Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/vxVdcXhxWua0L7ZJ87Kp1W-QweY.roa
File: vxVdcXhxWua0L7ZJ87Kp1W-QweY.roa (raw, json)
Hash identifier: SWqYRREdUApMZkiYkuNvRJdsjGM3iFNsNPfMyQxfi94=
Subject key identifier: BF:15:5D:71:78:71:5A:E6:B4:2F:B6:49:F3:B2:A9:D5:6F:90:C1:E6
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018571E7A034386BC85E1458C23EC07AB928
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/vxVdcXhxWua0L7ZJ87Kp1W-QweY.roa
Signing time: Mon 02 Jan 2023 09:54:43 +0000
ROA not before: Mon 02 Jan 2023 09:54:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29657
IP address blocks: 92.52.221.0/24 maxlen: 24
5.180.123.0/24 maxlen: 24
194.41.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:e7:a0:34:38:6b:c8:5e:14:58:c2:3e:c0:7a:b9:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jan 2 09:54:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bf155d7178715ae6b42fb649f3b2a9d56f90c1e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:5b:25:a0:dd:7d:12:ad:07:28:60:03:11:c7:
da:77:cd:42:ba:52:ff:79:42:3b:23:f2:2e:89:74:
9e:ea:1d:11:41:46:4d:2d:5b:c0:16:26:0a:b2:06:
1c:90:ac:14:3a:4d:bd:cb:ad:4a:0b:8c:61:5d:71:
aa:38:7b:5a:cc:81:43:8d:26:f3:94:73:ac:86:f9:
d2:af:3f:07:72:21:49:05:13:0d:92:59:1c:61:59:
a2:56:fd:0c:ac:fc:f4:c0:56:d2:83:2e:7f:d9:cf:
28:c0:35:ff:2b:f7:3b:ee:75:7f:15:78:9f:e1:00:
ca:04:b6:2c:0b:c8:64:73:89:b9:36:04:4c:cb:0e:
22:71:cd:24:70:76:f9:1d:3d:5d:4d:26:53:70:6d:
0b:b1:71:60:6c:93:e5:24:d8:8c:91:34:9a:35:15:
d4:ca:01:88:40:c7:d7:90:ba:87:b4:f8:70:79:f8:
e2:c8:1c:8d:2f:ed:95:ee:eb:0f:45:21:8f:2f:51:
fb:36:4c:6f:fe:49:c7:8c:ee:3d:b5:db:5f:02:96:
17:c8:56:8d:02:c3:f8:bd:98:48:87:6a:9b:c1:c3:
cb:38:b8:90:dd:94:74:83:3b:b2:a7:1f:28:d6:73:
18:ac:8b:24:d8:12:e8:e2:61:ee:56:e5:ea:7f:c8:
39:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:15:5D:71:78:71:5A:E6:B4:2F:B6:49:F3:B2:A9:D5:6F:90:C1:E6
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/vxVdcXhxWua0L7ZJ87Kp1W-QweY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.123.0/24
92.52.221.0/24
194.41.46.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:4d:a2:2f:35:d0:2c:1e:cd:87:50:45:74:4f:e4:8d:58:e8:
21:6e:3f:85:6a:1f:71:ff:54:04:4e:52:86:ab:b4:eb:70:91:
25:06:ae:96:6a:d4:cc:1d:32:f4:b6:e9:4b:0b:74:f0:94:fa:
c9:31:86:5e:8e:10:29:8e:e3:e8:a9:9e:bd:61:fe:17:56:ea:
98:fe:05:61:a9:07:4d:2f:fb:3c:7c:cf:53:c8:3c:09:89:2c:
eb:07:65:1e:d9:1a:f4:57:09:2d:48:96:9f:1e:94:77:1c:17:
93:18:2e:fa:bc:de:08:e5:38:97:44:b5:7b:e3:b1:61:8a:44:
c7:54:33:95:d1:b9:51:d6:f0:bc:b5:ff:3e:40:4e:7e:0d:39:
91:45:c2:19:6f:71:2c:44:aa:ca:cc:10:b6:ec:73:54:53:dc:
c7:6b:ea:4c:ec:96:44:29:a9:f1:b6:aa:12:7b:3f:2a:b9:21:
4b:cb:25:69:2c:27:dd:f5:c2:24:3f:6a:b3:77:30:a6:f4:0c:
69:71:28:84:66:b9:85:ce:67:ec:df:11:c5:65:82:1d:d8:52:
89:a4:51:41:92:4b:13:e7:d0:de:6d:ba:76:80:3c:0f:3a:d3:
86:f6:df:60:8f:9c:4a:a0:01:07:2c:b6:a9:4f:8c:3a:45:bc:
67:4d:4f:8a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVx56A0OGvIXhRYwj7AerkoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwMTAyMDk1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjE1NWQ3MTc4NzE1YWU2YjQyZmI2NDlmM2IyYTlkNTZmOTBjMWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmlsloN19Eq0HKGADEcfad81CulL/
eUI7I/IuiXSe6h0RQUZNLVvAFiYKsgYckKwUOk29y61KC4xhXXGqOHtazIFDjSbz
lHOshvnSrz8HciFJBRMNklkcYVmiVv0MrPz0wFbSgy5/2c8owDX/K/c77nV/FXif
4QDKBLYsC8hkc4m5NgRMyw4icc0kcHb5HT1dTSZTcG0LsXFgbJPlJNiMkTSaNRXU
ygGIQMfXkLqHtPhwefjiyByNL+2V7usPRSGPL1H7Nkxv/knHjO49tdtfApYXyFaN
AsP4vZhIh2qbwcPLOLiQ3ZR0gzuypx8o1nMYrIsk2BLo4mHuVuXqf8g5FQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFL8VXXF4cVrmtC+2SfOyqdVvkMHmMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvdnhWZGNYaHhXdWEwTDdaSjg3S3AxVy1Rd2VZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABbR7AwQA
XDTdAwQAwikuMA0GCSqGSIb3DQEBCwUAA4IBAQAMTaIvNdAsHs2HUEV0T+SNWOgh
bj+Fah9x/1QETlKGq7TrcJElBq6WatTMHTL0tulLC3TwlPrJMYZejhApjuPoqZ69
Yf4XVuqY/gVhqQdNL/s8fM9TyDwJiSzrB2Ue2Rr0VwktSJafHpR3HBeTGC76vN4I
5TiXRLV747FhikTHVDOV0blR1vC8tf8+QE5+DTmRRcIZb3EsRKrKzBC27HNUU9zH
a+pM7JZEKanxtqoSez8quSFLyyVpLCfd9cIkP2qzdzCm9AxpcSiEZrmFzmfs3xHF
ZYId2FKJpFFBkksT59Debbp2gDwPOtOG9t9gj5xKoAEHLLapT4w6RbxnTU+K
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:28 2024 by rpki-client on console-fra.rpki-client.org