Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/vcnDW7YJyCvz6I1ETafEDeyhV7U.roa
File: vcnDW7YJyCvz6I1ETafEDeyhV7U.roa (raw, json)
Hash identifier: 1uM1zBZPv4mR3WKuqgPgmTP0KOGFLkh7S5xY7aq6zTY=
Subject key identifier: BD:C9:C3:5B:B6:09:C8:2B:F3:E8:8D:44:4D:A7:C4:0D:EC:A1:57:B5
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 018ADC3C6432A5FF161328C748264052EA3C
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/vcnDW7YJyCvz6I1ETafEDeyhV7U.roa
Signing time: Thu 28 Sep 2023 14:40:59 +0000
ROA not before: Thu 28 Sep 2023 14:40:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198652
IP address blocks: 2.57.240.0/24 maxlen: 24
2.57.241.0/24 maxlen: 24
89.37.192.0/24 maxlen: 24
89.47.55.0/24 maxlen: 24
62.192.152.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 29 Sep 2023 06:05:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:dc:3c:64:32:a5:ff:16:13:28:c7:48:26:40:52:ea:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Sep 28 14:40:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bdc9c35bb609c82bf3e88d444da7c40deca157b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:71:c2:9e:b3:7e:fb:9a:b2:0e:21:ff:19:92:
c8:43:88:6f:e5:b8:5d:28:63:7b:25:37:ef:65:22:
8c:07:0f:7e:86:38:d0:ca:30:b9:9f:19:b3:52:a4:
34:5c:3c:fe:8d:01:20:21:cc:d7:65:22:d5:6c:c5:
f1:04:6b:b0:5b:25:1b:af:95:14:a7:7f:c8:97:90:
86:45:d5:00:42:47:8c:07:5d:96:02:54:42:77:fa:
00:9d:06:0d:cd:96:f9:ab:79:f9:38:f6:70:d8:33:
31:5f:2f:7f:f1:80:4a:c1:68:da:b3:a3:65:49:37:
cb:cb:c8:f1:da:81:08:81:d4:14:f1:6f:29:88:6d:
13:af:d4:b7:75:3f:3c:07:ad:ae:43:09:3c:bc:1f:
d0:30:1b:c8:05:f5:95:c9:ef:b9:41:af:bd:04:5c:
c4:96:3f:bd:3e:8e:02:57:20:dd:bd:ab:81:be:3c:
96:dd:f3:b2:9e:8c:b0:98:19:a0:82:a3:ce:cf:f0:
9e:74:89:7d:9d:e7:27:cf:6a:1b:6b:42:a9:92:92:
8e:b8:c5:fb:83:10:73:1b:a0:d0:98:d9:e5:87:cc:
28:1e:48:40:ce:e5:f0:35:f3:a9:22:32:97:e3:7a:
b2:ea:9f:33:cd:26:3b:dd:cf:61:fa:98:87:45:b4:
a1:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:C9:C3:5B:B6:09:C8:2B:F3:E8:8D:44:4D:A7:C4:0D:EC:A1:57:B5
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/vcnDW7YJyCvz6I1ETafEDeyhV7U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.240.0/23
62.192.152.0/24
89.37.192.0/24
89.47.55.0/24
Signature Algorithm: sha256WithRSAEncryption
54:74:e9:52:60:e8:6b:b4:00:fb:a0:32:7d:4e:36:e4:2b:8c:
1c:f1:ba:0d:48:8e:76:d7:c3:a5:08:ab:5b:7f:20:c0:2b:06:
d9:b0:e1:57:cf:89:65:08:15:9f:c0:2c:3e:bd:7d:02:6e:19:
89:25:20:be:e2:bf:77:27:0d:9d:10:16:2a:29:7c:73:af:b4:
67:27:d3:37:1e:42:a4:d2:b0:47:34:c1:a7:b0:6b:01:8a:b1:
5d:5d:c7:8a:f8:86:d9:18:ef:13:ab:1b:fb:89:fb:0e:3d:b9:
fa:63:df:98:ab:23:a4:b8:18:d7:11:f5:4d:39:36:37:a4:5b:
d0:ea:8c:70:34:55:22:ed:bb:dc:52:3a:7d:5f:44:c0:55:21:
a8:61:9b:00:75:44:98:25:ee:85:99:f7:a1:4b:69:54:77:8c:
df:56:a8:62:1b:d5:cb:eb:93:39:7f:20:64:6a:3e:2a:01:65:
3c:18:1c:44:a9:73:0c:4d:c7:d9:14:fa:93:27:50:8d:81:14:
42:85:d7:0d:cf:d9:94:b6:4b:a6:3e:4f:d3:4d:7a:28:0f:35:
3b:41:9a:31:2c:02:c8:e6:ec:a0:59:a7:2d:b8:a7:46:13:58:
21:f5:36:31:1d:44:0e:57:6a:e7:18:3b:97:15:c2:b1:5d:08:
a3:26:49:17
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYrcPGQypf8WEyjHSCZAUuo8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjMwOTI4MTQ0MDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGM5YzM1YmI2MDljODJiZjNlODhkNDQ0ZGE3YzQwZGVjYTE1N2I1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAunHCnrN++5qyDiH/GZLIQ4hv5bhd
KGN7JTfvZSKMBw9+hjjQyjC5nxmzUqQ0XDz+jQEgIczXZSLVbMXxBGuwWyUbr5UU
p3/Il5CGRdUAQkeMB12WAlRCd/oAnQYNzZb5q3n5OPZw2DMxXy9/8YBKwWjas6Nl
STfLy8jx2oEIgdQU8W8piG0Tr9S3dT88B62uQwk8vB/QMBvIBfWVye+5Qa+9BFzE
lj+9Po4CVyDdvauBvjyW3fOynoywmBmggqPOz/CedIl9necnz2oba0KpkpKOuMX7
gxBzG6DQmNnlh8woHkhAzuXwNfOpIjKX43qy6p8zzSY73c9h+piHRbShYQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFL3Jw1u2Ccgr8+iNRE2nxA3soVe1MB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvdmNuRFc3WUp5Q3Z6NkkxRVRhZkVEZXloVjdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBAjnwAwQA
PsCYAwQAWSXAAwQAWS83MA0GCSqGSIb3DQEBCwUAA4IBAQBUdOlSYOhrtAD7oDJ9
TjbkK4wc8boNSI5218OlCKtbfyDAKwbZsOFXz4llCBWfwCw+vX0CbhmJJSC+4r93
Jw2dEBYqKXxzr7RnJ9M3HkKk0rBHNMGnsGsBirFdXceK+IbZGO8Tqxv7ifsOPbn6
Y9+YqyOkuBjXEfVNOTY3pFvQ6oxwNFUi7bvcUjp9X0TAVSGoYZsAdUSYJe6Fmfeh
S2lUd4zfVqhiG9XL65M5fyBkaj4qAWU8GBxEqXMMTcfZFPqTJ1CNgRRChdcNz9mU
tkumPk/TTXooDzU7QZoxLALI5uygWactuKdGE1gh9TYxHUQOV2rnGDuXFcKxXQij
JkkX
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:14 2024 by rpki-client on console-ams.rpki-client.org