopFZ/BKq6GtP5GqqMVPJQoEztwD+lYpPC1x1H5oeGa4kuVlsANX
DadZPUww
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:38 2024 by rpki-client on console-ams.rpki-client.org