Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/59815b-ad0b-4a06-bbe0-b25085051ab8/1/VVL2kK3DlBDTTYn33LNZsrQqV7I.roa
File: VVL2kK3DlBDTTYn33LNZsrQqV7I.roa (raw, json)
Hash identifier: aYjPUdwMHak6DoHkZU10oRV+urQhswJrrN2K2B0zYCA=
Subject key identifier: 55:52:F6:90:AD:C3:94:10:D3:4D:89:F7:DC:B3:59:B2:B4:2A:57:B2
Certificate issuer: /CN=dbfb6f560ec542ac66c3080203c66335873ae8ee
Certificate serial: 0185DEFB1E35EDC06947E956D48A51895C3B
Authority key identifier: DB:FB:6F:56:0E:C5:42:AC:66:C3:08:02:03:C6:63:35:87:3A:E8:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2_tvVg7FQqxmwwgCA8ZjNYc66O4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/59815b-ad0b-4a06-bbe0-b25085051ab8/1/VVL2kK3DlBDTTYn33LNZsrQqV7I.roa
Signing time: Mon 23 Jan 2023 14:14:37 +0000
ROA not before: Mon 23 Jan 2023 14:14:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205915
IP address blocks: 194.53.12.0/22 maxlen: 24
2001:67c:1134::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 24 Apr 2023 14:35:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:de:fb:1e:35:ed:c0:69:47:e9:56:d4:8a:51:89:5c:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbfb6f560ec542ac66c3080203c66335873ae8ee
Validity
Not Before: Jan 23 14:14:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5552f690adc39410d34d89f7dcb359b2b42a57b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:a7:25:8a:db:11:8f:2d:0c:e2:18:9b:90:58:
bb:f5:0d:6b:4d:10:67:4d:49:f5:8d:fd:6f:50:29:
5d:30:92:85:67:ad:64:1f:b2:d3:4e:1f:a5:46:af:
66:4a:bd:ba:51:b9:21:fb:1a:4f:08:7f:27:aa:91:
92:8a:3a:cc:94:e7:f7:bf:9c:3b:02:1f:d2:b4:62:
81:21:72:0e:dc:16:25:c6:54:cc:08:16:d9:49:51:
de:7c:40:26:b9:f4:8b:53:45:77:44:bf:53:41:c4:
9d:c4:e4:82:3b:a4:67:ed:a9:30:05:58:68:84:03:
1f:a4:a8:d6:1d:82:cc:97:ad:2c:34:52:a4:ef:0f:
39:f0:3b:f4:5a:fa:0b:2b:98:7e:ff:c7:c7:c1:0c:
1a:36:04:34:9e:ba:22:36:bb:f2:fe:e8:25:ce:1b:
90:f6:7b:b8:67:fa:20:9d:72:6a:50:9e:11:dc:6d:
71:85:fb:c2:a6:0a:b1:03:e8:a4:82:9f:47:77:06:
31:45:b5:fc:e2:e2:aa:70:bb:d6:0b:f5:34:ae:86:
3e:8a:bb:47:d6:b6:ab:e7:e5:d3:99:1e:a5:30:64:
a2:b8:b9:56:b4:eb:e8:01:73:b7:c5:a7:43:87:62:
b8:2e:c7:dd:94:b9:e7:24:ae:fb:2f:15:7c:73:19:
cb:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:52:F6:90:AD:C3:94:10:D3:4D:89:F7:DC:B3:59:B2:B4:2A:57:B2
X509v3 Authority Key Identifier:
keyid:DB:FB:6F:56:0E:C5:42:AC:66:C3:08:02:03:C6:63:35:87:3A:E8:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2_tvVg7FQqxmwwgCA8ZjNYc66O4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/59815b-ad0b-4a06-bbe0-b25085051ab8/1/VVL2kK3DlBDTTYn33LNZsrQqV7I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/59815b-ad0b-4a06-bbe0-b25085051ab8/1/2_tvVg7FQqxmwwgCA8ZjNYc66O4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.53.12.0/22
IPv6:
2001:67c:1134::/48
Signature Algorithm: sha256WithRSAEncryption
13:bb:e5:57:ad:de:ff:ee:35:30:7b:80:ab:32:f3:36:5d:85:
c4:04:7b:27:8b:6d:0c:20:c2:3e:df:64:d1:cc:11:a5:f0:96:
7d:85:db:68:c9:8e:42:44:4a:97:c7:89:c8:06:6a:b3:1c:eb:
a9:31:00:69:38:98:cd:c7:de:b2:df:4f:8f:00:c4:e2:67:20:
c5:f5:f5:01:53:66:8a:ba:6b:df:3e:1f:12:49:d5:c9:06:fe:
7a:1a:18:b5:fe:ac:5e:72:37:46:8d:79:f3:c1:62:9f:e8:4d:
d1:62:24:a5:e0:fb:4a:b0:7a:a1:ed:46:b5:52:24:c4:c0:df:
22:a8:db:9d:c4:54:02:f3:2c:ef:65:02:5b:d8:11:a7:38:07:
a0:4d:0c:8c:42:99:c8:88:49:02:6d:54:47:8a:ab:08:cf:ac:
e4:8d:3c:fe:9e:18:38:25:a2:95:29:c7:9f:94:f9:71:44:56:
fa:65:b9:30:44:f8:de:0e:a6:9a:60:59:5b:ad:1d:73:de:44:
8c:a6:1c:c3:8e:a0:0e:44:bd:0d:87:94:e6:a7:fe:00:7a:f6:
ed:21:c6:1d:aa:e5:6c:dc:b1:74:6b:b6:48:b6:7d:01:9a:dc:
52:3e:2b:61:8d:59:42:fe:46:a9:70:2f:e3:3a:99:76:f0:ed:
c0:53:cd:69
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYXe+x417cBpR+lW1IpRiVw7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZmI2ZjU2MGVjNTQyYWM2NmMzMDgwMjAzYzY2MzM1ODcz
YWU4ZWUwHhcNMjMwMTIzMTQxNDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTUyZjY5MGFkYzM5NDEwZDM0ZDg5ZjdkY2IzNTliMmI0MmE1N2IyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsqclitsRjy0M4hibkFi79Q1rTRBn
TUn1jf1vUCldMJKFZ61kH7LTTh+lRq9mSr26Ubkh+xpPCH8nqpGSijrMlOf3v5w7
Ah/StGKBIXIO3BYlxlTMCBbZSVHefEAmufSLU0V3RL9TQcSdxOSCO6Rn7akwBVho
hAMfpKjWHYLMl60sNFKk7w858Dv0WvoLK5h+/8fHwQwaNgQ0nroiNrvy/uglzhuQ
9nu4Z/ognXJqUJ4R3G1xhfvCpgqxA+ikgp9HdwYxRbX84uKqcLvWC/U0roY+irtH
1rar5+XTmR6lMGSiuLlWtOvoAXO3xadDh2K4LsfdlLnnJK77LxV8cxnLsQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFVS9pCtw5QQ002J99yzWbK0KleyMB8GA1UdIwQY
MBaAFNv7b1YOxUKsZsMIAgPGYzWHOujuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMl90dlZnN0ZRcXhtd3dnQ0E4WmpOWWM2Nk80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC81OTgxNWItYWQwYi00YTA2LWJiZTAt
YjI1MDg1MDUxYWI4LzEvVlZMMmtLM0RsQkRUVFluMzNMTlpzclFxVjdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC81OTgxNWItYWQwYi00YTA2LWJiZTAtYjI1MDg1MDUxYWI4
LzEvMl90dlZnN0ZRcXhtd3dnQ0E4WmpOWWM2Nk80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCwjUMMA8E
AgACMAkDBwAgAQZ8ETQwDQYJKoZIhvcNAQELBQADggEBABO75Vet3v/uNTB7gKsy
8zZdhcQEeyeLbQwgwj7fZNHMEaXwln2F22jJjkJESpfHicgGarMc66kxAGk4mM3H
3rLfT48AxOJnIMX19QFTZoq6a98+HxJJ1ckG/noaGLX+rF5yN0aNefPBYp/oTdFi
JKXg+0qweqHtRrVSJMTA3yKo253EVALzLO9lAlvYEac4B6BNDIxCmciISQJtVEeK
qwjPrOSNPP6eGDglopUpx5+U+XFEVvpluTBE+N4OpppgWVutHXPeRIymHMOOoA5E
vQ2HlOan/gB69u0hxh2q5WzcsXRrtki2fQGa3FI+K2GNWUL+RqlwL+M6mXbw7cBT
zWk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:45 2024 by rpki-client on console-fra.rpki-client.org