Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/VzhirEt7iSObcrq22PXbXLh0dnk.roa
File: VzhirEt7iSObcrq22PXbXLh0dnk.roa (raw, json)
Hash identifier: anH4AlR2+mKmZPLuI+AIZ86Hp3j1UE2FK/KlZjr9Lng=
Subject key identifier: 57:38:62:AC:4B:7B:89:23:9B:72:BA:B6:D8:F5:DB:5C:B8:74:76:79
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 01918E747711ADC44F4424D21A8CBAD6C219
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/VzhirEt7iSObcrq22PXbXLh0dnk.roa
Signing time: Mon 26 Aug 2024 11:31:22 +0000
ROA not before: Mon 26 Aug 2024 11:31:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21479
IP address blocks: 80.68.0.0/21 maxlen: 21
80.68.8.0/22 maxlen: 22
80.68.12.0/24 maxlen: 24
80.68.13.0/24 maxlen: 24
80.254.96.0/19 maxlen: 19
83.221.192.0/19 maxlen: 19
87.117.0.0/19 maxlen: 19
87.117.36.0/22 maxlen: 22
87.117.40.0/21 maxlen: 21
93.178.96.0/22 maxlen: 22
93.178.104.0/22 maxlen: 22
93.178.126.0/23 maxlen: 23
109.165.0.0/17 maxlen: 17
109.172.64.0/24 maxlen: 24
109.172.65.0/24 maxlen: 24
109.172.66.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 27 Aug 2024 10:26:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:8e:74:77:11:ad:c4:4f:44:24:d2:1a:8c:ba:d6:c2:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Aug 26 11:31:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=573862ac4b7b89239b72bab6d8f5db5cb8747679
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:9b:fd:f4:c5:f1:42:59:7f:ed:aa:29:8f:ae:
11:10:24:3c:8b:65:ed:b4:c1:96:ae:87:c2:60:c9:
e2:f0:f7:92:33:5d:57:dc:91:d3:66:e1:51:ff:a6:
78:f8:02:d8:16:8a:bf:20:33:2b:96:44:e8:b8:31:
17:74:d1:43:01:55:22:01:30:51:33:39:57:cd:9e:
17:c4:71:1c:8f:eb:bc:41:79:00:f1:4a:86:9b:13:
b9:7e:1c:bb:08:45:13:f7:1a:73:60:d2:03:f3:66:
d0:86:bb:f9:11:92:00:1e:46:a0:b4:51:a8:e0:4c:
31:02:ec:ed:08:92:2f:23:a2:17:62:11:0f:9e:03:
83:58:d8:41:15:ee:6e:a0:c7:4f:c0:45:3d:a9:d5:
87:07:0f:ed:8f:c8:05:61:55:8f:e1:ef:3d:e8:b2:
10:2b:dd:0b:8e:a2:bf:9b:d2:1a:ae:b1:12:68:18:
40:9c:25:41:3f:87:80:08:46:d4:da:68:f2:dd:1b:
b2:4a:bb:fe:ca:a4:87:6d:da:74:09:4a:12:66:f5:
b5:6f:70:35:84:44:8c:5b:8e:92:0e:9f:9a:20:01:
bf:86:e1:d2:05:88:ad:57:f5:25:33:0a:5f:36:49:
58:98:42:3a:7c:59:0f:2a:30:a6:52:85:e6:7f:03:
88:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:38:62:AC:4B:7B:89:23:9B:72:BA:B6:D8:F5:DB:5C:B8:74:76:79
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/VzhirEt7iSObcrq22PXbXLh0dnk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.68.0.0-80.68.13.255
80.254.96.0/19
83.221.192.0/19
87.117.0.0/19
87.117.36.0-87.117.47.255
93.178.96.0/22
93.178.104.0/22
93.178.126.0/23
109.165.0.0/17
109.172.64.0-109.172.66.255
Signature Algorithm: sha256WithRSAEncryption
60:58:b2:b0:87:1f:78:ad:ec:21:fb:58:fb:7c:73:be:18:a1:
d0:21:7d:be:90:4f:99:f2:26:d9:a0:fe:b0:cc:b9:a9:ec:b0:
7c:2f:99:f9:be:30:36:d4:ef:d4:18:a4:3e:3b:bc:88:49:82:
c8:47:c3:90:43:dd:b6:e6:5f:68:56:06:3c:28:97:15:4a:42:
55:b6:35:88:df:75:47:42:da:82:3f:94:cc:27:f6:9b:2a:b8:
88:70:50:78:e3:6f:e7:ac:47:6f:2e:13:89:d6:b2:e7:da:fc:
90:24:78:b5:8f:44:06:57:72:d9:3b:c4:df:8b:e2:bb:5a:9c:
03:25:fd:37:94:16:58:46:d1:54:6e:cb:34:14:18:d2:8c:67:
14:46:55:02:39:7e:75:47:1b:e5:19:7e:8d:81:3a:8c:ac:63:
46:a1:3c:6a:75:86:ba:e4:37:ac:97:08:f1:09:99:8a:d2:ab:
2d:4d:16:7c:21:69:2b:f4:0e:a1:d1:88:4e:ba:ea:10:7a:dd:
1c:8e:62:7c:4c:76:fb:72:5a:47:ae:e8:14:dc:0e:81:75:f9:
d5:b8:08:4b:13:f1:5a:0f:cc:be:f7:f3:2c:19:e6:84:60:45:
5b:87:e4:74:1c:2e:01:8e:f9:57:eb:1b:d3:68:e7:79:ef:e6:
96:8c:13:25
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgISAZGOdHcRrcRPRCTSGoy61sIZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwODI2MTEzMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzM4NjJhYzRiN2I4OTIzOWI3MmJhYjZkOGY1ZGI1Y2I4NzQ3Njc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJv99MXxQll/7aopj64RECQ8i2Xt
tMGWrofCYMni8PeSM11X3JHTZuFR/6Z4+ALYFoq/IDMrlkTouDEXdNFDAVUiATBR
MzlXzZ4XxHEcj+u8QXkA8UqGmxO5fhy7CEUT9xpzYNID82bQhrv5EZIAHkagtFGo
4EwxAuztCJIvI6IXYhEPngODWNhBFe5uoMdPwEU9qdWHBw/tj8gFYVWP4e896LIQ
K90LjqK/m9IarrESaBhAnCVBP4eACEbU2mjy3RuySrv+yqSHbdp0CUoSZvW1b3A1
hESMW46SDp+aIAG/huHSBYitV/UlMwpfNklYmEI6fFkPKjCmUoXmfwOIowIDAQAB
o4ICVjCCAlIwHQYDVR0OBBYEFFc4YqxLe4kjm3K6ttj121y4dHZ5MB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvVnpoaXJFdDdpU09iY3JxMjJQWGJYTGgwZG5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGwGCCsGAQUFBwEHAQH/BF0wWzBZBAIAATBTMAsDAwJQRAME
AVBEDAMEBVD+YAMEBVPdwAMEBVd1ADAMAwQCV3UkAwQEV3UgAwQCXbJgAwQCXbJo
AwQBXbJ+AwQHbaUAMAwDBAZtrEADBABtrEIwDQYJKoZIhvcNAQELBQADggEBAGBY
srCHH3it7CH7WPt8c74YodAhfb6QT5nyJtmg/rDMuanssHwvmfm+MDbU79QYpD47
vIhJgshHw5BD3bbmX2hWBjwolxVKQlW2NYjfdUdC2oI/lMwn9psquIhwUHjjb+es
R28uE4nWsufa/JAkeLWPRAZXctk7xN+L4rtanAMl/TeUFlhG0VRuyzQUGNKMZxRG
VQI5fnVHG+UZfo2BOoysY0ahPGp1hrrkN6yXCPEJmYrSqy1NFnwhaSv0DqHRiE66
6hB63RyOYnxMdvtyWkeu6BTcDoF1+dW4CEsT8VoPzL738ywZ5oRgRVuH5HQcLgGO
+VfrG9No53nv5paMEyU=
-----END CERTIFICATE-----
Generated at Thu Apr 17 10:12:52 2025 by rpki-client