Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/4a999f-d1fa-4887-bae8-e23f10e4b91c/1/VEUCEeSDO5UuHl1bk9U8dn35tBY.roa
File: VEUCEeSDO5UuHl1bk9U8dn35tBY.roa (raw, json)
Hash identifier: OjJx4WNZDixYfvandvsqvaA6EaQReCEIhtg9VjeimdQ=
Subject key identifier: 54:45:02:11:E4:83:3B:95:2E:1E:5D:5B:93:D5:3C:76:7D:F9:B4:16
Certificate issuer: /CN=0f65bd21c683207da0c39fb3798535af49e0bff5
Certificate serial: 01856D0AD157D5150AA1D5C381ED54DE76A0
Authority key identifier: 0F:65:BD:21:C6:83:20:7D:A0:C3:9F:B3:79:85:35:AF:49:E0:BF:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D2W9IcaDIH2gw5-zeYU1r0ngv_U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/4a999f-d1fa-4887-bae8-e23f10e4b91c/1/VEUCEeSDO5UuHl1bk9U8dn35tBY.roa
Signing time: Sun 01 Jan 2023 11:15:03 +0000
ROA not before: Sun 01 Jan 2023 11:15:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41913
IP address blocks: 89.36.170.0/23 maxlen: 24
91.208.227.0/24 maxlen: 24
91.135.64.0/20 maxlen: 24
91.135.68.0/24 maxlen: 24
185.172.198.0/23 maxlen: 24
91.135.76.0/24 maxlen: 24
185.20.208.0/22 maxlen: 24
2a01:278::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:0a:d1:57:d5:15:0a:a1:d5:c3:81:ed:54:de:76:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f65bd21c683207da0c39fb3798535af49e0bff5
Validity
Not Before: Jan 1 11:15:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=54450211e4833b952e1e5d5b93d53c767df9b416
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:67:4b:b2:1a:1a:a5:24:77:bf:43:ec:6f:5f:
6c:62:2a:0e:35:d4:ac:e4:31:69:e2:ac:4a:0d:bc:
09:50:35:45:8a:2f:93:58:48:a9:3c:02:5a:81:7d:
dc:5f:1c:e3:8e:08:ee:13:63:42:1d:99:69:bd:69:
3f:c5:dd:e4:d7:6d:a8:45:9a:04:b2:05:15:7c:7c:
aa:8a:93:f4:a4:5e:01:65:93:61:2c:1f:92:e9:4e:
27:af:df:74:a8:5a:5e:61:50:5f:a0:d5:98:e6:33:
2a:46:da:ef:e3:8e:09:b5:46:2a:0f:21:38:e7:eb:
6f:90:96:64:53:d0:8a:ea:09:9f:6d:d8:22:67:6a:
df:9d:4e:a3:ff:fc:ae:fc:9d:6e:f3:67:c9:d3:1a:
67:40:c1:ff:60:94:ad:55:81:e3:43:ae:41:15:14:
77:0a:41:e8:9b:6b:5a:3b:29:5c:9c:42:46:9b:38:
0d:ce:0e:17:79:e0:0f:5c:2b:60:e9:ad:ef:61:11:
22:bc:a0:fe:51:05:ee:39:8c:b8:ff:6c:fb:ce:1b:
87:fd:5d:93:22:17:8a:8a:59:ce:9e:7b:79:5c:99:
3c:1b:48:5a:c6:73:85:dc:fb:dc:2b:e8:16:b9:73:
80:20:9f:36:3d:22:31:ab:11:f8:1b:68:6c:4d:cd:
ff:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:45:02:11:E4:83:3B:95:2E:1E:5D:5B:93:D5:3C:76:7D:F9:B4:16
X509v3 Authority Key Identifier:
keyid:0F:65:BD:21:C6:83:20:7D:A0:C3:9F:B3:79:85:35:AF:49:E0:BF:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D2W9IcaDIH2gw5-zeYU1r0ngv_U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/4a999f-d1fa-4887-bae8-e23f10e4b91c/1/VEUCEeSDO5UuHl1bk9U8dn35tBY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/4a999f-d1fa-4887-bae8-e23f10e4b91c/1/D2W9IcaDIH2gw5-zeYU1r0ngv_U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.36.170.0/23
91.135.64.0/20
91.208.227.0/24
185.20.208.0/22
185.172.198.0/23
IPv6:
2a01:278::/32
Signature Algorithm: sha256WithRSAEncryption
5d:d8:c1:44:b1:b8:44:fe:ef:a1:ae:40:cf:e1:25:59:e5:d4:
33:d0:98:7b:bc:52:f8:a2:9b:cd:df:97:36:6a:f6:c9:df:e2:
5c:a8:ee:cd:88:2a:1b:ba:f5:a7:8b:30:c8:cb:39:6a:0c:c7:
79:cf:31:26:85:5a:df:bc:d4:8b:a8:8b:63:2b:7c:70:b5:23:
b7:a0:34:a2:3f:40:ee:14:9d:de:39:de:7d:66:1e:8d:b9:dd:
3a:1d:05:6a:fe:2f:28:66:9d:bb:14:ab:ab:d0:2e:77:60:70:
cc:59:29:90:d9:ce:a0:16:89:23:2c:22:db:9b:64:3c:69:a3:
ef:4e:fc:69:01:19:d2:cd:c5:f7:93:72:eb:38:93:50:1d:4d:
f7:04:b4:07:b9:d3:a4:0f:bb:54:4a:2f:9a:b8:99:cb:f6:37:
b5:ac:1f:f5:77:8a:e7:78:e5:31:f3:7a:ae:2e:1e:07:12:b2:
e5:9f:40:67:12:df:c3:2d:58:a0:b1:8c:cd:ca:45:f6:58:6c:
4d:4f:eb:db:bc:38:3c:12:84:81:05:15:06:71:ed:30:79:9a:
7f:7f:4f:2e:1d:68:0f:33:ac:4a:e9:f2:d8:1d:68:88:b8:5e:
1e:a5:e5:a0:f2:81:03:74:aa:26:8d:f5:7c:ee:00:dd:d7:40:
02:06:48:86
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVtCtFX1RUKodXDge1U3nagMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmNjViZDIxYzY4MzIwN2RhMGMzOWZiMzc5ODUzNWFmNDll
MGJmZjUwHhcNMjMwMTAxMTExNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDQ1MDIxMWU0ODMzYjk1MmUxZTVkNWI5M2Q1M2M3NjdkZjliNDE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnmdLshoapSR3v0Psb19sYioONdSs
5DFp4qxKDbwJUDVFii+TWEipPAJagX3cXxzjjgjuE2NCHZlpvWk/xd3k122oRZoE
sgUVfHyqipP0pF4BZZNhLB+S6U4nr990qFpeYVBfoNWY5jMqRtrv444JtUYqDyE4
5+tvkJZkU9CK6gmfbdgiZ2rfnU6j//yu/J1u82fJ0xpnQMH/YJStVYHjQ65BFRR3
CkHom2taOylcnEJGmzgNzg4XeeAPXCtg6a3vYREivKD+UQXuOYy4/2z7zhuH/V2T
IheKilnOnnt5XJk8G0haxnOF3PvcK+gWuXOAIJ82PSIxqxH4G2hsTc3/2wIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFFRFAhHkgzuVLh5dW5PVPHZ9+bQWMB8GA1UdIwQY
MBaAFA9lvSHGgyB9oMOfs3mFNa9J4L/1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDJXOUljYURJSDJndzUtemVZVTFyMG5ndl9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS80YTk5OWYtZDFmYS00ODg3LWJhZTgt
ZTIzZjEwZTRiOTFjLzEvVkVVQ0VlU0RPNVV1SGwxYms5VThkbjM1dEJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS80YTk5OWYtZDFmYS00ODg3LWJhZTgtZTIzZjEwZTRiOTFj
LzEvRDJXOUljYURJSDJndzUtemVZVTFyMG5ndl9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQBWSSqAwQE
W4dAAwQAW9DjAwQCuRTQAwQBuazGMA0EAgACMAcDBQAqAQJ4MA0GCSqGSIb3DQEB
CwUAA4IBAQBd2MFEsbhE/u+hrkDP4SVZ5dQz0Jh7vFL4opvN35c2avbJ3+JcqO7N
iCobuvWnizDIyzlqDMd5zzEmhVrfvNSLqItjK3xwtSO3oDSiP0DuFJ3eOd59Zh6N
ud06HQVq/i8oZp27FKur0C53YHDMWSmQ2c6gFokjLCLbm2Q8aaPvTvxpARnSzcX3
k3LrOJNQHU33BLQHudOkD7tUSi+auJnL9je1rB/1d4rneOUx83quLh4HErLln0Bn
Et/DLVigsYzNykX2WGxNT+vbvDg8EoSBBRUGce0weZp/f08uHWgPM6xK6fLYHWiI
uF4epeWg8oEDdKomjfV87gDd10ACBkiG
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:28:15 2024 by rpki-client on console-fra.rpki-client.org