Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/vVOevyYI6_1sJjxTJpanYWZA1v8.roa
File: vVOevyYI6_1sJjxTJpanYWZA1v8.roa (raw, json)
Hash identifier: kSWz36o96g0OIFmZYkzxNb5Wo6VNlAwIjRQNe4G3brg=
Subject key identifier: BD:53:9E:BF:26:08:EB:FD:6C:26:3C:53:26:96:A7:61:66:40:D6:FF
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 0187A59CAEC45C547EA589F018F12F232978
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/vVOevyYI6_1sJjxTJpanYWZA1v8.roa
Signing time: Fri 21 Apr 2023 20:58:41 +0000
ROA not before: Fri 21 Apr 2023 20:58:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200462
IP address blocks: 94.247.43.0/24 maxlen: 32
5.180.192.0/23 maxlen: 24
2.58.52.0/23 maxlen: 32
45.86.124.0/22 maxlen: 24
2a09:e1c0::/32 maxlen: 128
2a07:6fc0:10::/44 maxlen: 48
2a0e:de80::/29 maxlen: 48
2a00:f826:8::/48 maxlen: 48
2a0c:8900::/29 maxlen: 128
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:a5:9c:ae:c4:5c:54:7e:a5:89:f0:18:f1:2f:23:29:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Apr 21 20:58:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bd539ebf2608ebfd6c263c532696a7616640d6ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:83:a1:87:fb:b3:23:ba:59:20:91:06:fa:6e:
b0:16:8f:ef:32:89:5f:4d:a8:f2:f7:cb:e5:15:5e:
c9:f2:c9:34:d5:03:1d:9f:6a:21:ea:dd:f9:e0:df:
ee:c5:7c:66:4e:c0:83:24:97:ab:bc:ce:0d:a7:39:
93:65:9a:ab:90:fe:c1:a3:e2:c0:8e:ba:10:a9:e4:
b9:55:ac:16:34:68:67:f9:c9:75:9c:26:56:49:21:
f4:58:a5:b0:0b:91:e9:2f:ba:01:db:62:20:40:bb:
2e:b9:3d:e4:aa:98:bf:52:12:a3:a4:fc:c9:a7:68:
bf:4c:64:77:0c:18:f1:0e:ad:6e:b0:32:93:be:a2:
bb:86:22:ab:52:12:c6:6d:4e:f2:64:72:8d:44:58:
5a:32:e8:2f:d9:7d:4a:2d:83:f2:80:3d:e9:ae:37:
d1:de:5f:f3:ac:4e:45:a1:9c:3e:e8:35:5b:a4:0f:
6d:e2:95:c9:6d:51:5e:66:dc:2b:98:a7:e1:2d:df:
78:e4:42:1e:bb:33:94:4a:5d:6c:01:57:2b:31:01:
e9:cb:a6:c4:66:ac:34:74:54:4b:4b:af:2b:96:4c:
6b:b6:88:49:4a:c1:d1:22:4e:e2:d6:56:59:fe:4b:
16:77:35:77:a4:85:38:1b:ba:63:1d:cc:ea:14:1f:
14:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:53:9E:BF:26:08:EB:FD:6C:26:3C:53:26:96:A7:61:66:40:D6:FF
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/vVOevyYI6_1sJjxTJpanYWZA1v8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.52.0/23
5.180.192.0/23
45.86.124.0/22
94.247.43.0/24
IPv6:
2a00:f826:8::/48
2a07:6fc0:10::/44
2a09:e1c0::/32
2a0c:8900::/29
2a0e:de80::/29
Signature Algorithm: sha256WithRSAEncryption
78:47:50:fb:9f:1a:f5:ed:81:d6:d9:9e:cf:f3:8e:78:38:c9:
95:35:02:66:83:d0:59:9d:12:12:6e:a2:58:21:3b:20:a0:e9:
6d:75:5a:57:30:b1:be:54:62:a9:66:28:48:83:c1:94:38:6b:
40:8f:8b:76:72:8f:8e:54:9e:5a:67:ff:fb:1f:28:17:25:3b:
86:65:c3:74:c5:26:2e:fc:34:c0:ed:ee:57:12:55:cf:14:5d:
01:bb:0c:c7:40:3d:8b:b2:ce:aa:11:19:c9:8c:6e:4e:53:ae:
1a:f7:6c:6a:48:3c:6a:15:8e:5a:d5:fe:6a:5f:6b:ee:12:89:
f2:41:25:5e:61:03:f3:02:a2:60:cd:a3:1f:f8:da:f9:20:58:
af:f2:70:d9:d5:67:e5:ed:be:a4:6f:b7:99:5e:9d:4c:7d:cc:
2b:02:28:36:dc:3e:8d:9e:94:c2:5b:b5:de:54:32:48:28:08:
68:27:ab:c7:bc:86:47:60:3d:4c:d7:e1:23:c6:d2:a5:6e:cb:
01:2c:81:d1:40:f8:6f:b3:ba:5f:38:bb:55:58:ab:17:8a:0b:
4a:df:8f:21:af:7c:67:87:07:e6:33:67:95:9f:e6:25:ed:8c:
60:dd:59:08:20:f1:af:21:ef:9c:11:18:a5:96:52:76:bc:3f:
9e:21:69:07
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAYelnK7EXFR+pYnwGPEvIyl4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjMwNDIxMjA1ODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDUzOWViZjI2MDhlYmZkNmMyNjNjNTMyNjk2YTc2MTY2NDBkNmZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgoOhh/uzI7pZIJEG+m6wFo/vMolf
Tajy98vlFV7J8sk01QMdn2oh6t354N/uxXxmTsCDJJervM4NpzmTZZqrkP7Bo+LA
jroQqeS5VawWNGhn+cl1nCZWSSH0WKWwC5HpL7oB22IgQLsuuT3kqpi/UhKjpPzJ
p2i/TGR3DBjxDq1usDKTvqK7hiKrUhLGbU7yZHKNRFhaMugv2X1KLYPygD3prjfR
3l/zrE5FoZw+6DVbpA9t4pXJbVFeZtwrmKfhLd945EIeuzOUSl1sAVcrMQHpy6bE
Zqw0dFRLS68rlkxrtohJSsHRIk7i1lZZ/ksWdzV3pIU4G7pjHczqFB8UGwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFL1Tnr8mCOv9bCY8UyaWp2FmQNb/MB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEvdlZPZXZ5WUk2XzFzSmp4VEpwYW5ZV1pBMXY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzAeBAIAATAYAwQBAjo0AwQB
BbTAAwQCLVZ8AwQAXvcrMC0EAgACMCcDBwAqAPgmAAgDBwQqB2/AABADBQAqCeHA
AwUDKgyJAAMFAyoO3oAwDQYJKoZIhvcNAQELBQADggEBAHhHUPufGvXtgdbZns/z
jng4yZU1AmaD0FmdEhJuolghOyCg6W11Wlcwsb5UYqlmKEiDwZQ4a0CPi3Zyj45U
nlpn//sfKBclO4Zlw3TFJi78NMDt7lcSVc8UXQG7DMdAPYuyzqoRGcmMbk5Trhr3
bGpIPGoVjlrV/mpfa+4SifJBJV5hA/MComDNox/42vkgWK/ycNnVZ+XtvqRvt5le
nUx9zCsCKDbcPo2elMJbtd5UMkgoCGgnq8e8hkdgPUzX4SPG0qVuywEsgdFA+G+z
ul84u1VYqxeKC0rfjyGvfGeHB+YzZ5Wf5iXtjGDdWQgg8a8h75wRGKWWUna8P54h
aQc=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:17 2023 by rpki-client on console-fra.rpki-client.org