Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/b4ecb1-a0f5-4261-bcde-096c9c07ae18/1/VrGV6WXg8MSqjUIdrc1zEm1ZP-U.roa
File: VrGV6WXg8MSqjUIdrc1zEm1ZP-U.roa (raw, json)
Hash identifier: LyKirrjjJwlMk94+5i9kATbrG43MpFC8obPziMu6i5E=
Subject key identifier: 56:B1:95:E9:65:E0:F0:C4:AA:8D:42:1D:AD:CD:73:12:6D:59:3F:E5
Certificate issuer: /CN=5c6a5f52b002f6286c1d5eb257bb5e853342a284
Certificate serial: 01856ED4BE65262251FE24455C10067FC23C
Authority key identifier: 5C:6A:5F:52:B0:02:F6:28:6C:1D:5E:B2:57:BB:5E:85:33:42:A2:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XGpfUrAC9ihsHV6yV7tehTNCooQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/b4ecb1-a0f5-4261-bcde-096c9c07ae18/1/VrGV6WXg8MSqjUIdrc1zEm1ZP-U.roa
Signing time: Sun 01 Jan 2023 19:35:14 +0000
ROA not before: Sun 01 Jan 2023 19:35:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 33864
IP address blocks: 84.17.128.0/19 maxlen: 24
185.137.40.0/22 maxlen: 24
2a02:1760::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:30:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:be:65:26:22:51:fe:24:45:5c:10:06:7f:c2:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c6a5f52b002f6286c1d5eb257bb5e853342a284
Validity
Not Before: Jan 1 19:35:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=56b195e965e0f0c4aa8d421dadcd73126d593fe5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:4b:a1:2f:0f:36:6c:90:b3:ca:fe:88:a6:5c:
12:10:6a:97:db:95:33:a3:51:be:6a:db:86:8f:c2:
a5:b3:f4:05:db:f3:9c:34:3b:bc:0d:df:9c:3a:e2:
86:49:ef:ce:f5:82:58:ed:2c:6f:fd:d0:64:74:73:
6e:72:81:1a:de:cc:9d:8c:97:99:45:6b:43:95:fd:
04:7c:b2:b4:82:4a:d1:e4:bb:2d:6a:fd:31:7c:b9:
fc:16:8f:45:43:dd:71:b9:75:7d:55:27:1d:6e:ad:
72:90:c0:85:c8:3d:95:e5:d3:2c:b5:e2:f8:18:de:
d1:58:01:1c:63:e5:ee:99:d8:3e:58:2e:71:3c:b5:
f0:10:9d:0f:47:4a:fd:7d:da:0d:c2:34:ea:25:d1:
8b:0b:fc:d8:d1:f7:7d:80:a4:d8:1d:6c:93:b0:e5:
61:a2:9c:5b:c7:5b:ae:e6:eb:0b:a9:b0:7c:de:cf:
63:19:49:a6:b4:4f:eb:ca:24:8a:b1:14:f4:1f:48:
90:a9:01:91:47:ff:9d:73:ea:96:ae:f8:19:3a:14:
12:3d:fd:cc:2f:1b:c7:c4:8f:44:33:47:0a:c9:05:
23:30:9b:dc:87:53:5e:a3:b7:e6:60:7f:77:de:a6:
04:c4:22:5b:11:81:39:76:79:7a:af:e4:4f:62:09:
a2:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:B1:95:E9:65:E0:F0:C4:AA:8D:42:1D:AD:CD:73:12:6D:59:3F:E5
X509v3 Authority Key Identifier:
keyid:5C:6A:5F:52:B0:02:F6:28:6C:1D:5E:B2:57:BB:5E:85:33:42:A2:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XGpfUrAC9ihsHV6yV7tehTNCooQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/b4ecb1-a0f5-4261-bcde-096c9c07ae18/1/VrGV6WXg8MSqjUIdrc1zEm1ZP-U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/b4ecb1-a0f5-4261-bcde-096c9c07ae18/1/XGpfUrAC9ihsHV6yV7tehTNCooQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.17.128.0/19
185.137.40.0/22
IPv6:
2a02:1760::/32
Signature Algorithm: sha256WithRSAEncryption
11:1d:bb:a2:23:b2:fc:a7:19:f6:ba:93:e4:97:72:00:3a:e8:
ab:0f:b2:4e:b8:39:82:96:4c:eb:ad:5c:11:7c:03:5e:28:1a:
d5:0a:2c:9c:90:81:9a:cd:64:ce:7f:c0:cd:6e:a5:9a:b0:53:
2d:55:f9:1a:34:78:d1:3c:42:d6:d7:19:23:10:a2:3e:cc:fa:
32:ac:06:cd:ec:2a:e4:28:ae:20:50:1c:0d:19:b7:1a:e3:c7:
2f:ca:9b:cc:d8:3d:e8:77:8a:85:b8:a4:b4:eb:7e:62:de:63:
37:81:c5:d0:9d:25:a5:32:ad:45:39:5f:35:80:19:b1:34:31:
59:9d:0e:10:e7:dc:e3:be:ff:9e:25:17:3e:98:2d:d1:89:a8:
20:2c:5f:49:c2:b7:38:33:8e:eb:11:e2:f0:dd:57:86:59:8b:
62:f2:2d:eb:35:81:3b:fa:c9:fe:d3:2a:4f:92:89:ef:f2:d6:
40:9c:5a:39:ed:0d:2e:3e:0e:30:b5:17:e3:ab:18:e0:25:4f:
2d:a7:bf:d8:fc:f2:00:85:1b:ad:e7:af:bb:9b:46:2a:a3:78:
e1:25:0d:d6:55:9a:f5:d3:8e:ed:e0:db:0d:65:03:16:76:df:
57:0f:07:31:43:4b:d2:b3:3c:37:d0:ab:79:65:52:8d:20:79:
7d:ca:a2:04
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVu1L5lJiJR/iRFXBAGf8I8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNmE1ZjUyYjAwMmY2Mjg2YzFkNWViMjU3YmI1ZTg1MzM0
MmEyODQwHhcNMjMwMTAxMTkzNTE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmIxOTVlOTY1ZTBmMGM0YWE4ZDQyMWRhZGNkNzMxMjZkNTkzZmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi0uhLw82bJCzyv6IplwSEGqX25Uz
o1G+atuGj8Kls/QF2/OcNDu8Dd+cOuKGSe/O9YJY7Sxv/dBkdHNucoEa3sydjJeZ
RWtDlf0EfLK0gkrR5Lstav0xfLn8Fo9FQ91xuXV9VScdbq1ykMCFyD2V5dMsteL4
GN7RWAEcY+Xumdg+WC5xPLXwEJ0PR0r9fdoNwjTqJdGLC/zY0fd9gKTYHWyTsOVh
opxbx1uu5usLqbB83s9jGUmmtE/ryiSKsRT0H0iQqQGRR/+dc+qWrvgZOhQSPf3M
LxvHxI9EM0cKyQUjMJvch1Neo7fmYH933qYExCJbEYE5dnl6r+RPYgmiIwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFaxlell4PDEqo1CHa3NcxJtWT/lMB8GA1UdIwQY
MBaAFFxqX1KwAvYobB1esle7XoUzQqKEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEdwZlVyQUM5aWhzSFY2eVY3dGVoVE5Db29RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9iNGVjYjEtYTBmNS00MjYxLWJjZGUt
MDk2YzljMDdhZTE4LzEvVnJHVjZXWGc4TVNxalVJZHJjMXpFbTFaUC1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi9iNGVjYjEtYTBmNS00MjYxLWJjZGUtMDk2YzljMDdhZTE4
LzEvWEdwZlVyQUM5aWhzSFY2eVY3dGVoVE5Db29RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQFVBGAAwQC
uYkoMA0EAgACMAcDBQAqAhdgMA0GCSqGSIb3DQEBCwUAA4IBAQARHbuiI7L8pxn2
upPkl3IAOuirD7JOuDmClkzrrVwRfANeKBrVCiyckIGazWTOf8DNbqWasFMtVfka
NHjRPELW1xkjEKI+zPoyrAbN7CrkKK4gUBwNGbca48cvypvM2D3od4qFuKS0635i
3mM3gcXQnSWlMq1FOV81gBmxNDFZnQ4Q59zjvv+eJRc+mC3RiaggLF9Jwrc4M47r
EeLw3VeGWYti8i3rNYE7+sn+0ypPkonv8tZAnFo57Q0uPg4wtRfjqxjgJU8tp7/Y
/PIAhRut56+7m0Yqo3jhJQ3WVZr1047t4NsNZQMWdt9XDwcxQ0vSszw30Kt5ZVKN
IHl9yqIE
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:58 2024 by rpki-client on console-ams.rpki-client.org