Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/bdcbc4-63b7-4ae5-8684-60e7e45399e6/1/V_mkn8sqhTsdQNyDok7AB3itbP8.roa
File: V_mkn8sqhTsdQNyDok7AB3itbP8.roa (raw, json)
Hash identifier: H2kh2izs3tRC1iX5FrtMXAlGI0sNoGbihjyMhs3JWUE=
Subject key identifier: 57:F9:A4:9F:CB:2A:85:3B:1D:40:DC:83:A2:4E:C0:07:78:AD:6C:FF
Certificate issuer: /CN=bd9c80cbe5d57972345f5fa5eba35c86889e55ca
Certificate serial: 01857082A37DD4BACC3036D752D5258D514A
Authority key identifier: BD:9C:80:CB:E5:D5:79:72:34:5F:5F:A5:EB:A3:5C:86:88:9E:55:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vZyAy-XVeXI0X1-l66NchoieVco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/bdcbc4-63b7-4ae5-8684-60e7e45399e6/1/V_mkn8sqhTsdQNyDok7AB3itbP8.roa
Signing time: Mon 02 Jan 2023 03:24:47 +0000
ROA not before: Mon 02 Jan 2023 03:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61006
IP address blocks: 185.39.200.0/22 maxlen: 22
37.252.112.0/21 maxlen: 21
2a00:d740::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:82:a3:7d:d4:ba:cc:30:36:d7:52:d5:25:8d:51:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd9c80cbe5d57972345f5fa5eba35c86889e55ca
Validity
Not Before: Jan 2 03:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=57f9a49fcb2a853b1d40dc83a24ec00778ad6cff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:c3:be:75:f5:d5:e9:ea:26:9a:2b:7a:a4:d6:
93:9c:1d:1d:d1:16:50:fb:87:93:1b:73:b0:0a:b8:
21:02:7e:63:8c:5d:b3:42:3c:2d:46:a9:5c:a7:38:
77:51:cb:7d:99:5c:0f:33:c3:fc:f0:ae:0a:d6:50:
a9:07:c6:53:bc:11:98:ac:4a:86:50:d5:57:43:70:
72:7d:84:4d:03:35:38:78:17:65:14:78:e1:d4:0b:
f3:60:96:32:52:48:5e:d0:f1:df:9f:ec:30:2f:31:
57:fd:e7:c2:98:d9:47:d3:1c:46:3e:b3:68:a7:58:
e3:8b:15:45:48:fb:88:ad:be:a5:82:d7:74:06:72:
f1:5e:a1:28:4f:3c:49:12:fd:15:a4:b4:23:f8:59:
f8:41:39:90:8c:60:ab:52:9c:21:77:63:f4:68:36:
fc:30:a6:58:35:16:b9:16:d1:ce:0d:80:fb:35:cd:
b9:81:3f:54:d7:9a:c4:c7:b5:56:50:13:d8:3b:eb:
ce:a0:f3:aa:a3:f9:db:00:e4:bc:fe:72:5c:ac:24:
69:f9:40:1e:76:f0:96:fa:24:f1:f6:dd:23:ab:15:
42:5d:44:84:cc:51:96:fe:41:c2:b9:72:60:68:48:
1b:39:c5:60:0a:08:41:60:29:06:d4:27:24:b4:05:
80:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:F9:A4:9F:CB:2A:85:3B:1D:40:DC:83:A2:4E:C0:07:78:AD:6C:FF
X509v3 Authority Key Identifier:
keyid:BD:9C:80:CB:E5:D5:79:72:34:5F:5F:A5:EB:A3:5C:86:88:9E:55:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vZyAy-XVeXI0X1-l66NchoieVco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/bdcbc4-63b7-4ae5-8684-60e7e45399e6/1/V_mkn8sqhTsdQNyDok7AB3itbP8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/bdcbc4-63b7-4ae5-8684-60e7e45399e6/1/vZyAy-XVeXI0X1-l66NchoieVco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.252.112.0/21
185.39.200.0/22
IPv6:
2a00:d740::/29
Signature Algorithm: sha256WithRSAEncryption
5d:d8:4b:49:65:3d:5e:dc:f7:b0:80:f3:e0:ad:d5:ae:bd:d5:
d7:ee:9e:fd:39:a2:0b:e4:50:ae:24:d9:c8:24:30:b9:c8:e6:
90:4e:3e:48:b3:95:33:22:34:19:71:21:17:ab:43:2d:e9:38:
49:cb:db:d4:c3:66:f8:78:b7:bb:89:2c:66:7f:7a:e4:6f:98:
0e:8a:ce:15:be:aa:f1:b0:e9:da:c2:89:e9:42:2e:d7:e4:67:
d6:f7:54:74:34:93:5d:bf:e5:20:1a:4e:a3:b1:1f:ed:79:d8:
bb:77:4d:1a:e3:2a:8c:6c:f1:9d:f1:5e:ac:d0:89:4e:c8:78:
63:23:ff:7b:bb:67:50:5a:21:7e:f9:a1:9e:cc:e4:61:1b:27:
8d:e5:c5:72:c6:16:32:b9:a3:5d:16:c6:88:79:e6:f9:cb:e5:
82:18:44:ae:82:b7:a6:7d:98:22:1b:8f:b1:df:12:20:74:f1:
98:3b:e9:c0:ec:0b:80:76:db:41:1c:b7:eb:ba:84:84:ef:ee:
3f:9b:46:b2:00:5b:ba:3c:68:95:54:5c:a0:7e:2f:54:45:db:
44:cf:c2:de:09:d9:86:82:f4:68:4a:b4:ab:bb:97:ad:c0:22:
3c:2c:10:b4:c7:76:25:28:7a:01:c3:56:bd:c4:88:ef:20:84:
10:5d:ca:de
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVwgqN91LrMMDbXUtUljVFKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkOWM4MGNiZTVkNTc5NzIzNDVmNWZhNWViYTM1Yzg2ODg5
ZTU1Y2EwHhcNMjMwMTAyMDMyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1N2Y5YTQ5ZmNiMmE4NTNiMWQ0MGRjODNhMjRlYzAwNzc4YWQ2Y2ZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg8O+dfXV6eommit6pNaTnB0d0RZQ
+4eTG3OwCrghAn5jjF2zQjwtRqlcpzh3Uct9mVwPM8P88K4K1lCpB8ZTvBGYrEqG
UNVXQ3ByfYRNAzU4eBdlFHjh1AvzYJYyUkhe0PHfn+wwLzFX/efCmNlH0xxGPrNo
p1jjixVFSPuIrb6lgtd0BnLxXqEoTzxJEv0VpLQj+Fn4QTmQjGCrUpwhd2P0aDb8
MKZYNRa5FtHODYD7Nc25gT9U15rEx7VWUBPYO+vOoPOqo/nbAOS8/nJcrCRp+UAe
dvCW+iTx9t0jqxVCXUSEzFGW/kHCuXJgaEgbOcVgCghBYCkG1CcktAWAnQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFf5pJ/LKoU7HUDcg6JOwAd4rWz/MB8GA1UdIwQY
MBaAFL2cgMvl1XlyNF9fpeujXIaInlXKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlp5QXktWFZlWEkwWDEtbDY2TmNob2llVmNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9iZGNiYzQtNjNiNy00YWU1LTg2ODQt
NjBlN2U0NTM5OWU2LzEvVl9ta244c3FoVHNkUU55RG9rN0FCM2l0YlA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS9iZGNiYzQtNjNiNy00YWU1LTg2ODQtNjBlN2U0NTM5OWU2
LzEvdlp5QXktWFZlWEkwWDEtbDY2TmNob2llVmNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDJfxwAwQC
uSfIMA0EAgACMAcDBQMqANdAMA0GCSqGSIb3DQEBCwUAA4IBAQBd2EtJZT1e3Pew
gPPgrdWuvdXX7p79OaIL5FCuJNnIJDC5yOaQTj5Is5UzIjQZcSEXq0Mt6ThJy9vU
w2b4eLe7iSxmf3rkb5gOis4VvqrxsOnawonpQi7X5GfW91R0NJNdv+UgGk6jsR/t
edi7d00a4yqMbPGd8V6s0IlOyHhjI/97u2dQWiF++aGezORhGyeN5cVyxhYyuaNd
FsaIeeb5y+WCGESugremfZgiG4+x3xIgdPGYO+nA7AuAdttBHLfruoSE7+4/m0ay
AFu6PGiVVFygfi9URdtEz8LeCdmGgvRoSrSru5etwCI8LBC0x3YlKHoBw1a9xIjv
IIQQXcre
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:46 2024 by rpki-client on console-fra.rpki-client.org