Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/Vus7ID6Cl02wYV3JBl_q1wcA7G4.roa
File: Vus7ID6Cl02wYV3JBl_q1wcA7G4.roa (raw, json)
Hash identifier: +yeRJ3keIg9S1vmoOSdX5AUWAmaZS3cL/hHNQoPWOvE=
Subject key identifier: 56:EB:3B:20:3E:82:97:4D:B0:61:5D:C9:06:5F:EA:D7:07:00:EC:6E
Certificate issuer: /CN=618478f198fe569010c3df6219142f530c4f5e56
Certificate serial: 01933F87E1E5DC1FE632E0FDC0AAD4131AA3
Authority key identifier: 61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/Vus7ID6Cl02wYV3JBl_q1wcA7G4.roa
Signing time: Mon 18 Nov 2024 13:48:09 +0000
ROA not before: Mon 18 Nov 2024 13:48:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9123
IP address blocks: 80.242.56.0/24 maxlen: 24
80.242.57.0/24 maxlen: 24
80.242.58.0/24 maxlen: 24
92.63.176.0/22 maxlen: 22
92.63.176.0/24 maxlen: 24
92.63.177.0/24 maxlen: 24
92.63.178.0/24 maxlen: 24
92.63.179.0/24 maxlen: 24
109.196.98.0/24 maxlen: 24
109.196.99.0/24 maxlen: 24
109.196.100.0/24 maxlen: 24
109.196.101.0/24 maxlen: 24
109.196.102.0/24 maxlen: 24
109.196.103.0/24 maxlen: 24
185.42.14.0/24 maxlen: 24
194.32.98.0/24 maxlen: 24
217.78.234.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 27 Nov 2024 15:43:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:3f:87:e1:e5:dc:1f:e6:32:e0:fd:c0:aa:d4:13:1a:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=618478f198fe569010c3df6219142f530c4f5e56
Validity
Not Before: Nov 18 13:48:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=56eb3b203e82974db0615dc9065fead70700ec6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:19:3b:d1:f8:24:9a:70:e8:03:f1:0a:af:41:
25:6e:eb:67:63:df:a5:0e:9a:30:5c:66:e6:95:61:
0e:f6:f0:e3:94:ff:76:cd:a1:43:f7:4d:9e:8f:c2:
b7:cc:da:44:6d:98:18:0b:20:44:b0:a2:82:0f:06:
a5:71:43:78:d5:82:8d:4e:a2:24:64:28:8e:2a:d7:
f5:26:04:38:c9:ce:3f:90:e5:b1:96:ff:77:6a:80:
15:2a:d6:5d:7b:74:57:a3:30:57:33:09:c8:a3:4a:
11:48:1c:b8:84:3a:73:7e:be:c8:fe:03:f8:01:08:
5e:d7:8a:fb:00:a1:a7:ba:76:20:49:43:50:7d:ea:
cc:1c:9f:ba:a0:99:a9:82:f0:6f:ac:b2:b9:4f:a8:
49:45:6b:e3:63:c5:c7:22:c1:8b:08:33:e5:c6:3a:
65:3d:67:5d:c8:01:05:a4:5a:ee:85:5b:e7:46:09:
67:3b:98:51:6c:ad:5a:53:c7:92:2c:32:4e:10:7c:
0a:9d:b7:75:3c:7c:18:3b:fc:06:a0:51:a3:be:bc:
ae:f0:ba:d7:49:b4:fb:59:9f:45:d9:19:0e:24:7a:
5c:ab:59:ee:33:65:0b:0b:30:4c:39:26:38:3f:81:
7e:a6:69:17:d2:59:8c:1a:d7:29:7b:44:9f:8b:14:
35:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:EB:3B:20:3E:82:97:4D:B0:61:5D:C9:06:5F:EA:D7:07:00:EC:6E
X509v3 Authority Key Identifier:
keyid:61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/Vus7ID6Cl02wYV3JBl_q1wcA7G4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.242.56.0-80.242.58.255
92.63.176.0/22
109.196.98.0-109.196.103.255
185.42.14.0/24
194.32.98.0/24
217.78.234.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:da:49:2e:cd:96:fb:d2:4e:e1:ae:26:e7:18:5e:10:a5:c2:
6b:15:de:b9:65:fd:a5:d3:d9:61:02:e5:16:57:1c:ab:56:26:
55:b2:f1:51:c3:39:f6:36:fa:db:04:ad:e7:67:6d:fa:c0:cb:
7c:ab:ae:6b:07:14:08:f0:ab:4a:72:90:d5:55:47:f2:10:f6:
b4:23:1d:ec:e6:5d:64:8f:db:56:b5:78:bf:76:d3:e7:af:f8:
d0:bc:a0:4c:3c:55:6a:bb:90:52:ef:1d:06:38:82:04:63:de:
89:40:7d:0c:05:58:36:41:ff:d2:76:5d:b5:73:da:38:dd:b8:
0a:58:15:d8:61:01:9f:55:b0:ea:5c:67:07:d1:f9:bc:50:df:
a8:6d:64:09:82:14:98:97:7d:9b:79:69:5a:b7:11:f5:95:85:
9e:c4:0f:a1:a0:5b:8d:a6:92:4b:c4:e4:eb:30:33:ea:1b:a6:
cd:e3:66:44:d3:d3:b0:4a:d0:50:38:92:03:0d:39:3d:4d:3b:
62:4e:98:3e:5b:82:79:20:c5:0d:ea:d3:4a:6f:b5:a2:d6:82:
d6:35:81:db:d1:fd:98:60:6e:10:36:86:61:c4:54:a9:eb:41:
62:09:70:85:9d:41:f1:80:d1:71:aa:c5:f8:02:8c:d5:49:13:
11:8f:2e:ef
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZM/h+Hl3B/mMuD9wKrUExqjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxODQ3OGYxOThmZTU2OTAxMGMzZGY2MjE5MTQyZjUzMGM0
ZjVlNTYwHhcNMjQxMTE4MTM0ODA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmViM2IyMDNlODI5NzRkYjA2MTVkYzkwNjVmZWFkNzA3MDBlYzZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Rk70fgkmnDoA/EKr0ElbutnY9+l
DpowXGbmlWEO9vDjlP92zaFD902ej8K3zNpEbZgYCyBEsKKCDwalcUN41YKNTqIk
ZCiOKtf1JgQ4yc4/kOWxlv93aoAVKtZde3RXozBXMwnIo0oRSBy4hDpzfr7I/gP4
AQhe14r7AKGnunYgSUNQferMHJ+6oJmpgvBvrLK5T6hJRWvjY8XHIsGLCDPlxjpl
PWddyAEFpFruhVvnRglnO5hRbK1aU8eSLDJOEHwKnbd1PHwYO/wGoFGjvryu8LrX
SbT7WZ9F2RkOJHpcq1nuM2ULCzBMOSY4P4F+pmkX0lmMGtcpe0SfixQ1NQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFFbrOyA+gpdNsGFdyQZf6tcHAOxuMB8GA1UdIwQY
MBaAFGGEePGY/laQEMPfYhkUL1MMT15WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEt
YmE5OGYxMTIyMTIxLzEvVnVzN0lENkNsMDJ3WVYzSkJsX3Exd2NBN0c0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEtYmE5OGYxMTIyMTIx
LzEvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0MAwDBANQ8jgD
BABQ8joDBAJcP7AwDAMEAW3EYgMEA23EYAMEALkqDgMEAMIgYgMEANlO6jANBgkq
hkiG9w0BAQsFAAOCAQEAo9pJLs2W+9JO4a4m5xheEKXCaxXeuWX9pdPZYQLlFlcc
q1YmVbLxUcM59jb62wSt52dt+sDLfKuuawcUCPCrSnKQ1VVH8hD2tCMd7OZdZI/b
VrV4v3bT56/40LygTDxVaruQUu8dBjiCBGPeiUB9DAVYNkH/0nZdtXPaON24ClgV
2GEBn1Ww6lxnB9H5vFDfqG1kCYIUmJd9m3lpWrcR9ZWFnsQPoaBbjaaSS8Tk6zAz
6humzeNmRNPTsErQUDiSAw05PU07Yk6YPluCeSDFDerTSm+1otaC1jWB29H9mGBu
EDaGYcRUqetBYglwhZ1B8YDRcarF+AKM1UkTEY8u7w==
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:13:53 2025 by rpki-client