Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/c15e99-2965-476f-9aef-8a273f4ad15d/1/Vzj0bsLPGTHsirRCOm3q2SaTnjI.roa
File: Vzj0bsLPGTHsirRCOm3q2SaTnjI.roa (raw, json)
Hash identifier: DVaUY3gtv4SQczaF6voGSqMwjm6m1CjhTScvpmeZaQ8=
Subject key identifier: 57:38:F4:6E:C2:CF:19:31:EC:8A:B4:42:3A:6D:EA:D9:26:93:9E:32
Certificate issuer: /CN=fa7eb1115130fac94091061e31462a565226885a
Certificate serial: 019176E4F7B64806614E950CB17F77CEBB70
Authority key identifier: FA:7E:B1:11:51:30:FA:C9:40:91:06:1E:31:46:2A:56:52:26:88:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-n6xEVEw-slAkQYeMUYqVlImiFo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/c15e99-2965-476f-9aef-8a273f4ad15d/1/Vzj0bsLPGTHsirRCOm3q2SaTnjI.roa
Signing time: Wed 21 Aug 2024 21:43:22 +0000
ROA not before: Wed 21 Aug 2024 21:43:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57521
IP address blocks: 45.10.39.0/24 maxlen: 24
2a13:bc1::/32 maxlen: 48
2a13:bc2::/48 maxlen: 48
2a13:bc2:2::/48 maxlen: 48
2a13:bc2:3::/48 maxlen: 48
2a13:bc2:4::/48 maxlen: 48
2a13:bc2:5::/48 maxlen: 48
2a13:bc2:6::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 22 Aug 2024 14:02:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:76:e4:f7:b6:48:06:61:4e:95:0c:b1:7f:77:ce:bb:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa7eb1115130fac94091061e31462a565226885a
Validity
Not Before: Aug 21 21:43:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5738f46ec2cf1931ec8ab4423a6dead926939e32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:d2:b8:04:6d:b6:18:7d:b8:4a:9c:d3:05:40:
bf:16:68:57:f4:f4:69:d1:8e:01:20:bd:f6:b2:f2:
d5:c7:e6:af:fc:1b:22:a4:75:69:77:c1:a9:34:e8:
12:72:a1:e3:b2:69:d9:9d:73:e0:d1:da:cd:3b:5f:
09:a9:5c:b3:4e:50:28:ed:aa:61:eb:69:79:1e:ed:
99:33:64:d7:58:26:51:70:73:13:26:71:be:68:f9:
2e:6c:d2:fb:bd:21:17:49:2d:0c:c0:90:a5:48:8e:
3d:b8:10:09:65:83:e8:d1:7a:8d:78:30:e5:0c:fa:
c0:48:d4:bf:ef:cf:d5:9f:ff:bd:5d:dd:22:2b:c0:
a5:37:c6:f6:ab:5b:38:9e:57:1c:2f:17:d9:a0:be:
24:fc:34:27:40:ab:ee:e3:8e:03:eb:4a:44:e4:89:
23:4c:5f:73:3e:7f:09:f7:7d:ef:e9:ab:cb:40:2a:
dd:1e:fa:ae:1d:cb:eb:f5:c4:5d:2a:66:b5:24:70:
bf:f1:40:c4:16:2e:e7:f3:68:ec:cb:bc:6e:ab:0d:
7f:e8:9e:da:78:99:37:df:a2:54:26:ef:34:21:f1:
b5:3d:4d:6c:52:e0:1c:13:28:98:68:68:67:45:a4:
8e:7d:ef:c5:7e:8f:cd:28:55:43:ac:1c:81:c0:70:
b0:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:38:F4:6E:C2:CF:19:31:EC:8A:B4:42:3A:6D:EA:D9:26:93:9E:32
X509v3 Authority Key Identifier:
keyid:FA:7E:B1:11:51:30:FA:C9:40:91:06:1E:31:46:2A:56:52:26:88:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-n6xEVEw-slAkQYeMUYqVlImiFo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/c15e99-2965-476f-9aef-8a273f4ad15d/1/Vzj0bsLPGTHsirRCOm3q2SaTnjI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/c15e99-2965-476f-9aef-8a273f4ad15d/1/1-n6xEVEw-slAkQYeMUYqVlImiFo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.39.0/24
IPv6:
2a13:bc1::-2a13:bc2:0:ffff:ffff:ffff:ffff:ffff
2a13:bc2:2::-2a13:bc2:6:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
4f:e2:87:9c:b9:3d:5f:93:e9:81:6f:b9:85:fe:a6:e0:48:ef:
4d:a6:7d:59:db:dd:26:21:3f:29:e9:1c:8f:41:d2:4d:68:e0:
82:1c:e8:97:3a:db:41:c2:f5:fa:7f:c3:2b:b5:08:c5:35:19:
5a:ad:31:38:3e:43:05:ab:40:0e:6a:cc:8a:f5:d0:dc:91:bd:
fc:d8:e4:5d:d4:65:f3:b1:03:02:59:a3:88:4e:1b:8b:d4:38:
86:55:c5:95:f2:d1:72:d8:b1:67:c8:1e:12:d1:e7:3b:30:06:
42:1c:ba:dc:ca:1c:e2:6e:19:cc:a3:3f:66:ef:ad:24:79:ae:
2d:33:92:b2:72:66:41:b0:88:25:57:08:e9:83:94:1a:08:73:
9b:27:d8:ea:e1:57:bf:be:78:b6:11:e9:a5:26:76:5a:e6:fc:
4e:f4:51:12:9a:bc:97:da:4f:89:53:90:cb:49:d6:7d:8b:a5:
0d:32:2d:c0:c7:70:cf:0a:85:80:92:a0:1f:f6:68:53:c9:ef:
d5:23:ec:e2:f6:30:cf:9a:87:8f:7c:f8:28:4d:5e:a2:91:32:
dd:5f:23:fd:38:40:0d:00:65:ff:e2:ea:55:a2:33:7a:0d:fc:
77:a9:10:3e:5d:9f:45:9e:9e:e0:29:2d:98:70:07:96:49:76:
77:f6:6d:25
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZF25Pe2SAZhTpUMsX93zrtwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhN2ViMTExNTEzMGZhYzk0MDkxMDYxZTMxNDYyYTU2NTIy
Njg4NWEwHhcNMjQwODIxMjE0MzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzM4ZjQ2ZWMyY2YxOTMxZWM4YWI0NDIzYTZkZWFkOTI2OTM5ZTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsdK4BG22GH24SpzTBUC/FmhX9PRp
0Y4BIL32svLVx+av/BsipHVpd8GpNOgScqHjsmnZnXPg0drNO18JqVyzTlAo7aph
62l5Hu2ZM2TXWCZRcHMTJnG+aPkubNL7vSEXSS0MwJClSI49uBAJZYPo0XqNeDDl
DPrASNS/78/Vn/+9Xd0iK8ClN8b2q1s4nlccLxfZoL4k/DQnQKvu444D60pE5Ikj
TF9zPn8J933v6avLQCrdHvquHcvr9cRdKma1JHC/8UDEFi7n82jsy7xuqw1/6J7a
eJk336JUJu80IfG1PU1sUuAcEyiYaGhnRaSOfe/Ffo/NKFVDrByBwHCwtwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFFc49G7Czxkx7Iq0Qjpt6tkmk54yMB8GA1UdIwQY
MBaAFPp+sRFRMPrJQJEGHjFGKlZSJohaMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1uNnhFVkV3LXNsQWtRWWVNVVlxVmxJbWlGby5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMvYzE1ZTk5LTI5NjUtNDc2Zi05YWVm
LThhMjczZjRhZDE1ZC8xL1Z6ajBic0xQR1RIc2lyUkNPbTNxMlNhVG5qSS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYmMvYzE1ZTk5LTI5NjUtNDc2Zi05YWVmLThhMjczZjRhZDE1
ZC8xLzEtbjZ4RVZFdy1zbEFrUVllTVVZcVZsSW1pRm8uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwTQYIKwYBBQUHAQcBAf8EPjA8MAwEAgABMAYDBAAtCicw
LAQCAAIwJjAQAwUAKhMLwQMHACoTC8IAADASAwcBKhMLwgACAwcAKhMLwgAGMA0G
CSqGSIb3DQEBCwUAA4IBAQBP4oecuT1fk+mBb7mF/qbgSO9Npn1Z290mIT8p6RyP
QdJNaOCCHOiXOttBwvX6f8MrtQjFNRlarTE4PkMFq0AOasyK9dDckb382ORd1GXz
sQMCWaOIThuL1DiGVcWV8tFy2LFnyB4S0ec7MAZCHLrcyhzibhnMoz9m760kea4t
M5KycmZBsIglVwjpg5QaCHObJ9jq4Ve/vni2EemlJnZa5vxO9FESmryX2k+JU5DL
SdZ9i6UNMi3Ax3DPCoWAkqAf9mhTye/VI+zi9jDPmoePfPgoTV6ikTLdXyP9OEAN
AGX/4upVojN6Dfx3qRA+XZ9Fnp7gKS2YcAeWSXZ39m0l
-----END CERTIFICATE-----
Generated at Thu Aug 22 17:02:49 2024 by rpki-client on console-fra.rpki-client.org