Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/vumaaIkLpD_hKs7gO3jbXzh184Q.roa
File: vumaaIkLpD_hKs7gO3jbXzh184Q.roa (raw, json)
Hash identifier: f22WdKb6kLT5dEsMB2rR5HyqD5caXcZzhRLHPhR4Mu8=
Subject key identifier: BE:E9:9A:68:89:0B:A4:3F:E1:2A:CE:E0:3B:78:DB:5F:38:75:F3:84
Certificate issuer: /CN=8778ad8168e09cf92d4e0498257f8e9ceabf0692
Certificate serial: 018CC80220FFFA8626E4051057C0EAEAE3D8
Authority key identifier: 87:78:AD:81:68:E0:9C:F9:2D:4E:04:98:25:7F:8E:9C:EA:BF:06:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h3itgWjgnPktTgSYJX-OnOq_BpI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/vumaaIkLpD_hKs7gO3jbXzh184Q.roa
Signing time: Tue 02 Jan 2024 02:30:31 +0000
ROA not before: Tue 02 Jan 2024 02:30:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199785
IP address blocks: 146.19.207.0/24 maxlen: 24
217.114.43.0/24 maxlen: 24
176.126.103.0/24 maxlen: 24
89.107.10.0/24 maxlen: 24
178.250.186.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 05 Aug 2024 16:52:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:20:ff:fa:86:26:e4:05:10:57:c0:ea:ea:e3:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8778ad8168e09cf92d4e0498257f8e9ceabf0692
Validity
Not Before: Jan 2 02:30:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bee99a68890ba43fe12acee03b78db5f3875f384
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:dc:85:68:b1:87:1c:6d:e6:7d:2b:d4:7e:31:
9c:30:63:be:c0:90:88:7d:12:9a:87:be:dc:d0:74:
24:19:fa:01:6e:71:09:65:76:b4:7c:55:24:67:d5:
e4:72:f7:15:40:e0:b1:a4:83:bb:73:5c:76:ec:83:
7c:d0:9b:18:7f:3b:1e:65:31:79:f5:68:5d:78:ee:
5a:3d:be:ca:c6:44:b3:ae:18:1e:23:3d:39:a9:dc:
f1:d9:19:21:bc:25:d9:da:b3:17:91:85:d0:40:d7:
91:94:ba:7c:f8:52:9c:46:a9:0f:26:1a:87:62:fd:
64:2d:8a:2e:ee:31:9a:a6:38:78:1c:a3:86:b3:b2:
75:65:6f:5e:22:0a:91:30:41:20:72:38:2a:fb:1f:
9f:60:6e:5e:27:2f:61:84:35:1c:39:c2:3e:e6:29:
e1:9d:a4:0b:30:6c:53:db:c6:82:15:e6:f2:88:da:
be:f5:94:a7:d1:0b:5e:a6:c5:40:e9:2b:5f:36:cb:
53:f0:72:88:9c:81:3e:6a:23:60:cd:9b:5b:4f:8e:
7c:33:4c:bc:8a:a9:e6:df:92:af:b9:ce:c6:f9:b2:
69:67:a4:0a:0d:8e:f7:12:1d:28:b6:57:52:dd:4c:
cd:5e:94:b4:8d:2e:30:b3:d0:d0:ac:42:59:4d:58:
0f:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:E9:9A:68:89:0B:A4:3F:E1:2A:CE:E0:3B:78:DB:5F:38:75:F3:84
X509v3 Authority Key Identifier:
keyid:87:78:AD:81:68:E0:9C:F9:2D:4E:04:98:25:7F:8E:9C:EA:BF:06:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h3itgWjgnPktTgSYJX-OnOq_BpI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/vumaaIkLpD_hKs7gO3jbXzh184Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/h3itgWjgnPktTgSYJX-OnOq_BpI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.107.10.0/24
146.19.207.0/24
176.126.103.0/24
178.250.186.0/24
217.114.43.0/24
Signature Algorithm: sha256WithRSAEncryption
13:18:e8:0d:5f:e1:b1:70:7b:ff:ab:fb:1f:70:8e:41:a2:c3:
f4:a6:79:9a:e0:44:c9:c4:7f:37:85:ee:01:be:d9:22:eb:08:
e0:f9:a8:be:6f:d0:c4:12:59:77:a7:28:1c:29:cc:c6:bf:19:
df:a2:bf:70:02:4e:38:fe:62:aa:e8:c6:cc:c8:3f:85:00:7b:
4e:61:68:1d:cd:1c:0e:5a:b4:ed:20:5e:a6:82:44:01:60:fc:
b5:7a:f8:1c:f7:e0:f1:f5:59:c8:88:8d:c1:7a:a4:72:4e:8e:
db:1a:76:b5:02:8b:58:8d:b0:0d:2a:ff:28:b6:c3:47:2c:28:
10:7b:39:66:24:08:b7:34:52:80:8a:b6:6b:df:fa:3e:28:c9:
2f:b2:7c:ea:67:a4:35:dc:24:9a:c4:1d:d6:84:ee:43:38:b4:
81:c2:fb:1f:7f:55:42:24:e5:f9:30:8f:9c:db:56:3e:02:99:
c5:91:aa:6e:5b:9a:51:81:b0:a0:a6:b5:af:3e:47:b5:2e:07:
c0:a8:a0:5c:ea:e4:71:f8:f0:49:c9:11:c7:c7:c9:82:b9:a8:
04:1e:b5:a5:ad:b3:16:d8:20:35:40:ed:37:3b:c9:cb:5e:84:
06:bd:66:c7:7e:29:53:59:26:71:ee:35:f5:f5:ab:7d:f0:98:
79:26:8c:3a
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzIAiD/+oYm5AUQV8Dq6uPYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NzhhZDgxNjhlMDljZjkyZDRlMDQ5ODI1N2Y4ZTljZWFi
ZjA2OTIwHhcNMjQwMTAyMDIzMDMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWU5OWE2ODg5MGJhNDNmZTEyYWNlZTAzYjc4ZGI1ZjM4NzVmMzg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvNyFaLGHHG3mfSvUfjGcMGO+wJCI
fRKah77c0HQkGfoBbnEJZXa0fFUkZ9XkcvcVQOCxpIO7c1x27IN80JsYfzseZTF5
9WhdeO5aPb7KxkSzrhgeIz05qdzx2RkhvCXZ2rMXkYXQQNeRlLp8+FKcRqkPJhqH
Yv1kLYou7jGapjh4HKOGs7J1ZW9eIgqRMEEgcjgq+x+fYG5eJy9hhDUcOcI+5inh
naQLMGxT28aCFebyiNq+9ZSn0QtepsVA6StfNstT8HKInIE+aiNgzZtbT458M0y8
iqnm35Kvuc7G+bJpZ6QKDY73Eh0otldS3UzNXpS0jS4ws9DQrEJZTVgPtQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFL7pmmiJC6Q/4SrO4Dt42184dfOEMB8GA1UdIwQY
MBaAFId4rYFo4Jz5LU4EmCV/jpzqvwaSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDNpdGdXamduUGt0VGdTWUpYLU9uT3FfQnBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9mMDdmOGQtOWRmMC00OWM2LWIyZjAt
YWE5ZDY5MTgxMWU3LzEvdnVtYWFJa0xwRF9oS3M3Z08zamJYemgxODRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9mMDdmOGQtOWRmMC00OWM2LWIyZjAtYWE5ZDY5MTgxMWU3
LzEvaDNpdGdXamduUGt0VGdTWUpYLU9uT3FfQnBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAWWsKAwQA
khPPAwQAsH5nAwQAsvq6AwQA2XIrMA0GCSqGSIb3DQEBCwUAA4IBAQATGOgNX+Gx
cHv/q/sfcI5BosP0pnma4ETJxH83he4Bvtki6wjg+ai+b9DEEll3pygcKczGvxnf
or9wAk44/mKq6MbMyD+FAHtOYWgdzRwOWrTtIF6mgkQBYPy1evgc9+Dx9VnIiI3B
eqRyTo7bGna1AotYjbANKv8otsNHLCgQezlmJAi3NFKAirZr3/o+KMkvsnzqZ6Q1
3CSaxB3WhO5DOLSBwvsff1VCJOX5MI+c21Y+ApnFkapuW5pRgbCgprWvPke1LgfA
qKBc6uRx+PBJyRHHx8mCuagEHrWlrbMW2CA1QO03O8nLXoQGvWbHfilTWSZx7jX1
9at98Jh5Jow6
-----END CERTIFICATE-----
Generated at Mon Aug 5 18:50:06 2024 by rpki-client on console-fra.rpki-client.org