Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/viPKHf6S3qU9p4j1xyxYMsb48mA.roa
File: viPKHf6S3qU9p4j1xyxYMsb48mA.roa (raw, json)
Hash identifier: JW0Mz/h/KSJsbxkXyeowXR0jvS8oEidoRmy7rkGpKRM=
Subject key identifier: BE:23:CA:1D:FE:92:DE:A5:3D:A7:88:F5:C7:2C:58:32:C6:F8:F2:60
Certificate issuer: /CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Certificate serial: 018F673FAA6A3C0B9524D7084F60DE68A3BA
Authority key identifier: 64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/viPKHf6S3qU9p4j1xyxYMsb48mA.roa
Signing time: Sat 11 May 2024 10:42:56 +0000
ROA not before: Sat 11 May 2024 10:42:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 174
IP address blocks: 45.147.159.0/24 maxlen: 24
92.61.103.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jul 2024 15:38:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:67:3f:aa:6a:3c:0b:95:24:d7:08:4f:60:de:68:a3:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Validity
Not Before: May 11 10:42:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=be23ca1dfe92dea53da788f5c72c5832c6f8f260
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:2a:93:af:9a:ae:b1:4d:c5:fc:ab:b0:7a:1b:
44:16:28:3f:90:7f:e4:b4:76:df:5b:cb:5f:42:2c:
7f:29:a7:c4:be:06:49:5b:0f:dd:9d:04:16:4d:42:
50:23:5c:40:e0:46:16:c4:84:a3:ea:5a:5e:82:0b:
a0:22:ba:51:bc:b4:c0:78:84:a7:c4:f1:5c:0b:bd:
b9:64:1e:94:ee:b1:46:08:f6:07:56:92:2d:50:26:
23:c8:ec:74:bf:9d:01:be:03:d0:13:81:4a:41:cc:
57:7c:30:31:90:b2:70:23:03:38:85:34:d7:79:35:
84:36:f4:af:f6:78:cf:b9:59:c1:ed:48:7d:0d:00:
f8:f1:3a:d0:44:a0:36:59:15:65:b1:49:e5:17:31:
d3:01:3e:0d:99:dd:c9:c5:77:c5:fe:cf:fd:1a:6e:
86:c2:89:27:8f:cc:c3:26:21:1b:b5:18:98:e4:90:
23:ac:49:c3:32:f3:91:2d:e8:1c:09:9b:82:b9:0f:
27:ff:0d:cd:87:af:35:73:ff:84:2c:c3:b5:d5:2d:
f4:eb:2f:60:b5:81:92:ee:56:0d:40:ae:33:65:10:
7c:97:42:b5:31:fb:84:e4:f2:d2:0f:cf:de:6a:26:
4d:9e:93:25:4b:fb:86:68:55:05:a5:24:2b:db:7f:
53:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:23:CA:1D:FE:92:DE:A5:3D:A7:88:F5:C7:2C:58:32:C6:F8:F2:60
X509v3 Authority Key Identifier:
keyid:64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/viPKHf6S3qU9p4j1xyxYMsb48mA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.159.0/24
92.61.103.0/24
Signature Algorithm: sha256WithRSAEncryption
66:21:1c:4f:2c:d5:c2:f9:5b:25:e1:f4:9c:d0:14:cf:41:7d:
a5:6c:13:e8:0a:ee:68:2e:76:ca:0e:fb:75:f8:e7:45:ca:c2:
5a:7a:8d:3e:8f:11:86:07:82:23:43:43:09:f4:c6:c0:72:c5:
7d:d0:f4:0e:c7:ef:bd:85:e4:35:a8:9c:81:d0:36:21:2a:8d:
3b:5c:52:24:c0:a1:ec:41:3b:24:25:ad:8b:b0:d0:00:59:4b:
74:a6:59:f4:0b:84:3e:35:42:3c:f8:92:ec:6f:d1:ca:29:cf:
51:0c:73:4d:29:52:ac:c0:35:22:6b:c1:72:0a:aa:a1:18:94:
5c:80:60:2b:aa:0e:bb:1f:88:77:75:92:6e:ff:2a:b1:0b:c3:
17:31:3d:55:85:71:3b:d9:ba:4a:9d:ff:0c:79:4e:df:18:46:
3e:c6:f6:47:28:de:4f:1b:0a:c0:a6:4a:53:d4:ce:bb:80:53:
34:81:43:37:37:72:d9:a0:35:b9:e8:f4:ef:74:6e:e1:57:0b:
f5:4d:0b:d5:c2:8b:ff:e5:03:32:ba:0f:db:27:a6:7f:6e:df:
38:d6:70:b8:11:bc:47:c8:9c:c4:ab:89:fd:6f:46:6d:7e:1d:
1e:54:69:51:0f:55:fe:4c:53:9c:20:32:4f:e0:bc:b0:77:a9:
98:d5:b4:44
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY9nP6pqPAuVJNcIT2DeaKO6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0MTk3NTU4M2IyNTAzNjJjODE1MGY2M2FkYjMwYTBmNmEw
YzZmYzMwHhcNMjQwNTExMTA0MjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTIzY2ExZGZlOTJkZWE1M2RhNzg4ZjVjNzJjNTgzMmM2ZjhmMjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1yqTr5qusU3F/KuwehtEFig/kH/k
tHbfW8tfQix/KafEvgZJWw/dnQQWTUJQI1xA4EYWxISj6lpeggugIrpRvLTAeISn
xPFcC725ZB6U7rFGCPYHVpItUCYjyOx0v50BvgPQE4FKQcxXfDAxkLJwIwM4hTTX
eTWENvSv9njPuVnB7Uh9DQD48TrQRKA2WRVlsUnlFzHTAT4Nmd3JxXfF/s/9Gm6G
woknj8zDJiEbtRiY5JAjrEnDMvORLegcCZuCuQ8n/w3Nh681c/+ELMO11S306y9g
tYGS7lYNQK4zZRB8l0K1MfuE5PLSD8/eaiZNnpMlS/uGaFUFpSQr239TBwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFL4jyh3+kt6lPaeI9ccsWDLG+PJgMB8GA1UdIwQY
MBaAFGQZdVg7JQNiyBUPY62zCg9qDG/DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQt
ZjFjMzNhYTJmZDUwLzEvdmlQS0hmNlMzcVU5cDRqMXh5eFlNc2I0OG1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQtZjFjMzNhYTJmZDUw
LzEvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZOfAwQA
XD1nMA0GCSqGSIb3DQEBCwUAA4IBAQBmIRxPLNXC+Vsl4fSc0BTPQX2lbBPoCu5o
LnbKDvt1+OdFysJaeo0+jxGGB4IjQ0MJ9MbAcsV90PQOx++9heQ1qJyB0DYhKo07
XFIkwKHsQTskJa2LsNAAWUt0pln0C4Q+NUI8+JLsb9HKKc9RDHNNKVKswDUia8Fy
CqqhGJRcgGArqg67H4h3dZJu/yqxC8MXMT1VhXE72bpKnf8MeU7fGEY+xvZHKN5P
GwrApkpT1M67gFM0gUM3N3LZoDW56PTvdG7hVwv1TQvVwov/5QMyug/bJ6Z/bt84
1nC4EbxHyJzEq4n9b0Ztfh0eVGlRD1X+TFOcIDJP4Lywd6mY1bRE
-----END CERTIFICATE-----
Generated at Mon Jul 1 18:05:18 2024 by rpki-client on console-ams.rpki-client.org