Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9e2dfd-f2e9-416d-8f1f-bb3431fe0285/1/VkkSjhmuMaFWIEUfOHPLCoaAEqs.roa
File: VkkSjhmuMaFWIEUfOHPLCoaAEqs.roa (raw, json)
Hash identifier: QG5+p2pD0ioSbVm2OseaYZ2sA3kS2NGyYWNp4sEpdyk=
Subject key identifier: 56:49:12:8E:19:AE:31:A1:56:20:45:1F:38:73:CB:0A:86:80:12:AB
Certificate issuer: /CN=a0606b8aad553f0948c7a894d68671870eb82cb0
Certificate serial: 01856D0A94236931AD0B57D40EE6F9CD420B
Authority key identifier: A0:60:6B:8A:AD:55:3F:09:48:C7:A8:94:D6:86:71:87:0E:B8:2C:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oGBriq1VPwlIx6iU1oZxhw64LLA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9e2dfd-f2e9-416d-8f1f-bb3431fe0285/1/VkkSjhmuMaFWIEUfOHPLCoaAEqs.roa
Signing time: Sun 01 Jan 2023 11:14:47 +0000
ROA not before: Sun 01 Jan 2023 11:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2200
IP address blocks: 147.100.0.0/16 maxlen: 16
147.99.0.0/16 maxlen: 16
138.102.0.0/16 maxlen: 16
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:0a:94:23:69:31:ad:0b:57:d4:0e:e6:f9:cd:42:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0606b8aad553f0948c7a894d68671870eb82cb0
Validity
Not Before: Jan 1 11:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5649128e19ae31a15620451f3873cb0a868012ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:73:fd:ab:f1:66:be:e6:db:f8:8b:df:95:db:
18:d7:76:41:20:d7:60:32:a5:65:81:9d:e7:25:c5:
12:a5:b2:fb:38:62:91:d6:7d:87:09:28:89:01:62:
cb:43:cd:e8:77:ce:13:7e:ae:44:d5:25:00:2d:c5:
83:9a:37:a4:0c:29:df:ad:af:78:e2:9d:22:d1:2c:
dd:8b:21:ad:5d:28:38:38:b4:ef:45:86:cf:a5:e2:
e6:b3:b8:7f:48:32:f2:a0:9d:47:cc:49:46:6c:3d:
39:64:fa:76:60:6f:4f:9b:ad:76:6d:25:f4:a2:d8:
57:06:b9:0d:ef:07:34:7d:bd:9d:2b:ff:14:6c:bc:
47:39:fc:76:54:f1:44:47:85:c5:01:94:98:de:81:
cf:d7:ea:ba:ef:8c:95:5c:a0:d6:9a:c5:ea:28:b6:
e2:c9:59:9b:8c:80:5a:66:1c:d4:42:f4:37:be:4a:
2e:e1:c6:50:89:0d:40:25:0e:af:fb:4d:3d:4f:4f:
38:a3:16:24:3c:1b:f8:a8:2c:31:54:d9:58:c0:68:
88:bf:da:dc:ab:8d:3f:d8:1f:1f:4c:05:74:b9:32:
49:80:76:1b:8c:7c:02:6a:98:ee:3a:18:76:91:fb:
bb:c4:91:fa:23:c3:f5:c3:f4:71:04:fd:fd:29:62:
bb:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:49:12:8E:19:AE:31:A1:56:20:45:1F:38:73:CB:0A:86:80:12:AB
X509v3 Authority Key Identifier:
keyid:A0:60:6B:8A:AD:55:3F:09:48:C7:A8:94:D6:86:71:87:0E:B8:2C:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oGBriq1VPwlIx6iU1oZxhw64LLA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9e2dfd-f2e9-416d-8f1f-bb3431fe0285/1/VkkSjhmuMaFWIEUfOHPLCoaAEqs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9e2dfd-f2e9-416d-8f1f-bb3431fe0285/1/oGBriq1VPwlIx6iU1oZxhw64LLA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
138.102.0.0/16
147.99.0.0-147.100.255.255
Signature Algorithm: sha256WithRSAEncryption
1a:56:5e:37:eb:93:d9:4c:be:d4:1c:59:9b:5d:8e:87:4b:3d:
3c:43:17:3b:c1:0c:c3:1f:0e:ba:7b:be:4c:5a:7e:81:68:7c:
dd:9f:bf:00:96:13:58:d6:e2:13:7a:31:5a:4d:f3:d6:eb:ac:
a3:c3:f5:84:57:54:04:c4:8c:85:32:f0:6f:15:ad:9a:ac:cd:
65:1d:6d:c1:da:80:09:78:f2:70:17:46:28:cc:b7:50:99:4e:
f7:68:8d:66:39:f3:af:e0:ec:15:c9:b2:25:8c:5c:ac:bc:5e:
ef:88:02:32:c3:df:01:e0:f0:54:8d:ea:ba:43:1e:e4:ea:e1:
e0:6d:f1:83:7c:a1:ec:7c:67:fc:9d:1b:83:5e:12:d6:89:06:
6c:4b:d0:5b:2c:5b:f8:14:fd:61:eb:80:66:b0:db:7a:03:2b:
36:a7:a4:33:93:2a:35:78:d7:de:ec:56:9c:bb:79:52:a9:86:
c0:ba:f9:95:9c:f7:40:ee:27:1d:37:12:90:5a:d7:1d:85:2b:
b1:3c:74:d8:5f:94:f4:0e:b8:75:eb:b3:4d:d2:f5:56:2f:d0:
b9:96:19:af:f8:12:da:db:20:f8:e1:82:d1:48:2a:53:de:e7:
53:d3:2a:4c:24:25:ac:c8:f9:cb:a4:41:79:55:30:6f:0f:89:
21:6d:20:03
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAYVtCpQjaTGtC1fUDub5zUILMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwNjA2YjhhYWQ1NTNmMDk0OGM3YTg5NGQ2ODY3MTg3MGVi
ODJjYjAwHhcNMjMwMTAxMTExNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjQ5MTI4ZTE5YWUzMWExNTYyMDQ1MWYzODczY2IwYTg2ODAxMmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi3P9q/Fmvubb+IvfldsY13ZBINdg
MqVlgZ3nJcUSpbL7OGKR1n2HCSiJAWLLQ83od84Tfq5E1SUALcWDmjekDCnfra94
4p0i0SzdiyGtXSg4OLTvRYbPpeLms7h/SDLyoJ1HzElGbD05ZPp2YG9Pm612bSX0
othXBrkN7wc0fb2dK/8UbLxHOfx2VPFER4XFAZSY3oHP1+q674yVXKDWmsXqKLbi
yVmbjIBaZhzUQvQ3vkou4cZQiQ1AJQ6v+009T084oxYkPBv4qCwxVNlYwGiIv9rc
q40/2B8fTAV0uTJJgHYbjHwCapjuOhh2kfu7xJH6I8P1w/RxBP39KWK7IQIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFFZJEo4ZrjGhViBFHzhzywqGgBKrMB8GA1UdIwQY
MBaAFKBga4qtVT8JSMeolNaGcYcOuCywMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0dCcmlxMVZQd2xJeDZpVTFvWnhodzY0TExBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85ZTJkZmQtZjJlOS00MTZkLThmMWYt
YmIzNDMxZmUwMjg1LzEvVmtrU2pobXVNYUZXSUVVZk9IUExDb2FBRXFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85ZTJkZmQtZjJlOS00MTZkLThmMWYtYmIzNDMxZmUwMjg1
LzEvb0dCcmlxMVZQd2xJeDZpVTFvWnhodzY0TExBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAATARAwMAimYwCgMD
AJNjAwMAk2QwDQYJKoZIhvcNAQELBQADggEBABpWXjfrk9lMvtQcWZtdjodLPTxD
FzvBDMMfDrp7vkxafoFofN2fvwCWE1jW4hN6MVpN89brrKPD9YRXVATEjIUy8G8V
rZqszWUdbcHagAl48nAXRijMt1CZTvdojWY586/g7BXJsiWMXKy8Xu+IAjLD3wHg
8FSN6rpDHuTq4eBt8YN8oex8Z/ydG4NeEtaJBmxL0FssW/gU/WHrgGaw23oDKzan
pDOTKjV4197sVpy7eVKphsC6+ZWc90DuJx03EpBa1x2FK7E8dNhflPQOuHXrs03S
9VYv0LmWGa/4EtrbIPjhgtFIKlPe51PTKkwkJazI+cukQXlVMG8PiSFtIAM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:27 2024 by rpki-client on console-ams.rpki-client.org