Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/vegWP1aOfpfll32N4WhhE8SxuRM.roa
File: vegWP1aOfpfll32N4WhhE8SxuRM.roa (raw, json)
Hash identifier: eX5/AVBM+T/ftX+ZsNAcT2GIjIBVSOU7XgG0itb0m04=
Subject key identifier: BD:E8:16:3F:56:8E:7E:97:E5:97:7D:8D:E1:68:61:13:C4:B1:B9:13
Certificate issuer: /CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Certificate serial: 018B661A03AE1F9773A93DC11EB5062296D9
Authority key identifier: 9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/vegWP1aOfpfll32N4WhhE8SxuRM.roa
Signing time: Wed 25 Oct 2023 09:11:02 +0000
ROA not before: Wed 25 Oct 2023 09:11:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39074
IP address blocks: 5.202.136.0/23 maxlen: 23
5.202.136.0/24 maxlen: 24
5.202.136.0/22 maxlen: 22
5.202.137.0/24 maxlen: 24
5.202.138.0/24 maxlen: 24
5.202.138.0/23 maxlen: 23
5.202.139.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:66:1a:03:ae:1f:97:73:a9:3d:c1:1e:b5:06:22:96:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Validity
Not Before: Oct 25 09:11:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bde8163f568e7e97e5977d8de1686113c4b1b913
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:9f:d1:3e:76:e2:d2:55:52:cb:c2:35:89:e8:
25:86:c1:43:4f:a2:fd:3b:3f:69:86:55:70:f4:76:
d9:ee:02:a2:32:73:9e:de:ba:74:4d:36:57:74:bb:
82:37:d0:5e:09:fa:57:e7:93:71:11:f5:e9:01:1a:
5d:33:ec:94:49:98:f2:e5:0b:8a:e8:10:af:88:02:
31:bd:e0:33:3c:07:82:88:68:92:47:60:47:84:18:
05:45:b9:0b:a8:41:d1:14:51:b9:59:0c:e2:6b:a4:
f9:5c:15:e3:d3:6d:53:fb:1a:e5:92:39:0a:d0:2a:
34:ed:7e:fc:68:19:b6:60:6a:23:e9:64:f1:2c:3e:
6b:57:c9:e0:1b:21:49:1a:76:0e:52:32:a5:37:2c:
14:30:b4:10:bb:81:2d:1c:31:d5:2b:2a:fb:c7:82:
08:a2:cb:6f:65:99:0f:c1:f4:61:9c:20:19:68:39:
59:4b:33:c7:03:67:db:52:46:de:38:37:79:54:9b:
13:2e:0c:01:95:30:8e:57:27:2a:f8:97:75:d7:4a:
66:9d:e8:58:42:57:da:b0:de:d3:c1:6c:b4:02:4d:
aa:0e:4b:fd:b4:0a:8b:57:1a:2f:fd:68:07:89:7b:
8d:c2:2a:4c:30:eb:a0:dc:5b:b1:8d:8f:4b:be:ff:
2a:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:E8:16:3F:56:8E:7E:97:E5:97:7D:8D:E1:68:61:13:C4:B1:B9:13
X509v3 Authority Key Identifier:
keyid:9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/vegWP1aOfpfll32N4WhhE8SxuRM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.202.136.0/22
Signature Algorithm: sha256WithRSAEncryption
27:c8:9e:57:5e:bf:ca:62:ed:cb:df:f1:c6:03:8f:8f:14:d3:
a0:c8:e5:60:ff:cf:92:be:26:b8:a7:74:c6:e8:db:b5:e4:ab:
ad:31:73:23:e8:b9:1a:19:54:45:5a:ea:2c:de:17:d8:dd:4b:
bc:de:c6:72:d0:96:10:77:c2:00:5e:b8:38:65:0e:cd:97:16:
ec:fa:ef:97:af:8e:ee:61:29:49:28:ca:02:9d:09:7f:ba:52:
29:0e:ab:97:c1:29:f7:e5:db:26:4e:7a:3c:d1:12:5e:92:d2:
c8:78:b7:d6:c6:db:6c:82:32:a2:58:05:e7:32:93:da:9b:e5:
33:4c:aa:99:c6:57:6b:3f:19:4d:99:17:6d:0a:de:f4:8f:4d:
9c:b9:ce:fd:0b:04:36:bd:a2:2f:ba:30:a9:9d:7c:c0:8c:ef:
81:ee:dc:fe:1e:f6:24:96:de:42:e3:cb:a4:6f:02:1b:36:f2:
7d:51:66:2a:04:a2:52:53:5a:99:94:46:e7:eb:54:4f:12:8a:
6b:94:a6:17:64:10:01:6c:55:fb:e8:04:cc:00:12:6c:12:ac:
bc:a2:50:43:59:87:bc:83:5e:6f:c9:54:c8:e0:db:de:54:dd:
99:76:5d:a3:6b:c7:5c:6b:61:b6:4a:21:4e:5d:c6:e1:dd:7a:
8c:53:2f:07
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYtmGgOuH5dzqT3BHrUGIpbZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMWU2OTM2OGFiZDM0NTM4ZmU3N2RkYWFiY2RjODM1YWY1
OTVlYmEwHhcNMjMxMDI1MDkxMTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGU4MTYzZjU2OGU3ZTk3ZTU5NzdkOGRlMTY4NjExM2M0YjFiOTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZ/RPnbi0lVSy8I1ieglhsFDT6L9
Oz9phlVw9HbZ7gKiMnOe3rp0TTZXdLuCN9BeCfpX55NxEfXpARpdM+yUSZjy5QuK
6BCviAIxveAzPAeCiGiSR2BHhBgFRbkLqEHRFFG5WQzia6T5XBXj021T+xrlkjkK
0Co07X78aBm2YGoj6WTxLD5rV8ngGyFJGnYOUjKlNywUMLQQu4EtHDHVKyr7x4II
ostvZZkPwfRhnCAZaDlZSzPHA2fbUkbeODd5VJsTLgwBlTCOVycq+Jd110pmnehY
QlfasN7TwWy0Ak2qDkv9tAqLVxov/WgHiXuNwipMMOug3FuxjY9Lvv8quQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL3oFj9Wjn6X5Zd9jeFoYRPEsbkTMB8GA1UdIwQY
MBaAFJoeaTaKvTRTj+d92qvNyDWvWV66MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjIt
MTA5ODJlMDQwZDUzLzEvdmVnV1AxYU9mcGZsbDMyTjRXaGhFOFN4dVJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjItMTA5ODJlMDQwZDUz
LzEvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBcqIMA0G
CSqGSIb3DQEBCwUAA4IBAQAnyJ5XXr/KYu3L3/HGA4+PFNOgyOVg/8+Svia4p3TG
6Nu15KutMXMj6LkaGVRFWuos3hfY3Uu83sZy0JYQd8IAXrg4ZQ7Nlxbs+u+Xr47u
YSlJKMoCnQl/ulIpDquXwSn35dsmTno80RJektLIeLfWxttsgjKiWAXnMpPam+Uz
TKqZxldrPxlNmRdtCt70j02cuc79CwQ2vaIvujCpnXzAjO+B7tz+HvYklt5C48uk
bwIbNvJ9UWYqBKJSU1qZlEbn61RPEoprlKYXZBABbFX76ATMABJsEqy8olBDWYe8
g15vyVTI4NveVN2Zdl2ja8dca2G2SiFOXcbh3XqMUy8H
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:10 2024 by rpki-client on console-fra.rpki-client.org