Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/VBZutdL5_6fwguH2CFOOJRbY9OI.roa
File: VBZutdL5_6fwguH2CFOOJRbY9OI.roa (raw, json)
Hash identifier: tdYdB1w/s3BC1Fc7Ji3N4uivuQQdfCjAkwt4eZelLmI=
Subject key identifier: 54:16:6E:B5:D2:F9:FF:A7:F0:82:E1:F6:08:53:8E:25:16:D8:F4:E2
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 018CC8DFB3687D83DBF676C5883D7618D2B3
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/VBZutdL5_6fwguH2CFOOJRbY9OI.roa
Signing time: Tue 02 Jan 2024 06:32:32 +0000
ROA not before: Tue 02 Jan 2024 06:32:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213220
IP address blocks: 45.8.209.0/24 maxlen: 24
213.108.196.0/24 maxlen: 24
2a0b:da00::/29 maxlen: 29
2a0c:aa40::/29 maxlen: 29
2a0d:2dc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 09 Feb 2024 12:59:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:b3:68:7d:83:db:f6:76:c5:88:3d:76:18:d2:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jan 2 06:32:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=54166eb5d2f9ffa7f082e1f608538e2516d8f4e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:0f:33:48:8c:75:cf:7a:85:f5:2b:6c:87:fc:
15:3a:d5:e1:02:fc:10:75:dc:6e:c9:0a:30:7f:46:
d2:0f:71:7e:09:7d:83:eb:6f:07:05:af:e6:97:76:
76:d9:6b:74:27:26:e5:77:1b:5d:5c:ea:e2:ce:0a:
e6:47:52:11:9b:d4:1a:06:eb:4f:47:eb:c7:92:86:
b9:ab:df:67:54:7f:1b:5f:2f:24:b0:10:e5:07:64:
67:75:4a:df:4c:73:7f:28:45:c8:16:2e:c9:80:6e:
2e:17:f5:6e:b5:4b:ab:6f:0a:d2:e3:08:60:98:91:
2d:25:27:d0:5c:3f:63:13:2c:8a:cc:ec:04:50:4e:
60:eb:93:46:33:7d:51:7e:6d:f7:be:ac:6d:62:95:
bb:ec:eb:e1:98:e0:b8:ab:66:53:68:95:52:d8:9f:
1a:83:12:a0:d8:d5:47:72:4a:9d:52:19:7e:54:35:
88:d9:55:df:ed:ac:6a:52:3f:73:54:6c:ec:0d:11:
3b:64:37:b2:53:53:f6:1a:de:b3:6d:84:e2:b0:cd:
78:5c:f0:5b:e2:15:fb:c8:2b:1a:92:ea:19:09:8e:
ac:36:3f:ac:b8:61:dd:5c:55:0d:35:1b:02:07:f6:
b0:1b:6b:4a:ee:ea:6c:04:7a:d4:b1:d5:59:17:48:
d1:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:16:6E:B5:D2:F9:FF:A7:F0:82:E1:F6:08:53:8E:25:16:D8:F4:E2
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/VBZutdL5_6fwguH2CFOOJRbY9OI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.209.0/24
213.108.196.0/24
IPv6:
2a0b:da00::/29
2a0c:aa40::/29
2a0d:2dc0::/29
Signature Algorithm: sha256WithRSAEncryption
7a:ad:c4:1d:6c:27:2b:de:c5:6d:24:08:b6:15:0b:8a:ae:62:
e2:56:b4:47:bb:9b:ff:56:ed:ec:70:53:91:77:00:78:7b:75:
3e:c1:4d:dc:52:0a:87:f6:6f:d2:d9:ec:e3:1d:3d:a8:34:b6:
8f:6a:6f:80:0f:39:db:79:44:83:1b:29:9d:ca:c2:0b:c0:be:
ca:c2:f3:ee:d1:57:36:86:ba:95:14:8f:e3:5b:cd:eb:a9:8d:
29:b4:20:d5:58:92:05:06:f5:42:0e:61:5a:fa:0f:f5:59:b4:
8b:36:ed:de:d2:bf:0d:75:75:49:16:ce:64:07:bc:18:c8:be:
be:87:b7:4e:4a:37:af:5d:4f:43:ea:b7:3e:99:4e:af:aa:d9:
30:02:f2:dd:16:29:49:73:a6:13:ca:c8:7e:89:ae:a3:1f:a9:
1c:cc:e2:cd:20:14:5d:86:83:bc:36:1d:5a:d3:c7:44:c4:59:
5f:31:a7:f0:a0:5e:43:2c:c8:07:30:ad:ea:78:13:54:bc:14:
90:0c:ef:c1:6a:93:9e:6e:b0:69:de:c7:1c:b5:f1:15:84:95:
38:80:f6:54:61:02:c1:a5:49:d6:85:41:2b:f7:f0:5b:e1:86:
cf:bf:a3:57:0d:f7:35:f2:f0:71:e4:7a:0b:8e:73:84:fb:aa:
79:ce:77:51
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYzI37NofYPb9nbFiD12GNKzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjQwMTAyMDYzMjMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDE2NmViNWQyZjlmZmE3ZjA4MmUxZjYwODUzOGUyNTE2ZDhmNGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkg8zSIx1z3qF9Stsh/wVOtXhAvwQ
ddxuyQowf0bSD3F+CX2D628HBa/ml3Z22Wt0JybldxtdXOrizgrmR1IRm9QaButP
R+vHkoa5q99nVH8bXy8ksBDlB2RndUrfTHN/KEXIFi7JgG4uF/VutUurbwrS4whg
mJEtJSfQXD9jEyyKzOwEUE5g65NGM31Rfm33vqxtYpW77OvhmOC4q2ZTaJVS2J8a
gxKg2NVHckqdUhl+VDWI2VXf7axqUj9zVGzsDRE7ZDeyU1P2Gt6zbYTisM14XPBb
4hX7yCsakuoZCY6sNj+suGHdXFUNNRsCB/awG2tK7upsBHrUsdVZF0jRhQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFFQWbrXS+f+n8ILh9ghTjiUW2PTiMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvVkJadXRkTDVfNmZ3Z3VIMkNGT09KUmJZOU9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTASBAIAATAMAwQALQjRAwQA
1WzEMBsEAgACMBUDBQMqC9oAAwUDKgyqQAMFAyoNLcAwDQYJKoZIhvcNAQELBQAD
ggEBAHqtxB1sJyvexW0kCLYVC4quYuJWtEe7m/9W7exwU5F3AHh7dT7BTdxSCof2
b9LZ7OMdPag0to9qb4APOdt5RIMbKZ3KwgvAvsrC8+7RVzaGupUUj+NbzeupjSm0
INVYkgUG9UIOYVr6D/VZtIs27d7Svw11dUkWzmQHvBjIvr6Ht05KN69dT0Pqtz6Z
Tq+q2TAC8t0WKUlzphPKyH6JrqMfqRzM4s0gFF2Gg7w2HVrTx0TEWV8xp/CgXkMs
yAcwrep4E1S8FJAM78Fqk55usGnexxy18RWElTiA9lRhAsGlSdaFQSv38Fvhhs+/
o1cN9zXy8HHkeguOc4T7qnnOd1E=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:08 2024 by rpki-client on console-fra.rpki-client.org