Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/VHmPhKFgW4DuGgQJXfidMbpVDLQ.roa
File: VHmPhKFgW4DuGgQJXfidMbpVDLQ.roa (raw, json)
Hash identifier: G5b/W8legMY0cirwvcUsYP0Y0Knur+m6qRnUA3Q1Ebw=
Subject key identifier: 54:79:8F:84:A1:60:5B:80:EE:1A:04:09:5D:F8:9D:31:BA:55:0C:B4
Certificate issuer: /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Certificate serial: 019275CCD9E9125018D84A98D80069714C6B
Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/VHmPhKFgW4DuGgQJXfidMbpVDLQ.roa
Signing time: Thu 10 Oct 2024 09:40:12 +0000
ROA not before: Thu 10 Oct 2024 09:40:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 26008
IP address blocks: 81.200.66.0/24 maxlen: 24
81.200.67.0/24 maxlen: 24
81.200.69.0/24 maxlen: 24
81.200.76.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 11 Oct 2024 08:53:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:75:cc:d9:e9:12:50:18:d8:4a:98:d8:00:69:71:4c:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Validity
Not Before: Oct 10 09:40:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=54798f84a1605b80ee1a04095df89d31ba550cb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:4c:ed:cf:32:1f:97:75:3b:ed:64:cc:2a:df:
14:37:1a:6d:20:4f:d3:42:95:66:fd:20:a5:33:e0:
30:42:82:de:11:fe:7a:eb:86:3a:95:45:4a:3f:fc:
08:6e:2b:75:4a:4a:8c:4b:28:3c:44:b4:53:df:0a:
fc:57:3e:b7:9f:12:3c:91:17:5b:4e:8a:64:89:5b:
c9:d7:4e:78:ce:64:39:ea:f7:24:f1:4c:c7:89:58:
1f:b5:7c:59:df:75:67:a8:11:0f:1c:a9:13:38:7c:
a9:63:ab:77:88:5f:5c:d9:e1:44:3a:30:4a:96:b6:
f2:ec:1e:9b:55:2b:06:5e:d7:97:14:a7:63:80:6b:
ea:9d:1f:46:a3:8c:99:32:85:b0:f7:65:e7:89:53:
f4:94:cf:37:62:e6:d3:6a:3e:ff:b2:80:38:a6:b1:
4d:d2:d3:2f:f7:89:2e:ed:58:10:2b:ea:dc:c2:7e:
3c:8f:d8:d3:9d:d0:bc:5c:09:0e:20:7f:42:41:58:
39:3d:86:02:6f:14:6c:9b:2c:25:92:5c:7c:fc:d6:
cb:1d:94:13:de:8d:f2:5b:03:49:19:b1:c3:93:8d:
77:6d:c4:f9:47:52:c3:b7:ee:88:33:91:cc:4b:a0:
12:62:d7:4a:ff:4d:29:17:4c:1b:e5:ee:c3:ba:08:
59:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:79:8F:84:A1:60:5B:80:EE:1A:04:09:5D:F8:9D:31:BA:55:0C:B4
X509v3 Authority Key Identifier:
keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/VHmPhKFgW4DuGgQJXfidMbpVDLQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.200.66.0/23
81.200.69.0/24
81.200.76.0/24
Signature Algorithm: sha256WithRSAEncryption
68:6b:fd:f2:85:36:b9:5f:d2:fc:0c:24:4a:4c:4f:0d:02:48:
60:40:e9:b3:27:c4:5d:da:97:01:83:84:c1:05:b6:c9:03:53:
54:db:8f:e4:0a:83:ba:bc:f3:d3:d4:32:8a:f4:f8:25:c3:f4:
89:31:ce:bf:cc:8a:2b:bd:b8:e4:c5:3c:74:55:05:db:78:d5:
40:10:45:b5:10:d6:22:b2:2c:b1:a9:aa:8d:9b:55:1c:67:75:
20:98:ea:78:e5:cd:a1:d2:9f:2a:3e:a2:c4:bc:96:aa:fc:b9:
85:56:53:54:1f:7e:52:54:58:d8:b4:3e:ee:7a:f3:0e:6d:67:
3b:75:0d:41:bf:d6:fa:49:08:c4:ac:b1:cc:1e:b6:15:f9:2d:
d3:fa:08:00:ce:e7:82:b9:e0:2f:df:e1:be:58:e6:3e:70:bd:
b3:f9:4f:bf:ba:80:56:37:8e:e1:15:cb:0c:5f:17:b8:1d:45:
53:1a:58:77:87:51:8c:61:7a:65:5f:37:90:52:79:60:6b:ac:
d3:a8:d2:be:66:f7:f1:23:39:a0:1a:42:66:5f:87:78:e9:54:
24:d2:4e:20:a1:ba:d1:6e:83:36:21:8f:57:59:89:15:74:79:
ae:c5:f8:ac:14:50:08:0f:8a:ca:93:a7:64:f5:af:34:d8:96:
dc:58:81:d2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZJ1zNnpElAY2EqY2ABpcUxrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5
YmQ2YWEwHhcNMjQxMDEwMDk0MDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDc5OGY4NGExNjA1YjgwZWUxYTA0MDk1ZGY4OWQzMWJhNTUwY2I0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx0ztzzIfl3U77WTMKt8UNxptIE/T
QpVm/SClM+AwQoLeEf5664Y6lUVKP/wIbit1SkqMSyg8RLRT3wr8Vz63nxI8kRdb
TopkiVvJ1054zmQ56vck8UzHiVgftXxZ33VnqBEPHKkTOHypY6t3iF9c2eFEOjBK
lrby7B6bVSsGXteXFKdjgGvqnR9Go4yZMoWw92XniVP0lM83YubTaj7/soA4prFN
0tMv94ku7VgQK+rcwn48j9jTndC8XAkOIH9CQVg5PYYCbxRsmywlklx8/NbLHZQT
3o3yWwNJGbHDk413bcT5R1LDt+6IM5HMS6ASYtdK/00pF0wb5e7DughZPwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFR5j4ShYFuA7hoECV34nTG6VQy0MB8GA1UdIwQY
MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt
ODhkMWNhYzllNGYxLzEvVkhtUGhLRmdXNER1R2dRSlhmaWRNYnBWRExRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx
LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBUchCAwQA
UchFAwQAUchMMA0GCSqGSIb3DQEBCwUAA4IBAQBoa/3yhTa5X9L8DCRKTE8NAkhg
QOmzJ8Rd2pcBg4TBBbbJA1NU24/kCoO6vPPT1DKK9Pglw/SJMc6/zIorvbjkxTx0
VQXbeNVAEEW1ENYisiyxqaqNm1UcZ3UgmOp45c2h0p8qPqLEvJaq/LmFVlNUH35S
VFjYtD7uevMObWc7dQ1Bv9b6SQjErLHMHrYV+S3T+ggAzueCueAv3+G+WOY+cL2z
+U+/uoBWN47hFcsMXxe4HUVTGlh3h1GMYXplXzeQUnlga6zTqNK+ZvfxIzmgGkJm
X4d46VQk0k4gobrRboM2IY9XWYkVdHmuxfisFFAID4rKk6dk9a802JbcWIHS
-----END CERTIFICATE-----
Generated at Fri Oct 11 13:27:56 2024 by rpki-client on console-ams.rpki-client.org