Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/Vbyj0qUl2sYyZtoARZ2rMM0qTUY.roa
File: Vbyj0qUl2sYyZtoARZ2rMM0qTUY.roa (raw, json)
Hash identifier: wGKu7r+bLqwk0VLeKBYz5BJYEq/AGYC4M9rNpaEeyiY=
Subject key identifier: 55:BC:A3:D2:A5:25:DA:C6:32:66:DA:00:45:9D:AB:30:CD:2A:4D:46
Certificate issuer: /CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Certificate serial: 01878630DBC466A19DDFBCFC229D5247FF22
Authority key identifier: 8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/Vbyj0qUl2sYyZtoARZ2rMM0qTUY.roa
Signing time: Sat 15 Apr 2023 18:32:41 +0000
ROA not before: Sat 15 Apr 2023 18:32:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 188.191.96.0/24 maxlen: 24
188.191.104.0/24 maxlen: 24
188.191.108.0/24 maxlen: 24
91.225.225.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 20 Apr 2023 10:13:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:86:30:db:c4:66:a1:9d:df:bc:fc:22:9d:52:47:ff:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Validity
Not Before: Apr 15 18:32:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=55bca3d2a525dac63266da00459dab30cd2a4d46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:f6:ce:f4:7a:e0:d3:4b:a7:9b:e1:89:ba:9f:
a6:c8:fc:8a:36:83:67:f4:58:ad:b4:a3:96:24:c2:
dc:21:5b:4c:3b:26:2b:0d:6f:7d:58:59:d8:e6:6d:
ce:20:f1:0a:35:5f:84:38:75:99:ad:d9:41:4c:28:
7c:ef:dd:21:2e:e9:df:70:5e:8d:89:f3:f8:9b:a7:
d8:81:8e:c2:54:35:e1:8f:01:7c:4a:4b:e6:44:d2:
b9:8f:ad:90:bc:e3:da:26:f4:65:d9:04:8d:9b:24:
95:c7:28:21:5a:84:da:c0:ef:9b:cd:93:6b:2b:90:
8e:14:7f:6f:48:af:f3:b3:d4:5d:44:a3:ab:71:97:
66:8c:1b:92:56:61:4f:fb:c3:20:1f:ff:6a:2e:41:
d0:4e:e2:e4:63:5a:87:13:22:bb:13:34:3a:93:63:
ef:9f:77:7e:44:12:b0:23:7b:23:65:3f:6c:6a:2c:
92:2e:70:07:36:d2:a2:5c:1c:9c:8a:6f:ba:0e:f6:
b9:8a:e8:5a:cb:76:4b:14:fe:49:9d:f3:88:0d:01:
77:f2:12:0d:b1:84:12:f5:4d:ce:9b:5e:81:db:30:
c4:e8:28:58:b5:e1:10:c9:36:06:56:46:45:09:b5:
dc:5c:3f:62:70:2d:e8:6d:e3:40:23:af:dc:d5:88:
d8:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:BC:A3:D2:A5:25:DA:C6:32:66:DA:00:45:9D:AB:30:CD:2A:4D:46
X509v3 Authority Key Identifier:
keyid:8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/Vbyj0qUl2sYyZtoARZ2rMM0qTUY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.225.225.0/24
188.191.96.0/24
188.191.104.0/24
188.191.108.0/24
Signature Algorithm: sha256WithRSAEncryption
39:db:de:88:5b:a2:a2:94:1d:ee:a2:e2:b6:58:d4:87:a1:10:
2f:4b:ad:e4:c8:0e:41:2e:6e:a3:a4:93:e1:bf:81:75:04:e1:
4b:f6:80:a1:f9:b3:96:0c:c9:a1:21:82:24:05:5e:37:a6:3c:
8c:70:c0:33:1b:38:53:91:a0:55:40:04:fd:99:76:74:b3:f9:
03:b4:95:35:09:65:1c:6f:ad:14:4e:ba:4b:60:a9:4b:2c:51:
60:2f:ee:ea:9e:0e:f4:39:c6:83:99:7e:b2:c8:a9:8c:64:1f:
c0:78:19:67:f3:04:14:20:c4:36:87:53:c2:67:b7:4a:b8:b3:
e9:ac:4f:cc:ca:51:b2:8f:86:03:36:d1:7c:c9:b3:a5:23:07:
3b:cd:48:82:56:78:ab:dd:41:ee:06:0a:b7:09:44:20:9e:7f:
21:c2:3f:43:06:b3:7c:4a:23:ff:3e:25:22:00:06:16:e3:27:
b3:57:01:99:f1:ec:fa:e6:7a:f1:76:0a:d5:3c:9f:de:13:76:
2a:1f:28:ce:9c:a5:7d:2b:af:c9:3d:e2:2e:59:2e:6e:3e:8b:
ab:4c:e6:fe:f4:3d:95:4d:3b:1d:36:69:b3:e6:2f:69:f2:1f:
d0:d7:ed:45:da:72:54:d9:cf:c6:f6:10:68:fe:63:78:65:59:
f3:4f:0b:30
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYeGMNvEZqGd37z8Ip1SR/8iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWFjODNlZTNhM2Y5NjhkNjZhZDJmZGY0NjE2ZTdiYjFl
NGQxZDcwHhcNMjMwNDE1MTgzMjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWJjYTNkMmE1MjVkYWM2MzI2NmRhMDA0NTlkYWIzMGNkMmE0ZDQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmPbO9Hrg00unm+GJup+myPyKNoNn
9FittKOWJMLcIVtMOyYrDW99WFnY5m3OIPEKNV+EOHWZrdlBTCh8790hLunfcF6N
ifP4m6fYgY7CVDXhjwF8SkvmRNK5j62QvOPaJvRl2QSNmySVxyghWoTawO+bzZNr
K5COFH9vSK/zs9RdRKOrcZdmjBuSVmFP+8MgH/9qLkHQTuLkY1qHEyK7EzQ6k2Pv
n3d+RBKwI3sjZT9saiySLnAHNtKiXBycim+6Dva5iuhay3ZLFP5JnfOIDQF38hIN
sYQS9U3Om16B2zDE6ChYteEQyTYGVkZFCbXcXD9icC3obeNAI6/c1YjYtQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFW8o9KlJdrGMmbaAEWdqzDNKk1GMB8GA1UdIwQY
MBaAFI0ayD7jo/lo1mrS/fRhbnux5NHXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWIt
ZGRmNTY3ZWRlZDAzLzEvVmJ5ajBxVWwyc1l5WnRvQVJaMnJNTTBxVFVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWItZGRmNTY3ZWRlZDAz
LzEvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW+HhAwQA
vL9gAwQAvL9oAwQAvL9sMA0GCSqGSIb3DQEBCwUAA4IBAQA5296IW6KilB3uouK2
WNSHoRAvS63kyA5BLm6jpJPhv4F1BOFL9oCh+bOWDMmhIYIkBV43pjyMcMAzGzhT
kaBVQAT9mXZ0s/kDtJU1CWUcb60UTrpLYKlLLFFgL+7qng70OcaDmX6yyKmMZB/A
eBln8wQUIMQ2h1PCZ7dKuLPprE/MylGyj4YDNtF8ybOlIwc7zUiCVnir3UHuBgq3
CUQgnn8hwj9DBrN8SiP/PiUiAAYW4yezVwGZ8ez65nrxdgrVPJ/eE3YqHyjOnKV9
K6/JPeIuWS5uPourTOb+9D2VTTsdNmmz5i9p8h/Q1+1F2nJU2c/G9hBo/mN4ZVnz
Twsw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:06 2024 by rpki-client on console-fra.rpki-client.org