Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/vsFFTzElz8yMmfc4BXRXspWhQN8.roa
File: vsFFTzElz8yMmfc4BXRXspWhQN8.roa (raw, json)
Hash identifier: CPXP4uown5IAhWV6t+7ofBhFlmLE0WlpSZulcS0/Aec=
Subject key identifier: BE:C1:45:4F:31:25:CF:CC:8C:99:F7:38:05:74:57:B2:95:A1:40:DF
Certificate issuer: /CN=d3d56f07be184cba52f6fdc049e8114d2616c32a
Certificate serial: 018572C379B14A52368A919CF9417A0ECD7D
Authority key identifier: D3:D5:6F:07:BE:18:4C:BA:52:F6:FD:C0:49:E8:11:4D:26:16:C3:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/09VvB74YTLpS9v3ASegRTSYWwyo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/vsFFTzElz8yMmfc4BXRXspWhQN8.roa
Signing time: Mon 02 Jan 2023 13:54:51 +0000
ROA not before: Mon 02 Jan 2023 13:54:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201925
IP address blocks: 109.207.104.0/24 maxlen: 24
109.207.108.0/24 maxlen: 24
109.207.107.0/24 maxlen: 24
109.207.106.0/24 maxlen: 24
194.126.165.0/24 maxlen: 24
194.126.166.0/24 maxlen: 24
194.126.167.0/24 maxlen: 24
217.117.132.0/22 maxlen: 22
185.165.151.0/24 maxlen: 24
2001:67c:2fd0::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:c3:79:b1:4a:52:36:8a:91:9c:f9:41:7a:0e:cd:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3d56f07be184cba52f6fdc049e8114d2616c32a
Validity
Not Before: Jan 2 13:54:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bec1454f3125cfcc8c99f738057457b295a140df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:c1:27:7f:6f:af:d4:8a:90:a3:dc:76:f4:cd:
44:8e:ee:3a:de:59:d2:56:60:d8:43:39:05:af:a7:
cc:f3:8d:9b:c4:42:48:5a:e4:cb:44:be:4d:70:c0:
e4:20:05:9c:34:e0:10:10:0b:3c:b6:cb:d7:87:2f:
6e:a4:aa:5f:e9:78:9d:f2:40:2a:36:50:8a:c3:02:
c7:40:5a:6c:b9:2a:88:e1:c5:3f:c3:96:5a:a7:7a:
fe:77:e0:88:3f:cf:3d:44:7f:5c:03:fd:33:72:3b:
9f:95:16:d3:48:f7:d2:2f:b2:59:9a:31:36:99:57:
94:29:05:94:d6:3f:fb:ef:4e:69:87:97:87:2e:d9:
26:4d:b9:e4:96:e2:8b:3e:45:09:8b:f6:67:b6:a7:
0a:9d:41:8f:5a:5c:94:a7:a4:4e:ff:6f:85:b9:ae:
6c:d8:a2:05:be:bc:cb:81:cd:7d:5c:02:f6:db:1b:
f6:54:a5:ca:4a:d2:db:be:e8:24:42:39:76:8f:5c:
39:e7:34:9e:70:e6:5f:60:42:31:4a:4b:e9:a5:21:
2f:0b:ab:6a:ed:e7:a9:51:f1:a4:59:19:b8:e2:d2:
43:9f:32:4f:a4:02:ac:4c:5f:49:d4:de:8f:2c:6b:
d4:58:50:52:90:b5:8c:94:ad:ea:77:ee:a5:dd:2a:
b4:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:C1:45:4F:31:25:CF:CC:8C:99:F7:38:05:74:57:B2:95:A1:40:DF
X509v3 Authority Key Identifier:
keyid:D3:D5:6F:07:BE:18:4C:BA:52:F6:FD:C0:49:E8:11:4D:26:16:C3:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/09VvB74YTLpS9v3ASegRTSYWwyo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/vsFFTzElz8yMmfc4BXRXspWhQN8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/09VvB74YTLpS9v3ASegRTSYWwyo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.207.104.0/24
109.207.106.0-109.207.108.255
185.165.151.0/24
194.126.165.0-194.126.167.255
217.117.132.0/22
IPv6:
2001:67c:2fd0::/48
Signature Algorithm: sha256WithRSAEncryption
9f:3e:e5:dd:cb:c5:4b:5b:8c:4b:f3:0f:3d:65:ab:44:36:46:
3d:5a:55:9b:8b:ca:96:b1:62:9c:70:96:6a:b9:37:8c:e2:a0:
b5:56:c5:fb:16:6e:63:9c:b9:df:14:bc:ba:3f:c3:5a:24:92:
42:77:74:8a:6f:54:cd:c0:56:68:e4:22:78:f0:85:dd:70:41:
95:cc:43:b5:27:2f:75:60:78:d5:df:d9:1f:c3:b6:9c:70:8b:
a9:9e:d3:98:01:3b:85:14:f8:55:47:d4:1b:eb:16:86:89:f0:
ac:27:f1:09:68:75:68:69:03:4a:f2:47:19:57:3f:63:57:fe:
9f:c9:54:f6:f2:b6:f0:28:28:e9:90:c8:89:93:97:f6:c3:94:
37:96:f6:20:e1:40:5d:32:e5:d4:cb:4a:a2:b3:c5:51:6b:8e:
f6:56:0e:90:2b:7f:57:c2:72:6f:a4:fc:ad:1f:ca:35:aa:0c:
d5:bd:fd:a0:7e:f9:f7:8e:50:ae:6f:e3:1e:69:55:98:60:01:
85:38:09:70:ae:de:09:a5:f8:d3:1e:4b:83:84:86:40:45:fa:
c0:ff:fc:c3:27:56:72:26:25:bd:0f:1b:da:51:ca:76:c4:59:
83:f8:d0:7d:a9:45:0e:20:33:dd:ac:df:d1:43:07:96:9b:59:
49:6b:9a:ab
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYVyw3mxSlI2ipGc+UF6Ds19MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzZDU2ZjA3YmUxODRjYmE1MmY2ZmRjMDQ5ZTgxMTRkMjYx
NmMzMmEwHhcNMjMwMTAyMTM1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWMxNDU0ZjMxMjVjZmNjOGM5OWY3MzgwNTc0NTdiMjk1YTE0MGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAicEnf2+v1IqQo9x29M1Eju463lnS
VmDYQzkFr6fM842bxEJIWuTLRL5NcMDkIAWcNOAQEAs8tsvXhy9upKpf6Xid8kAq
NlCKwwLHQFpsuSqI4cU/w5Zap3r+d+CIP889RH9cA/0zcjuflRbTSPfSL7JZmjE2
mVeUKQWU1j/7705ph5eHLtkmTbnkluKLPkUJi/ZntqcKnUGPWlyUp6RO/2+Fua5s
2KIFvrzLgc19XAL22xv2VKXKStLbvugkQjl2j1w55zSecOZfYEIxSkvppSEvC6tq
7eepUfGkWRm44tJDnzJPpAKsTF9J1N6PLGvUWFBSkLWMlK3qd+6l3Sq0fQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFL7BRU8xJc/MjJn3OAV0V7KVoUDfMB8GA1UdIwQY
MBaAFNPVbwe+GEy6Uvb9wEnoEU0mFsMqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDlWdkI3NFlUTHBTOXYzQVNlZ1JUU1lXd3lvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC81Nzg2YWItMDY3ZS00NDBjLWIyNzYt
MWIwNmQxYzcwNGMxLzEvdnNGRlR6RWx6OHlNbWZjNEJYUlhzcFdoUU44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC81Nzg2YWItMDY3ZS00NDBjLWIyNzYtMWIwNmQxYzcwNGMx
LzEvMDlWdkI3NFlUTHBTOXYzQVNlZ1JUU1lXd3lvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA0BAIAATAuAwQAbc9oMAwD
BAFtz2oDBABtz2wDBAC5pZcwDAMEAMJ+pQMEA8J+oAMEAtl1hDAPBAIAAjAJAwcA
IAEGfC/QMA0GCSqGSIb3DQEBCwUAA4IBAQCfPuXdy8VLW4xL8w89ZatENkY9WlWb
i8qWsWKccJZquTeM4qC1VsX7Fm5jnLnfFLy6P8NaJJJCd3SKb1TNwFZo5CJ48IXd
cEGVzEO1Jy91YHjV39kfw7accIupntOYATuFFPhVR9Qb6xaGifCsJ/EJaHVoaQNK
8kcZVz9jV/6fyVT28rbwKCjpkMiJk5f2w5Q3lvYg4UBdMuXUy0qis8VRa472Vg6Q
K39XwnJvpPytH8o1qgzVvf2gfvn3jlCub+MeaVWYYAGFOAlwrt4JpfjTHkuDhIZA
RfrA//zDJ1ZyJiW9DxvaUcp2xFmD+NB9qUUOIDPdrN/RQweWm1lJa5qr
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:17:15 2024 by rpki-client on console-ams.rpki-client.org