Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/c4c32c-322e-4ed7-8a29-45d542d5f55f/1/vd9Vci703ePiphV9dKXMrHcr2VY.roa
File: vd9Vci703ePiphV9dKXMrHcr2VY.roa (raw, json)
Hash identifier: woVgo+AI0EbUVmKdYPiYKGAQxNKT3rHctEazHbpBvOI=
Subject key identifier: BD:DF:55:72:2E:F4:DD:E3:E2:A6:15:7D:74:A5:CC:AC:77:2B:D9:56
Certificate issuer: /CN=c8531ae2ce57c95f5a398930ea45503542801ba1
Certificate serial: 018990B3C32BACBB196DD03AA209456FA369
Authority key identifier: C8:53:1A:E2:CE:57:C9:5F:5A:39:89:30:EA:45:50:35:42:80:1B:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yFMa4s5XyV9aOYkw6kVQNUKAG6E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/c4c32c-322e-4ed7-8a29-45d542d5f55f/1/vd9Vci703ePiphV9dKXMrHcr2VY.roa
Signing time: Wed 26 Jul 2023 05:37:27 +0000
ROA not before: Wed 26 Jul 2023 05:37:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3491
IP address blocks: 217.113.64.0/19 maxlen: 19
217.113.65.0/24 maxlen: 24
217.113.86.0/24 maxlen: 24
217.113.88.0/24 maxlen: 24
217.113.92.0/24 maxlen: 24
185.77.60.0/22 maxlen: 22
185.77.60.0/24 maxlen: 24
2a03:5400::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:90:b3:c3:2b:ac:bb:19:6d:d0:3a:a2:09:45:6f:a3:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8531ae2ce57c95f5a398930ea45503542801ba1
Validity
Not Before: Jul 26 05:37:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bddf55722ef4dde3e2a6157d74a5ccac772bd956
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:4e:6c:2e:71:4f:03:c1:6d:a3:0b:de:6b:1d:
a7:19:eb:ed:03:32:02:ca:e1:20:24:8d:ff:12:4f:
10:86:66:96:6e:0f:15:76:22:c7:4e:1f:80:a0:a6:
37:64:31:37:43:fa:d4:bd:0d:63:c5:be:f6:43:a9:
f1:11:96:f5:9a:63:a6:ba:de:cc:27:0c:11:6d:3e:
d6:f3:67:92:09:c1:8c:3e:97:7a:09:8c:da:86:b7:
cb:92:36:05:9b:d2:2a:63:cd:d4:02:5c:97:6a:d0:
02:da:99:43:ad:43:87:1b:78:18:ce:d7:f8:db:d6:
93:fd:33:65:ba:61:e6:3b:94:ac:7a:23:b4:2a:0e:
43:05:6c:38:4b:b8:94:ee:4f:4d:26:4e:47:b7:a5:
9f:72:de:bb:1e:5b:b4:74:aa:11:79:42:09:c9:a6:
a2:5b:6d:7c:44:14:06:c5:df:43:84:d8:9a:d9:28:
a0:e8:4f:5a:09:6a:30:cd:69:17:96:03:ac:be:33:
e7:7b:17:d2:45:a5:7a:35:a8:4c:ec:0e:c2:23:03:
43:09:52:bb:f7:8d:cb:06:65:19:52:10:32:ad:be:
de:ea:ac:74:0c:1b:e2:f5:8c:95:71:90:dc:84:92:
25:92:fa:8a:a6:ba:6f:be:af:99:da:9f:24:d4:aa:
bb:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:DF:55:72:2E:F4:DD:E3:E2:A6:15:7D:74:A5:CC:AC:77:2B:D9:56
X509v3 Authority Key Identifier:
keyid:C8:53:1A:E2:CE:57:C9:5F:5A:39:89:30:EA:45:50:35:42:80:1B:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yFMa4s5XyV9aOYkw6kVQNUKAG6E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/c4c32c-322e-4ed7-8a29-45d542d5f55f/1/vd9Vci703ePiphV9dKXMrHcr2VY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/c4c32c-322e-4ed7-8a29-45d542d5f55f/1/yFMa4s5XyV9aOYkw6kVQNUKAG6E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.77.60.0/22
217.113.64.0/19
IPv6:
2a03:5400::/32
Signature Algorithm: sha256WithRSAEncryption
53:84:a4:be:d1:ec:5d:e5:a1:bb:62:c9:ad:f2:26:e3:47:63:
5f:2b:39:51:98:db:5b:de:f7:3f:da:6a:22:c9:61:24:eb:39:
1f:ba:35:83:b0:81:c2:db:0b:5f:3b:c2:a9:77:1a:c5:55:2b:
3a:67:8a:7a:27:cc:85:53:a0:91:eb:26:b4:d3:c9:19:93:5c:
31:ad:31:67:66:ca:3f:da:fc:be:50:26:35:76:f1:6e:53:4b:
9a:91:7e:c1:77:59:cb:f0:a2:e6:b6:13:55:24:ea:ab:2d:1d:
fb:83:a2:bd:13:c9:76:a1:3b:e7:f1:e5:6f:51:0c:a5:c7:e1:
5c:05:b7:f4:2f:93:0f:38:e6:9b:75:94:1c:48:94:16:86:ec:
b0:23:99:c6:67:c8:fd:76:fe:3f:72:6b:ba:1e:d5:ed:12:6d:
40:ad:bb:8d:60:fa:e3:b2:65:a5:b2:e7:34:8e:e6:5c:20:b8:
85:de:88:55:06:1b:23:11:7b:8d:81:6e:f9:54:56:b8:80:ce:
a5:6b:5a:eb:b6:84:2e:cf:c3:ab:6d:88:39:b4:dd:c4:c7:90:
c2:40:4e:55:d4:20:c0:99:d1:17:db:bb:77:83:16:d8:99:b2:
bb:28:61:ba:a5:f4:70:ca:62:b8:a1:22:02:cd:2a:5c:b0:de:
78:02:99:f7
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYmQs8MrrLsZbdA6oglFb6NpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4NTMxYWUyY2U1N2M5NWY1YTM5ODkzMGVhNDU1MDM1NDI4
MDFiYTEwHhcNMjMwNzI2MDUzNzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGRmNTU3MjJlZjRkZGUzZTJhNjE1N2Q3NGE1Y2NhYzc3MmJkOTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm05sLnFPA8Ftowveax2nGevtAzIC
yuEgJI3/Ek8QhmaWbg8VdiLHTh+AoKY3ZDE3Q/rUvQ1jxb72Q6nxEZb1mmOmut7M
JwwRbT7W82eSCcGMPpd6CYzahrfLkjYFm9IqY83UAlyXatAC2plDrUOHG3gYztf4
29aT/TNlumHmO5SseiO0Kg5DBWw4S7iU7k9NJk5Ht6Wfct67Hlu0dKoReUIJyaai
W218RBQGxd9DhNia2Sig6E9aCWowzWkXlgOsvjPnexfSRaV6NahM7A7CIwNDCVK7
943LBmUZUhAyrb7e6qx0DBvi9YyVcZDchJIlkvqKprpvvq+Z2p8k1Kq7zQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFL3fVXIu9N3j4qYVfXSlzKx3K9lWMB8GA1UdIwQY
MBaAFMhTGuLOV8lfWjmJMOpFUDVCgBuhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUZNYTRzNVh5VjlhT1lrdzZrVlFOVUtBRzZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy9jNGMzMmMtMzIyZS00ZWQ3LThhMjkt
NDVkNTQyZDVmNTVmLzEvdmQ5VmNpNzAzZVBpcGhWOWRLWE1ySGNyMlZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy9jNGMzMmMtMzIyZS00ZWQ3LThhMjktNDVkNTQyZDVmNTVm
LzEveUZNYTRzNVh5VjlhT1lrdzZrVlFOVUtBRzZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuU08AwQF
2XFAMA0EAgACMAcDBQAqA1QAMA0GCSqGSIb3DQEBCwUAA4IBAQBThKS+0exd5aG7
Ysmt8ibjR2NfKzlRmNtb3vc/2moiyWEk6zkfujWDsIHC2wtfO8KpdxrFVSs6Z4p6
J8yFU6CR6ya008kZk1wxrTFnZso/2vy+UCY1dvFuU0uakX7Bd1nL8KLmthNVJOqr
LR37g6K9E8l2oTvn8eVvUQylx+FcBbf0L5MPOOabdZQcSJQWhuywI5nGZ8j9dv4/
cmu6HtXtEm1ArbuNYPrjsmWlsuc0juZcILiF3ohVBhsjEXuNgW75VFa4gM6la1rr
toQuz8OrbYg5tN3Ex5DCQE5V1CDAmdEX27t3gxbYmbK7KGG6pfRwymK4oSICzSpc
sN54Apn3
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:09 2024 by rpki-client on console-ams.rpki-client.org