Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/cvlFf3eb0pYk73CwvZyRC-ic7d0.roa
File: cvlFf3eb0pYk73CwvZyRC-ic7d0.roa (raw, json)
Hash identifier: ddUNvtIuJ6Cptv4wUGp5twYVOHjrfRTP1IDm3uMgoNE=
Subject key identifier: 72:F9:45:7F:77:9B:D2:96:24:EF:70:B0:BD:9C:91:0B:E8:9C:ED:DD
Certificate issuer: /CN=aee08d9336f2e6cd165eb730297fe6d20c83c39a
Certificate serial: 01856D53D209CFB3735A64607D731A2E6DA3
Authority key identifier: AE:E0:8D:93:36:F2:E6:CD:16:5E:B7:30:29:7F:E6:D2:0C:83:C3:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ruCNkzby5s0WXrcwKX_m0gyDw5o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/cvlFf3eb0pYk73CwvZyRC-ic7d0.roa
Signing time: Sun 01 Jan 2023 12:34:47 +0000
ROA not before: Sun 01 Jan 2023 12:34:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48980
IP address blocks: 5.149.108.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:53:d2:09:cf:b3:73:5a:64:60:7d:73:1a:2e:6d:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aee08d9336f2e6cd165eb730297fe6d20c83c39a
Validity
Not Before: Jan 1 12:34:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=72f9457f779bd29624ef70b0bd9c910be89ceddd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:82:65:bd:69:87:ba:85:73:3e:90:c6:27:c3:
6a:89:07:4a:94:ab:fb:1c:74:d9:f9:29:bf:d2:5e:
8f:a2:4a:72:ae:36:2d:0c:e9:88:32:66:d8:5e:90:
f9:d6:89:02:87:0b:ae:22:b7:7b:5c:e5:a1:f3:d1:
2c:e9:25:23:d1:55:d8:87:5c:52:a6:08:41:2c:a8:
a0:63:d6:2b:63:af:2c:32:0a:ef:25:ee:f7:64:43:
29:b9:5e:78:3e:9a:4a:78:f7:fa:f6:b6:6a:9f:35:
b3:a4:d1:82:17:44:9a:b2:ba:65:b7:fa:06:6e:fd:
e5:55:0b:00:c7:6a:d2:0c:bb:c0:ac:51:25:00:37:
97:65:25:ac:c6:b9:e0:0f:22:e8:ee:53:0f:d4:4f:
1f:e7:4b:1e:a3:ee:71:26:3d:f1:50:c4:87:81:c4:
fc:b7:8b:15:cf:d0:18:50:30:5a:da:da:a1:a4:59:
05:bd:29:44:30:0d:52:24:a4:bd:a0:67:6f:91:ad:
75:cd:66:74:c1:2e:84:ed:93:2a:bf:25:e9:73:fb:
f3:98:10:4b:99:a7:b8:35:2b:b3:f6:67:30:28:86:
a1:9c:99:94:74:86:9c:d9:35:95:e1:1b:df:aa:fb:
0a:48:93:6d:e4:f1:48:89:1c:e5:95:10:9b:f2:6a:
85:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:F9:45:7F:77:9B:D2:96:24:EF:70:B0:BD:9C:91:0B:E8:9C:ED:DD
X509v3 Authority Key Identifier:
keyid:AE:E0:8D:93:36:F2:E6:CD:16:5E:B7:30:29:7F:E6:D2:0C:83:C3:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ruCNkzby5s0WXrcwKX_m0gyDw5o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/cvlFf3eb0pYk73CwvZyRC-ic7d0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/ruCNkzby5s0WXrcwKX_m0gyDw5o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.108.0/24
Signature Algorithm: sha256WithRSAEncryption
74:cb:34:44:d7:93:44:7d:1a:b6:47:b6:9d:9d:8b:09:87:6e:
0c:01:cd:65:92:dc:95:54:8d:81:9a:f7:c4:c7:cb:86:61:18:
57:cb:be:5a:7a:e3:7a:3c:ad:5e:f1:2d:dd:1d:24:39:39:d8:
6b:da:e1:70:b0:cc:30:6c:7d:f7:a9:63:5a:dd:a1:e0:74:2b:
34:94:8c:42:ba:06:9e:64:fd:c9:87:ed:1b:20:87:83:a0:a7:
49:30:c2:8e:ec:e6:60:37:0e:97:03:3f:92:c3:6f:6c:81:4c:
7c:cb:4d:0f:a7:48:68:c6:b1:83:aa:7c:65:09:30:e0:8b:a0:
06:cd:a9:76:5a:63:0b:91:22:bf:1b:cd:1d:3f:15:cb:cd:ba:
79:0a:b6:2d:3f:31:50:7e:9a:6c:c9:f4:fd:4e:1b:1d:fc:77:
53:29:92:06:67:32:dc:6b:2d:1d:b1:0e:10:bf:8f:42:e7:f1:
78:4a:19:12:1b:f7:12:c6:22:fa:14:e2:e0:17:e7:2f:dc:44:
47:93:81:17:6f:ce:82:a0:b3:c2:31:23:aa:be:2f:64:d2:52:
ee:04:ad:5d:2c:35:08:9f:35:a0:7e:43:e2:9d:36:6b:f5:f9:
e3:61:d0:3a:89:f6:38:5a:6d:09:ee:32:54:9b:10:6c:b4:b8:
91:85:7a:36
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtU9IJz7NzWmRgfXMaLm2jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZTA4ZDkzMzZmMmU2Y2QxNjVlYjczMDI5N2ZlNmQyMGM4
M2MzOWEwHhcNMjMwMTAxMTIzNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmY5NDU3Zjc3OWJkMjk2MjRlZjcwYjBiZDljOTEwYmU4OWNlZGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0IJlvWmHuoVzPpDGJ8NqiQdKlKv7
HHTZ+Sm/0l6PokpyrjYtDOmIMmbYXpD51okChwuuIrd7XOWh89Es6SUj0VXYh1xS
pghBLKigY9YrY68sMgrvJe73ZEMpuV54PppKePf69rZqnzWzpNGCF0Sasrplt/oG
bv3lVQsAx2rSDLvArFElADeXZSWsxrngDyLo7lMP1E8f50seo+5xJj3xUMSHgcT8
t4sVz9AYUDBa2tqhpFkFvSlEMA1SJKS9oGdvka11zWZ0wS6E7ZMqvyXpc/vzmBBL
mae4NSuz9mcwKIahnJmUdIac2TWV4RvfqvsKSJNt5PFIiRzllRCb8mqF8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHL5RX93m9KWJO9wsL2ckQvonO3dMB8GA1UdIwQY
MBaAFK7gjZM28ubNFl63MCl/5tIMg8OaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnVDTmt6Ynk1czBXWHJjd0tYX20wZ3lEdzVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9mODUzZjgtMjA3MS00OWRlLWI2YTAt
NDk3YmVkZDcxZWI5LzEvY3ZsRmYzZWIwcFlrNzNDd3ZaeVJDLWljN2QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9mODUzZjgtMjA3MS00OWRlLWI2YTAtNDk3YmVkZDcxZWI5
LzEvcnVDTmt6Ynk1czBXWHJjd0tYX20wZ3lEdzVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABZVsMA0G
CSqGSIb3DQEBCwUAA4IBAQB0yzRE15NEfRq2R7adnYsJh24MAc1lktyVVI2BmvfE
x8uGYRhXy75aeuN6PK1e8S3dHSQ5Odhr2uFwsMwwbH33qWNa3aHgdCs0lIxCugae
ZP3Jh+0bIIeDoKdJMMKO7OZgNw6XAz+Sw29sgUx8y00Pp0hoxrGDqnxlCTDgi6AG
zal2WmMLkSK/G80dPxXLzbp5CrYtPzFQfppsyfT9Thsd/HdTKZIGZzLcay0dsQ4Q
v49C5/F4ShkSG/cSxiL6FOLgF+cv3ERHk4EXb86CoLPCMSOqvi9k0lLuBK1dLDUI
nzWgfkPinTZr9fnjYdA6ifY4Wm0J7jJUmxBstLiRhXo2
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:20 2024 by rpki-client on console-fra.rpki-client.org