Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/vGEbJ0BmDR5BQw-k3XwqqJh7umI.roa
File: vGEbJ0BmDR5BQw-k3XwqqJh7umI.roa (raw, json)
Hash identifier: HuGj/R+6gNz1DIWXB/334tzYW2iGyQlwN0IOKahzudM=
Subject key identifier: BC:61:1B:27:40:66:0D:1E:41:43:0F:A4:DD:7C:2A:A8:98:7B:BA:62
Certificate issuer: /CN=172537601a31697404922d957e74450f5a9cbe73
Certificate serial: 0185703077CB3B2189F2353ED6DB9D412248
Authority key identifier: 17:25:37:60:1A:31:69:74:04:92:2D:95:7E:74:45:0F:5A:9C:BE:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FyU3YBoxaXQEki2VfnRFD1qcvnM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/vGEbJ0BmDR5BQw-k3XwqqJh7umI.roa
Signing time: Mon 02 Jan 2023 01:55:02 +0000
ROA not before: Mon 02 Jan 2023 01:55:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25534
IP address blocks: 81.17.164.0/22 maxlen: 24
81.17.160.0/22 maxlen: 24
185.146.16.0/22 maxlen: 24
81.17.160.0/20 maxlen: 24
81.17.168.0/22 maxlen: 24
81.17.172.0/22 maxlen: 24
217.15.176.0/20 maxlen: 24
217.15.176.0/22 maxlen: 24
217.15.180.0/22 maxlen: 24
217.15.184.0/22 maxlen: 24
217.15.188.0/22 maxlen: 24
2a00:1a08::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:30:77:cb:3b:21:89:f2:35:3e:d6:db:9d:41:22:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=172537601a31697404922d957e74450f5a9cbe73
Validity
Not Before: Jan 2 01:55:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bc611b2740660d1e41430fa4dd7c2aa8987bba62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:c4:c8:11:d7:38:f4:80:0d:5c:c8:a4:d3:de:
88:cd:c2:0c:ee:a6:88:3e:61:f8:12:f0:0f:f2:32:
04:25:52:27:96:b9:01:1e:66:69:2d:cd:f7:52:eb:
91:20:6d:12:f2:1d:f4:af:9e:82:ea:a6:46:de:41:
71:27:ec:60:85:d9:8c:35:a1:8a:57:3f:f9:95:c4:
d1:1e:56:d0:a1:d9:22:c7:73:05:4a:da:2b:aa:1d:
3e:48:a9:d4:4e:e2:f7:70:7b:5b:bb:ea:b4:26:bc:
72:27:8f:98:e1:dc:41:71:09:eb:85:17:0b:a0:53:
c2:2c:40:c0:fb:b4:9e:eb:d5:ec:a1:86:67:b8:10:
69:83:5c:68:93:cc:2b:00:ca:6d:73:bc:e8:79:be:
9d:2d:dc:01:04:22:78:19:94:3e:d2:85:b9:ff:1f:
8e:fb:eb:44:1d:80:c7:c9:9c:cb:5c:76:da:36:78:
81:af:18:ad:63:ee:d0:4d:ed:74:85:fd:33:8a:21:
0d:aa:2f:49:ac:42:54:fd:df:e6:36:89:6c:1b:98:
ff:e0:7c:03:a1:25:59:48:98:59:ed:c2:2d:97:3c:
86:eb:62:67:87:73:0d:24:b9:7b:44:ff:8a:d6:ea:
7e:1b:0b:65:ea:0f:32:64:dd:f6:ff:28:64:8d:4d:
d7:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:61:1B:27:40:66:0D:1E:41:43:0F:A4:DD:7C:2A:A8:98:7B:BA:62
X509v3 Authority Key Identifier:
keyid:17:25:37:60:1A:31:69:74:04:92:2D:95:7E:74:45:0F:5A:9C:BE:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FyU3YBoxaXQEki2VfnRFD1qcvnM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/vGEbJ0BmDR5BQw-k3XwqqJh7umI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/FyU3YBoxaXQEki2VfnRFD1qcvnM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.17.160.0/20
185.146.16.0/22
217.15.176.0/20
IPv6:
2a00:1a08::/32
Signature Algorithm: sha256WithRSAEncryption
61:62:72:40:ec:13:26:ee:7d:27:db:9c:35:13:44:ed:8f:95:
57:08:b5:22:57:69:cd:52:74:d1:87:39:ed:61:23:81:68:e0:
0b:d5:ee:f7:7b:78:d5:9f:69:d6:ca:b3:04:08:75:9d:6a:42:
e0:48:68:f6:ec:f2:93:f8:90:54:7b:a3:d6:48:dc:89:d2:51:
36:bc:b5:e9:70:cf:0c:26:77:10:13:67:16:0a:59:68:1c:89:
c9:5a:47:a6:ef:50:41:eb:f9:dd:02:48:8f:33:25:1c:f3:50:
21:ca:da:8c:26:a2:36:ff:83:e8:63:db:af:1b:d7:21:93:35:
32:8f:18:ed:ed:4b:70:85:57:d1:32:ef:46:99:40:e4:7a:63:
4b:75:f0:22:c5:31:90:bd:d4:22:db:83:64:1c:9b:06:93:08:
fc:52:4c:ce:4c:e1:33:1b:33:f2:31:62:88:f2:59:c5:9d:75:
25:ca:53:65:83:ee:f8:f3:f6:ac:21:48:f2:85:e4:4d:28:7f:
35:83:cc:ef:94:ef:90:bc:a9:74:32:33:a3:87:6a:05:79:d4:
f0:6e:64:0f:bf:cb:f5:68:67:ea:d8:13:1d:cd:ed:84:14:d1:
b3:26:57:2b:99:7d:2b:9b:cb:53:e8:8d:d7:b3:27:cb:92:82:
48:da:fd:55
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVwMHfLOyGJ8jU+1tudQSJIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3MjUzNzYwMWEzMTY5NzQwNDkyMmQ5NTdlNzQ0NTBmNWE5
Y2JlNzMwHhcNMjMwMTAyMDE1NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzYxMWIyNzQwNjYwZDFlNDE0MzBmYTRkZDdjMmFhODk4N2JiYTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz8TIEdc49IANXMik096IzcIM7qaI
PmH4EvAP8jIEJVInlrkBHmZpLc33UuuRIG0S8h30r56C6qZG3kFxJ+xghdmMNaGK
Vz/5lcTRHlbQodkix3MFStorqh0+SKnUTuL3cHtbu+q0JrxyJ4+Y4dxBcQnrhRcL
oFPCLEDA+7Se69XsoYZnuBBpg1xok8wrAMptc7zoeb6dLdwBBCJ4GZQ+0oW5/x+O
++tEHYDHyZzLXHbaNniBrxitY+7QTe10hf0ziiENqi9JrEJU/d/mNolsG5j/4HwD
oSVZSJhZ7cItlzyG62Jnh3MNJLl7RP+K1up+Gwtl6g8yZN32/yhkjU3XCQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFLxhGydAZg0eQUMPpN18KqiYe7piMB8GA1UdIwQY
MBaAFBclN2AaMWl0BJItlX50RQ9anL5zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnlVM1lCb3hhWFFFa2kyVmZuUkZEMXFjdm5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny8yMTljYWUtMjY0ZC00NmE3LTllNjQt
ZTYwNGI2MWJlMGVhLzEvdkdFYkowQm1EUjVCUXctazNYd3FxSmg3dW1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny8yMTljYWUtMjY0ZC00NmE3LTllNjQtZTYwNGI2MWJlMGVh
LzEvRnlVM1lCb3hhWFFFa2kyVmZuUkZEMXFjdm5NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQEURGgAwQC
uZIQAwQE2Q+wMA0EAgACMAcDBQAqABoIMA0GCSqGSIb3DQEBCwUAA4IBAQBhYnJA
7BMm7n0n25w1E0Ttj5VXCLUiV2nNUnTRhzntYSOBaOAL1e73e3jVn2nWyrMECHWd
akLgSGj27PKT+JBUe6PWSNyJ0lE2vLXpcM8MJncQE2cWClloHInJWkem71BB6/nd
AkiPMyUc81AhytqMJqI2/4PoY9uvG9chkzUyjxjt7UtwhVfRMu9GmUDkemNLdfAi
xTGQvdQi24NkHJsGkwj8UkzOTOEzGzPyMWKI8lnFnXUlylNlg+748/asIUjyheRN
KH81g8zvlO+QvKl0MjOjh2oFedTwbmQPv8v1aGfq2BMdze2EFNGzJlcrmX0rm8tT
6I3XsyfLkoJI2v1V
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:39:50 2024 by rpki-client on console-fra.rpki-client.org