Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/vrDv-nst4KEY8pkf0fXoBMJq-3c.roa
File: vrDv-nst4KEY8pkf0fXoBMJq-3c.roa (raw, json)
Hash identifier: 8kHmYk9glR7AUz/tiOv5mI+JAW4/GHhCI6gY/71FzKs=
Subject key identifier: BE:B0:EF:FA:7B:2D:E0:A1:18:F2:99:1F:D1:F5:E8:04:C2:6A:FB:77
Certificate issuer: /CN=dc4e453affe895b6452b84027437c5c00fd37067
Certificate serial: 018894F6A4BF31617476737D6CE90E658618
Authority key identifier: DC:4E:45:3A:FF:E8:95:B6:45:2B:84:02:74:37:C5:C0:0F:D3:70:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3E5FOv_olbZFK4QCdDfFwA_TcGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/vrDv-nst4KEY8pkf0fXoBMJq-3c.roa
Signing time: Wed 07 Jun 2023 08:26:11 +0000
ROA not before: Wed 07 Jun 2023 08:26:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7155
IP address blocks: 92.51.216.0/22 maxlen: 24
92.51.220.0/22 maxlen: 24
37.46.18.0/24 maxlen: 24
37.46.18.0/23 maxlen: 23
37.46.19.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:32:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:94:f6:a4:bf:31:61:74:76:73:7d:6c:e9:0e:65:86:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc4e453affe895b6452b84027437c5c00fd37067
Validity
Not Before: Jun 7 08:26:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=beb0effa7b2de0a118f2991fd1f5e804c26afb77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:ae:e9:43:fb:4c:17:b3:4f:08:79:b1:15:a8:
38:6d:4c:19:65:49:f8:02:28:aa:d5:ec:75:0f:d4:
b0:e1:25:11:f0:d1:2a:40:01:4d:59:79:0e:0c:18:
96:e5:12:07:bc:82:00:25:1f:34:c0:bc:41:90:3c:
8d:d6:0a:8c:23:00:52:e9:82:95:68:53:3f:38:2e:
6a:ba:cb:cc:06:2a:a0:86:30:50:e6:7f:c8:c4:6f:
d0:6b:47:cf:12:e7:81:76:20:e1:36:93:27:80:9e:
e6:be:c6:f1:ca:fe:1f:36:83:8c:35:16:c7:ce:04:
f0:aa:76:fd:2f:93:48:e0:51:5b:c6:f3:13:20:a1:
0e:5e:3f:8b:b5:6f:a5:41:43:28:07:d5:50:97:df:
15:f1:91:da:12:6d:8f:ab:73:8b:05:9b:c8:5c:da:
0d:64:f8:0f:1e:41:44:1b:8a:30:41:d2:63:8c:13:
d4:b5:fc:2c:ca:3d:dd:66:20:32:18:a0:95:6b:04:
e3:86:66:cf:fd:45:7e:55:b1:d3:6b:db:d6:73:be:
a3:48:4a:de:69:34:ef:6d:de:26:5d:c9:10:5d:53:
15:67:da:a2:49:bd:bb:a7:88:9a:d2:61:a9:43:c8:
f0:c0:f5:6d:f6:6a:a9:1c:b9:a4:c4:13:22:8f:ec:
ac:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:B0:EF:FA:7B:2D:E0:A1:18:F2:99:1F:D1:F5:E8:04:C2:6A:FB:77
X509v3 Authority Key Identifier:
keyid:DC:4E:45:3A:FF:E8:95:B6:45:2B:84:02:74:37:C5:C0:0F:D3:70:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3E5FOv_olbZFK4QCdDfFwA_TcGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/vrDv-nst4KEY8pkf0fXoBMJq-3c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/3E5FOv_olbZFK4QCdDfFwA_TcGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.46.18.0/23
92.51.216.0/21
Signature Algorithm: sha256WithRSAEncryption
24:9e:54:d9:91:71:9a:c3:fe:51:78:44:84:ed:de:1e:e5:c9:
77:27:fc:1e:30:c4:2a:fa:45:1a:c1:f9:ff:e2:4f:86:02:7e:
77:e4:3d:4b:2b:60:24:99:4c:35:b6:c1:c5:39:b0:a0:30:87:
d1:98:5c:89:97:6a:9b:0e:f4:d6:1a:95:06:34:72:84:53:e3:
b5:c0:62:23:0b:d9:bd:d9:97:d5:f3:ee:23:b4:5b:21:9e:46:
fd:81:33:6c:92:37:f5:12:d6:7f:93:bc:8c:79:de:0c:e9:65:
2e:1b:f0:4a:ee:5b:32:14:e1:b5:94:26:55:15:48:54:75:07:
e0:16:e7:10:80:9f:6b:99:97:96:11:ea:39:00:5c:25:2c:42:
8c:c6:a4:79:47:40:71:b1:ea:84:58:64:69:ac:c7:23:a4:ab:
fe:0d:24:a7:72:f1:2a:d2:de:02:1b:bb:8c:12:2f:ca:10:c9:
87:6b:cb:02:41:0e:0f:68:91:0a:b5:ad:5c:00:3b:08:36:19:
f7:2f:8d:85:b8:16:be:41:ef:87:bd:8d:f8:aa:58:22:8f:94:
d7:96:c9:d5:de:2d:25:68:f9:95:f0:e0:c4:ad:98:60:15:80:
99:f2:04:03:0b:67:e0:99:61:a9:93:2d:6c:cc:f8:37:24:af:
0d:65:91:7d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYiU9qS/MWF0dnN9bOkOZYYYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNGU0NTNhZmZlODk1YjY0NTJiODQwMjc0MzdjNWMwMGZk
MzcwNjcwHhcNMjMwNjA3MDgyNjExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWIwZWZmYTdiMmRlMGExMThmMjk5MWZkMWY1ZTgwNGMyNmFmYjc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAka7pQ/tMF7NPCHmxFag4bUwZZUn4
Aiiq1ex1D9Sw4SUR8NEqQAFNWXkODBiW5RIHvIIAJR80wLxBkDyN1gqMIwBS6YKV
aFM/OC5qusvMBiqghjBQ5n/IxG/Qa0fPEueBdiDhNpMngJ7mvsbxyv4fNoOMNRbH
zgTwqnb9L5NI4FFbxvMTIKEOXj+LtW+lQUMoB9VQl98V8ZHaEm2Pq3OLBZvIXNoN
ZPgPHkFEG4owQdJjjBPUtfwsyj3dZiAyGKCVawTjhmbP/UV+VbHTa9vWc76jSEre
aTTvbd4mXckQXVMVZ9qiSb27p4ia0mGpQ8jwwPVt9mqpHLmkxBMij+ys4wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFL6w7/p7LeChGPKZH9H16ATCavt3MB8GA1UdIwQY
MBaAFNxORTr/6JW2RSuEAnQ3xcAP03BnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0U1Rk92X29sYlpGSzRRQ2REZkZ3QV9UY0djLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS81OGU2NTUtZTcxMy00NWQyLTk1OGEt
MTgyMjg2N2UxNTk2LzEvdnJEdi1uc3Q0S0VZOHBrZjBmWG9CTUpxLTNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS81OGU2NTUtZTcxMy00NWQyLTk1OGEtMTgyMjg2N2UxNTk2
LzEvM0U1Rk92X29sYlpGSzRRQ2REZkZ3QV9UY0djLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBJS4SAwQD
XDPYMA0GCSqGSIb3DQEBCwUAA4IBAQAknlTZkXGaw/5ReESE7d4e5cl3J/weMMQq
+kUawfn/4k+GAn535D1LK2AkmUw1tsHFObCgMIfRmFyJl2qbDvTWGpUGNHKEU+O1
wGIjC9m92ZfV8+4jtFshnkb9gTNskjf1EtZ/k7yMed4M6WUuG/BK7lsyFOG1lCZV
FUhUdQfgFucQgJ9rmZeWEeo5AFwlLEKMxqR5R0BxseqEWGRprMcjpKv+DSSncvEq
0t4CG7uMEi/KEMmHa8sCQQ4PaJEKta1cADsINhn3L42FuBa+Qe+HvY34qlgij5TX
lsnV3i0laPmV8ODErZhgFYCZ8gQDC2fgmWGpky1szPg3JK8NZZF9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:46 2024 by rpki-client on console-fra.rpki-client.org