Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/4ae64b-f73e-408c-b4a8-cbb3d635d82f/1/VrnYnTjZHP7qsK7Ek0t3wDNlFEE.roa
File: VrnYnTjZHP7qsK7Ek0t3wDNlFEE.roa (raw, json)
Hash identifier: dh+5otpcbPgsDHe2mObo5oeNInq2GGjcDswwrcDgiu4=
Subject key identifier: 56:B9:D8:9D:38:D9:1C:FE:EA:B0:AE:C4:93:4B:77:C0:33:65:14:41
Certificate issuer: /CN=69042c1f27a7d7862475087023dc97c3330f73c6
Certificate serial: 018CC79553B55E09A0DF729548EC0B53E501
Authority key identifier: 69:04:2C:1F:27:A7:D7:86:24:75:08:70:23:DC:97:C3:33:0F:73:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aQQsHyen14YkdQhwI9yXwzMPc8Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/4ae64b-f73e-408c-b4a8-cbb3d635d82f/1/VrnYnTjZHP7qsK7Ek0t3wDNlFEE.roa
Signing time: Tue 02 Jan 2024 00:31:41 +0000
ROA not before: Tue 02 Jan 2024 00:31:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48847
IP address blocks: 185.104.68.144/28 maxlen: 28
185.104.70.0/28 maxlen: 28
185.104.71.0/28 maxlen: 28
185.104.71.32/28 maxlen: 28
185.104.71.176/29 maxlen: 29
185.104.68.240/29 maxlen: 29
185.104.70.220/30 maxlen: 30
185.104.68.0/26 maxlen: 26
185.104.68.64/26 maxlen: 26
185.104.71.0/24 maxlen: 24
185.104.70.0/24 maxlen: 24
185.104.68.0/22 maxlen: 22
185.104.68.0/24 maxlen: 24
185.104.71.16/30 maxlen: 30
185.104.71.20/30 maxlen: 30
2a06:3480::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 06 Jul 2024 09:55:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:53:b5:5e:09:a0:df:72:95:48:ec:0b:53:e5:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69042c1f27a7d7862475087023dc97c3330f73c6
Validity
Not Before: Jan 2 00:31:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=56b9d89d38d91cfeeab0aec4934b77c033651441
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:bc:21:c6:73:57:d4:86:b5:a1:a6:08:7c:06:
15:13:92:4a:09:c7:2d:ae:26:12:f9:21:68:32:29:
fc:b3:1e:98:eb:1e:6c:c9:9f:86:93:66:25:0a:a0:
38:38:c0:a9:6c:4a:1c:46:8b:e3:d9:43:3f:f4:b4:
b4:d9:26:cc:2a:49:75:fc:6f:b4:0f:16:47:16:06:
16:5b:32:37:d5:9f:f3:e1:d5:4b:ac:db:aa:7f:94:
cd:dc:05:24:11:2c:86:cb:b8:15:1a:d2:78:64:2e:
65:a1:dc:21:a6:7c:dc:32:b9:b2:3e:3b:53:80:04:
54:bc:74:d1:4f:9b:8a:16:ff:ce:34:3a:fa:aa:9c:
de:af:8b:20:80:c7:bc:41:02:c7:ee:ff:09:66:fc:
14:aa:df:11:56:cc:da:1e:21:28:2e:b1:46:15:1c:
6f:6a:3f:e3:b6:dd:78:d9:a9:69:cf:58:47:0d:8f:
bb:86:b1:18:01:9b:57:d2:ed:f6:18:ba:c8:a7:04:
5c:8a:e5:24:a8:7f:ae:9c:9e:7e:34:7e:2b:1a:8a:
2f:74:cb:e1:40:f4:ed:7e:ff:64:6a:80:60:9a:16:
13:d9:f0:47:77:19:26:33:25:11:bd:55:ae:db:63:
e3:27:10:ef:6f:16:6f:a2:f3:90:52:1b:48:2d:4f:
3b:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:B9:D8:9D:38:D9:1C:FE:EA:B0:AE:C4:93:4B:77:C0:33:65:14:41
X509v3 Authority Key Identifier:
keyid:69:04:2C:1F:27:A7:D7:86:24:75:08:70:23:DC:97:C3:33:0F:73:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aQQsHyen14YkdQhwI9yXwzMPc8Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/4ae64b-f73e-408c-b4a8-cbb3d635d82f/1/VrnYnTjZHP7qsK7Ek0t3wDNlFEE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/4ae64b-f73e-408c-b4a8-cbb3d635d82f/1/aQQsHyen14YkdQhwI9yXwzMPc8Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.104.68.0/22
IPv6:
2a06:3480::/29
Signature Algorithm: sha256WithRSAEncryption
a0:28:cf:8a:8f:c4:4e:1c:1d:ca:5c:5e:86:6b:b3:c9:d9:73:
0e:ab:be:10:be:e5:e1:45:8b:de:e4:2a:2b:57:5f:67:fe:70:
e0:36:2c:00:da:a1:01:4a:08:48:3f:77:21:3b:a3:6f:59:6b:
3c:4f:32:cc:6d:9d:6e:00:1a:0b:c4:0e:cd:b2:bf:c1:f6:ab:
6c:fb:1a:6e:d0:5e:96:5a:36:c0:8b:11:20:4c:27:3a:08:8f:
43:68:7f:a5:3c:69:66:cd:f5:47:0a:eb:ad:8f:41:d9:03:38:
84:7a:5c:c1:fa:59:ba:6d:16:b4:d3:c2:62:45:02:5e:9c:76:
7b:9c:e3:60:f4:40:16:d3:cd:87:a7:12:52:74:6f:11:9c:23:
17:fb:2e:bd:28:52:4b:57:94:6c:80:3e:69:55:46:d6:28:9d:
1a:e3:db:06:fa:e0:82:b9:91:1e:70:3a:4d:1c:37:a1:a6:2d:
61:fa:8c:55:93:7b:44:e0:a1:98:c2:92:d6:64:c5:bf:54:e4:
ea:51:69:b7:b6:df:5d:01:32:51:24:17:cd:06:3a:ae:d8:f4:
54:c5:27:9f:30:96:ba:e2:fa:50:43:5b:37:3f:23:b8:a5:9c:
c8:cc:08:52:a0:1b:3c:49:53:0b:b6:71:9e:34:55:44:a3:d7:
6d:b2:56:ba
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzHlVO1Xgmg33KVSOwLU+UBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5MDQyYzFmMjdhN2Q3ODYyNDc1MDg3MDIzZGM5N2MzMzMw
ZjczYzYwHhcNMjQwMTAyMDAzMTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmI5ZDg5ZDM4ZDkxY2ZlZWFiMGFlYzQ5MzRiNzdjMDMzNjUxNDQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuLwhxnNX1Ia1oaYIfAYVE5JKCcct
riYS+SFoMin8sx6Y6x5syZ+Gk2YlCqA4OMCpbEocRovj2UM/9LS02SbMKkl1/G+0
DxZHFgYWWzI31Z/z4dVLrNuqf5TN3AUkESyGy7gVGtJ4ZC5lodwhpnzcMrmyPjtT
gARUvHTRT5uKFv/ONDr6qpzer4sggMe8QQLH7v8JZvwUqt8RVszaHiEoLrFGFRxv
aj/jtt142alpz1hHDY+7hrEYAZtX0u32GLrIpwRciuUkqH+unJ5+NH4rGoovdMvh
QPTtfv9kaoBgmhYT2fBHdxkmMyURvVWu22PjJxDvbxZvovOQUhtILU87WQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFa52J042Rz+6rCuxJNLd8AzZRRBMB8GA1UdIwQY
MBaAFGkELB8np9eGJHUIcCPcl8MzD3PGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVFRc0h5ZW4xNFlrZFFod0k5eVh3ek1QYzhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy80YWU2NGItZjczZS00MDhjLWI0YTgt
Y2JiM2Q2MzVkODJmLzEvVnJuWW5UalpIUDdxc0s3RWswdDN3RE5sRkVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy80YWU2NGItZjczZS00MDhjLWI0YTgtY2JiM2Q2MzVkODJm
LzEvYVFRc0h5ZW4xNFlrZFFod0k5eVh3ek1QYzhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWhEMA0E
AgACMAcDBQMqBjSAMA0GCSqGSIb3DQEBCwUAA4IBAQCgKM+Kj8ROHB3KXF6Ga7PJ
2XMOq74QvuXhRYve5CorV19n/nDgNiwA2qEBSghIP3chO6NvWWs8TzLMbZ1uABoL
xA7Nsr/B9qts+xpu0F6WWjbAixEgTCc6CI9DaH+lPGlmzfVHCuutj0HZAziEelzB
+lm6bRa008JiRQJenHZ7nONg9EAW082HpxJSdG8RnCMX+y69KFJLV5RsgD5pVUbW
KJ0a49sG+uCCuZEecDpNHDehpi1h+oxVk3tE4KGYwpLWZMW/VOTqUWm3tt9dATJR
JBfNBjqu2PRUxSefMJa64vpQQ1s3PyO4pZzIzAhSoBs8SVMLtnGeNFVEo9dtsla6
-----END CERTIFICATE-----
Generated at Sat Jul 6 11:11:39 2024 by rpki-client on console-ams.rpki-client.org