Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/VsZ4CPfPixVt43IUWEA6vHlxqhM.roa
File: VsZ4CPfPixVt43IUWEA6vHlxqhM.roa (raw, json)
Hash identifier: 57wGkCtbSgerpzWYQOpxrVGqwfKoipCGgBiF1qwOGns=
Subject key identifier: 56:C6:78:08:F7:CF:8B:15:6D:E3:72:14:58:40:3A:BC:79:71:AA:13
Certificate issuer: /CN=4dd1b2587490ad061cb207176bdeec81a531588c
Certificate serial: 01856E0B10127AD22DAC42432665CE65940B
Authority key identifier: 4D:D1:B2:58:74:90:AD:06:1C:B2:07:17:6B:DE:EC:81:A5:31:58:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TdGyWHSQrQYcsgcXa97sgaUxWIw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/VsZ4CPfPixVt43IUWEA6vHlxqhM.roa
Signing time: Sun 01 Jan 2023 15:54:56 +0000
ROA not before: Sun 01 Jan 2023 15:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8297
IP address blocks: 195.219.88.0/24 maxlen: 24
2a01:3e0:ff71::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:0b:10:12:7a:d2:2d:ac:42:43:26:65:ce:65:94:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4dd1b2587490ad061cb207176bdeec81a531588c
Validity
Not Before: Jan 1 15:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=56c67808f7cf8b156de3721458403abc7971aa13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:37:fb:8a:ce:a6:b3:d3:75:5f:00:d9:bd:41:
45:49:94:39:87:5e:ff:1d:e9:17:78:3a:ab:d9:4b:
1f:50:6e:44:c0:e9:ea:be:d5:9c:22:ae:f7:e9:8d:
d7:01:1d:50:a9:ec:24:4a:cf:d1:ca:e9:a8:c5:91:
3c:f5:12:30:e1:cf:3a:d2:32:ae:ef:ff:21:10:23:
91:e2:5c:7d:8b:eb:aa:5b:06:51:f2:a9:d1:4c:17:
1b:6d:cb:34:3e:70:11:f2:cb:1a:d6:0a:f3:63:55:
31:d4:02:ea:d4:a9:3b:38:e9:43:4f:74:ec:49:49:
46:74:01:aa:03:b7:9f:e6:b3:1e:0a:f1:6b:df:5a:
21:e7:eb:6d:8d:d6:02:e5:57:1b:ab:c6:1a:c0:83:
49:76:44:d1:55:77:aa:eb:55:6b:87:07:d5:e8:3f:
78:a0:ca:f5:6c:9a:10:db:a3:66:d9:d6:32:c4:df:
f5:94:ce:7c:f3:1a:b2:9f:2a:e2:32:c6:be:18:a1:
34:c1:75:92:66:e9:2b:be:25:cb:11:7a:ce:6c:d8:
46:1b:2b:7c:93:c1:93:28:20:de:67:79:d3:a8:e1:
0a:52:15:08:81:6a:99:e7:a5:35:fe:7d:dd:6c:37:
b4:20:5c:b2:42:1c:10:d0:8d:f5:3f:19:51:b2:85:
4c:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:C6:78:08:F7:CF:8B:15:6D:E3:72:14:58:40:3A:BC:79:71:AA:13
X509v3 Authority Key Identifier:
keyid:4D:D1:B2:58:74:90:AD:06:1C:B2:07:17:6B:DE:EC:81:A5:31:58:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TdGyWHSQrQYcsgcXa97sgaUxWIw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/VsZ4CPfPixVt43IUWEA6vHlxqhM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/TdGyWHSQrQYcsgcXa97sgaUxWIw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.219.88.0/24
IPv6:
2a01:3e0:ff71::/48
Signature Algorithm: sha256WithRSAEncryption
35:e0:7f:08:10:89:b8:be:ff:47:5e:2e:a4:ec:da:ce:49:5c:
9e:87:50:6a:09:b6:b7:64:a3:06:86:75:6c:3d:55:cf:6d:03:
a5:b2:5f:84:2e:12:3e:92:8e:7c:61:4c:82:1a:90:f8:b3:92:
30:b2:62:1f:f1:b7:00:67:ee:04:30:79:aa:ca:0b:d5:13:f2:
fb:3e:f7:7d:0d:fc:a1:12:e8:a3:a1:b0:56:f5:e7:5e:f4:85:
da:2d:49:6f:ed:56:34:ac:d7:b0:86:f1:5d:7a:b2:f4:88:62:
1a:1c:23:d8:3a:80:02:fd:b7:4a:3d:2a:df:64:53:b3:e5:80:
53:52:99:4a:0b:df:f8:08:f9:0b:c2:a1:48:f5:ff:66:82:f5:
42:57:7b:98:52:e5:4c:8b:84:b6:f9:89:04:ec:5f:fe:44:83:
1c:45:2a:b8:2a:e8:64:91:c5:94:99:ba:19:a7:8b:9c:d4:87:
4d:9d:89:b7:75:c8:76:5f:e7:80:a7:7d:5c:2b:52:6e:a4:f4:
22:78:fd:08:f2:08:ac:9c:ba:4b:41:b4:ca:dc:95:75:0b:5c:
93:87:19:ea:48:7d:29:3b:15:cd:32:9b:2b:e3:88:98:92:6a:
a5:4d:7f:93:07:a7:b0:52:66:be:56:11:65:b8:e6:20:d2:7b:
d2:c9:05:a4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVuCxASetItrEJDJmXOZZQLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZDFiMjU4NzQ5MGFkMDYxY2IyMDcxNzZiZGVlYzgxYTUz
MTU4OGMwHhcNMjMwMTAxMTU1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmM2NzgwOGY3Y2Y4YjE1NmRlMzcyMTQ1ODQwM2FiYzc5NzFhYTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhTf7is6ms9N1XwDZvUFFSZQ5h17/
HekXeDqr2UsfUG5EwOnqvtWcIq736Y3XAR1QqewkSs/RyumoxZE89RIw4c860jKu
7/8hECOR4lx9i+uqWwZR8qnRTBcbbcs0PnAR8ssa1grzY1Ux1ALq1Kk7OOlDT3Ts
SUlGdAGqA7ef5rMeCvFr31oh5+ttjdYC5Vcbq8YawINJdkTRVXeq61VrhwfV6D94
oMr1bJoQ26Nm2dYyxN/1lM588xqynyriMsa+GKE0wXWSZukrviXLEXrObNhGGyt8
k8GTKCDeZ3nTqOEKUhUIgWqZ56U1/n3dbDe0IFyyQhwQ0I31PxlRsoVM8wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFbGeAj3z4sVbeNyFFhAOrx5caoTMB8GA1UdIwQY
MBaAFE3Rslh0kK0GHLIHF2ve7IGlMViMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGRHeVdIU1FyUVljc2djWGE5N3NnYVV4V0l3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8wMWQyYWYtMWYyMS00YjgwLWI2NjUt
ZGI0NjNjNWZiMGI0LzEvVnNaNENQZlBpeFZ0NDNJVVdFQTZ2SGx4cWhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8wMWQyYWYtMWYyMS00YjgwLWI2NjUtZGI0NjNjNWZiMGI0
LzEvVGRHeVdIU1FyUVljc2djWGE5N3NnYVV4V0l3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAw9tYMA8E
AgACMAkDBwAqAQPg/3EwDQYJKoZIhvcNAQELBQADggEBADXgfwgQibi+/0deLqTs
2s5JXJ6HUGoJtrdkowaGdWw9Vc9tA6WyX4QuEj6SjnxhTIIakPizkjCyYh/xtwBn
7gQwearKC9UT8vs+930N/KES6KOhsFb15170hdotSW/tVjSs17CG8V16svSIYhoc
I9g6gAL9t0o9Kt9kU7PlgFNSmUoL3/gI+QvCoUj1/2aC9UJXe5hS5UyLhLb5iQTs
X/5EgxxFKrgq6GSRxZSZuhmni5zUh02dibd1yHZf54CnfVwrUm6k9CJ4/QjyCKyc
uktBtMrclXULXJOHGepIfSk7Fc0ymyvjiJiSaqVNf5MHp7BSZr5WEWW45iDSe9LJ
BaQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:19 2024 by rpki-client on console-ams.rpki-client.org