Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/vrq3oJrPsPjD7A5BmTNvJvstbXg.roa
File: vrq3oJrPsPjD7A5BmTNvJvstbXg.roa (raw, json)
Hash identifier: tXhCWOfOxRLke6sic9g7IPt76UL4ECQkdDjoVWPgjeg=
Subject key identifier: BE:BA:B7:A0:9A:CF:B0:F8:C3:EC:0E:41:99:33:6F:26:FB:2D:6D:78
Certificate issuer: /CN=ef57c2d9d93ac7cf9b2f17caa7859b6985b39b9d
Certificate serial: 01856C0A4C782B15348E967BFC39EEB7B418
Authority key identifier: EF:57:C2:D9:D9:3A:C7:CF:9B:2F:17:CA:A7:85:9B:69:85:B3:9B:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/vrq3oJrPsPjD7A5BmTNvJvstbXg.roa
Signing time: Sun 01 Jan 2023 06:34:52 +0000
ROA not before: Sun 01 Jan 2023 06:34:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 92.51.39.0/24 maxlen: 24
92.51.20.0/24 maxlen: 24
92.51.22.0/24 maxlen: 24
92.51.23.0/24 maxlen: 24
92.51.21.0/24 maxlen: 24
92.51.38.0/24 maxlen: 24
92.51.36.0/24 maxlen: 24
92.51.37.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:0a:4c:78:2b:15:34:8e:96:7b:fc:39:ee:b7:b4:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef57c2d9d93ac7cf9b2f17caa7859b6985b39b9d
Validity
Not Before: Jan 1 06:34:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bebab7a09acfb0f8c3ec0e4199336f26fb2d6d78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:89:2c:c6:2e:cf:6c:90:7b:32:da:bd:c0:9f:
8d:0a:fd:30:6b:c5:9e:ed:53:cd:62:0d:52:22:74:
4a:8b:e3:d5:b3:77:f0:a7:23:8a:98:c6:77:77:7c:
aa:59:fe:ed:05:b0:33:ad:bc:58:cc:ed:ec:0e:34:
01:82:2b:d8:fe:4a:7f:05:41:f0:f3:bc:bc:be:b8:
b5:bb:1f:05:b6:a5:92:bb:d6:fc:ae:bc:ae:81:a0:
aa:d7:9f:da:ff:0f:3c:12:7b:b8:ee:14:8f:1f:04:
a4:e3:13:30:2b:0c:a0:91:43:0d:de:c3:46:62:fb:
ff:eb:5a:5b:89:42:7f:99:89:bf:5e:e7:a9:d6:e0:
c5:8b:de:1c:a2:38:63:6a:bf:9a:dc:ff:06:6a:e4:
68:e0:3a:3a:a4:3d:73:89:8e:12:82:c1:b1:95:89:
4b:de:5f:3c:0d:6d:16:46:d8:10:e4:35:33:70:4d:
f3:94:56:59:88:31:be:d2:f1:0a:e8:b4:b6:b0:dd:
e6:b6:bd:ce:91:be:0e:77:71:07:74:ca:a3:c2:d5:
92:f2:9d:dd:90:38:3d:e8:be:55:3d:08:88:a2:36:
c3:6e:8d:cf:42:e2:91:c6:36:70:08:85:40:64:35:
3f:ef:5f:00:ef:6e:2f:26:70:09:04:a8:60:5c:b5:
24:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:BA:B7:A0:9A:CF:B0:F8:C3:EC:0E:41:99:33:6F:26:FB:2D:6D:78
X509v3 Authority Key Identifier:
keyid:EF:57:C2:D9:D9:3A:C7:CF:9B:2F:17:CA:A7:85:9B:69:85:B3:9B:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/vrq3oJrPsPjD7A5BmTNvJvstbXg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/71fC2dk6x8-bLxfKp4WbaYWzm50.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.51.20.0/22
92.51.36.0/22
Signature Algorithm: sha256WithRSAEncryption
9f:ac:1a:c8:cb:65:61:4c:17:71:1c:9f:e7:b1:9f:38:e4:f7:
63:a8:00:9e:9a:91:46:75:b3:c0:24:ae:20:4e:6a:1a:10:dc:
2e:d4:59:29:61:a3:de:74:a3:59:f6:7e:6a:f2:54:d6:64:be:
45:db:e3:11:29:d6:35:86:b6:1a:5a:61:47:28:71:c9:bd:fc:
13:da:7c:2f:1e:96:d4:22:2b:8b:55:cd:5b:24:68:07:7c:20:
ae:c8:b4:ee:cf:a0:f2:90:a3:ef:92:85:9d:c9:42:20:59:9a:
42:09:53:b5:aa:df:fd:e4:97:0b:42:b5:e6:ab:3c:74:ec:54:
cc:f3:79:93:f1:ea:37:ed:c8:b6:be:2e:7e:9b:9f:2d:f7:11:
97:0c:6a:9e:86:43:86:84:c5:6d:38:89:4d:20:48:a8:da:aa:
c8:7b:84:3a:e5:0c:13:28:5d:4f:e1:02:80:e4:6e:d3:82:12:
03:7f:6b:48:ee:04:2d:94:91:71:82:4c:9a:3a:ea:65:db:61:
97:e4:e5:3b:0a:f6:23:81:6e:b8:ff:48:e2:88:af:4e:bc:2e:
3c:4a:c3:e2:b4:02:8e:ed:84:9b:b5:1a:27:ec:52:3b:3a:48:
e7:b0:27:5f:52:23:25:c6:de:c7:56:bf:9a:d3:70:ca:a2:5b:
ee:cc:86:52
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVsCkx4KxU0jpZ7/Dnut7QYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNTdjMmQ5ZDkzYWM3Y2Y5YjJmMTdjYWE3ODU5YjY5ODVi
MzliOWQwHhcNMjMwMTAxMDYzNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWJhYjdhMDlhY2ZiMGY4YzNlYzBlNDE5OTMzNmYyNmZiMmQ2ZDc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAloksxi7PbJB7Mtq9wJ+NCv0wa8We
7VPNYg1SInRKi+PVs3fwpyOKmMZ3d3yqWf7tBbAzrbxYzO3sDjQBgivY/kp/BUHw
87y8vri1ux8FtqWSu9b8rryugaCq15/a/w88Enu47hSPHwSk4xMwKwygkUMN3sNG
Yvv/61pbiUJ/mYm/Xuep1uDFi94cojhjar+a3P8GauRo4Do6pD1ziY4SgsGxlYlL
3l88DW0WRtgQ5DUzcE3zlFZZiDG+0vEK6LS2sN3mtr3Okb4Od3EHdMqjwtWS8p3d
kDg96L5VPQiIojbDbo3PQuKRxjZwCIVAZDU/718A724vJnAJBKhgXLUk7wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFL66t6Caz7D4w+wOQZkzbyb7LW14MB8GA1UdIwQY
MBaAFO9XwtnZOsfPmy8XyqeFm2mFs5udMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzFmQzJkazZ4OC1iTHhmS3A0V2JhWVd6bTUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8xZTA0YjgtMTAzMS00M2Y5LTk2Njct
OGU2Zjg3OGRiNWY0LzEvdnJxM29KclBzUGpEN0E1Qm1UTnZKdnN0YlhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8xZTA0YjgtMTAzMS00M2Y5LTk2NjctOGU2Zjg3OGRiNWY0
LzEvNzFmQzJkazZ4OC1iTHhmS3A0V2JhWVd6bTUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCXDMUAwQC
XDMkMA0GCSqGSIb3DQEBCwUAA4IBAQCfrBrIy2VhTBdxHJ/nsZ845PdjqACempFG
dbPAJK4gTmoaENwu1FkpYaPedKNZ9n5q8lTWZL5F2+MRKdY1hrYaWmFHKHHJvfwT
2nwvHpbUIiuLVc1bJGgHfCCuyLTuz6DykKPvkoWdyUIgWZpCCVO1qt/95JcLQrXm
qzx07FTM83mT8eo37ci2vi5+m58t9xGXDGqehkOGhMVtOIlNIEio2qrIe4Q65QwT
KF1P4QKA5G7TghIDf2tI7gQtlJFxgkyaOupl22GX5OU7CvYjgW64/0jiiK9OvC48
SsPitAKO7YSbtRon7FI7OkjnsCdfUiMlxt7HVr+a03DKolvuzIZS
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:14 2023 by rpki-client on console-fra.rpki-client.org