Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/2eed71-4665-4948-a3c5-b2a713d2eab2/1/VttsoYZ-d_JfLvSA7RFiSBTll7A.roa
File: VttsoYZ-d_JfLvSA7RFiSBTll7A.roa (raw, json)
Hash identifier: 1TePwKFWu78/AFmnW6MAo+eznloJYk7zsoTb1yPCisc=
Subject key identifier: 56:DB:6C:A1:86:7E:77:F2:5F:2E:F4:80:ED:11:62:48:14:E5:97:B0
Certificate issuer: /CN=c1098a1905bbd3381533828f6b7fd227170431ef
Certificate serial: 01934A176F66D11A9E9022F8310BCC458098
Authority key identifier: C1:09:8A:19:05:BB:D3:38:15:33:82:8F:6B:7F:D2:27:17:04:31:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wQmKGQW70zgVM4KPa3_SJxcEMe8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/2eed71-4665-4948-a3c5-b2a713d2eab2/1/VttsoYZ-d_JfLvSA7RFiSBTll7A.roa
Signing time: Wed 20 Nov 2024 15:01:09 +0000
ROA not before: Wed 20 Nov 2024 15:01:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 79.132.196.0/24 maxlen: 24
109.230.112.0/24 maxlen: 24
109.230.113.0/24 maxlen: 24
202.164.192.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:4a:17:6f:66:d1:1a:9e:90:22:f8:31:0b:cc:45:80:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1098a1905bbd3381533828f6b7fd227170431ef
Validity
Not Before: Nov 20 15:01:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=56db6ca1867e77f25f2ef480ed11624814e597b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:98:95:f3:f2:de:01:d8:57:38:b4:f7:e9:70:
d9:55:34:b1:f2:11:5e:32:26:94:66:94:78:79:19:
77:cd:8a:3d:73:f6:33:5e:91:9a:a6:6f:c5:1c:6b:
a4:c0:cd:1b:45:ba:ab:38:d9:45:7d:95:4e:11:a9:
10:58:c3:a6:f2:6f:23:d3:dc:4b:25:7d:0e:46:24:
bb:c4:1b:ef:ca:94:a0:00:49:a1:c4:f7:40:6a:74:
34:9d:fe:4a:8d:38:78:a8:71:31:9d:fa:54:e7:e2:
fa:7e:ff:ea:49:e0:89:6a:d3:5f:e9:3d:01:b6:e8:
5b:f8:32:37:fe:84:c4:df:43:cb:9f:3d:d5:e6:ea:
09:6e:12:af:b9:50:e6:ed:dc:9d:83:fd:40:6f:b4:
cc:36:3f:7a:e7:84:48:df:da:61:cf:75:8a:89:5a:
c6:cc:62:fa:8f:66:fd:d7:5d:f7:1b:ee:d8:75:e1:
05:02:ef:b1:59:51:9d:ff:f5:e3:f5:38:30:40:a2:
a8:95:0c:f7:56:3b:74:de:48:d4:14:3d:60:bd:43:
b4:a1:fe:e3:8b:ef:d3:6c:f6:d6:07:f4:78:64:31:
05:65:61:89:c1:45:14:9f:62:f9:81:26:f3:f3:9e:
d2:42:ae:3b:c2:76:e9:f6:ea:27:9d:cb:50:36:fe:
92:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:DB:6C:A1:86:7E:77:F2:5F:2E:F4:80:ED:11:62:48:14:E5:97:B0
X509v3 Authority Key Identifier:
keyid:C1:09:8A:19:05:BB:D3:38:15:33:82:8F:6B:7F:D2:27:17:04:31:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wQmKGQW70zgVM4KPa3_SJxcEMe8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/2eed71-4665-4948-a3c5-b2a713d2eab2/1/VttsoYZ-d_JfLvSA7RFiSBTll7A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/2eed71-4665-4948-a3c5-b2a713d2eab2/1/wQmKGQW70zgVM4KPa3_SJxcEMe8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.132.196.0/24
109.230.112.0/23
202.164.192.0/24
Signature Algorithm: sha256WithRSAEncryption
27:02:c3:e0:10:06:1e:7d:e4:9f:1f:f8:8d:31:0a:71:bb:38:
ee:ec:f3:2a:b3:e3:56:96:1f:07:17:37:f9:a6:ca:8f:89:5b:
28:8c:8f:85:65:3f:a7:79:03:19:e1:22:06:94:3e:b8:e4:ee:
a2:11:23:30:7e:7f:3d:e5:76:c6:ed:c0:fd:ab:03:d9:69:cc:
0f:48:64:c9:6f:d0:0a:88:db:b1:fb:0b:89:07:3d:00:55:53:
37:b2:1e:63:f6:2b:1e:bf:39:12:84:3a:ba:88:cb:8b:69:09:
22:f0:10:0e:82:9e:b8:6c:3a:81:4d:34:ed:df:93:4b:df:e4:
2e:a7:ed:cb:d4:07:3f:26:40:d5:1a:74:7e:df:9c:29:eb:e3:
22:ad:7b:2a:f4:4a:eb:a9:7b:ed:cb:f4:57:5a:de:58:10:8f:
1c:eb:bb:b7:78:09:98:17:7b:44:8d:21:22:43:ac:dc:ca:bf:
0f:11:0a:79:3b:a4:14:83:ac:6b:90:72:1e:2b:ba:ff:5e:17:
ac:9b:44:27:9e:72:fc:c0:37:ff:88:4c:a9:22:d6:37:8b:2f:
51:b3:b1:1c:4b:ed:08:7e:19:08:cd:66:87:59:8b:49:99:ca:
83:fe:9e:f6:c3:4e:01:b0:97:6d:c1:a9:f1:dd:7f:79:54:ee:
f1:43:00:c4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZNKF29m0RqekCL4MQvMRYCYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxMDk4YTE5MDViYmQzMzgxNTMzODI4ZjZiN2ZkMjI3MTcw
NDMxZWYwHhcNMjQxMTIwMTUwMTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmRiNmNhMTg2N2U3N2YyNWYyZWY0ODBlZDExNjI0ODE0ZTU5N2IwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzZiV8/LeAdhXOLT36XDZVTSx8hFe
MiaUZpR4eRl3zYo9c/YzXpGapm/FHGukwM0bRbqrONlFfZVOEakQWMOm8m8j09xL
JX0ORiS7xBvvypSgAEmhxPdAanQ0nf5KjTh4qHExnfpU5+L6fv/qSeCJatNf6T0B
tuhb+DI3/oTE30PLnz3V5uoJbhKvuVDm7dydg/1Ab7TMNj9654RI39phz3WKiVrG
zGL6j2b91133G+7YdeEFAu+xWVGd//Xj9TgwQKKolQz3Vjt03kjUFD1gvUO0of7j
i+/TbPbWB/R4ZDEFZWGJwUUUn2L5gSbz857SQq47wnbp9uonnctQNv6SwwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFbbbKGGfnfyXy70gO0RYkgU5ZewMB8GA1UdIwQY
MBaAFMEJihkFu9M4FTOCj2t/0icXBDHvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1FtS0dRVzcwemdWTTRLUGEzX1NKeGNFTWU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8yZWVkNzEtNDY2NS00OTQ4LWEzYzUt
YjJhNzEzZDJlYWIyLzEvVnR0c29ZWi1kX0pmTHZTQTdSRmlTQlRsbDdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8yZWVkNzEtNDY2NS00OTQ4LWEzYzUtYjJhNzEzZDJlYWIy
LzEvd1FtS0dRVzcwemdWTTRLUGEzX1NKeGNFTWU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAT4TEAwQB
beZwAwQAyqTAMA0GCSqGSIb3DQEBCwUAA4IBAQAnAsPgEAYefeSfH/iNMQpxuzju
7PMqs+NWlh8HFzf5psqPiVsojI+FZT+neQMZ4SIGlD645O6iESMwfn895XbG7cD9
qwPZacwPSGTJb9AKiNux+wuJBz0AVVM3sh5j9isevzkShDq6iMuLaQki8BAOgp64
bDqBTTTt35NL3+Qup+3L1Ac/JkDVGnR+35wp6+MirXsq9ErrqXvty/RXWt5YEI8c
67u3eAmYF3tEjSEiQ6zcyr8PEQp5O6QUg6xrkHIeK7r/Xhesm0QnnnL8wDf/iEyp
ItY3iy9Rs7EcS+0IfhkIzWaHWYtJmcqD/p72w04BsJdtwanx3X95VO7xQwDE
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:36:48 2025 by rpki-client