Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/5cb454-7bee-4e5d-b295-942482f8d2ea/1/1-VTLnT7fWwrP6lfQTeN1QMu0TC0.roa
File: 1-VTLnT7fWwrP6lfQTeN1QMu0TC0.roa (raw, json)
Hash identifier: mR9KW23MYtozRQjh2xgKl7SCbEFn7StXcIujrbh+GQ0=
Subject key identifier: F9:54:CB:9D:3E:DF:5B:0A:CF:EA:57:D0:4D:E3:75:40:CB:B4:4C:2D
Certificate issuer: /CN=54296d23def4c8521c647dc68acb3c123f611d89
Certificate serial: 01856FCB8E25510608154B23035D91AA068D
Authority key identifier: 54:29:6D:23:DE:F4:C8:52:1C:64:7D:C6:8A:CB:3C:12:3F:61:1D:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VCltI970yFIcZH3Giss8Ej9hHYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/5cb454-7bee-4e5d-b295-942482f8d2ea/1/1-VTLnT7fWwrP6lfQTeN1QMu0TC0.roa
Signing time: Mon 02 Jan 2023 00:04:49 +0000
ROA not before: Mon 02 Jan 2023 00:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8953
IP address blocks: 86.106.83.0/24 maxlen: 24
37.156.224.0/24 maxlen: 24
89.37.97.0/24 maxlen: 24
93.113.56.0/24 maxlen: 24
93.122.128.0/17 maxlen: 24
37.251.208.0/20 maxlen: 24
109.166.212.0/24 maxlen: 24
92.114.82.0/24 maxlen: 24
185.53.196.0/22 maxlen: 24
92.114.38.0/24 maxlen: 24
62.217.192.0/18 maxlen: 24
89.39.71.0/24 maxlen: 24
89.39.81.0/24 maxlen: 24
93.115.244.0/23 maxlen: 24
109.166.128.0/17 maxlen: 24
2a02:a58::/32 maxlen: 48
Validation: Failed, certificate revoked on Thu 24 Aug 2023 11:50:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:cb:8e:25:51:06:08:15:4b:23:03:5d:91:aa:06:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54296d23def4c8521c647dc68acb3c123f611d89
Validity
Not Before: Jan 2 00:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f954cb9d3edf5b0acfea57d04de37540cbb44c2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:e8:b9:88:32:60:37:ca:76:9e:7a:d7:43:6d:
f6:6a:02:3c:0f:03:8a:89:be:20:b7:89:84:d5:b6:
9f:41:7d:d8:d5:2c:96:c6:52:f9:a8:10:5e:c8:d2:
f3:79:a1:43:b8:dc:0b:fe:89:a1:94:cb:f2:b7:a1:
7b:2c:14:c3:a8:15:f2:9e:ce:aa:9a:a7:53:5d:98:
27:a3:13:3f:d0:77:a3:88:03:ff:4f:72:be:de:dc:
37:5e:f0:08:8b:1c:64:f3:a3:5d:53:9b:95:ff:13:
23:5c:7b:d1:60:16:3a:64:0e:34:d5:3a:5a:75:d7:
cc:59:1f:7d:06:29:91:04:ad:57:26:48:21:76:f5:
29:87:d3:b8:02:80:fe:0d:dc:62:cc:83:fe:e1:69:
f3:97:9c:c3:5d:62:51:ec:9d:e9:0d:27:dc:3f:28:
ad:54:13:e3:a7:cf:bd:fa:7a:df:cf:1b:3d:05:d1:
85:22:f8:92:10:49:b8:f4:41:05:20:ad:18:fa:ba:
43:62:4d:c6:33:a1:a5:e5:ff:85:98:36:b7:af:bd:
71:2e:c5:04:1a:4a:a4:1f:fe:76:de:49:86:d5:0f:
94:b5:a7:d3:e8:a7:d0:da:33:75:11:0a:21:1a:a3:
25:d9:67:2a:0f:df:eb:fe:1a:4f:80:8c:20:d7:25:
ab:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:54:CB:9D:3E:DF:5B:0A:CF:EA:57:D0:4D:E3:75:40:CB:B4:4C:2D
X509v3 Authority Key Identifier:
keyid:54:29:6D:23:DE:F4:C8:52:1C:64:7D:C6:8A:CB:3C:12:3F:61:1D:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VCltI970yFIcZH3Giss8Ej9hHYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/5cb454-7bee-4e5d-b295-942482f8d2ea/1/1-VTLnT7fWwrP6lfQTeN1QMu0TC0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/5cb454-7bee-4e5d-b295-942482f8d2ea/1/VCltI970yFIcZH3Giss8Ej9hHYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.156.224.0/24
37.251.208.0/20
62.217.192.0/18
86.106.83.0/24
89.37.97.0/24
89.39.71.0/24
89.39.81.0/24
92.114.38.0/24
92.114.82.0/24
93.113.56.0/24
93.115.244.0/23
93.122.128.0/17
109.166.128.0/17
185.53.196.0/22
IPv6:
2a02:a58::/32
Signature Algorithm: sha256WithRSAEncryption
69:8c:05:a4:9b:2d:6d:d3:37:fb:76:4a:07:a5:56:df:1f:46:
55:40:ea:7c:37:df:a3:1d:b1:e1:cf:a2:37:5f:9b:91:af:d8:
0c:e3:d3:4d:ef:fe:87:fb:2d:47:f9:62:41:b6:d2:4f:e5:87:
e0:3d:5b:b6:9c:6a:b9:f5:11:a1:c5:24:5a:c7:bd:5d:c6:d4:
4e:24:79:41:70:8a:4e:f2:7e:e8:29:6a:bc:59:58:c6:13:10:
21:56:b7:45:f0:dc:a2:c5:81:10:bc:b1:ae:e5:fb:20:6d:4b:
72:d3:69:6e:17:31:93:42:29:11:3c:4d:28:d1:d8:40:ae:72:
ee:66:25:3b:04:43:47:83:2d:39:a6:b5:e9:d9:13:58:1a:f3:
98:50:8d:93:a3:c2:38:5b:08:dc:30:2a:6e:0a:d8:9f:18:4b:
cd:f3:c7:64:3c:26:9c:4b:38:e2:4c:45:c8:a2:e5:35:7c:24:
40:d7:8e:d4:43:12:98:a7:ed:df:30:8f:d4:fc:59:db:b9:fd:
86:ae:24:08:7d:a8:18:80:be:c4:7c:87:a9:69:c9:5f:23:13:
58:0b:ca:f5:d3:e8:79:c9:12:f9:2c:45:78:9d:f5:e8:c1:d6:
a4:b2:fd:69:86:27:2d:09:58:81:33:ee:9b:b9:c6:98:27:31:
a4:18:c1:c0
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAYVvy44lUQYIFUsjA12RqgaNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0Mjk2ZDIzZGVmNGM4NTIxYzY0N2RjNjhhY2IzYzEyM2Y2
MTFkODkwHhcNMjMwMTAyMDAwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTU0Y2I5ZDNlZGY1YjBhY2ZlYTU3ZDA0ZGUzNzU0MGNiYjQ0YzJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+i5iDJgN8p2nnrXQ232agI8DwOK
ib4gt4mE1bafQX3Y1SyWxlL5qBBeyNLzeaFDuNwL/omhlMvyt6F7LBTDqBXyns6q
mqdTXZgnoxM/0HejiAP/T3K+3tw3XvAIixxk86NdU5uV/xMjXHvRYBY6ZA401Tpa
ddfMWR99BimRBK1XJkghdvUph9O4AoD+DdxizIP+4Wnzl5zDXWJR7J3pDSfcPyit
VBPjp8+9+nrfzxs9BdGFIviSEEm49EEFIK0Y+rpDYk3GM6Gl5f+FmDa3r71xLsUE
GkqkH/523kmG1Q+UtafT6KfQ2jN1EQohGqMl2WcqD9/r/hpPgIwg1yWrsQIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFPlUy50+31sKz+pX0E3jdUDLtEwtMB8GA1UdIwQY
MBaAFFQpbSPe9MhSHGR9xorLPBI/YR2JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkNsdEk5NzB5RkljWkgzR2lzczhFajloSFlrLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy81Y2I0NTQtN2JlZS00ZTVkLWIyOTUt
OTQyNDgyZjhkMmVhLzEvMS1WVExuVDdmV3dyUDZsZlFUZU4xUU11MFRDMC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZmMvNWNiNDU0LTdiZWUtNGU1ZC1iMjk1LTk0MjQ4MmY4ZDJl
YS8xL1ZDbHRJOTcweUZJY1pIM0dpc3M4RWo5aEhZay5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjB8BggrBgEFBQcBBwEB/wRtMGswWgQCAAEwVAMEACWc4AME
BCX70AMEBj7ZwAMEAFZqUwMEAFklYQMEAFknRwMEAFknUQMEAFxyJgMEAFxyUgME
AF1xOAMEAV1z9AMEB116gAMEB22mgAMEArk1xDANBAIAAjAHAwUAKgIKWDANBgkq
hkiG9w0BAQsFAAOCAQEAaYwFpJstbdM3+3ZKB6VW3x9GVUDqfDffox2x4c+iN1+b
ka/YDOPTTe/+h/stR/liQbbST+WH4D1btpxqufURocUkWse9XcbUTiR5QXCKTvJ+
6ClqvFlYxhMQIVa3RfDcosWBELyxruX7IG1LctNpbhcxk0IpETxNKNHYQK5y7mYl
OwRDR4MtOaa16dkTWBrzmFCNk6PCOFsI3DAqbgrYnxhLzfPHZDwmnEs44kxFyKLl
NXwkQNeO1EMSmKft3zCP1PxZ27n9hq4kCH2oGIC+xHyHqWnJXyMTWAvK9dPoeckS
+SxFeJ316MHWpLL9aYYnLQlYgTPum7nGmCcxpBjBwA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:45 2024 by rpki-client on console-fra.rpki-client.org