Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/VFR6IyOqw6f_2FZPZA8h3CgGVck.roa
File: VFR6IyOqw6f_2FZPZA8h3CgGVck.roa (raw, json)
Hash identifier: CDDu0hseQVo6Ntjt+6/SftIzNs6eNwxQnFhV/lAyTUM=
Subject key identifier: 54:54:7A:23:23:AA:C3:A7:FF:D8:56:4F:64:0F:21:DC:28:06:55:C9
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 0191487CBD10C522E71E8566AE9260DFB154
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/VFR6IyOqw6f_2FZPZA8h3CgGVck.roa
Signing time: Mon 12 Aug 2024 21:27:00 +0000
ROA not before: Mon 12 Aug 2024 21:27:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43201
IP address blocks: 37.72.131.0/24 maxlen: 24
46.175.132.0/24 maxlen: 24
193.8.74.0/24 maxlen: 24
194.104.139.0/24 maxlen: 24
194.104.140.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 14 Aug 2024 19:45:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:48:7c:bd:10:c5:22:e7:1e:85:66:ae:92:60:df:b1:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Aug 12 21:27:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=54547a2323aac3a7ffd8564f640f21dc280655c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:81:4a:c6:dc:fc:c2:38:e2:ff:54:f0:9d:29:
92:60:fb:29:ae:b0:24:68:29:1c:94:09:88:b1:63:
7c:14:f4:e0:40:3c:14:0d:4e:fa:0b:f6:08:46:8e:
63:25:b6:d8:9e:ff:64:ea:88:8e:ac:5b:c3:1d:68:
bd:e3:fd:a5:5c:d6:b5:60:9a:03:f0:6c:80:e0:45:
24:c4:4e:1f:96:04:57:75:d1:0a:bf:9d:b6:ca:68:
89:b1:a4:bd:fd:59:4d:03:10:94:06:8b:68:15:a9:
ba:d8:6a:fe:74:bc:32:ab:ff:b8:8f:d7:5d:e9:95:
2e:14:3f:a2:c9:b0:b0:c6:fe:53:4c:ae:45:8c:ea:
42:ed:0c:0d:d5:e5:97:6e:d4:88:8b:17:06:36:dd:
bd:e7:f4:0b:5f:52:0f:32:98:ea:9c:19:3f:34:27:
36:63:97:48:6c:fd:c7:21:69:06:b2:8e:65:a2:59:
d9:8c:e3:11:2d:ab:6f:e0:37:42:9d:9a:62:ef:3d:
27:02:2e:0d:47:a5:6d:e8:b9:75:74:51:00:44:36:
da:85:51:7c:db:9d:4f:6e:ca:c7:6a:c3:12:f1:54:
fb:b5:27:7d:26:a1:a1:a7:e6:71:ce:91:e8:96:ab:
c2:41:30:03:d8:4f:3d:74:58:04:4a:20:d7:76:a1:
bf:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:54:7A:23:23:AA:C3:A7:FF:D8:56:4F:64:0F:21:DC:28:06:55:C9
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/VFR6IyOqw6f_2FZPZA8h3CgGVck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.72.131.0/24
46.175.132.0/24
193.8.74.0/24
194.104.139.0-194.104.140.255
Signature Algorithm: sha256WithRSAEncryption
11:c8:c3:be:e4:dc:7f:ed:3f:a4:b6:a6:35:6d:6a:2c:4b:e3:
86:b3:f6:26:e2:16:7b:b1:88:c7:37:df:76:5f:ec:aa:ce:6b:
f7:3e:a3:0f:89:c4:a4:43:5b:01:84:c7:58:61:e8:94:5e:07:
4d:e4:de:b7:4c:0c:46:5e:3d:ad:8b:f8:d0:79:56:be:71:e7:
2b:c9:1b:5b:d8:10:03:9a:48:05:63:90:25:70:7c:83:4d:4d:
83:6f:a7:e8:42:c2:5e:a4:16:fb:1f:7a:dd:77:2b:15:92:80:
b4:b1:e4:a3:88:21:b7:b9:df:c5:01:1d:6e:3a:e1:53:45:93:
a6:8b:c0:b5:fb:ac:1c:62:6e:41:89:3d:2e:15:ea:d3:8b:39:
08:0f:a3:46:1c:be:b2:e1:bd:4f:de:cc:31:58:64:c8:9a:c3:
cc:b6:b9:d0:fa:d1:9b:30:62:bd:c3:8c:b0:dd:21:05:d7:38:
dc:bb:47:1d:31:62:f0:1d:c1:5f:ea:71:be:72:a1:51:3d:09:
dc:de:77:6c:94:96:70:45:34:72:94:e0:44:30:1e:ad:1a:26:
6f:bf:21:e7:51:90:78:c3:29:c0:e2:fe:c2:8c:42:85:94:4b:
39:bf:6b:ae:19:8d:6e:96:b2:6e:7b:3e:e4:2a:d3:83:1a:03:
98:be:9b:77
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZFIfL0QxSLnHoVmrpJg37FUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQwODEyMjEyNzAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDU0N2EyMzIzYWFjM2E3ZmZkODU2NGY2NDBmMjFkYzI4MDY1NWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2oFKxtz8wjji/1TwnSmSYPsprrAk
aCkclAmIsWN8FPTgQDwUDU76C/YIRo5jJbbYnv9k6oiOrFvDHWi94/2lXNa1YJoD
8GyA4EUkxE4flgRXddEKv522ymiJsaS9/VlNAxCUBotoFam62Gr+dLwyq/+4j9dd
6ZUuFD+iybCwxv5TTK5FjOpC7QwN1eWXbtSIixcGNt295/QLX1IPMpjqnBk/NCc2
Y5dIbP3HIWkGso5lolnZjOMRLatv4DdCnZpi7z0nAi4NR6Vt6Ll1dFEARDbahVF8
251PbsrHasMS8VT7tSd9JqGhp+ZxzpHolqvCQTAD2E89dFgESiDXdqG/ZQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFFRUeiMjqsOn/9hWT2QPIdwoBlXJMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvVkZSNkl5T3F3NmZfMkZaUFpBOGgzQ2dHVmNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAJUiDAwQA
Lq+EAwQAwQhKMAwDBADCaIsDBADCaIwwDQYJKoZIhvcNAQELBQADggEBABHIw77k
3H/tP6S2pjVtaixL44az9ibiFnuxiMc333Zf7KrOa/c+ow+JxKRDWwGEx1hh6JRe
B03k3rdMDEZePa2L+NB5Vr5x5yvJG1vYEAOaSAVjkCVwfINNTYNvp+hCwl6kFvsf
et13KxWSgLSx5KOIIbe538UBHW464VNFk6aLwLX7rBxibkGJPS4V6tOLOQgPo0Yc
vrLhvU/ezDFYZMiaw8y2udD60ZswYr3DjLDdIQXXONy7Rx0xYvAdwV/qcb5yoVE9
Cdzed2yUlnBFNHKU4EQwHq0aJm+/IedRkHjDKcDi/sKMQoWUSzm/a64ZjW6Wsm57
PuQq04MaA5i+m3c=
-----END CERTIFICATE-----
Generated at Wed Aug 14 22:47:11 2024 by rpki-client on console-ams.rpki-client.org