Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/7090a9-feed-4ea1-8459-ee810b83adcd/1/VCpzeQVELImK_q0iVUnWdoRcVUA.roa
File: VCpzeQVELImK_q0iVUnWdoRcVUA.roa (raw, json)
Hash identifier: p8RsmEhPTG2VrR4IcXpdgW1jtvetsjt7fxMCrwyjAew=
Subject key identifier: 54:2A:73:79:05:44:2C:89:8A:FE:AD:22:55:49:D6:76:84:5C:55:40
Certificate issuer: /CN=4801a5b816158f07a8ca8acb37e97e2f20b06911
Certificate serial: 018EDB854102E81F7FE3E01C94EFB28EF9C0
Authority key identifier: 48:01:A5:B8:16:15:8F:07:A8:CA:8A:CB:37:E9:7E:2F:20:B0:69:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAGluBYVjweoyorLN-l-LyCwaRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/7090a9-feed-4ea1-8459-ee810b83adcd/1/VCpzeQVELImK_q0iVUnWdoRcVUA.roa
Signing time: Sun 14 Apr 2024 07:32:06 +0000
ROA not before: Sun 14 Apr 2024 07:32:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203684
IP address blocks: 91.199.9.0/24 maxlen: 24
91.199.18.0/24 maxlen: 24
91.199.27.0/24 maxlen: 24
91.199.30.0/24 maxlen: 24
109.95.60.0/22 maxlen: 22
185.186.240.0/24 maxlen: 24
185.187.86.0/23 maxlen: 23
185.187.86.0/24 maxlen: 24
185.187.87.0/24 maxlen: 24
2a11:7700::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 29 Apr 2024 13:59:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:db:85:41:02:e8:1f:7f:e3:e0:1c:94:ef:b2:8e:f9:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4801a5b816158f07a8ca8acb37e97e2f20b06911
Validity
Not Before: Apr 14 07:32:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=542a737905442c898afead225549d676845c5540
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:0e:42:5a:54:47:93:31:d1:eb:95:8b:e7:4c:
fb:db:cb:11:50:f4:f4:57:50:67:90:a3:26:2c:5f:
c2:09:76:84:b8:44:a8:de:2b:54:f9:d1:76:9d:33:
05:1c:db:f3:ad:a9:2b:fa:d7:8d:2f:87:6e:65:18:
47:3c:ea:e1:8f:df:bc:67:08:e4:23:6c:ab:17:65:
2a:d3:47:28:06:2b:10:09:be:94:9e:a5:02:ac:6b:
cb:25:d7:e1:06:f5:dc:4b:41:82:bd:1b:8f:35:5e:
0c:51:dc:cb:0c:fc:0f:2f:b9:2f:01:5c:23:45:cd:
d9:44:9a:98:af:ce:38:4d:a6:0d:0a:62:5d:a5:01:
65:7e:93:e0:76:de:e2:eb:e5:65:71:b1:ec:c0:a4:
b6:d6:7a:09:14:69:ca:9e:b5:61:25:ba:a6:49:c7:
55:dd:82:9b:3f:56:2a:fb:cb:fb:e0:c5:69:e3:f8:
b0:50:95:c4:74:be:87:69:ac:7a:82:09:7d:07:14:
e9:0b:77:72:25:2f:94:40:ca:fa:ef:cb:13:d3:68:
07:29:c1:9f:94:91:77:f3:bf:c7:fa:ec:f9:cb:55:
39:00:69:d8:6b:b7:22:c4:e3:46:49:cd:f1:3f:1f:
08:82:3f:32:4e:f6:82:30:e8:3d:27:b7:05:86:7a:
61:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:2A:73:79:05:44:2C:89:8A:FE:AD:22:55:49:D6:76:84:5C:55:40
X509v3 Authority Key Identifier:
keyid:48:01:A5:B8:16:15:8F:07:A8:CA:8A:CB:37:E9:7E:2F:20:B0:69:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAGluBYVjweoyorLN-l-LyCwaRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/7090a9-feed-4ea1-8459-ee810b83adcd/1/VCpzeQVELImK_q0iVUnWdoRcVUA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/7090a9-feed-4ea1-8459-ee810b83adcd/1/SAGluBYVjweoyorLN-l-LyCwaRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.9.0/24
91.199.18.0/24
91.199.27.0/24
91.199.30.0/24
109.95.60.0/22
185.186.240.0/24
185.187.86.0/23
IPv6:
2a11:7700::/29
Signature Algorithm: sha256WithRSAEncryption
b5:24:e9:a8:ea:88:d5:47:92:88:8a:74:11:c4:4a:4d:cf:ea:
6f:43:f7:20:77:bb:e3:c6:43:63:48:44:c0:fa:5d:b7:22:e7:
7b:31:eb:12:24:94:1f:04:27:91:58:ab:9d:e7:da:0e:10:5c:
3a:7c:71:7d:7d:56:4b:be:ea:2a:be:e9:08:83:76:bc:ff:3e:
2f:1a:c2:ff:0d:17:b2:6b:0b:74:35:a8:62:0f:0d:d3:ca:e1:
39:5e:86:24:15:ad:10:b4:e7:4a:c2:e7:f8:c0:04:ca:98:51:
6a:79:1f:4c:85:71:13:04:d7:6a:43:8a:d5:0e:e2:b5:69:5d:
7a:98:31:b0:c3:9b:82:da:86:a6:db:09:a0:79:f8:7a:4a:21:
7d:eb:af:4b:7d:cc:1b:57:ce:ab:cd:9d:99:3c:93:99:e4:bf:
9e:ee:11:3a:bb:9c:b2:5d:8a:c2:4d:b9:6f:13:ca:f6:1d:b9:
79:c9:2f:c3:35:b2:cf:39:4b:e2:58:d7:88:dd:b4:4a:38:ec:
f6:92:c1:ae:56:92:0a:04:2e:36:f4:3f:39:2f:ea:a6:29:6c:
da:7d:a8:64:7e:7d:e4:eb:14:d8:18:fd:b7:7a:b0:3e:fd:23:
30:a3:7e:52:a2:82:5f:bb:b7:6a:06:ff:f2:ec:3a:5f:17:cd:
c6:8c:70:a0
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAY7bhUEC6B9/4+AclO+yjvnAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MDFhNWI4MTYxNThmMDdhOGNhOGFjYjM3ZTk3ZTJmMjBi
MDY5MTEwHhcNMjQwNDE0MDczMjA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDJhNzM3OTA1NDQyYzg5OGFmZWFkMjI1NTQ5ZDY3Njg0NWM1NTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAug5CWlRHkzHR65WL50z728sRUPT0
V1BnkKMmLF/CCXaEuESo3itU+dF2nTMFHNvzrakr+teNL4duZRhHPOrhj9+8Zwjk
I2yrF2Uq00coBisQCb6UnqUCrGvLJdfhBvXcS0GCvRuPNV4MUdzLDPwPL7kvAVwj
Rc3ZRJqYr844TaYNCmJdpQFlfpPgdt7i6+VlcbHswKS21noJFGnKnrVhJbqmScdV
3YKbP1Yq+8v74MVp4/iwUJXEdL6Haax6ggl9BxTpC3dyJS+UQMr678sT02gHKcGf
lJF387/H+uz5y1U5AGnYa7cixONGSc3xPx8Igj8yTvaCMOg9J7cFhnphJQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFFQqc3kFRCyJiv6tIlVJ1naEXFVAMB8GA1UdIwQY
MBaAFEgBpbgWFY8HqMqKyzfpfi8gsGkRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0FHbHVCWVZqd2VveW9yTE4tbC1MeUN3YVJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS83MDkwYTktZmVlZC00ZWExLTg0NTkt
ZWU4MTBiODNhZGNkLzEvVkNwemVRVkVMSW1LX3EwaVZVbldkb1JjVlVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS83MDkwYTktZmVlZC00ZWExLTg0NTktZWU4MTBiODNhZGNk
LzEvU0FHbHVCWVZqd2VveW9yTE4tbC1MeUN3YVJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQAW8cJAwQA
W8cSAwQAW8cbAwQAW8ceAwQCbV88AwQAubrwAwQBubtWMA0EAgACMAcDBQMqEXcA
MA0GCSqGSIb3DQEBCwUAA4IBAQC1JOmo6ojVR5KIinQRxEpNz+pvQ/cgd7vjxkNj
SETA+l23Iud7MesSJJQfBCeRWKud59oOEFw6fHF9fVZLvuoqvukIg3a8/z4vGsL/
DReyawt0NahiDw3TyuE5XoYkFa0QtOdKwuf4wATKmFFqeR9MhXETBNdqQ4rVDuK1
aV16mDGww5uC2oam2wmgefh6SiF9669LfcwbV86rzZ2ZPJOZ5L+e7hE6u5yyXYrC
TblvE8r2Hbl5yS/DNbLPOUviWNeI3bRKOOz2ksGuVpIKBC429D85L+qmKWzafahk
fn3k6xTYGP23erA+/SMwo35SooJfu7dqBv/y7DpfF83GjHCg
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:46 2024 by rpki-client on console-ams.rpki-client.org