Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/f87a2e-46b1-4a66-a90c-699835c92bfe/1/vuyYObJLijy-QMuAyxUmyMKRi4s.roa
File: vuyYObJLijy-QMuAyxUmyMKRi4s.roa (raw, json)
Hash identifier: hb6FS3PMPPWq+Kouws6xjYkY/9QO2ZspZgkmfbDpoe0=
Subject key identifier: BE:EC:98:39:B2:4B:8A:3C:BE:40:CB:80:CB:15:26:C8:C2:91:8B:8B
Certificate issuer: /CN=b66ea7359221c1b77d6cc006f7b6706a9a908299
Certificate serial: 01856E01B9BEDB56C13794894ACAB2B1C385
Authority key identifier: B6:6E:A7:35:92:21:C1:B7:7D:6C:C0:06:F7:B6:70:6A:9A:90:82:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tm6nNZIhwbd9bMAG97ZwapqQgpk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/f87a2e-46b1-4a66-a90c-699835c92bfe/1/vuyYObJLijy-QMuAyxUmyMKRi4s.roa
Signing time: Sun 01 Jan 2023 15:44:44 +0000
ROA not before: Sun 01 Jan 2023 15:44:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61272
IP address blocks: 91.216.163.0/24 maxlen: 32
85.206.160.0/20 maxlen: 32
185.64.104.0/22 maxlen: 32
88.119.160.0/21 maxlen: 32
88.119.168.0/22 maxlen: 32
88.119.175.0/24 maxlen: 32
88.119.174.0/24 maxlen: 32
185.25.48.0/22 maxlen: 32
85.206.240.0/22 maxlen: 32
2a04:2181:c010::/48 maxlen: 64
2a04:2181:c011::/48 maxlen: 64
2a04:2181:c012::/48 maxlen: 64
2a04:2180::/32 maxlen: 64
Validation: Failed, certificate revoked on Mon 13 Mar 2023 09:04:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:01:b9:be:db:56:c1:37:94:89:4a:ca:b2:b1:c3:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b66ea7359221c1b77d6cc006f7b6706a9a908299
Validity
Not Before: Jan 1 15:44:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=beec9839b24b8a3cbe40cb80cb1526c8c2918b8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:f3:fe:33:c7:a2:1a:ac:c5:c3:a5:8a:0c:f9:
4e:79:48:68:5a:08:42:9e:ae:8c:2c:22:7b:5e:28:
85:aa:48:69:8c:85:3b:98:e5:d7:01:fb:c6:66:aa:
1f:a9:83:71:3a:de:53:0b:bf:a7:c6:1d:29:13:5b:
cd:0a:43:76:dd:9b:04:41:5d:73:e1:55:82:d5:ba:
b4:a4:ea:0f:02:79:94:0f:48:57:f5:87:70:c4:ea:
08:e3:f3:6c:ce:e3:d1:bb:90:d6:0b:68:63:7d:eb:
d9:5b:cc:b8:fe:33:60:b2:fd:b5:50:93:4a:e7:72:
9b:64:92:10:90:e2:7f:8e:75:0c:4e:cb:c4:9a:55:
c3:d8:10:30:df:db:96:14:ea:ba:74:71:ae:d9:b4:
e1:f0:53:94:6c:02:20:42:93:37:4d:39:fc:4b:c8:
da:61:e4:b5:f6:9b:ab:c1:53:0b:bf:21:57:c0:98:
d0:b2:f1:ee:00:14:7b:30:39:17:69:2a:7d:4f:c5:
ef:38:3a:a9:b3:d4:8b:e6:ea:8d:5a:3b:a0:07:8c:
82:27:24:74:a8:f5:0d:cb:4a:d4:8e:ef:93:e3:de:
e3:2d:d3:3d:7e:a2:6a:a6:ae:ea:01:a1:5b:b1:b0:
d0:b1:9b:bf:0f:0f:1d:af:25:36:a6:6d:f3:05:17:
97:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:EC:98:39:B2:4B:8A:3C:BE:40:CB:80:CB:15:26:C8:C2:91:8B:8B
X509v3 Authority Key Identifier:
keyid:B6:6E:A7:35:92:21:C1:B7:7D:6C:C0:06:F7:B6:70:6A:9A:90:82:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tm6nNZIhwbd9bMAG97ZwapqQgpk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/f87a2e-46b1-4a66-a90c-699835c92bfe/1/vuyYObJLijy-QMuAyxUmyMKRi4s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/f87a2e-46b1-4a66-a90c-699835c92bfe/1/tm6nNZIhwbd9bMAG97ZwapqQgpk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.206.160.0/20
85.206.240.0/22
88.119.160.0-88.119.171.255
88.119.174.0/23
91.216.163.0/24
185.25.48.0/22
185.64.104.0/22
IPv6:
2a04:2180::/32
2a04:2181:c010::-2a04:2181:c012:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
93:c6:ce:44:6b:e7:35:a7:fa:65:e5:55:f7:b2:1d:d1:e0:d6:
d2:d4:65:9e:3d:91:5a:20:f0:ff:db:6e:e2:77:59:70:be:6d:
bf:ea:3f:90:bc:24:78:b8:c4:d7:2b:70:87:ac:1f:14:05:76:
ee:28:03:1a:67:de:2a:de:93:8f:3d:08:3b:f2:16:7d:f9:64:
3e:a4:b2:e8:4d:1c:f6:18:bc:33:97:51:6e:f9:85:0b:23:ca:
8c:1c:ca:2e:a3:31:dd:9c:78:14:ee:6d:15:02:df:7b:af:8a:
8a:82:b0:37:4a:81:19:17:d6:15:81:93:6c:b9:65:3e:3b:b6:
28:0d:f4:00:64:a9:bb:10:6d:7e:d4:72:7c:dd:99:f9:18:9c:
75:0f:e4:5a:d1:26:48:9a:fa:a4:2c:37:a7:22:ed:50:7c:73:
ba:d3:52:7a:5a:af:66:b7:f7:89:7c:66:25:5e:8c:87:9b:a9:
ba:65:84:cf:15:1c:11:30:47:d8:3b:cd:80:41:bd:74:28:0a:
62:bc:8b:bd:6d:b8:66:21:cd:f5:89:6f:45:55:28:3f:b9:ca:
fc:95:78:32:ec:fe:9d:2c:dc:39:c3:1d:cf:0f:fd:48:c1:97:
97:1b:c4:5b:f4:93:da:92:27:9a:df:a3:43:34:41:de:70:33:
21:14:54:bc
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgISAYVuAbm+21bBN5SJSsqyscOFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2NmVhNzM1OTIyMWMxYjc3ZDZjYzAwNmY3YjY3MDZhOWE5
MDgyOTkwHhcNMjMwMTAxMTU0NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWVjOTgzOWIyNGI4YTNjYmU0MGNiODBjYjE1MjZjOGMyOTE4YjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjvP+M8eiGqzFw6WKDPlOeUhoWghC
nq6MLCJ7XiiFqkhpjIU7mOXXAfvGZqofqYNxOt5TC7+nxh0pE1vNCkN23ZsEQV1z
4VWC1bq0pOoPAnmUD0hX9YdwxOoI4/NszuPRu5DWC2hjfevZW8y4/jNgsv21UJNK
53KbZJIQkOJ/jnUMTsvEmlXD2BAw39uWFOq6dHGu2bTh8FOUbAIgQpM3TTn8S8ja
YeS19purwVMLvyFXwJjQsvHuABR7MDkXaSp9T8XvODqps9SL5uqNWjugB4yCJyR0
qPUNy0rUju+T497jLdM9fqJqpq7qAaFbsbDQsZu/Dw8dryU2pm3zBReXZwIDAQAB
o4ICWDCCAlQwHQYDVR0OBBYEFL7smDmyS4o8vkDLgMsVJsjCkYuLMB8GA1UdIwQY
MBaAFLZupzWSIcG3fWzABve2cGqakIKZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdG02bk5aSWh3YmQ5Yk1BRzk3WndhcHFRZ3BrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9mODdhMmUtNDZiMS00YTY2LWE5MGMt
Njk5ODM1YzkyYmZlLzEvdnV5WU9iSkxpanktUU11QXl4VW15TUtSaTRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9mODdhMmUtNDZiMS00YTY2LWE5MGMtNjk5ODM1YzkyYmZl
LzEvdG02bk5aSWh3YmQ5Yk1BRzk3WndhcHFRZ3BrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG4GCCsGAQUFBwEHAQH/BF8wXTA4BAIAATAyAwQEVc6gAwQC
Vc7wMAwDBAVYd6ADBAJYd6gDBAFYd64DBABb2KMDBAK5GTADBAK5QGgwIQQCAAIw
GwMFACoEIYAwEgMHBCoEIYHAEAMHACoEIYHAEjANBgkqhkiG9w0BAQsFAAOCAQEA
k8bORGvnNaf6ZeVV97Id0eDW0tRlnj2RWiDw/9tu4ndZcL5tv+o/kLwkeLjE1ytw
h6wfFAV27igDGmfeKt6Tjz0IO/IWfflkPqSy6E0c9hi8M5dRbvmFCyPKjBzKLqMx
3Zx4FO5tFQLfe6+KioKwN0qBGRfWFYGTbLllPju2KA30AGSpuxBtftRyfN2Z+Ric
dQ/kWtEmSJr6pCw3pyLtUHxzutNSelqvZrf3iXxmJV6Mh5upumWEzxUcETBH2DvN
gEG9dCgKYryLvW24ZiHN9YlvRVUoP7nK/JV4Muz+nSzcOcMdzw/9SMGXlxvEW/ST
2pInmt+jQzRB3nAzIRRUvA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:23 2024 by rpki-client on console-fra.rpki-client.org