Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/e0f3bb-a099-4785-8929-3d7f92c23a8b/1/vfsmt-Or4sJlHXZ7oxTnwoQ_cFU.roa
File: vfsmt-Or4sJlHXZ7oxTnwoQ_cFU.roa (raw, json)
Hash identifier: qxTQQkMoSChLkyR2iukA/fl2h7cYAlxJenuhKfVfbFw=
Subject key identifier: BD:FB:26:B7:E3:AB:E2:C2:65:1D:76:7B:A3:14:E7:C2:84:3F:70:55
Certificate issuer: /CN=51ee1a67725eb4a764a587bc37079debbe81fb64
Certificate serial: 018CC492CF22B78097E0406FEC4313C2D7D0
Authority key identifier: 51:EE:1A:67:72:5E:B4:A7:64:A5:87:BC:37:07:9D:EB:BE:81:FB:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ue4aZ3JetKdkpYe8Nwed676B-2Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/e0f3bb-a099-4785-8929-3d7f92c23a8b/1/vfsmt-Or4sJlHXZ7oxTnwoQ_cFU.roa
Signing time: Mon 01 Jan 2024 10:30:04 +0000
ROA not before: Mon 01 Jan 2024 10:30:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51469
IP address blocks: 217.170.242.0/23 maxlen: 23
217.170.246.0/23 maxlen: 23
217.170.244.0/23 maxlen: 23
217.170.248.0/23 maxlen: 23
217.170.252.0/23 maxlen: 23
217.170.250.0/23 maxlen: 23
31.171.216.0/23 maxlen: 23
217.170.254.0/23 maxlen: 23
185.16.232.0/23 maxlen: 23
31.171.218.0/23 maxlen: 23
31.171.222.0/23 maxlen: 23
185.16.234.0/23 maxlen: 23
31.171.220.0/23 maxlen: 23
217.170.240.0/23 maxlen: 23
2a00:6380::/32 maxlen: 32
Validation: Failed, certificate revoked on Sat 20 Apr 2024 13:51:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:cf:22:b7:80:97:e0:40:6f:ec:43:13:c2:d7:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=51ee1a67725eb4a764a587bc37079debbe81fb64
Validity
Not Before: Jan 1 10:30:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bdfb26b7e3abe2c2651d767ba314e7c2843f7055
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:0e:21:64:bb:6d:7b:91:34:d7:5a:78:6e:ea:
15:3b:80:3c:f1:40:68:0e:c4:ab:8d:47:c4:a2:e2:
16:e7:36:f0:08:56:c5:04:d2:1d:9a:5d:20:55:67:
b5:28:d9:8f:69:25:da:c5:f7:21:87:40:cb:c1:af:
9c:6b:8f:be:11:31:cc:42:f9:40:f3:27:7e:ad:05:
ba:4e:96:1a:34:08:a2:12:ad:dc:97:4b:d1:33:00:
b5:d0:52:ec:bd:69:61:87:0a:0b:be:f8:a7:ed:b9:
3d:d7:4b:7d:7a:4e:8f:12:4d:df:16:3a:79:1f:4a:
7a:46:a2:76:ef:61:e0:f1:37:98:74:7a:10:51:f2:
05:e8:2f:34:7c:ea:9d:f1:9e:ef:86:89:b1:89:f9:
63:a8:c4:0c:58:0a:b2:ec:4a:1e:5e:aa:45:8d:f1:
6a:0e:4d:8b:32:fb:53:4d:9f:e9:a2:6c:21:4e:0a:
8f:b5:2d:80:03:d6:2c:b3:a8:c9:d5:f5:b4:04:50:
be:09:2e:e9:01:3d:5d:99:f6:0a:f6:28:94:99:cb:
89:e7:6f:ad:d0:25:9d:4a:bf:b2:da:24:2c:83:c0:
5e:85:65:cb:d9:a8:6d:66:dd:40:95:b9:e0:fd:72:
73:7e:bc:d0:cd:00:72:dc:7f:b6:2b:2f:e6:ca:f0:
b3:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:FB:26:B7:E3:AB:E2:C2:65:1D:76:7B:A3:14:E7:C2:84:3F:70:55
X509v3 Authority Key Identifier:
keyid:51:EE:1A:67:72:5E:B4:A7:64:A5:87:BC:37:07:9D:EB:BE:81:FB:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ue4aZ3JetKdkpYe8Nwed676B-2Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/e0f3bb-a099-4785-8929-3d7f92c23a8b/1/vfsmt-Or4sJlHXZ7oxTnwoQ_cFU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/e0f3bb-a099-4785-8929-3d7f92c23a8b/1/Ue4aZ3JetKdkpYe8Nwed676B-2Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.171.216.0/21
185.16.232.0/22
217.170.240.0/20
IPv6:
2a00:6380::/32
Signature Algorithm: sha256WithRSAEncryption
37:cc:45:8f:f0:2d:d3:c4:3e:ad:4e:78:96:90:43:36:4e:5d:
b1:ab:e3:56:4d:10:30:1e:0a:18:85:ab:e2:10:50:14:36:c9:
49:6a:f7:70:fb:56:90:31:93:8c:ad:1e:21:65:ae:6a:e3:88:
41:0a:db:61:5c:b1:5a:97:ca:f0:6a:bb:88:b5:56:39:2a:65:
38:e2:a0:22:84:65:21:35:2e:11:de:56:94:85:07:23:ab:f2:
97:49:f6:45:d3:4c:34:06:4a:91:eb:b5:4b:0b:3e:b9:be:da:
5e:96:42:7b:57:28:1b:1e:df:dd:50:74:c3:f7:5f:24:7d:fb:
95:10:0a:b3:9c:a2:d8:3a:a7:ed:b1:d4:6a:05:b6:ce:80:43:
c5:67:65:ae:87:da:c4:c1:dc:02:1e:8f:33:cf:ec:d4:67:02:
61:5c:9c:90:ea:ce:01:cd:34:6b:35:dd:b4:e4:ff:6a:8b:08:
be:5e:f1:8f:f3:2f:01:62:00:9e:71:7b:7f:ef:19:28:06:9e:
16:92:ad:86:a7:f7:4e:45:57:b3:49:d4:eb:1b:ce:46:20:04:
f9:44:10:63:28:7b:e9:3d:b2:dd:9a:ef:8f:f3:4d:63:18:52:
89:2d:d1:a5:28:ac:dc:f2:c2:00:69:92:df:28:1e:a0:bf:34:
11:aa:c0:4d
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzEks8it4CX4EBv7EMTwtfQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxZWUxYTY3NzI1ZWI0YTc2NGE1ODdiYzM3MDc5ZGViYmU4
MWZiNjQwHhcNMjQwMTAxMTAzMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGZiMjZiN2UzYWJlMmMyNjUxZDc2N2JhMzE0ZTdjMjg0M2Y3MDU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgQ4hZLtte5E011p4buoVO4A88UBo
DsSrjUfEouIW5zbwCFbFBNIdml0gVWe1KNmPaSXaxfchh0DLwa+ca4++ETHMQvlA
8yd+rQW6TpYaNAiiEq3cl0vRMwC10FLsvWlhhwoLvvin7bk910t9ek6PEk3fFjp5
H0p6RqJ272Hg8TeYdHoQUfIF6C80fOqd8Z7vhomxifljqMQMWAqy7EoeXqpFjfFq
Dk2LMvtTTZ/pomwhTgqPtS2AA9Yss6jJ1fW0BFC+CS7pAT1dmfYK9iiUmcuJ52+t
0CWdSr+y2iQsg8BehWXL2ahtZt1Albng/XJzfrzQzQBy3H+2Ky/myvCzVwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFL37Jrfjq+LCZR12e6MU58KEP3BVMB8GA1UdIwQY
MBaAFFHuGmdyXrSnZKWHvDcHneu+gftkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWU0YVozSmV0S2RrcFllOE53ZWQ2NzZCLTJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9lMGYzYmItYTA5OS00Nzg1LTg5Mjkt
M2Q3ZjkyYzIzYThiLzEvdmZzbXQtT3I0c0psSFhaN294VG53b1FfY0ZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9lMGYzYmItYTA5OS00Nzg1LTg5MjktM2Q3ZjkyYzIzYThi
LzEvVWU0YVozSmV0S2RrcFllOE53ZWQ2NzZCLTJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDH6vYAwQC
uRDoAwQE2arwMA0EAgACMAcDBQAqAGOAMA0GCSqGSIb3DQEBCwUAA4IBAQA3zEWP
8C3TxD6tTniWkEM2Tl2xq+NWTRAwHgoYhaviEFAUNslJavdw+1aQMZOMrR4hZa5q
44hBCtthXLFal8rwaruItVY5KmU44qAihGUhNS4R3laUhQcjq/KXSfZF00w0BkqR
67VLCz65vtpelkJ7VygbHt/dUHTD918kffuVEAqznKLYOqftsdRqBbbOgEPFZ2Wu
h9rEwdwCHo8zz+zUZwJhXJyQ6s4BzTRrNd205P9qiwi+XvGP8y8BYgCecXt/7xko
Bp4Wkq2Gp/dORVezSdTrG85GIAT5RBBjKHvpPbLdmu+P801jGFKJLdGlKKzc8sIA
aZLfKB6gvzQRqsBN
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:42:00 2025 by rpki-client