Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/04ba26-f1b9-4285-b7fa-ee982a512f43/1/VaiL9kvC1tus9fcCspnHriRke1A.roa
File: VaiL9kvC1tus9fcCspnHriRke1A.roa (raw, json)
Hash identifier: wOCSdSSbBx630R4yLsxi4QG7uC4KJnBqjz0wZWeApok=
Subject key identifier: 55:A8:8B:F6:4B:C2:D6:DB:AC:F5:F7:02:B2:99:C7:AE:24:64:7B:50
Certificate issuer: /CN=8959ae3f4177a3cdd9668d0c5b8a89f9186b5bfc
Certificate serial: 0185739F161A77D6CF64AD5F2EBAD1CE8FF1
Authority key identifier: 89:59:AE:3F:41:77:A3:CD:D9:66:8D:0C:5B:8A:89:F9:18:6B:5B:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iVmuP0F3o83ZZo0MW4qJ-RhrW_w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/04ba26-f1b9-4285-b7fa-ee982a512f43/1/VaiL9kvC1tus9fcCspnHriRke1A.roa
Signing time: Mon 02 Jan 2023 17:54:43 +0000
ROA not before: Mon 02 Jan 2023 17:54:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47835
IP address blocks: 91.206.198.0/23 maxlen: 23
91.230.235.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:31:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:9f:16:1a:77:d6:cf:64:ad:5f:2e:ba:d1:ce:8f:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8959ae3f4177a3cdd9668d0c5b8a89f9186b5bfc
Validity
Not Before: Jan 2 17:54:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=55a88bf64bc2d6dbacf5f702b299c7ae24647b50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:d3:46:55:d7:3e:76:b3:b7:69:32:ad:1a:b0:
a3:26:59:26:88:68:28:80:04:31:5a:51:37:30:79:
89:9e:ea:2e:0f:1f:2e:6e:aa:bb:0f:0a:26:07:ba:
32:de:44:56:d2:02:9f:0c:d8:b2:44:30:fa:a6:ee:
a8:80:ab:ca:36:57:3b:c0:82:12:24:89:32:40:d1:
13:05:0e:66:0d:5e:e5:06:21:c5:d9:6c:f0:ce:1f:
4d:b6:e8:06:8b:90:5e:9f:44:5f:94:31:e5:c3:c5:
ef:8b:cf:4c:d7:de:85:03:5d:5e:b6:48:a4:a7:01:
94:94:bb:40:a1:3c:10:0b:47:e4:a3:e2:b7:a8:2c:
8f:d7:1a:4e:79:48:64:b3:51:e1:30:f0:90:bc:6f:
f7:d1:25:a0:6b:42:1f:75:50:76:9a:e9:57:9c:66:
d6:58:98:f7:ff:40:f5:b2:b4:aa:41:6d:cd:22:7b:
5d:30:41:44:1f:b3:67:ad:be:36:18:4b:96:f2:b9:
2d:a5:06:78:c4:a4:f3:ed:d2:ff:97:87:d2:33:7b:
38:67:8f:3a:23:ca:ad:18:c5:82:33:a9:90:7f:eb:
6c:67:fc:94:e0:75:ad:cf:15:cb:76:89:e1:8d:79:
05:90:7a:1e:32:06:a0:ec:a0:73:6d:66:15:5b:a5:
51:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:A8:8B:F6:4B:C2:D6:DB:AC:F5:F7:02:B2:99:C7:AE:24:64:7B:50
X509v3 Authority Key Identifier:
keyid:89:59:AE:3F:41:77:A3:CD:D9:66:8D:0C:5B:8A:89:F9:18:6B:5B:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iVmuP0F3o83ZZo0MW4qJ-RhrW_w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/04ba26-f1b9-4285-b7fa-ee982a512f43/1/VaiL9kvC1tus9fcCspnHriRke1A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/04ba26-f1b9-4285-b7fa-ee982a512f43/1/iVmuP0F3o83ZZo0MW4qJ-RhrW_w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.198.0/23
91.230.235.0/24
Signature Algorithm: sha256WithRSAEncryption
83:c6:bf:fd:64:01:e0:a2:6f:45:56:8e:f0:62:8f:7e:e0:f1:
6f:3c:a0:0b:fc:db:fc:8e:76:26:65:5c:d7:a6:90:f4:0e:4e:
09:e8:49:e9:82:a6:87:04:67:f6:61:7b:8d:03:fd:b0:0d:8e:
99:bc:20:07:1b:d2:4b:2b:59:e5:81:11:60:94:f8:aa:78:ae:
a2:62:a5:5c:ee:dc:57:84:be:95:c2:05:70:60:65:89:a8:c9:
59:22:07:de:7a:19:14:ee:07:28:54:77:90:82:dc:ce:3f:91:
f4:5c:e9:e0:b7:32:16:37:f6:1c:27:66:d2:73:60:ba:32:6c:
75:ca:7a:e9:52:2b:5f:b0:80:1b:28:25:d6:7d:08:f8:c9:ae:
4c:b9:50:e8:2a:94:96:b7:68:8b:ed:e7:a2:8e:a0:f1:66:cd:
49:e0:b9:45:c3:49:9f:ef:9a:7e:18:dd:c1:32:fe:2f:1a:ef:
16:23:28:cf:75:4b:ba:ce:e5:bc:80:43:72:3c:a6:ed:60:f8:
7b:12:ec:be:5f:10:87:6f:c1:9d:38:88:7b:c5:5b:3c:ae:c5:
d7:4b:4f:af:9f:98:42:24:b8:52:ac:bb:14:c1:dc:4d:99:7e:
31:c3:7a:a6:ac:e5:3a:83:00:31:1b:22:21:7b:82:51:c8:f7:
b7:d6:c5:06
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVznxYad9bPZK1fLrrRzo/xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5NTlhZTNmNDE3N2EzY2RkOTY2OGQwYzViOGE4OWY5MTg2
YjViZmMwHhcNMjMwMTAyMTc1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWE4OGJmNjRiYzJkNmRiYWNmNWY3MDJiMjk5YzdhZTI0NjQ3YjUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy9NGVdc+drO3aTKtGrCjJlkmiGgo
gAQxWlE3MHmJnuouDx8ubqq7DwomB7oy3kRW0gKfDNiyRDD6pu6ogKvKNlc7wIIS
JIkyQNETBQ5mDV7lBiHF2Wzwzh9NtugGi5Ben0RflDHlw8Xvi89M196FA11etkik
pwGUlLtAoTwQC0fko+K3qCyP1xpOeUhks1HhMPCQvG/30SWga0IfdVB2mulXnGbW
WJj3/0D1srSqQW3NIntdMEFEH7Nnrb42GEuW8rktpQZ4xKTz7dL/l4fSM3s4Z486
I8qtGMWCM6mQf+tsZ/yU4HWtzxXLdonhjXkFkHoeMgag7KBzbWYVW6VR7wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFWoi/ZLwtbbrPX3ArKZx64kZHtQMB8GA1UdIwQY
MBaAFIlZrj9Bd6PN2WaNDFuKifkYa1v8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVZtdVAwRjNvODNaWm8wTVc0cUotUmhyV193LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC8wNGJhMjYtZjFiOS00Mjg1LWI3ZmEt
ZWU5ODJhNTEyZjQzLzEvVmFpTDlrdkMxdHVzOWZjQ3NwbkhyaVJrZTFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC8wNGJhMjYtZjFiOS00Mjg1LWI3ZmEtZWU5ODJhNTEyZjQz
LzEvaVZtdVAwRjNvODNaWm8wTVc0cUotUmhyV193LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW87GAwQA
W+brMA0GCSqGSIb3DQEBCwUAA4IBAQCDxr/9ZAHgom9FVo7wYo9+4PFvPKAL/Nv8
jnYmZVzXppD0Dk4J6EnpgqaHBGf2YXuNA/2wDY6ZvCAHG9JLK1nlgRFglPiqeK6i
YqVc7txXhL6VwgVwYGWJqMlZIgfeehkU7gcoVHeQgtzOP5H0XOngtzIWN/YcJ2bS
c2C6Mmx1ynrpUitfsIAbKCXWfQj4ya5MuVDoKpSWt2iL7eeijqDxZs1J4LlFw0mf
75p+GN3BMv4vGu8WIyjPdUu6zuW8gENyPKbtYPh7Euy+XxCHb8GdOIh7xVs8rsXX
S0+vn5hCJLhSrLsUwdxNmX4xw3qmrOU6gwAxGyIhe4JRyPe31sUG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:20 2024 by rpki-client on console-fra.rpki-client.org