Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/c14115-8cf8-40c8-87c8-ce82ebe11ac8/1/VgHfvewE7ZLnymmi9AwZzgpvri4.roa
File: VgHfvewE7ZLnymmi9AwZzgpvri4.roa (raw, json)
Hash identifier: FW2/E0nPuzxrGCrS5sprpM5B5SSuP+J1Ntmf5JrKe9I=
Subject key identifier: 56:01:DF:BD:EC:04:ED:92:E7:CA:69:A2:F4:0C:19:CE:0A:6F:AE:2E
Certificate issuer: /CN=1e9a92daf08c20b4691b925cf032e5491fe0acc0
Certificate serial: 0187117D72333E9BA6FFA9E091FE2E2F7955
Authority key identifier: 1E:9A:92:DA:F0:8C:20:B4:69:1B:92:5C:F0:32:E5:49:1F:E0:AC:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HpqS2vCMILRpG5Jc8DLlSR_grMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/c14115-8cf8-40c8-87c8-ce82ebe11ac8/1/VgHfvewE7ZLnymmi9AwZzgpvri4.roa
Signing time: Fri 24 Mar 2023 02:40:46 +0000
ROA not before: Fri 24 Mar 2023 02:40:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39785
IP address blocks: 95.170.189.0/24 maxlen: 24
89.105.159.0/24 maxlen: 24
89.105.158.0/24 maxlen: 24
93.159.240.0/23 maxlen: 23
178.169.88.0/23 maxlen: 23
95.170.180.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 27 Mar 2023 02:07:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:11:7d:72:33:3e:9b:a6:ff:a9:e0:91:fe:2e:2f:79:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e9a92daf08c20b4691b925cf032e5491fe0acc0
Validity
Not Before: Mar 24 02:40:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5601dfbdec04ed92e7ca69a2f40c19ce0a6fae2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:c7:d6:4f:a5:b5:e1:65:61:eb:85:d5:b5:b9:
e4:19:90:67:66:05:0f:75:89:01:74:2a:1a:c4:48:
2a:ab:be:07:d1:ec:80:be:47:f9:1c:d9:11:bb:83:
11:47:ff:04:13:e0:38:40:ca:fc:c7:2e:2b:18:90:
06:b7:d0:c6:d7:03:31:44:eb:ca:36:d4:96:a5:5b:
22:f9:7d:a8:8b:1a:25:40:32:47:28:f1:b6:17:15:
d1:5b:fc:9b:ac:dc:58:1c:d0:ab:ab:22:51:e8:7f:
7f:a4:70:ab:7d:e3:66:9a:fa:64:0a:03:19:28:be:
91:63:7a:31:10:f3:33:98:d0:78:87:cf:65:8a:9d:
a0:d0:24:f5:13:9c:af:ed:55:d7:fb:33:e3:1d:44:
1c:06:ec:b7:07:27:b1:0f:30:8c:a3:cb:c7:eb:be:
5b:73:c6:44:7e:5f:38:7f:6c:9e:f6:3f:f8:2a:44:
80:a0:53:4c:6c:15:8d:7b:23:9e:be:ee:4c:f3:ea:
7e:1a:27:f1:bf:d1:cf:db:da:ac:85:b6:75:8c:06:
0d:15:a0:a9:97:f4:e5:88:ee:bb:85:12:5e:64:ff:
5d:09:e8:b6:3d:b4:ad:d6:34:c5:5a:3d:ef:ff:08:
b2:d2:29:20:25:e5:f3:a9:fb:81:e3:43:85:37:c2:
e5:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:01:DF:BD:EC:04:ED:92:E7:CA:69:A2:F4:0C:19:CE:0A:6F:AE:2E
X509v3 Authority Key Identifier:
keyid:1E:9A:92:DA:F0:8C:20:B4:69:1B:92:5C:F0:32:E5:49:1F:E0:AC:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HpqS2vCMILRpG5Jc8DLlSR_grMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/c14115-8cf8-40c8-87c8-ce82ebe11ac8/1/VgHfvewE7ZLnymmi9AwZzgpvri4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/c14115-8cf8-40c8-87c8-ce82ebe11ac8/1/HpqS2vCMILRpG5Jc8DLlSR_grMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.105.158.0/23
93.159.240.0/23
95.170.180.0/22
95.170.189.0/24
178.169.88.0/23
Signature Algorithm: sha256WithRSAEncryption
44:dc:15:af:b5:b1:f8:57:7e:8a:76:65:c1:6d:63:88:d9:ce:
d9:4c:3e:3d:2b:eb:c0:f0:d6:ae:09:ff:13:e3:50:90:24:66:
81:ab:8d:5a:8c:2a:6d:67:bf:00:92:68:24:9b:7d:83:62:fa:
c0:31:2e:f0:ab:fc:e7:45:5f:23:29:d1:df:4f:17:cf:26:b0:
b5:07:fe:6f:5b:1b:80:5e:8c:55:d5:7e:a8:1a:07:c7:16:c1:
5d:18:46:7a:b1:0d:90:80:b9:e8:75:a3:9b:ba:ea:bc:9b:3f:
f8:95:3c:18:9e:90:28:3f:d7:4b:2f:94:f0:90:57:72:32:75:
54:47:b6:09:ba:59:58:cf:6d:f6:64:91:ed:7c:57:a6:0d:d4:
32:b7:44:68:5e:41:b6:88:32:00:89:9c:41:0e:13:19:21:72:
b6:a0:c3:2a:e0:15:20:c1:39:8a:60:22:84:2d:b4:3e:e7:ba:
ee:89:a4:dc:fc:1a:53:6c:42:a9:1a:b9:21:35:6d:d6:e1:a6:
5e:75:1b:c2:f9:79:67:cf:06:00:6b:cd:97:c0:29:3a:e8:a1:
42:0b:b7:6c:06:c4:a1:db:c2:c5:67:1b:2a:16:95:25:08:90:
40:12:44:5a:00:ec:c3:13:d2:3e:9b:b5:ac:bd:e9:1e:fc:e2:
3e:44:62:23
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYcRfXIzPpum/6ngkf4uL3lVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlOWE5MmRhZjA4YzIwYjQ2OTFiOTI1Y2YwMzJlNTQ5MWZl
MGFjYzAwHhcNMjMwMzI0MDI0MDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjAxZGZiZGVjMDRlZDkyZTdjYTY5YTJmNDBjMTljZTBhNmZhZTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8fWT6W14WVh64XVtbnkGZBnZgUP
dYkBdCoaxEgqq74H0eyAvkf5HNkRu4MRR/8EE+A4QMr8xy4rGJAGt9DG1wMxROvK
NtSWpVsi+X2oixolQDJHKPG2FxXRW/ybrNxYHNCrqyJR6H9/pHCrfeNmmvpkCgMZ
KL6RY3oxEPMzmNB4h89lip2g0CT1E5yv7VXX+zPjHUQcBuy3ByexDzCMo8vH675b
c8ZEfl84f2ye9j/4KkSAoFNMbBWNeyOevu5M8+p+Gifxv9HP29qshbZ1jAYNFaCp
l/TliO67hRJeZP9dCei2PbSt1jTFWj3v/wiy0ikgJeXzqfuB40OFN8Ll3QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFFYB373sBO2S58ppovQMGc4Kb64uMB8GA1UdIwQY
MBaAFB6aktrwjCC0aRuSXPAy5Ukf4KzAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHBxUzJ2Q01JTFJwRzVKYzhETGxTUl9nck1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9jMTQxMTUtOGNmOC00MGM4LTg3Yzgt
Y2U4MmViZTExYWM4LzEvVmdIZnZld0U3WkxueW1taTlBd1p6Z3B2cmk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9jMTQxMTUtOGNmOC00MGM4LTg3YzgtY2U4MmViZTExYWM4
LzEvSHBxUzJ2Q01JTFJwRzVKYzhETGxTUl9nck1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBWWmeAwQB
XZ/wAwQCX6q0AwQAX6q9AwQBsqlYMA0GCSqGSIb3DQEBCwUAA4IBAQBE3BWvtbH4
V36KdmXBbWOI2c7ZTD49K+vA8NauCf8T41CQJGaBq41ajCptZ78Akmgkm32DYvrA
MS7wq/znRV8jKdHfTxfPJrC1B/5vWxuAXoxV1X6oGgfHFsFdGEZ6sQ2QgLnodaOb
uuq8mz/4lTwYnpAoP9dLL5TwkFdyMnVUR7YJullYz232ZJHtfFemDdQyt0RoXkG2
iDIAiZxBDhMZIXK2oMMq4BUgwTmKYCKELbQ+57ruiaTc/BpTbEKpGrkhNW3W4aZe
dRvC+XlnzwYAa82XwCk66KFCC7dsBsSh28LFZxsqFpUlCJBAEkRaAOzDE9I+m7Ws
veke/OI+RGIj
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:24 2024 by rpki-client on console-ams.rpki-client.org