Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/vDQsHKwoAxOL6xp43QtkAEKhKA8.roa
File: vDQsHKwoAxOL6xp43QtkAEKhKA8.roa (raw, json)
Hash identifier: MnnkQV8FO2tuCk83Ddr9JqWxR2YkbmnIuihmI8iNCa0=
Subject key identifier: BC:34:2C:1C:AC:28:03:13:8B:EB:1A:78:DD:0B:64:00:42:A1:28:0F
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 018A84FA8045D721DF1200E0D7F350EDB3AF
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/vDQsHKwoAxOL6xp43QtkAEKhKA8.roa
Signing time: Mon 11 Sep 2023 16:02:03 +0000
ROA not before: Mon 11 Sep 2023 16:02:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197077
IP address blocks: 45.13.200.0/23 maxlen: 23
45.13.202.0/23 maxlen: 23
217.198.192.0/20 maxlen: 24
91.220.70.0/24 maxlen: 24
2a04:a450::/31 maxlen: 31
Validation: Failed, certificate revoked on Mon 18 Sep 2023 06:25:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:84:fa:80:45:d7:21:df:12:00:e0:d7:f3:50:ed:b3:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Sep 11 16:02:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bc342c1cac2803138beb1a78dd0b640042a1280f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:55:7c:66:47:1f:16:4d:10:b8:64:0c:22:6f:
5b:b8:d0:cf:00:40:eb:dd:7b:5d:17:ad:e8:49:3b:
f8:7c:3d:1f:89:31:31:2f:1b:4f:6e:d6:34:46:3f:
4f:2d:58:4d:e4:9b:62:ce:a3:ef:e7:79:84:d1:29:
2a:b0:b6:ec:21:52:0c:74:1b:27:4c:68:1a:dc:01:
6c:f8:99:5f:f5:d8:ec:28:e9:66:6e:da:02:32:6d:
d7:14:36:b6:f8:2f:30:33:12:ec:32:3a:f0:d7:ed:
11:47:56:c4:5e:4d:2f:37:07:62:f2:09:a4:4d:84:
86:98:04:03:da:6b:22:7d:57:22:b4:7f:52:56:40:
ab:cf:f8:04:eb:a0:16:71:00:a2:75:83:3c:16:87:
a5:88:55:68:74:78:9e:f1:64:05:ee:33:cf:ed:d6:
15:a9:f4:7f:64:5d:16:23:7b:3d:9e:3b:87:68:21:
b1:3c:09:d3:c4:10:f3:e4:ae:bb:fe:dd:af:7d:85:
19:26:3e:c6:e1:f6:ec:1a:70:fb:38:4d:07:3d:05:
db:d0:c6:90:c0:30:1a:43:ed:89:97:46:f1:a7:ec:
19:ba:d9:75:e7:1d:3f:22:a1:2f:be:dd:ae:43:f8:
34:f9:6e:10:14:ea:ea:0c:c6:ab:71:8e:64:76:6a:
58:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:34:2C:1C:AC:28:03:13:8B:EB:1A:78:DD:0B:64:00:42:A1:28:0F
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/vDQsHKwoAxOL6xp43QtkAEKhKA8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.200.0/22
91.220.70.0/24
217.198.192.0/20
IPv6:
2a04:a450::/31
Signature Algorithm: sha256WithRSAEncryption
6e:07:b8:cf:aa:c6:fc:6a:82:3d:30:80:ab:e7:a9:c6:a9:7a:
03:e9:b7:b5:f3:a6:eb:e1:4e:48:c9:5a:1d:4a:11:d3:6d:89:
ce:04:0d:55:10:f0:e4:f5:b6:53:47:70:f3:28:89:d7:9f:6b:
f2:6c:03:5a:bd:06:84:79:fe:fb:25:af:b5:cd:2a:db:48:76:
ee:df:03:9b:23:4c:3a:09:64:25:ce:86:49:aa:e8:b8:e7:e8:
1f:bb:e1:f9:ea:6f:03:5d:f3:d8:5d:13:dd:3d:a3:41:37:f0:
bb:5e:0c:88:ec:c4:f1:9d:9a:3e:b0:2f:a0:57:f6:83:fd:5e:
7a:ba:b5:b1:73:21:95:0c:39:ca:2c:30:56:eb:50:77:8a:2e:
4f:de:75:fd:4c:23:a0:e5:cf:f1:1f:1a:bc:bf:01:79:8e:c1:
c5:d4:cd:4d:14:d9:8e:26:f4:3b:02:38:d3:99:cb:ce:41:e3:
83:3d:c2:b1:dd:67:ef:55:e3:71:6b:a8:92:d0:50:65:82:44:
b4:6a:56:8d:56:15:72:18:1c:2d:f5:2f:f4:1c:78:13:0f:e0:
72:db:d5:12:d2:44:18:d2:d3:eb:40:82:5c:92:ae:40:bd:a3:
cb:b8:2c:6a:2a:00:3f:8e:d6:d7:a8:61:25:f8:40:46:20:f5:
87:e8:89:98
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYqE+oBF1yHfEgDg1/NQ7bOvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjMwOTExMTYwMjAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzM0MmMxY2FjMjgwMzEzOGJlYjFhNzhkZDBiNjQwMDQyYTEyODBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlVV8ZkcfFk0QuGQMIm9buNDPAEDr
3XtdF63oSTv4fD0fiTExLxtPbtY0Rj9PLVhN5JtizqPv53mE0SkqsLbsIVIMdBsn
TGga3AFs+Jlf9djsKOlmbtoCMm3XFDa2+C8wMxLsMjrw1+0RR1bEXk0vNwdi8gmk
TYSGmAQD2msifVcitH9SVkCrz/gE66AWcQCidYM8FoeliFVodHie8WQF7jPP7dYV
qfR/ZF0WI3s9njuHaCGxPAnTxBDz5K67/t2vfYUZJj7G4fbsGnD7OE0HPQXb0MaQ
wDAaQ+2Jl0bxp+wZutl15x0/IqEvvt2uQ/g0+W4QFOrqDMarcY5kdmpYFQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFLw0LBysKAMTi+saeN0LZABCoSgPMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvdkRRc0hLd29BeE9MNnhwNDNRdGtBRUtoS0E4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCLQ3IAwQA
W9xGAwQE2cbAMA0EAgACMAcDBQEqBKRQMA0GCSqGSIb3DQEBCwUAA4IBAQBuB7jP
qsb8aoI9MICr56nGqXoD6be186br4U5IyVodShHTbYnOBA1VEPDk9bZTR3DzKInX
n2vybANavQaEef77Ja+1zSrbSHbu3wObI0w6CWQlzoZJqui45+gfu+H56m8DXfPY
XRPdPaNBN/C7XgyI7MTxnZo+sC+gV/aD/V56urWxcyGVDDnKLDBW61B3ii5P3nX9
TCOg5c/xHxq8vwF5jsHF1M1NFNmOJvQ7AjjTmcvOQeODPcKx3WfvVeNxa6iS0FBl
gkS0alaNVhVyGBwt9S/0HHgTD+By29US0kQY0tPrQIJckq5AvaPLuCxqKgA/jtbX
qGEl+EBGIPWH6ImY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:37 2024 by rpki-client on console-fra.rpki-client.org