Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/fbc141-99fc-4f83-b585-0fe6f55db3f6/1/VnodOkIk70hHMtNf4FYlKgGaSoQ.roa
File: VnodOkIk70hHMtNf4FYlKgGaSoQ.roa (raw, json)
Hash identifier: tJvIoDau/i+7fZ837/n7+xHX5V0gfjLwPBNxZKUgCyQ=
Subject key identifier: 56:7A:1D:3A:42:24:EF:48:47:32:D3:5F:E0:56:25:2A:01:9A:4A:84
Certificate issuer: /CN=029e98336f6a6cc9dbcf1ecb4895580f094e3e2b
Certificate serial: 0188FF6657AA13572EEB69BF335C8208AD1C
Authority key identifier: 02:9E:98:33:6F:6A:6C:C9:DB:CF:1E:CB:48:95:58:0F:09:4E:3E:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ap6YM29qbMnbzx7LSJVYDwlOPis.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/fbc141-99fc-4f83-b585-0fe6f55db3f6/1/VnodOkIk70hHMtNf4FYlKgGaSoQ.roa
Signing time: Wed 28 Jun 2023 00:27:57 +0000
ROA not before: Wed 28 Jun 2023 00:27:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8697
IP address blocks: 212.34.0.0/19 maxlen: 24
185.98.224.0/22 maxlen: 24
213.139.32.0/19 maxlen: 24
2a00:18d8:2::/48 maxlen: 48
2a00:18d8::/32 maxlen: 64
Validation: Failed, certificate revoked on Tue 12 Sep 2023 05:25:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:ff:66:57:aa:13:57:2e:eb:69:bf:33:5c:82:08:ad:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=029e98336f6a6cc9dbcf1ecb4895580f094e3e2b
Validity
Not Before: Jun 28 00:27:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=567a1d3a4224ef484732d35fe056252a019a4a84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:64:8e:15:72:95:79:10:e2:82:08:aa:2d:ca:
25:fd:89:6e:44:cb:93:02:8e:40:1b:79:ae:33:64:
1e:aa:cf:c4:24:cc:bd:0d:42:e0:c5:6f:da:c4:4a:
67:ea:3d:41:8b:30:64:dc:0d:79:8a:04:a5:30:2f:
e1:9f:01:f3:d5:e7:cd:7c:0c:3b:bf:e4:83:65:79:
6c:3a:4d:d4:c7:b7:52:74:22:76:d1:7c:e1:80:d5:
78:af:a5:58:11:4b:22:33:d1:18:b7:74:38:00:2a:
b7:2f:11:f9:61:fe:09:ca:0d:a8:ed:18:7d:01:c2:
01:55:20:1b:64:1f:b2:04:d1:74:d2:14:72:5d:f7:
b6:27:02:9e:c8:5c:93:e4:73:4a:22:a6:a2:0d:b6:
74:8e:be:b0:bd:c0:ba:76:7c:d9:5a:fb:91:67:9e:
e4:fb:33:b3:5d:3f:c4:59:c5:e5:e4:72:44:22:cf:
40:a2:eb:21:f3:53:2b:60:7c:5f:11:a9:10:a0:43:
d3:48:0a:62:ce:c1:67:b5:c0:8c:7a:52:61:2e:29:
46:7f:a7:b0:d6:92:7d:31:c2:cb:c8:b6:97:b5:16:
bf:30:47:cf:3b:83:ab:5b:9f:92:fb:f1:73:0e:8b:
cf:b6:c4:b6:f9:11:a9:d2:b1:f1:e7:2e:a3:d6:c3:
f0:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:7A:1D:3A:42:24:EF:48:47:32:D3:5F:E0:56:25:2A:01:9A:4A:84
X509v3 Authority Key Identifier:
keyid:02:9E:98:33:6F:6A:6C:C9:DB:CF:1E:CB:48:95:58:0F:09:4E:3E:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ap6YM29qbMnbzx7LSJVYDwlOPis.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/fbc141-99fc-4f83-b585-0fe6f55db3f6/1/VnodOkIk70hHMtNf4FYlKgGaSoQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/fbc141-99fc-4f83-b585-0fe6f55db3f6/1/Ap6YM29qbMnbzx7LSJVYDwlOPis.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.98.224.0/22
212.34.0.0/19
213.139.32.0/19
IPv6:
2a00:18d8::/32
Signature Algorithm: sha256WithRSAEncryption
4c:fe:de:7a:2a:57:a4:d2:fb:99:d8:9e:1d:01:d0:f4:f7:46:
ef:87:3f:ce:cf:00:a8:4d:ff:74:1a:57:60:5d:6d:5f:37:00:
1d:a5:8d:88:00:13:64:8a:f7:03:4b:25:db:47:03:e5:69:df:
8a:d5:54:0e:67:70:a3:91:94:6c:6c:99:f0:93:4a:5b:48:d7:
0b:c4:77:61:b8:86:03:e1:3d:0a:0c:98:3e:c9:50:16:cd:52:
0d:0c:b3:eb:28:74:73:17:25:70:a7:9e:67:67:72:1e:48:84:
be:c9:b4:5b:2a:42:cd:34:e3:e3:72:92:f3:4a:b2:ed:d3:20:
ac:34:99:ad:9f:db:a7:1e:7d:e0:ed:d9:eb:e9:a0:32:a4:3e:
ed:5f:e3:0e:0c:1e:be:f0:88:56:07:f5:16:f9:4d:14:65:86:
a8:dc:aa:64:b7:1d:fa:6d:2e:a5:86:21:ed:d8:31:11:24:c4:
d2:49:fa:6a:a6:11:15:f5:0e:11:dd:5a:11:d3:7d:d2:d7:61:
c0:69:e5:f2:9e:cc:f7:d4:e3:84:ac:d7:86:ab:b4:eb:7f:a8:
ff:f7:4a:09:3c:eb:3c:56:f0:22:78:92:29:f8:bb:48:ae:71:
c1:f5:21:11:1a:be:a0:8b:e2:74:a1:79:68:d6:2c:f9:d5:0a:
56:fd:ff:16
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYj/ZleqE1cu62m/M1yCCK0cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyOWU5ODMzNmY2YTZjYzlkYmNmMWVjYjQ4OTU1ODBmMDk0
ZTNlMmIwHhcNMjMwNjI4MDAyNzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjdhMWQzYTQyMjRlZjQ4NDczMmQzNWZlMDU2MjUyYTAxOWE0YTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2SOFXKVeRDiggiqLcol/YluRMuT
Ao5AG3muM2Qeqs/EJMy9DULgxW/axEpn6j1BizBk3A15igSlMC/hnwHz1efNfAw7
v+SDZXlsOk3Ux7dSdCJ20XzhgNV4r6VYEUsiM9EYt3Q4ACq3LxH5Yf4Jyg2o7Rh9
AcIBVSAbZB+yBNF00hRyXfe2JwKeyFyT5HNKIqaiDbZ0jr6wvcC6dnzZWvuRZ57k
+zOzXT/EWcXl5HJEIs9Aoush81MrYHxfEakQoEPTSApizsFntcCMelJhLilGf6ew
1pJ9McLLyLaXtRa/MEfPO4OrW5+S+/FzDovPtsS2+RGp0rHx5y6j1sPwOwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFFZ6HTpCJO9IRzLTX+BWJSoBmkqEMB8GA1UdIwQY
MBaAFAKemDNvamzJ288ey0iVWA8JTj4rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXA2WU0yOXFiTW5ieng3TFNKVllEd2xPUGlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9mYmMxNDEtOTlmYy00ZjgzLWI1ODUt
MGZlNmY1NWRiM2Y2LzEvVm5vZE9rSWs3MGhITXROZjRGWWxLZ0dhU29RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9mYmMxNDEtOTlmYy00ZjgzLWI1ODUtMGZlNmY1NWRiM2Y2
LzEvQXA2WU0yOXFiTW5ieng3TFNKVllEd2xPUGlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuWLgAwQF
1CIAAwQF1YsgMA0EAgACMAcDBQAqABjYMA0GCSqGSIb3DQEBCwUAA4IBAQBM/t56
Klek0vuZ2J4dAdD090bvhz/OzwCoTf90GldgXW1fNwAdpY2IABNkivcDSyXbRwPl
ad+K1VQOZ3CjkZRsbJnwk0pbSNcLxHdhuIYD4T0KDJg+yVAWzVINDLPrKHRzFyVw
p55nZ3IeSIS+ybRbKkLNNOPjcpLzSrLt0yCsNJmtn9unHn3g7dnr6aAypD7tX+MO
DB6+8IhWB/UW+U0UZYao3Kpktx36bS6lhiHt2DERJMTSSfpqphEV9Q4R3VoR033S
12HAaeXynsz31OOErNeGq7Trf6j/90oJPOs8VvAieJIp+LtIrnHB9SERGr6gi+J0
oXlo1iz51QpW/f8W
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:49 2024 by rpki-client on console-fra.rpki-client.org