Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/405b5f-8d26-4ee3-b87f-a3a13e3a7d80/1/VBrLh8gFvz5R_Mpnq4CnTC4JR8M.roa
File: VBrLh8gFvz5R_Mpnq4CnTC4JR8M.roa (raw, json)
Hash identifier: w4IegqRXHtDRZLoPVo7xwz3rfExpgoqceLsQKyDG0gw=
Subject key identifier: 54:1A:CB:87:C8:05:BF:3E:51:FC:CA:67:AB:80:A7:4C:2E:09:47:C3
Certificate issuer: /CN=ad9681f144db1430ac315c8306e1c14730c5fec2
Certificate serial: 01856F54AC85881F9FF209BBB1C600981557
Authority key identifier: AD:96:81:F1:44:DB:14:30:AC:31:5C:83:06:E1:C1:47:30:C5:FE:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rZaB8UTbFDCsMVyDBuHBRzDF_sI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/405b5f-8d26-4ee3-b87f-a3a13e3a7d80/1/VBrLh8gFvz5R_Mpnq4CnTC4JR8M.roa
Signing time: Sun 01 Jan 2023 21:54:58 +0000
ROA not before: Sun 01 Jan 2023 21:54:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50733
IP address blocks: 89.221.83.0/24 maxlen: 24
89.221.82.0/24 maxlen: 24
89.221.82.0/23 maxlen: 23
89.221.81.0/24 maxlen: 24
89.221.80.0/24 maxlen: 24
89.221.80.0/22 maxlen: 22
89.221.80.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:31:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:54:ac:85:88:1f:9f:f2:09:bb:b1:c6:00:98:15:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad9681f144db1430ac315c8306e1c14730c5fec2
Validity
Not Before: Jan 1 21:54:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=541acb87c805bf3e51fcca67ab80a74c2e0947c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:26:a9:61:65:96:e5:05:68:b2:fb:99:1b:2b:
07:59:dc:e1:d7:a8:08:5d:b7:09:66:36:bd:eb:bf:
21:78:be:c0:6f:03:a6:19:41:6a:30:57:22:4b:18:
f2:16:ca:f0:23:c7:a8:15:7c:48:7a:a3:ea:30:99:
26:29:3e:61:99:fc:0d:49:27:e7:47:f2:a6:68:08:
da:73:22:93:92:85:6b:8c:14:ca:5e:6d:85:dd:1b:
63:3b:13:90:68:91:4c:38:ec:80:db:29:4d:9c:ad:
31:f6:7f:e7:18:fe:eb:42:d8:00:a6:ee:88:56:d6:
86:63:73:dc:52:79:bd:63:af:2e:ce:7a:be:77:f0:
76:dc:21:02:fe:ae:37:30:bf:5f:58:b2:f2:1b:c1:
c3:d9:5a:09:aa:38:91:6e:70:7d:24:1b:6d:3d:87:
57:78:78:ac:2c:f0:14:0c:f9:b2:78:b3:95:63:ae:
68:df:7c:52:03:37:1d:38:93:e4:dd:6a:ea:a2:7f:
33:0c:dd:75:9a:f9:dc:48:25:4e:0c:1d:66:6e:b6:
19:d4:ea:49:40:8c:19:a2:1a:46:ac:c5:3c:08:79:
f8:16:04:62:5b:70:59:a6:99:1e:72:a0:56:c7:61:
39:d4:a6:85:90:c3:8f:88:37:dd:08:a5:cf:a9:bb:
a3:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:1A:CB:87:C8:05:BF:3E:51:FC:CA:67:AB:80:A7:4C:2E:09:47:C3
X509v3 Authority Key Identifier:
keyid:AD:96:81:F1:44:DB:14:30:AC:31:5C:83:06:E1:C1:47:30:C5:FE:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rZaB8UTbFDCsMVyDBuHBRzDF_sI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/405b5f-8d26-4ee3-b87f-a3a13e3a7d80/1/VBrLh8gFvz5R_Mpnq4CnTC4JR8M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/405b5f-8d26-4ee3-b87f-a3a13e3a7d80/1/rZaB8UTbFDCsMVyDBuHBRzDF_sI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.221.80.0/22
Signature Algorithm: sha256WithRSAEncryption
66:7c:44:6b:e7:0f:ff:e4:0c:61:7d:4b:dc:57:ee:78:f7:28:
ab:00:db:19:4a:4d:e1:58:bd:db:3b:9b:d4:69:41:42:28:cc:
6a:1b:92:9a:b8:cf:fa:21:d5:27:8c:34:a0:67:32:93:fe:8e:
b5:4b:01:44:c7:7e:ef:60:69:cd:9f:5a:ec:b2:eb:4e:a3:1f:
46:92:39:98:d4:4f:19:f2:aa:aa:82:2d:ed:d4:68:cc:40:22:
2e:cf:de:8e:e4:f3:69:0a:7b:ad:58:0d:f3:b2:b8:58:37:0e:
98:85:91:0a:0b:2e:dc:4d:11:f0:05:67:d4:60:93:6a:60:ba:
c5:03:7b:70:fe:71:be:13:a5:3c:5f:d6:e3:8b:6e:51:c6:99:
cb:42:cd:06:cd:8a:5d:f6:1d:5b:7f:07:00:92:c0:c6:2a:3d:
e4:f2:00:cd:44:49:7c:af:ac:0b:af:65:3f:d8:a7:b6:dc:19:
86:d4:47:4f:01:96:eb:29:b6:c5:5e:33:b8:0f:e5:dd:80:d3:
e7:06:b0:ae:22:5a:a1:03:c8:94:80:ec:97:f1:72:60:d3:d0:
1c:ab:5c:cf:d2:37:1e:27:1e:5f:78:2b:8a:a8:ae:47:3a:91:
ee:3a:5b:e6:8f:43:90:98:db:a4:6e:d7:bb:5d:1a:81:8b:b6:
df:d5:df:40
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvVKyFiB+f8gm7scYAmBVXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkOTY4MWYxNDRkYjE0MzBhYzMxNWM4MzA2ZTFjMTQ3MzBj
NWZlYzIwHhcNMjMwMTAxMjE1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDFhY2I4N2M4MDViZjNlNTFmY2NhNjdhYjgwYTc0YzJlMDk0N2MzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzSapYWWW5QVosvuZGysHWdzh16gI
XbcJZja9678heL7AbwOmGUFqMFciSxjyFsrwI8eoFXxIeqPqMJkmKT5hmfwNSSfn
R/KmaAjacyKTkoVrjBTKXm2F3RtjOxOQaJFMOOyA2ylNnK0x9n/nGP7rQtgApu6I
VtaGY3PcUnm9Y68uznq+d/B23CEC/q43ML9fWLLyG8HD2VoJqjiRbnB9JBttPYdX
eHisLPAUDPmyeLOVY65o33xSAzcdOJPk3Wrqon8zDN11mvncSCVODB1mbrYZ1OpJ
QIwZohpGrMU8CHn4FgRiW3BZppkecqBWx2E51KaFkMOPiDfdCKXPqbuj1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFQay4fIBb8+UfzKZ6uAp0wuCUfDMB8GA1UdIwQY
MBaAFK2WgfFE2xQwrDFcgwbhwUcwxf7CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclphQjhVVGJGRENzTVZ5REJ1SEJSekRGX3NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy80MDViNWYtOGQyNi00ZWUzLWI4N2Yt
YTNhMTNlM2E3ZDgwLzEvVkJyTGg4Z0Z2ejVSX01wbnE0Q25UQzRKUjhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy80MDViNWYtOGQyNi00ZWUzLWI4N2YtYTNhMTNlM2E3ZDgw
LzEvclphQjhVVGJGRENzTVZ5REJ1SEJSekRGX3NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWd1QMA0G
CSqGSIb3DQEBCwUAA4IBAQBmfERr5w//5AxhfUvcV+549yirANsZSk3hWL3bO5vU
aUFCKMxqG5KauM/6IdUnjDSgZzKT/o61SwFEx37vYGnNn1rssutOox9GkjmY1E8Z
8qqqgi3t1GjMQCIuz96O5PNpCnutWA3zsrhYNw6YhZEKCy7cTRHwBWfUYJNqYLrF
A3tw/nG+E6U8X9bji25RxpnLQs0GzYpd9h1bfwcAksDGKj3k8gDNREl8r6wLr2U/
2Ke23BmG1EdPAZbrKbbFXjO4D+XdgNPnBrCuIlqhA8iUgOyX8XJg09Acq1zP0jce
Jx5feCuKqK5HOpHuOlvmj0OQmNukbte7XRqBi7bf1d9A
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:35 2024 by rpki-client on console-ams.rpki-client.org