Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/153d53-6e69-4301-abd3-f311bac2a37f/1/VEq2_gcYF3mmlNqv2tlWRjSb0Xs.roa
File: VEq2_gcYF3mmlNqv2tlWRjSb0Xs.roa (raw, json)
Hash identifier: VBqzaIJWvaWUUNmzyRL7JrJMv21veJ/fgI/wVgi9csU=
Subject key identifier: 54:4A:B6:FE:07:18:17:79:A6:94:DA:AF:DA:D9:56:46:34:9B:D1:7B
Certificate issuer: /CN=c1bf34b190a51ce5300257911af30404f4951fb6
Certificate serial: 01856C9CC141BB600AD581E4057DA0E79ACE
Authority key identifier: C1:BF:34:B1:90:A5:1C:E5:30:02:57:91:1A:F3:04:04:F4:95:1F:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wb80sZClHOUwAleRGvMEBPSVH7Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/153d53-6e69-4301-abd3-f311bac2a37f/1/VEq2_gcYF3mmlNqv2tlWRjSb0Xs.roa
Signing time: Sun 01 Jan 2023 09:14:50 +0000
ROA not before: Sun 01 Jan 2023 09:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42433
IP address blocks: 81.23.242.0/23 maxlen: 23
81.23.242.0/24 maxlen: 24
81.23.243.0/24 maxlen: 24
92.118.110.0/24 maxlen: 24
2a0f:ec40::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:29:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:9c:c1:41:bb:60:0a:d5:81:e4:05:7d:a0:e7:9a:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1bf34b190a51ce5300257911af30404f4951fb6
Validity
Not Before: Jan 1 09:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=544ab6fe07181779a694daafdad95646349bd17b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:d4:61:04:30:b7:e6:57:0c:54:c5:08:92:d3:
6c:88:46:59:30:75:db:b4:d3:9f:50:82:84:98:74:
00:31:dd:67:2f:57:ea:f1:3e:59:48:d5:04:32:ef:
61:6d:a7:3c:dc:a9:fa:9b:d3:b0:4a:87:83:e7:8d:
90:86:b5:c3:9c:00:85:47:db:ca:c2:6c:a7:54:e3:
e2:13:5b:2c:3c:a6:59:2c:05:02:0a:3f:32:08:20:
9b:bf:0e:51:ac:7a:cc:4a:14:b7:28:c4:12:be:89:
ac:91:00:7b:10:d8:ab:c8:db:51:7b:08:26:09:db:
3e:c3:24:47:3c:0a:c4:65:04:0d:98:63:f9:0e:80:
5a:de:f2:b4:8b:1c:b4:3e:83:73:ed:be:aa:cf:d8:
98:9e:04:28:12:6e:aa:d5:de:46:ce:96:19:4b:b2:
4a:3f:30:8a:b0:a0:ab:e0:30:f0:3f:47:d5:e6:06:
b0:54:92:f7:fc:6e:57:65:36:c0:06:5f:b0:f3:90:
7e:d6:08:a3:5a:b7:a9:0c:f3:35:88:aa:fa:a5:d2:
48:c9:f9:8f:c6:00:0e:23:04:7a:b9:27:24:9c:2b:
27:f8:cb:14:19:45:aa:1b:21:59:57:b0:f4:93:56:
b4:bf:66:ea:5b:75:89:9a:36:df:8f:bc:70:91:d1:
ca:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:4A:B6:FE:07:18:17:79:A6:94:DA:AF:DA:D9:56:46:34:9B:D1:7B
X509v3 Authority Key Identifier:
keyid:C1:BF:34:B1:90:A5:1C:E5:30:02:57:91:1A:F3:04:04:F4:95:1F:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wb80sZClHOUwAleRGvMEBPSVH7Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/153d53-6e69-4301-abd3-f311bac2a37f/1/VEq2_gcYF3mmlNqv2tlWRjSb0Xs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/153d53-6e69-4301-abd3-f311bac2a37f/1/wb80sZClHOUwAleRGvMEBPSVH7Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.23.242.0/23
92.118.110.0/24
IPv6:
2a0f:ec40::/32
Signature Algorithm: sha256WithRSAEncryption
5d:8e:cc:3f:05:a1:ba:00:11:e1:1a:0b:c0:82:a7:51:d7:67:
c2:4d:e6:38:7d:4e:c1:38:4b:ef:b4:0c:0f:00:ce:e3:fa:56:
96:e0:f0:6e:43:41:b7:2d:7b:6d:14:ba:96:ec:c6:75:fe:5f:
d8:1d:d0:ab:c1:85:a2:4f:4f:18:ad:4a:53:2d:ae:ab:75:26:
0f:b4:e2:ae:ee:b4:5c:c6:0f:a3:eb:1c:0f:cf:68:28:a0:00:
10:a8:9c:3c:70:f4:79:85:0c:73:7d:1d:6f:9f:87:b3:68:79:
c4:21:82:e3:a6:be:3a:b8:19:bb:18:6c:b9:8f:46:ae:a5:0a:
5e:e8:81:30:27:e2:34:92:31:98:d5:3f:8c:6a:56:9b:e4:ac:
6f:31:f5:17:29:cd:9c:32:f9:9f:40:11:23:97:9c:0d:54:6f:
5e:76:c9:dd:2d:65:a1:f7:5a:7f:a5:db:9b:51:cc:90:a9:98:
ea:dd:7d:4b:88:f7:be:82:82:59:75:68:d0:ad:f3:39:28:09:
a2:f6:c2:7a:f5:f1:14:28:57:6b:ca:ba:ea:a1:42:52:82:ec:
1a:cb:f5:0b:e4:1a:0a:c2:4a:1e:30:6a:91:09:57:19:15:94:
27:73:d9:a3:40:7a:1e:7b:e1:96:f3:9a:d4:c8:12:8e:a9:b4:
e4:f2:22:ca
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVsnMFBu2AK1YHkBX2g55rOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxYmYzNGIxOTBhNTFjZTUzMDAyNTc5MTFhZjMwNDA0ZjQ5
NTFmYjYwHhcNMjMwMTAxMDkxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDRhYjZmZTA3MTgxNzc5YTY5NGRhYWZkYWQ5NTY0NjM0OWJkMTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh9RhBDC35lcMVMUIktNsiEZZMHXb
tNOfUIKEmHQAMd1nL1fq8T5ZSNUEMu9hbac83Kn6m9OwSoeD542QhrXDnACFR9vK
wmynVOPiE1ssPKZZLAUCCj8yCCCbvw5RrHrMShS3KMQSvomskQB7ENiryNtRewgm
Cds+wyRHPArEZQQNmGP5DoBa3vK0ixy0PoNz7b6qz9iYngQoEm6q1d5GzpYZS7JK
PzCKsKCr4DDwP0fV5gawVJL3/G5XZTbABl+w85B+1gijWrepDPM1iKr6pdJIyfmP
xgAOIwR6uScknCsn+MsUGUWqGyFZV7D0k1a0v2bqW3WJmjbfj7xwkdHKFwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFRKtv4HGBd5ppTar9rZVkY0m9F7MB8GA1UdIwQY
MBaAFMG/NLGQpRzlMAJXkRrzBAT0lR+2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2I4MHNaQ2xIT1V3QWxlUkd2TUVCUFNWSDdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8xNTNkNTMtNmU2OS00MzAxLWFiZDMt
ZjMxMWJhYzJhMzdmLzEvVkVxMl9nY1lGM21tbE5xdjJ0bFdSalNiMFhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8xNTNkNTMtNmU2OS00MzAxLWFiZDMtZjMxMWJhYzJhMzdm
LzEvd2I4MHNaQ2xIT1V3QWxlUkd2TUVCUFNWSDdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBURfyAwQA
XHZuMA0EAgACMAcDBQAqD+xAMA0GCSqGSIb3DQEBCwUAA4IBAQBdjsw/BaG6ABHh
GgvAgqdR12fCTeY4fU7BOEvvtAwPAM7j+laW4PBuQ0G3LXttFLqW7MZ1/l/YHdCr
wYWiT08YrUpTLa6rdSYPtOKu7rRcxg+j6xwPz2gooAAQqJw8cPR5hQxzfR1vn4ez
aHnEIYLjpr46uBm7GGy5j0aupQpe6IEwJ+I0kjGY1T+Malab5KxvMfUXKc2cMvmf
QBEjl5wNVG9edsndLWWh91p/pdubUcyQqZjq3X1LiPe+goJZdWjQrfM5KAmi9sJ6
9fEUKFdryrrqoUJSguway/UL5BoKwkoeMGqRCVcZFZQnc9mjQHoee+GW85rUyBKO
qbTk8iLK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:10 2024 by rpki-client on console-fra.rpki-client.org