Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/vrEXYdozOOsYN_FK4oFhB3UjrnQ.roa
File: vrEXYdozOOsYN_FK4oFhB3UjrnQ.roa (raw, json)
Hash identifier: Yt0uqLNxSf+sdG+5EJRJXSRC2rvyMvXXz61BFT0vXlk=
Subject key identifier: BE:B1:17:61:DA:33:38:EB:18:37:F1:4A:E2:81:61:07:75:23:AE:74
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 0189539EF01E0D800B75644251D7135F9F14
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/vrEXYdozOOsYN_FK4oFhB3UjrnQ.roa
Signing time: Fri 14 Jul 2023 08:57:52 +0000
ROA not before: Fri 14 Jul 2023 08:57:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 171.22.146.0/24 maxlen: 24
91.103.120.0/21 maxlen: 24
185.235.71.0/24 maxlen: 24
95.111.128.0/20 maxlen: 20
95.111.144.0/20 maxlen: 20
185.149.12.0/23 maxlen: 24
185.149.13.0/24 maxlen: 24
185.149.14.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:53:9e:f0:1e:0d:80:0b:75:64:42:51:d7:13:5f:9f:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: Jul 14 08:57:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=beb11761da3338eb1837f14ae28161077523ae74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:2f:93:03:7c:59:2e:3e:af:86:39:39:90:63:
9f:27:f4:d5:40:66:e0:7d:b5:d2:3e:45:58:4d:d0:
e5:41:2e:12:20:22:1c:60:cd:e3:55:1c:41:5a:f8:
c9:62:3c:90:05:eb:5b:78:30:15:df:19:95:4c:82:
e6:9c:26:39:92:48:dc:16:f5:62:21:51:15:a0:bf:
d5:86:7a:9a:e8:57:25:5f:2d:62:57:53:89:b5:2a:
43:28:fd:9a:0c:fa:06:ed:92:0f:41:1d:e5:a0:c1:
7a:08:65:25:2e:a5:45:a2:e6:7a:f7:d0:6c:5d:3f:
05:02:6f:e3:d8:39:05:00:b0:e1:49:04:5c:cb:41:
d9:d5:07:1d:01:3c:53:48:95:6a:77:a4:59:09:3c:
12:d0:f4:a5:b2:cc:02:62:12:86:37:38:65:f3:5d:
29:57:63:04:a6:58:33:9a:4a:54:af:7b:d0:8d:08:
b0:ec:03:4a:c9:df:48:85:43:19:35:14:fa:9a:bb:
2d:a1:a1:08:cf:a3:86:41:28:be:df:71:d2:79:69:
53:f5:f4:12:6c:4d:f6:9f:f9:1d:a5:21:f9:a2:d3:
07:22:58:9d:bf:8f:57:8f:f7:49:0f:f7:b4:93:3c:
fe:d3:29:31:a5:da:e8:a8:d4:1f:27:07:ad:80:7e:
1a:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:B1:17:61:DA:33:38:EB:18:37:F1:4A:E2:81:61:07:75:23:AE:74
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/vrEXYdozOOsYN_FK4oFhB3UjrnQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.103.120.0/21
95.111.128.0/19
171.22.146.0/24
185.149.12.0/22
185.235.71.0/24
Signature Algorithm: sha256WithRSAEncryption
75:db:92:41:4e:bb:a2:56:c6:e9:7f:67:50:3a:cc:85:d9:d1:
5c:0f:d5:11:89:2d:8c:98:bc:8a:be:41:20:ff:6d:2e:47:ab:
ce:bd:45:be:20:83:0c:29:bf:2f:8d:85:d4:8d:47:63:a4:3b:
b7:49:e5:17:1c:c6:22:86:c7:82:22:49:f5:3f:55:9b:04:51:
56:8b:93:4d:62:1b:f2:1a:8d:8c:28:7f:c8:cb:b6:d6:53:e8:
c7:8d:1d:30:7e:75:25:1e:1f:dc:da:71:cb:ec:8b:66:5f:a2:
3d:2a:85:f0:3c:73:b3:69:46:a5:08:99:fc:b8:01:f8:42:8e:
82:66:b0:62:41:61:22:66:20:14:45:ba:72:f3:ba:4b:76:0b:
01:1b:c7:b6:d4:58:c2:09:c1:cf:08:93:d5:56:54:35:e4:3a:
cb:6e:06:0b:0a:f3:67:38:23:57:87:83:09:c2:98:42:b2:bf:
42:05:fc:61:fc:86:c7:d6:91:1e:53:64:b3:e0:ff:86:ef:cd:
4f:31:49:35:e8:c2:46:3c:bb:a9:95:9d:69:6c:b6:1c:bc:fc:
4b:a5:7b:0b:74:d4:a4:ae:fe:d3:a7:f5:5d:4f:99:47:91:a5:
9c:02:2f:da:51:f2:3e:7c:1b:ec:1d:4b:56:97:4b:a8:77:22:
2d:da:3c:da
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYlTnvAeDYALdWRCUdcTX58UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MTY2YjcwNDg0M2QzZDk3NTQwOTVjODNhOTFiNDkzODI4
MjAwYTIwHhcNMjMwNzE0MDg1NzUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWIxMTc2MWRhMzMzOGViMTgzN2YxNGFlMjgxNjEwNzc1MjNhZTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAji+TA3xZLj6vhjk5kGOfJ/TVQGbg
fbXSPkVYTdDlQS4SICIcYM3jVRxBWvjJYjyQBetbeDAV3xmVTILmnCY5kkjcFvVi
IVEVoL/Vhnqa6FclXy1iV1OJtSpDKP2aDPoG7ZIPQR3loMF6CGUlLqVFouZ699Bs
XT8FAm/j2DkFALDhSQRcy0HZ1QcdATxTSJVqd6RZCTwS0PSlsswCYhKGNzhl810p
V2MEplgzmkpUr3vQjQiw7ANKyd9IhUMZNRT6mrstoaEIz6OGQSi+33HSeWlT9fQS
bE32n/kdpSH5otMHIlidv49Xj/dJD/e0kzz+0ykxpdroqNQfJwetgH4aBQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFL6xF2HaMzjrGDfxSuKBYQd1I650MB8GA1UdIwQY
MBaAFJQWa3BIQ9PZdUCVyDqRtJOCggCiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYt
NGJlMThlZjEyOGI0LzEvdnJFWFlkb3pPT3NZTl9GSzRvRmhCM1Vqcm5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYtNGJlMThlZjEyOGI0
LzEvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDW2d4AwQF
X2+AAwQAqxaSAwQCuZUMAwQAuetHMA0GCSqGSIb3DQEBCwUAA4IBAQB125JBTrui
Vsbpf2dQOsyF2dFcD9URiS2MmLyKvkEg/20uR6vOvUW+IIMMKb8vjYXUjUdjpDu3
SeUXHMYihseCIkn1P1WbBFFWi5NNYhvyGo2MKH/Iy7bWU+jHjR0wfnUlHh/c2nHL
7ItmX6I9KoXwPHOzaUalCJn8uAH4Qo6CZrBiQWEiZiAURbpy87pLdgsBG8e21FjC
CcHPCJPVVlQ15DrLbgYLCvNnOCNXh4MJwphCsr9CBfxh/IbH1pEeU2Sz4P+G781P
MUk16MJGPLuplZ1pbLYcvPxLpXsLdNSkrv7Tp/VdT5lHkaWcAi/aUfI+fBvsHUtW
l0uodyIt2jza
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:42 2023 by rpki-client on console-ams.rpki-client.org