Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/d3d105-f972-4c7c-bfea-3f25392de7f9/1/VAYhVdGsuDqf4NclsxENuGpczaQ.roa
File: VAYhVdGsuDqf4NclsxENuGpczaQ.roa (raw, json)
Hash identifier: rjkYQv7205g6D4LeO+kV2L8FpUOjk3/5C+zMkLzJPH8=
Subject key identifier: 54:06:21:55:D1:AC:B8:3A:9F:E0:D7:25:B3:11:0D:B8:6A:5C:CD:A4
Certificate issuer: /CN=0d702c53cb803b14644e67587e5d6fd612b64bcc
Certificate serial: 018573B169C5C04D779C216B6CD046AB415E
Authority key identifier: 0D:70:2C:53:CB:80:3B:14:64:4E:67:58:7E:5D:6F:D6:12:B6:4B:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXAsU8uAOxRkTmdYfl1v1hK2S8w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/d3d105-f972-4c7c-bfea-3f25392de7f9/1/VAYhVdGsuDqf4NclsxENuGpczaQ.roa
Signing time: Mon 02 Jan 2023 18:14:44 +0000
ROA not before: Mon 02 Jan 2023 18:14:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31244
IP address blocks: 45.129.64.0/23 maxlen: 23
45.129.66.0/23 maxlen: 23
194.117.236.0/23 maxlen: 23
193.25.112.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:b1:69:c5:c0:4d:77:9c:21:6b:6c:d0:46:ab:41:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d702c53cb803b14644e67587e5d6fd612b64bcc
Validity
Not Before: Jan 2 18:14:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=54062155d1acb83a9fe0d725b3110db86a5ccda4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:fc:30:a7:a4:44:16:8c:c8:4f:fe:21:8e:6b:
cd:4f:e2:47:76:0e:58:e7:9c:f3:78:fe:9f:dc:44:
c1:4c:02:95:5f:93:5b:ec:91:f7:90:41:a7:11:19:
d8:84:47:ac:11:c8:fd:e0:e2:93:b8:49:2f:ec:a7:
0f:6d:7a:cd:5e:2a:34:47:0e:58:59:d5:09:97:98:
60:41:af:4c:10:32:31:b8:57:b6:73:3c:4c:2e:93:
9d:4c:3d:8d:f0:96:84:cf:bb:f1:46:76:70:f0:6b:
6a:a6:a8:ec:87:b5:6f:49:e9:24:22:8f:fe:b1:27:
a0:98:e0:12:46:11:0d:91:7a:5e:2c:9b:f0:6a:c6:
65:e6:71:0e:77:f8:57:2d:f2:ba:a6:a5:d1:a6:ba:
76:fe:61:85:28:b2:0f:83:72:97:aa:15:e0:30:e7:
54:4d:07:97:6e:75:0b:4b:a4:f3:e1:b2:e7:42:cb:
e5:0c:d4:23:a8:65:b4:9a:70:d7:e9:e8:e9:71:0b:
3d:17:bd:a2:95:a2:29:69:15:dc:a3:cc:f3:b0:78:
0c:ed:5c:de:c5:7b:80:78:af:c4:c0:69:34:c3:06:
db:29:f2:a8:82:f5:54:78:23:5c:31:65:e9:74:e9:
19:f0:a1:ec:35:a7:29:78:82:69:ec:b5:bb:3b:f3:
45:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:06:21:55:D1:AC:B8:3A:9F:E0:D7:25:B3:11:0D:B8:6A:5C:CD:A4
X509v3 Authority Key Identifier:
keyid:0D:70:2C:53:CB:80:3B:14:64:4E:67:58:7E:5D:6F:D6:12:B6:4B:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXAsU8uAOxRkTmdYfl1v1hK2S8w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/d3d105-f972-4c7c-bfea-3f25392de7f9/1/VAYhVdGsuDqf4NclsxENuGpczaQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/d3d105-f972-4c7c-bfea-3f25392de7f9/1/DXAsU8uAOxRkTmdYfl1v1hK2S8w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.64.0/22
193.25.112.0/23
194.117.236.0/23
Signature Algorithm: sha256WithRSAEncryption
27:25:46:9b:be:59:69:b4:db:57:63:9f:46:a2:52:7c:73:20:
d8:25:1f:2a:4e:65:77:c7:42:29:89:76:ac:35:76:b6:8c:48:
e5:10:64:c6:bb:72:7b:49:d2:a1:a5:73:09:e9:98:53:52:7b:
9d:9a:e3:0a:3e:84:33:33:87:20:8a:b8:30:7a:72:a8:c7:63:
92:d2:60:1b:8a:02:1e:58:a7:e1:4f:ff:69:2d:df:84:4b:d1:
b5:30:ef:c1:e7:8c:46:a0:8b:d2:e3:70:2a:0d:f9:01:1c:e8:
7b:81:a8:30:eb:e3:a6:01:a3:44:8a:85:83:95:17:05:1e:24:
e6:69:72:bd:56:54:e1:5d:fb:45:04:df:91:72:83:96:c0:5d:
9c:fe:6d:7b:0d:a4:0c:b3:35:42:17:e3:51:f6:b9:f1:08:37:
7a:b3:19:26:12:28:f6:9c:3b:ed:26:01:09:74:ed:8a:5f:53:
9d:fa:6e:6a:16:c3:2a:dd:be:18:2b:c1:2c:9f:bc:95:2e:1b:
1f:34:07:f7:69:f8:1a:e6:75:a9:32:d7:84:ba:9f:d5:ae:46:
5d:12:61:f8:5d:41:75:ad:00:b7:32:79:2d:53:b6:96:bc:77:
7c:ab:da:ec:45:fb:d5:25:dc:16:d4:44:49:4c:a8:aa:da:83:
39:56:57:ea
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVzsWnFwE13nCFrbNBGq0FeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzAyYzUzY2I4MDNiMTQ2NDRlNjc1ODdlNWQ2ZmQ2MTJi
NjRiY2MwHhcNMjMwMTAyMTgxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDA2MjE1NWQxYWNiODNhOWZlMGQ3MjViMzExMGRiODZhNWNjZGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnvwwp6REFozIT/4hjmvNT+JHdg5Y
55zzeP6f3ETBTAKVX5Nb7JH3kEGnERnYhEesEcj94OKTuEkv7KcPbXrNXio0Rw5Y
WdUJl5hgQa9MEDIxuFe2czxMLpOdTD2N8JaEz7vxRnZw8Gtqpqjsh7VvSekkIo/+
sSegmOASRhENkXpeLJvwasZl5nEOd/hXLfK6pqXRprp2/mGFKLIPg3KXqhXgMOdU
TQeXbnULS6Tz4bLnQsvlDNQjqGW0mnDX6ejpcQs9F72ilaIpaRXco8zzsHgM7Vze
xXuAeK/EwGk0wwbbKfKogvVUeCNcMWXpdOkZ8KHsNacpeIJp7LW7O/NF7QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFQGIVXRrLg6n+DXJbMRDbhqXM2kMB8GA1UdIwQY
MBaAFA1wLFPLgDsUZE5nWH5db9YStkvMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhBc1U4dUFPeFJrVG1kWWZsMXYxaEsyUzh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9kM2QxMDUtZjk3Mi00YzdjLWJmZWEt
M2YyNTM5MmRlN2Y5LzEvVkFZaFZkR3N1RHFmNE5jbHN4RU51R3BjemFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9kM2QxMDUtZjk3Mi00YzdjLWJmZWEtM2YyNTM5MmRlN2Y5
LzEvRFhBc1U4dUFPeFJrVG1kWWZsMXYxaEsyUzh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLYFAAwQB
wRlwAwQBwnXsMA0GCSqGSIb3DQEBCwUAA4IBAQAnJUabvllptNtXY59GolJ8cyDY
JR8qTmV3x0IpiXasNXa2jEjlEGTGu3J7SdKhpXMJ6ZhTUnudmuMKPoQzM4cgirgw
enKox2OS0mAbigIeWKfhT/9pLd+ES9G1MO/B54xGoIvS43AqDfkBHOh7gagw6+Om
AaNEioWDlRcFHiTmaXK9VlThXftFBN+RcoOWwF2c/m17DaQMszVCF+NR9rnxCDd6
sxkmEij2nDvtJgEJdO2KX1Od+m5qFsMq3b4YK8Esn7yVLhsfNAf3afga5nWpMteE
up/VrkZdEmH4XUF1rQC3MnktU7aWvHd8q9rsRfvVJdwW1ERJTKiq2oM5Vlfq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:41:06 2024 by rpki-client on console-fra.rpki-client.org