Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/VK5XQyRDaUmaUwnVDYFdA3dGalI.roa
File: VK5XQyRDaUmaUwnVDYFdA3dGalI.roa (raw, json)
Hash identifier: C2PC4279gsJOdTjqCIZxxL8jySSNVXAP81Cqi5yRi+4=
Subject key identifier: 54:AE:57:43:24:43:69:49:9A:53:09:D5:0D:81:5D:03:77:46:6A:52
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 0189F39C83DF54301F0EBA10AF4D7EA9B301
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/VK5XQyRDaUmaUwnVDYFdA3dGalI.roa
Signing time: Mon 14 Aug 2023 10:34:28 +0000
ROA not before: Mon 14 Aug 2023 10:34:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200462
IP address blocks: 94.247.43.0/24 maxlen: 32
5.180.192.0/23 maxlen: 24
2.58.52.0/23 maxlen: 32
45.86.124.0/22 maxlen: 24
2a09:e1c0::/32 maxlen: 128
2a07:6fc0:10::/44 maxlen: 48
2a0e:de80::/29 maxlen: 48
2a00:f826:8::/48 maxlen: 48
2a0c:8900::/29 maxlen: 128
Validation: Failed, certificate revoked on Tue 31 Oct 2023 12:20:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f3:9c:83:df:54:30:1f:0e:ba:10:af:4d:7e:a9:b3:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Aug 14 10:34:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=54ae5743244369499a5309d50d815d0377466a52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:7a:47:4b:6f:a7:84:68:80:de:97:60:82:64:
56:8c:31:2f:6b:f0:32:45:5f:2f:6b:f0:9f:36:08:
63:64:87:d8:b0:5c:78:eb:c0:c4:45:a1:0c:94:10:
29:32:ee:3d:3e:2d:04:c9:b0:bc:ee:0a:89:2f:19:
82:75:81:6e:8b:ba:f5:df:4d:39:9e:5f:3c:7c:34:
e9:0c:d3:21:3e:5f:db:36:a4:08:08:b4:f5:78:9c:
c0:08:ce:63:b5:c0:16:ad:05:65:48:08:f8:64:6a:
0d:11:8e:17:7b:ae:c9:3b:02:08:f9:27:34:73:04:
f3:a4:72:28:b4:4a:c9:35:fd:a5:6b:f5:42:94:d2:
a4:3f:ab:86:64:8a:79:a2:b7:6d:b3:45:20:51:cf:
b7:85:bc:3a:57:11:f6:a6:ec:1a:dc:67:9c:14:93:
d7:49:d0:af:b3:e9:29:95:62:cd:8b:d8:31:ed:39:
86:d1:a7:04:11:fb:f5:95:14:17:26:ba:2d:34:91:
da:0d:29:15:2b:15:0d:74:4b:8e:a7:68:75:96:91:
7a:3c:fa:45:3b:26:80:33:23:37:36:9a:9e:ed:02:
ea:10:3e:99:ef:47:21:51:c1:10:53:ac:5a:82:28:
5c:9a:6d:d6:0c:6e:fd:dc:83:47:34:fc:8b:80:67:
af:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:AE:57:43:24:43:69:49:9A:53:09:D5:0D:81:5D:03:77:46:6A:52
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/VK5XQyRDaUmaUwnVDYFdA3dGalI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.52.0/23
5.180.192.0/23
45.86.124.0/22
94.247.43.0/24
IPv6:
2a00:f826:8::/48
2a07:6fc0:10::/44
2a09:e1c0::/32
2a0c:8900::/29
2a0e:de80::/29
Signature Algorithm: sha256WithRSAEncryption
4f:a4:49:2b:0e:e6:90:70:11:4c:5a:2a:a8:70:1e:02:d2:f1:
92:67:00:13:2d:ac:2a:99:3d:20:74:2a:ff:c7:09:f5:43:58:
26:77:c7:cf:c9:63:93:8a:c6:37:93:38:c5:e8:9d:db:55:f0:
46:f8:04:61:e1:30:4e:3a:cf:46:45:94:25:32:62:0f:1c:37:
6d:3a:08:a7:79:8a:99:77:40:67:b8:2b:46:d1:f4:65:a2:75:
cb:f8:f4:ce:38:49:88:18:43:60:76:a6:8d:27:dd:10:29:9b:
5c:b6:8a:62:66:c1:1a:5e:cd:4e:dd:2d:0d:a1:6c:1a:db:3e:
04:3f:57:8a:b5:e3:05:92:7a:ef:e9:e4:56:70:04:f0:81:5a:
16:9c:6c:58:74:15:92:04:5c:b3:8c:11:86:4a:d2:44:a7:90:
56:9f:b0:28:a6:89:80:62:2b:38:c4:6c:7b:b6:52:65:6b:7c:
ab:f7:f9:27:af:e8:33:03:be:23:e4:da:8a:48:5b:43:60:56:
58:7d:22:e4:19:28:aa:68:87:5e:66:a5:53:8f:a7:94:6c:6a:
ce:c1:4f:8e:59:b3:f7:91:81:19:3b:6a:b4:2b:ae:82:a5:fb:
bb:cb:84:23:cc:41:f3:74:61:c7:1b:ac:64:c2:ce:d0:16:77:
c7:17:7a:2b
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAYnznIPfVDAfDroQr01+qbMBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjMwODE0MTAzNDI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NGFlNTc0MzI0NDM2OTQ5OWE1MzA5ZDUwZDgxNWQwMzc3NDY2YTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiHpHS2+nhGiA3pdggmRWjDEva/Ay
RV8va/CfNghjZIfYsFx468DERaEMlBApMu49Pi0EybC87gqJLxmCdYFui7r13005
nl88fDTpDNMhPl/bNqQICLT1eJzACM5jtcAWrQVlSAj4ZGoNEY4Xe67JOwII+Sc0
cwTzpHIotErJNf2la/VClNKkP6uGZIp5ordts0UgUc+3hbw6VxH2puwa3GecFJPX
SdCvs+kplWLNi9gx7TmG0acEEfv1lRQXJrotNJHaDSkVKxUNdEuOp2h1lpF6PPpF
OyaAMyM3Npqe7QLqED6Z70chUcEQU6xagihcmm3WDG793INHNPyLgGevRwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFFSuV0MkQ2lJmlMJ1Q2BXQN3RmpSMB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEvVks1WFF5UkRhVW1hVXduVkRZRmRBM2RHYWxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzAeBAIAATAYAwQBAjo0AwQB
BbTAAwQCLVZ8AwQAXvcrMC0EAgACMCcDBwAqAPgmAAgDBwQqB2/AABADBQAqCeHA
AwUDKgyJAAMFAyoO3oAwDQYJKoZIhvcNAQELBQADggEBAE+kSSsO5pBwEUxaKqhw
HgLS8ZJnABMtrCqZPSB0Kv/HCfVDWCZ3x8/JY5OKxjeTOMXondtV8Eb4BGHhME46
z0ZFlCUyYg8cN206CKd5ipl3QGe4K0bR9GWidcv49M44SYgYQ2B2po0n3RApm1y2
imJmwRpezU7dLQ2hbBrbPgQ/V4q14wWSeu/p5FZwBPCBWhacbFh0FZIEXLOMEYZK
0kSnkFafsCimiYBiKzjEbHu2UmVrfKv3+Sev6DMDviPk2opIW0NgVlh9IuQZKKpo
h15mpVOPp5Rsas7BT45Zs/eRgRk7arQrroKl+7vLhCPMQfN0YccbrGTCztAWd8cX
eis=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:45 2024 by rpki-client on console-fra.rpki-client.org