Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/3453b2-9773-455e-8b08-d92dae861a7d/1/vp4q8oITd--N3sNd6tNyXJrEqCo.roa
File: vp4q8oITd--N3sNd6tNyXJrEqCo.roa (raw, json)
Hash identifier: q4WOZ0l5wE9NCXaPgjK4ak5IVirSxvdB420/dcf8Oec=
Subject key identifier: BE:9E:2A:F2:82:13:77:EF:8D:DE:C3:5D:EA:D3:72:5C:9A:C4:A8:2A
Certificate issuer: /CN=622f517b08182c6eda1b3f988ee01816ee264dc0
Certificate serial: 0185701EEA41B4D2F7B86AAFADCC55CEA6A6
Authority key identifier: 62:2F:51:7B:08:18:2C:6E:DA:1B:3F:98:8E:E0:18:16:EE:26:4D:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yi9RewgYLG7aGz-YjuAYFu4mTcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/3453b2-9773-455e-8b08-d92dae861a7d/1/vp4q8oITd--N3sNd6tNyXJrEqCo.roa
Signing time: Mon 02 Jan 2023 01:35:52 +0000
ROA not before: Mon 02 Jan 2023 01:35:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59775
IP address blocks: 78.108.220.0/24 maxlen: 26
78.108.221.0/24 maxlen: 26
185.56.112.0/22 maxlen: 26
2a02:5260::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:31:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:1e:ea:41:b4:d2:f7:b8:6a:af:ad:cc:55:ce:a6:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=622f517b08182c6eda1b3f988ee01816ee264dc0
Validity
Not Before: Jan 2 01:35:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=be9e2af2821377ef8ddec35dead3725c9ac4a82a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:55:7f:d1:32:84:ee:15:a7:27:bb:e6:9d:3b:
ef:be:de:c2:8d:52:80:db:83:0d:7c:ce:03:b6:85:
23:7a:b4:56:d8:45:c8:7d:e5:93:df:a4:5f:71:81:
68:f8:b9:23:a4:7e:f6:dc:5f:11:e0:fe:ee:0c:83:
3a:4c:48:ba:8e:ad:26:9b:ff:66:c6:47:5e:b6:cb:
6d:60:30:37:a7:f4:ff:76:99:a3:97:0a:a3:42:6c:
6e:90:49:9c:81:45:b6:e5:6d:78:89:97:ad:37:dd:
1e:27:d9:05:25:52:3f:2e:1a:26:22:60:18:f6:34:
91:2a:45:78:24:e0:b6:87:ef:3a:30:fe:05:a9:c5:
a7:4f:68:b3:47:8e:bd:7a:7a:d7:00:b4:b2:0d:98:
2e:ba:b7:b5:3b:99:93:1e:97:93:3c:ed:79:5e:96:
a5:56:d6:41:6b:0a:d7:5e:cc:74:51:ca:8c:c7:12:
f1:c5:1a:86:43:8c:86:69:2e:bc:4d:1a:3c:d9:09:
98:b8:23:f7:a6:22:e0:46:f0:de:25:51:c5:cb:68:
f2:66:0e:09:20:78:ee:67:ab:b2:5d:3e:94:7f:36:
3c:fe:b6:1d:c6:3c:c9:8e:8a:ea:22:8d:a2:15:1e:
8e:d8:87:27:37:15:51:8a:21:96:bc:5d:b5:10:7e:
d9:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:9E:2A:F2:82:13:77:EF:8D:DE:C3:5D:EA:D3:72:5C:9A:C4:A8:2A
X509v3 Authority Key Identifier:
keyid:62:2F:51:7B:08:18:2C:6E:DA:1B:3F:98:8E:E0:18:16:EE:26:4D:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yi9RewgYLG7aGz-YjuAYFu4mTcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/3453b2-9773-455e-8b08-d92dae861a7d/1/vp4q8oITd--N3sNd6tNyXJrEqCo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/3453b2-9773-455e-8b08-d92dae861a7d/1/Yi9RewgYLG7aGz-YjuAYFu4mTcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.108.220.0/23
185.56.112.0/22
IPv6:
2a02:5260::/29
Signature Algorithm: sha256WithRSAEncryption
41:c7:8d:95:40:b9:61:f9:4f:07:85:0a:26:27:22:01:a9:49:
54:b1:a7:23:72:f4:d9:93:7d:ed:c0:85:98:20:d8:69:cd:b4:
34:4d:38:3f:1f:90:cf:1e:6e:59:f0:c9:2d:1b:60:41:c1:75:
88:1c:58:bc:a8:fa:05:e0:d2:07:c5:7c:6c:76:65:3e:d8:26:
29:aa:45:73:dc:2d:5c:0a:29:13:f3:be:6d:ad:a7:04:af:7f:
32:a6:e6:3d:56:8f:5f:aa:34:90:8e:61:a7:46:2c:2b:19:24:
52:c0:a9:68:80:ea:c1:c2:7e:f4:07:56:ee:fa:c1:ad:98:50:
f3:c2:70:b2:f0:2b:a5:b7:83:30:a8:44:1a:f5:74:c9:d5:6f:
a1:eb:f5:d4:c5:8a:87:ae:8c:db:3c:48:c3:e8:9d:48:eb:d7:
80:1e:a3:5b:33:4a:8b:43:44:74:bc:48:da:c1:27:0e:da:d2:
5c:79:70:59:e5:4c:d4:b6:0e:f7:0f:95:80:f3:ce:85:ac:f7:
3f:01:31:db:d2:57:58:b5:c3:78:53:86:81:2c:85:5d:26:ac:
42:7b:c1:58:f4:f5:1a:22:fa:1c:06:43:ba:1c:86:74:b0:a6:
ef:a2:26:e7:26:13:67:83:34:45:34:1e:9b:1a:c5:50:69:1f:
ad:38:2c:2f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVwHupBtNL3uGqvrcxVzqamMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMmY1MTdiMDgxODJjNmVkYTFiM2Y5ODhlZTAxODE2ZWUy
NjRkYzAwHhcNMjMwMTAyMDEzNTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTllMmFmMjgyMTM3N2VmOGRkZWMzNWRlYWQzNzI1YzlhYzRhODJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmlV/0TKE7hWnJ7vmnTvvvt7CjVKA
24MNfM4DtoUjerRW2EXIfeWT36RfcYFo+LkjpH723F8R4P7uDIM6TEi6jq0mm/9m
xkdetsttYDA3p/T/dpmjlwqjQmxukEmcgUW25W14iZetN90eJ9kFJVI/LhomImAY
9jSRKkV4JOC2h+86MP4FqcWnT2izR469enrXALSyDZguure1O5mTHpeTPO15Xpal
VtZBawrXXsx0UcqMxxLxxRqGQ4yGaS68TRo82QmYuCP3piLgRvDeJVHFy2jyZg4J
IHjuZ6uyXT6UfzY8/rYdxjzJjorqIo2iFR6O2IcnNxVRiiGWvF21EH7ZfQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFL6eKvKCE3fvjd7DXerTclyaxKgqMB8GA1UdIwQY
MBaAFGIvUXsIGCxu2hs/mI7gGBbuJk3AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWk5UmV3Z1lMRzdhR3otWWp1QVlGdTRtVGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8zNDUzYjItOTc3My00NTVlLThiMDgt
ZDkyZGFlODYxYTdkLzEvdnA0cThvSVRkLS1OM3NOZDZ0TnlYSnJFcUNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy8zNDUzYjItOTc3My00NTVlLThiMDgtZDkyZGFlODYxYTdk
LzEvWWk5UmV3Z1lMRzdhR3otWWp1QVlGdTRtVGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBTmzcAwQC
uThwMA0EAgACMAcDBQMqAlJgMA0GCSqGSIb3DQEBCwUAA4IBAQBBx42VQLlh+U8H
hQomJyIBqUlUsacjcvTZk33twIWYINhpzbQ0TTg/H5DPHm5Z8MktG2BBwXWIHFi8
qPoF4NIHxXxsdmU+2CYpqkVz3C1cCikT875tracEr38ypuY9Vo9fqjSQjmGnRiwr
GSRSwKlogOrBwn70B1bu+sGtmFDzwnCy8Cult4MwqEQa9XTJ1W+h6/XUxYqHrozb
PEjD6J1I69eAHqNbM0qLQ0R0vEjawScO2tJceXBZ5UzUtg73D5WA886FrPc/ATHb
0ldYtcN4U4aBLIVdJqxCe8FY9PUaIvocBkO6HIZ0sKbvoibnJhNngzRFNB6bGsVQ
aR+tOCwv
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:07 2024 by rpki-client on console-fra.rpki-client.org