Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/VfREzcgEGDCOS9_llOktf8LSgB0.roa
File: VfREzcgEGDCOS9_llOktf8LSgB0.roa (raw, json)
Hash identifier: 39gPofqcawHD+5Ebf41LygDYxTfZG77gb0ZPfDojW4o=
Subject key identifier: 55:F4:44:CD:C8:04:18:30:8E:4B:DF:E5:94:E9:2D:7F:C2:D2:80:1D
Certificate issuer: /CN=b1af12f5ca75c922a4aa5dacb49c04a93237f4ed
Certificate serial: 018CC94CCA1E30C659519DC6DAE7BC24A9A5
Authority key identifier: B1:AF:12:F5:CA:75:C9:22:A4:AA:5D:AC:B4:9C:04:A9:32:37:F4:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sa8S9cp1ySKkql2stJwEqTI39O0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/VfREzcgEGDCOS9_llOktf8LSgB0.roa
Signing time: Tue 02 Jan 2024 08:31:41 +0000
ROA not before: Tue 02 Jan 2024 08:31:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210950
IP address blocks: 45.143.201.0/24 maxlen: 24
185.193.89.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 08 Apr 2024 09:58:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4c:ca:1e:30:c6:59:51:9d:c6:da:e7:bc:24:a9:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1af12f5ca75c922a4aa5dacb49c04a93237f4ed
Validity
Not Before: Jan 2 08:31:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=55f444cdc80418308e4bdfe594e92d7fc2d2801d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:36:77:b5:cd:3e:42:40:ff:c0:ed:9b:27:71:
4a:1e:11:e2:5d:5e:80:89:f7:6e:5e:6a:30:60:f4:
89:b2:09:74:b3:81:10:e1:aa:fa:ce:5e:62:74:23:
7b:ba:29:e5:89:67:05:58:27:69:7d:2a:07:f1:44:
0a:66:2d:3a:85:3f:83:4b:c1:8b:80:be:0d:0a:bf:
15:4f:5c:33:11:4e:9e:cc:46:80:d3:1a:9d:51:de:
ba:77:79:a9:f3:45:d3:b1:88:c8:12:36:59:3c:71:
66:12:d2:29:4d:14:19:79:0e:9d:15:90:f4:40:f3:
85:10:76:10:0d:72:ef:e4:82:d8:9f:47:cf:96:c0:
b3:59:ee:47:ae:d1:2f:6d:f0:47:e7:ea:0d:a5:3b:
b9:f5:12:19:b6:b2:3c:f6:a4:be:45:43:7d:20:55:
15:bb:f3:f6:25:6a:f5:16:0a:e9:c8:eb:b6:fa:d8:
1f:ff:d9:9a:e7:54:88:5e:61:57:3c:8a:0d:be:80:
b4:c5:58:df:3e:85:b0:90:95:62:f0:68:14:08:f4:
ee:29:76:75:ab:52:c7:27:fb:26:1c:af:f1:1c:0f:
88:ce:f0:c0:92:27:03:76:d4:38:75:4a:26:b3:0d:
ac:02:cd:5d:7a:cd:24:3c:fe:e4:72:b3:8f:8f:5c:
24:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:F4:44:CD:C8:04:18:30:8E:4B:DF:E5:94:E9:2D:7F:C2:D2:80:1D
X509v3 Authority Key Identifier:
keyid:B1:AF:12:F5:CA:75:C9:22:A4:AA:5D:AC:B4:9C:04:A9:32:37:F4:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sa8S9cp1ySKkql2stJwEqTI39O0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/VfREzcgEGDCOS9_llOktf8LSgB0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/sa8S9cp1ySKkql2stJwEqTI39O0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.201.0/24
185.193.89.0/24
Signature Algorithm: sha256WithRSAEncryption
31:5f:4b:7f:59:97:43:44:e0:95:27:7e:d3:5a:32:45:31:23:
e4:96:90:00:a7:8c:cc:0a:35:21:7a:dc:7e:64:04:ef:b1:35:
ae:34:ee:a4:d4:ca:49:b5:11:56:94:12:98:d2:45:cc:85:f3:
1c:f3:20:82:48:33:05:74:2d:04:20:ae:a5:b1:21:b4:73:2f:
a0:69:a5:08:e0:14:15:22:a1:e7:92:8d:29:70:89:90:b2:36:
30:ca:fb:4a:9a:67:de:be:65:e9:62:26:ce:95:7b:fb:f9:b3:
88:14:69:8c:42:6e:d0:b3:72:1e:1d:10:a1:8b:ac:5e:56:b2:
46:d6:a2:68:85:05:20:c2:1f:e5:65:5e:60:04:ed:b9:bd:fb:
3a:6a:7c:97:a0:fd:be:67:87:35:89:8f:67:96:78:6f:03:90:
b4:0b:3a:d5:d4:e7:b0:2e:26:72:18:1d:ee:fe:56:5e:40:6a:
32:d7:b4:27:34:b0:f1:33:9d:16:83:60:fe:1b:f2:45:9c:72:
42:6a:67:c3:61:2f:00:33:be:74:eb:99:2e:9f:4d:d5:d9:c2:
ca:ea:f9:fe:78:43:e7:af:63:e9:95:3f:c7:1c:c2:15:8b:fa:
c9:15:c2:a2:eb:bc:2e:c6:d0:e4:1e:66:19:6e:0b:4b:24:99:
90:c2:01:d1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJTMoeMMZZUZ3G2ue8JKmlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYWYxMmY1Y2E3NWM5MjJhNGFhNWRhY2I0OWMwNGE5MzIz
N2Y0ZWQwHhcNMjQwMTAyMDgzMTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWY0NDRjZGM4MDQxODMwOGU0YmRmZTU5NGU5MmQ3ZmMyZDI4MDFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjjZ3tc0+QkD/wO2bJ3FKHhHiXV6A
ifduXmowYPSJsgl0s4EQ4ar6zl5idCN7uinliWcFWCdpfSoH8UQKZi06hT+DS8GL
gL4NCr8VT1wzEU6ezEaA0xqdUd66d3mp80XTsYjIEjZZPHFmEtIpTRQZeQ6dFZD0
QPOFEHYQDXLv5ILYn0fPlsCzWe5HrtEvbfBH5+oNpTu59RIZtrI89qS+RUN9IFUV
u/P2JWr1FgrpyOu2+tgf/9ma51SIXmFXPIoNvoC0xVjfPoWwkJVi8GgUCPTuKXZ1
q1LHJ/smHK/xHA+IzvDAkicDdtQ4dUomsw2sAs1des0kPP7kcrOPj1wkkQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFX0RM3IBBgwjkvf5ZTpLX/C0oAdMB8GA1UdIwQY
MBaAFLGvEvXKdckipKpdrLScBKkyN/TtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2E4UzljcDF5U0trcWwyc3RKd0VxVEkzOU8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9jYmNmNjgtN2NiZi00N2YwLTgyZWUt
NTc2MGVmYmNjNjU0LzEvVmZSRXpjZ0VHRENPUzlfbGxPa3RmOExTZ0IwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9jYmNmNjgtN2NiZi00N2YwLTgyZWUtNTc2MGVmYmNjNjU0
LzEvc2E4UzljcDF5U0trcWwyc3RKd0VxVEkzOU8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALY/JAwQA
ucFZMA0GCSqGSIb3DQEBCwUAA4IBAQAxX0t/WZdDROCVJ37TWjJFMSPklpAAp4zM
CjUhetx+ZATvsTWuNO6k1MpJtRFWlBKY0kXMhfMc8yCCSDMFdC0EIK6lsSG0cy+g
aaUI4BQVIqHnko0pcImQsjYwyvtKmmfevmXpYibOlXv7+bOIFGmMQm7Qs3IeHRCh
i6xeVrJG1qJohQUgwh/lZV5gBO25vfs6anyXoP2+Z4c1iY9nlnhvA5C0CzrV1Oew
LiZyGB3u/lZeQGoy17QnNLDxM50Wg2D+G/JFnHJCamfDYS8AM75065kun03V2cLK
6vn+eEPnr2PplT/HHMIVi/rJFcKi67wuxtDkHmYZbgtLJJmQwgHR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:58 2024 by rpki-client on console-fra.rpki-client.org