Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/VfAJOu_2zuswJz2WU4HtHNjWGlM.roa
File: VfAJOu_2zuswJz2WU4HtHNjWGlM.roa (raw, json)
Hash identifier: WNKBAUluhqcxjThEdk/v24c5PWBm3iewClzFVP7mfbA=
Subject key identifier: 55:F0:09:3A:EF:F6:CE:EB:30:27:3D:96:53:81:ED:1C:D8:D6:1A:53
Certificate issuer: /CN=691242c33bc2e2e9e45850a0fc64ab2c7506a4b8
Certificate serial: 018CC9BCC01C512BFC6A4B652C5606DBF0E2
Authority key identifier: 69:12:42:C3:3B:C2:E2:E9:E4:58:50:A0:FC:64:AB:2C:75:06:A4:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aRJCwzvC4unkWFCg_GSrLHUGpLg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/VfAJOu_2zuswJz2WU4HtHNjWGlM.roa
Signing time: Tue 02 Jan 2024 10:33:59 +0000
ROA not before: Tue 02 Jan 2024 10:33:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201525
IP address blocks: 5.149.252.0/23 maxlen: 23
79.141.172.0/24 maxlen: 24
79.141.166.0/23 maxlen: 23
2a01:8640:3::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 24 Jun 2024 17:33:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:c0:1c:51:2b:fc:6a:4b:65:2c:56:06:db:f0:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=691242c33bc2e2e9e45850a0fc64ab2c7506a4b8
Validity
Not Before: Jan 2 10:33:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=55f0093aeff6ceeb30273d965381ed1cd8d61a53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:f2:73:a0:8e:07:64:2c:fd:0a:01:6a:13:b1:
cb:86:ab:18:37:73:db:0e:ba:c1:b7:90:60:66:eb:
d8:57:10:6c:23:dd:00:a1:1a:8e:b6:15:bf:f1:ba:
b9:ba:fe:d9:78:a2:05:12:0e:7d:d7:4b:9d:70:4e:
b8:d1:44:d8:c7:07:61:59:66:36:04:8d:03:59:d9:
09:d6:b5:56:a1:72:75:a0:8c:42:97:0b:14:70:d3:
61:48:d5:0e:3a:01:de:31:fc:59:5c:f3:97:45:69:
ae:a3:45:b1:94:84:7c:63:96:e6:98:df:cf:23:61:
aa:2a:49:e6:49:94:1f:4c:d0:8d:0d:d8:0f:54:05:
98:a9:6f:03:42:39:26:5a:cc:b6:50:68:3a:fa:94:
ce:c1:8d:99:a1:3e:96:13:2d:55:f9:b3:00:e9:89:
21:e4:1a:d5:bb:32:30:a8:d7:6e:1a:8c:fa:20:21:
67:9d:d2:5c:5c:c4:bf:71:31:52:85:27:d9:2b:bc:
cd:df:b6:ea:20:80:f1:4d:18:12:44:d7:47:d1:c4:
d4:ed:01:16:c8:3b:5d:bd:d4:b6:7a:91:58:a6:a1:
77:32:1c:c8:a6:f5:a7:09:6a:0d:bf:70:38:5e:95:
4b:6c:e6:dc:28:6a:c8:fa:3d:e4:f4:33:73:8f:85:
bb:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:F0:09:3A:EF:F6:CE:EB:30:27:3D:96:53:81:ED:1C:D8:D6:1A:53
X509v3 Authority Key Identifier:
keyid:69:12:42:C3:3B:C2:E2:E9:E4:58:50:A0:FC:64:AB:2C:75:06:A4:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aRJCwzvC4unkWFCg_GSrLHUGpLg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/VfAJOu_2zuswJz2WU4HtHNjWGlM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/aRJCwzvC4unkWFCg_GSrLHUGpLg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.252.0/23
79.141.166.0/23
79.141.172.0/24
IPv6:
2a01:8640:3::/48
Signature Algorithm: sha256WithRSAEncryption
49:1f:3c:23:96:1c:e3:ee:55:7b:5d:a2:61:31:dd:99:71:e3:
06:ea:90:a0:81:b3:9a:cf:0c:31:4e:c1:63:42:ad:ea:bd:a4:
cd:c8:b8:b8:51:08:98:5d:0a:e1:bf:41:60:7e:e6:11:d4:fc:
02:18:75:cf:ed:34:f5:70:3d:f4:fe:49:3e:48:9e:6f:32:4e:
8c:83:da:19:a4:82:b0:46:ef:a6:d1:57:6e:4d:2a:17:59:d9:
47:81:e8:8e:6c:e0:6d:c9:19:64:c1:23:e8:36:d3:57:72:18:
e7:b9:a3:69:c6:c4:8f:fe:c7:83:17:dd:e3:43:7b:18:6d:4b:
83:c2:0c:b3:88:f8:ee:dc:b0:5a:85:e4:d9:dc:64:2e:4d:ad:
9a:92:e9:bc:41:22:e1:89:c3:74:eb:52:9f:bc:f7:99:bc:26:
67:bc:ab:77:81:08:bf:aa:e9:a2:ae:65:d9:94:2e:8e:ff:f2:
57:81:7b:71:4c:c8:a7:34:fc:38:ca:0b:e7:0d:54:3c:90:ea:
a3:ea:de:80:ec:4f:50:0b:c6:bb:99:db:d6:4b:06:17:a2:ee:
6d:c9:d1:55:56:dd:3f:5d:b5:d6:82:e2:2c:fe:da:7a:2b:05:
98:fc:fc:de:18:cd:67:4a:4c:56:68:dd:5f:4b:eb:a7:f3:79:
7d:0d:a8:ae
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzJvMAcUSv8aktlLFYG2/DiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5MTI0MmMzM2JjMmUyZTllNDU4NTBhMGZjNjRhYjJjNzUw
NmE0YjgwHhcNMjQwMTAyMTAzMzU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWYwMDkzYWVmZjZjZWViMzAyNzNkOTY1MzgxZWQxY2Q4ZDYxYTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqvJzoI4HZCz9CgFqE7HLhqsYN3Pb
DrrBt5BgZuvYVxBsI90AoRqOthW/8bq5uv7ZeKIFEg5910udcE640UTYxwdhWWY2
BI0DWdkJ1rVWoXJ1oIxClwsUcNNhSNUOOgHeMfxZXPOXRWmuo0WxlIR8Y5bmmN/P
I2GqKknmSZQfTNCNDdgPVAWYqW8DQjkmWsy2UGg6+pTOwY2ZoT6WEy1V+bMA6Ykh
5BrVuzIwqNduGoz6ICFnndJcXMS/cTFShSfZK7zN37bqIIDxTRgSRNdH0cTU7QEW
yDtdvdS2epFYpqF3MhzIpvWnCWoNv3A4XpVLbObcKGrI+j3k9DNzj4W7VwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFFXwCTrv9s7rMCc9llOB7RzY1hpTMB8GA1UdIwQY
MBaAFGkSQsM7wuLp5FhQoPxkqyx1BqS4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVJKQ3d6dkM0dW5rV0ZDZ19HU3JMSFVHcExnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy82MzU2YjktYzQ5Zi00YjRkLThlMjkt
MzYyZmZlOGVlMjcwLzEvVmZBSk91XzJ6dXN3SnoyV1U0SHRITmpXR2xNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy82MzU2YjktYzQ5Zi00YjRkLThlMjktMzYyZmZlOGVlMjcw
LzEvYVJKQ3d6dkM0dW5rV0ZDZ19HU3JMSFVHcExnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQBBZX8AwQB
T42mAwQAT42sMA8EAgACMAkDBwAqAYZAAAMwDQYJKoZIhvcNAQELBQADggEBAEkf
PCOWHOPuVXtdomEx3Zlx4wbqkKCBs5rPDDFOwWNCreq9pM3IuLhRCJhdCuG/QWB+
5hHU/AIYdc/tNPVwPfT+ST5Inm8yToyD2hmkgrBG76bRV25NKhdZ2UeB6I5s4G3J
GWTBI+g201dyGOe5o2nGxI/+x4MX3eNDexhtS4PCDLOI+O7csFqF5NncZC5NrZqS
6bxBIuGJw3TrUp+895m8Jme8q3eBCL+q6aKuZdmULo7/8leBe3FMyKc0/DjKC+cN
VDyQ6qPq3oDsT1ALxruZ29ZLBhei7m3J0VVW3T9dtdaC4iz+2norBZj8/N4YzWdK
TFZo3V9L66fzeX0NqK4=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:34:31 2025 by rpki-client