Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/vhrNo7bDb9SJm_tu466mnh7QHYQ.roa
File: vhrNo7bDb9SJm_tu466mnh7QHYQ.roa (raw, json)
Hash identifier: 5eSEdpkuiKjzt8gWZRZrqGfH4YbspYgBID2IBsLX3+M=
Subject key identifier: BE:1A:CD:A3:B6:C3:6F:D4:89:9B:FB:6E:E3:AE:A6:9E:1E:D0:1D:84
Certificate issuer: /CN=26a5aa918cbfeb3e12997f33890feb258907b343
Certificate serial: 018A0096EA6201D2CE6CC1BD2D1D45B80858
Authority key identifier: 26:A5:AA:91:8C:BF:EB:3E:12:99:7F:33:89:0F:EB:25:89:07:B3:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/vhrNo7bDb9SJm_tu466mnh7QHYQ.roa
Signing time: Wed 16 Aug 2023 23:03:24 +0000
ROA not before: Wed 16 Aug 2023 23:03:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43758
IP address blocks: 91.225.28.0/22 maxlen: 24
91.198.146.0/24 maxlen: 24
91.213.206.0/24 maxlen: 24
91.224.38.0/23 maxlen: 24
185.180.208.0/22 maxlen: 24
2001:67c:2e0::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:00:96:ea:62:01:d2:ce:6c:c1:bd:2d:1d:45:b8:08:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=26a5aa918cbfeb3e12997f33890feb258907b343
Validity
Not Before: Aug 16 23:03:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=be1acda3b6c36fd4899bfb6ee3aea69e1ed01d84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:57:cb:4d:5f:e5:c7:62:aa:ca:50:df:2d:55:
8f:9b:59:f8:47:98:68:7c:4b:ca:54:7a:48:39:18:
7d:f1:4a:12:ba:bc:71:78:22:ba:1a:dd:14:7f:8b:
be:11:50:fb:76:46:fd:fd:00:25:33:91:6b:ea:17:
d3:7b:f4:8d:fa:79:70:e3:d4:cf:6a:73:dd:59:09:
d8:ae:2e:40:7e:26:bc:7d:95:83:d8:20:30:11:57:
2b:ab:b6:7d:d6:d2:93:bd:28:1a:a6:fe:81:64:d9:
be:c2:b8:9b:ec:b5:69:c4:27:f2:35:49:ae:4f:89:
f5:6f:e9:02:42:35:18:07:34:dd:06:76:ba:03:df:
f7:35:b9:3c:19:95:21:c9:70:f5:2e:07:6f:c6:0f:
48:30:30:26:37:36:a7:7c:32:ab:ce:c5:13:d8:1d:
7a:4d:cd:16:2f:82:44:9c:9f:92:32:13:87:19:d9:
5f:7a:44:7b:47:69:7a:08:eb:42:d6:4e:66:37:74:
a7:0b:a5:4e:e8:60:66:cc:1e:a0:b7:da:66:72:42:
33:e8:cf:b8:e6:53:e2:19:9b:dd:47:0b:75:f3:4b:
f3:5a:16:7c:89:e1:f9:26:c5:84:01:8d:0f:c7:2c:
7c:17:ca:a0:4f:59:36:85:29:17:1c:cd:96:8c:46:
f7:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:1A:CD:A3:B6:C3:6F:D4:89:9B:FB:6E:E3:AE:A6:9E:1E:D0:1D:84
X509v3 Authority Key Identifier:
keyid:26:A5:AA:91:8C:BF:EB:3E:12:99:7F:33:89:0F:EB:25:89:07:B3:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/vhrNo7bDb9SJm_tu466mnh7QHYQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.146.0/24
91.213.206.0/24
91.224.38.0/23
91.225.28.0/22
185.180.208.0/22
IPv6:
2001:67c:2e0::/48
Signature Algorithm: sha256WithRSAEncryption
0b:8b:db:05:22:b2:4b:bd:11:64:6d:ca:fe:bf:4a:b7:4b:cf:
82:7f:21:ca:13:5e:88:76:e8:47:88:81:e6:49:c0:3c:b8:39:
3d:88:65:be:8c:55:40:b3:2a:ce:89:a3:85:70:24:d2:95:6c:
3b:ca:25:0e:8a:14:03:94:1f:77:a1:76:3e:c3:ee:40:ba:9a:
db:8a:e8:0b:8b:e1:e3:65:0e:04:af:2a:93:12:f9:95:d4:74:
1e:5f:d5:2a:a4:da:72:aa:37:94:8e:3e:84:34:de:77:0d:41:
db:a4:a5:b3:5f:97:e8:41:59:5e:b0:cc:09:da:06:c9:41:69:
4e:b4:b0:ed:e5:77:f9:9f:49:59:ae:d1:0d:18:0c:fd:5e:6e:
da:eb:db:74:39:b2:5a:30:5f:c7:b4:88:4a:f6:e0:6b:87:61:
16:7a:b7:42:e1:a6:73:eb:b2:bc:4d:a7:af:ce:bc:98:9c:cc:
33:b0:ab:48:b1:77:49:18:90:5f:c8:f0:a8:65:f6:0a:2f:e0:
85:31:f6:70:ae:f3:35:b5:b6:11:88:12:8a:61:c2:23:ff:21:
e6:f6:f7:47:d9:6b:8c:4f:3b:0d:a2:61:33:41:78:3b:85:15:
22:61:94:d5:5d:b1:35:e6:88:8d:00:40:f7:a2:7f:d5:d6:f7:
4e:65:2f:92
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYoAlupiAdLObMG9LR1FuAhYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2YTVhYTkxOGNiZmViM2UxMjk5N2YzMzg5MGZlYjI1ODkw
N2IzNDMwHhcNMjMwODE2MjMwMzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTFhY2RhM2I2YzM2ZmQ0ODk5YmZiNmVlM2FlYTY5ZTFlZDAxZDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAllfLTV/lx2KqylDfLVWPm1n4R5ho
fEvKVHpIORh98UoSurxxeCK6Gt0Uf4u+EVD7dkb9/QAlM5Fr6hfTe/SN+nlw49TP
anPdWQnYri5Afia8fZWD2CAwEVcrq7Z91tKTvSgapv6BZNm+wrib7LVpxCfyNUmu
T4n1b+kCQjUYBzTdBna6A9/3Nbk8GZUhyXD1Lgdvxg9IMDAmNzanfDKrzsUT2B16
Tc0WL4JEnJ+SMhOHGdlfekR7R2l6COtC1k5mN3SnC6VO6GBmzB6gt9pmckIz6M+4
5lPiGZvdRwt180vzWhZ8ieH5JsWEAY0Pxyx8F8qgT1k2hSkXHM2WjEb3DwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFL4azaO2w2/UiZv7buOupp4e0B2EMB8GA1UdIwQY
MBaAFCalqpGMv+s+Epl/M4kP6yWJB7NDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnFXcWtZeV82ejRTbVg4emlRX3JKWWtIczBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC8xNDMzZWEtMTA4MC00NmU1LWI2MTIt
Mjk3ZTI4MmQ2NmE4LzEvdmhyTm83YkRiOVNKbV90dTQ2Nm1uaDdRSFlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC8xNDMzZWEtMTA4MC00NmU1LWI2MTItMjk3ZTI4MmQ2NmE4
LzEvSnFXcWtZeV82ejRTbVg4emlRX3JKWWtIczBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAkBAIAATAeAwQAW8aSAwQA
W9XOAwQBW+AmAwQCW+EcAwQCubTQMA8EAgACMAkDBwAgAQZ8AuAwDQYJKoZIhvcN
AQELBQADggEBAAuL2wUisku9EWRtyv6/SrdLz4J/IcoTXoh26EeIgeZJwDy4OT2I
Zb6MVUCzKs6Jo4VwJNKVbDvKJQ6KFAOUH3ehdj7D7kC6mtuK6AuL4eNlDgSvKpMS
+ZXUdB5f1Sqk2nKqN5SOPoQ03ncNQdukpbNfl+hBWV6wzAnaBslBaU60sO3ld/mf
SVmu0Q0YDP1ebtrr23Q5slowX8e0iEr24GuHYRZ6t0LhpnPrsrxNp6/OvJiczDOw
q0ixd0kYkF/I8Khl9gov4IUx9nCu8zW1thGIEophwiP/Ieb290fZa4xPOw2iYTNB
eDuFFSJhlNVdsTXmiI0AQPeif9XW905lL5I=
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:14:56 2024 by rpki-client on console-fra.rpki-client.org