Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/9385aa-1b79-4a02-a092-01eb03684f09/1/vmZfBIXnXbIiacuqTy7UHFQbHGA.roa
File: vmZfBIXnXbIiacuqTy7UHFQbHGA.roa (raw, json)
Hash identifier: YThqJ9dRy191D+vX3JInZ45NP0D8LT3xO5qeRrQQ5P8=
Subject key identifier: BE:66:5F:04:85:E7:5D:B2:22:69:CB:AA:4F:2E:D4:1C:54:1B:1C:60
Certificate issuer: /CN=7f51228374742df544aa93058c5a3bd3d1642199
Certificate serial: 018570B09B0C13332FAB525B19EC899ED80D
Authority key identifier: 7F:51:22:83:74:74:2D:F5:44:AA:93:05:8C:5A:3B:D3:D1:64:21:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f1Eig3R0LfVEqpMFjFo709FkIZk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/9385aa-1b79-4a02-a092-01eb03684f09/1/vmZfBIXnXbIiacuqTy7UHFQbHGA.roa
Signing time: Mon 02 Jan 2023 04:15:00 +0000
ROA not before: Mon 02 Jan 2023 04:15:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201014
IP address blocks: 185.88.224.0/22 maxlen: 22
2a05:cf00::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b0:9b:0c:13:33:2f:ab:52:5b:19:ec:89:9e:d8:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7f51228374742df544aa93058c5a3bd3d1642199
Validity
Not Before: Jan 2 04:15:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=be665f0485e75db22269cbaa4f2ed41c541b1c60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:36:fc:40:2f:69:26:1d:55:0d:aa:b9:23:2a:
25:11:81:f0:9f:1d:8d:f0:91:bd:f7:1b:dd:e8:d1:
6b:c3:17:d0:7b:3e:3e:b6:9c:64:c9:69:9f:b3:03:
86:e8:7e:3f:bf:c7:96:7f:62:9f:49:d7:ee:7f:cc:
b2:48:5b:47:e1:19:06:7a:74:c2:45:4a:cd:6f:c3:
f7:2f:35:3b:10:89:e6:ec:e0:e9:74:f5:65:54:33:
fa:71:20:0a:4e:5a:52:b4:13:f5:3e:c8:a5:78:7f:
64:7b:5a:8c:31:55:65:02:5d:74:f7:70:4d:5c:35:
76:00:d7:ad:46:f3:a4:9f:fb:2b:4e:66:ba:94:fb:
21:7f:ba:9a:f8:12:a3:d1:6a:10:8c:b0:90:f7:74:
81:4b:a5:6e:30:16:39:a2:df:eb:db:c1:c1:7a:75:
a6:3c:01:98:45:75:eb:51:a3:0d:2c:2f:ea:cf:b4:
f3:5b:de:43:73:d0:37:80:44:e7:a2:3d:e5:50:5f:
d8:36:3a:a5:53:12:75:2c:f4:ad:86:f6:10:c4:19:
fe:d3:a9:fc:41:c7:ea:8b:a3:53:5f:29:b5:2f:39:
2e:27:df:8e:3e:51:dc:25:ee:53:29:24:eb:6d:aa:
3d:ad:19:ac:7d:6e:38:ed:8b:e1:fc:88:92:f8:e9:
fc:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:66:5F:04:85:E7:5D:B2:22:69:CB:AA:4F:2E:D4:1C:54:1B:1C:60
X509v3 Authority Key Identifier:
keyid:7F:51:22:83:74:74:2D:F5:44:AA:93:05:8C:5A:3B:D3:D1:64:21:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1Eig3R0LfVEqpMFjFo709FkIZk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/9385aa-1b79-4a02-a092-01eb03684f09/1/vmZfBIXnXbIiacuqTy7UHFQbHGA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/9385aa-1b79-4a02-a092-01eb03684f09/1/f1Eig3R0LfVEqpMFjFo709FkIZk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.88.224.0/22
IPv6:
2a05:cf00::/29
Signature Algorithm: sha256WithRSAEncryption
2c:5e:ad:32:ab:ba:9a:b5:14:90:ea:99:18:5a:c0:c1:b9:b4:
ce:fc:41:b0:cd:f5:9a:00:8f:e8:ef:a7:c9:a0:c9:19:90:d7:
b4:42:13:da:e4:b9:ce:15:3b:61:83:95:6d:1f:cb:e5:85:59:
52:cc:67:d7:06:fc:54:76:24:1c:5c:ce:c6:51:ba:b2:98:33:
5a:77:cb:c8:5c:1b:b3:bb:0d:21:f2:25:be:fb:ec:82:cf:e9:
d4:fa:ec:56:dc:cb:30:47:1e:ef:7e:8e:20:33:a5:34:16:28:
8c:b3:c6:71:a6:8c:cb:fc:0c:e4:b0:7c:2c:ac:78:9f:f0:27:
5b:e2:7d:a9:4f:5b:48:15:4f:58:e0:3a:2d:d1:a9:c5:86:e9:
17:cc:37:bf:31:c7:05:fa:43:46:aa:af:ee:02:1d:9f:6d:7e:
fd:14:e8:c9:8f:9c:6a:70:a8:b3:ab:7f:e5:87:d8:52:99:ad:
5d:cb:11:7b:10:dd:9b:35:e7:08:87:fa:2e:8e:c1:ec:97:44:
b6:22:25:f2:f4:70:a8:c0:e5:98:63:fd:1e:ed:02:eb:15:e5:
28:6d:63:04:64:7d:3f:33:ea:6c:13:c7:57:25:da:b7:af:a7:
d4:ce:b1:d6:3d:03:48:bc:6a:d9:4a:06:3d:c1:cf:fa:db:94:
c2:93:91:64
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwsJsMEzMvq1JbGeyJntgNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmNTEyMjgzNzQ3NDJkZjU0NGFhOTMwNThjNWEzYmQzZDE2
NDIxOTkwHhcNMjMwMTAyMDQxNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTY2NWYwNDg1ZTc1ZGIyMjI2OWNiYWE0ZjJlZDQxYzU0MWIxYzYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkTb8QC9pJh1VDaq5IyolEYHwnx2N
8JG99xvd6NFrwxfQez4+tpxkyWmfswOG6H4/v8eWf2KfSdfuf8yySFtH4RkGenTC
RUrNb8P3LzU7EInm7ODpdPVlVDP6cSAKTlpStBP1PsileH9ke1qMMVVlAl1093BN
XDV2ANetRvOkn/srTma6lPshf7qa+BKj0WoQjLCQ93SBS6VuMBY5ot/r28HBenWm
PAGYRXXrUaMNLC/qz7TzW95Dc9A3gETnoj3lUF/YNjqlUxJ1LPSthvYQxBn+06n8
Qcfqi6NTXym1LzkuJ9+OPlHcJe5TKSTrbao9rRmsfW447Yvh/IiS+On8UQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFL5mXwSF512yImnLqk8u1BxUGxxgMB8GA1UdIwQY
MBaAFH9RIoN0dC31RKqTBYxaO9PRZCGZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjFFaWczUjBMZlZFcXBNRmpGbzcwOUZrSVprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS85Mzg1YWEtMWI3OS00YTAyLWEwOTIt
MDFlYjAzNjg0ZjA5LzEvdm1aZkJJWG5YYklpYWN1cVR5N1VIRlFiSEdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS85Mzg1YWEtMWI3OS00YTAyLWEwOTItMDFlYjAzNjg0ZjA5
LzEvZjFFaWczUjBMZlZFcXBNRmpGbzcwOUZrSVprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVjgMA0E
AgACMAcDBQMqBc8AMA0GCSqGSIb3DQEBCwUAA4IBAQAsXq0yq7qatRSQ6pkYWsDB
ubTO/EGwzfWaAI/o76fJoMkZkNe0QhPa5LnOFTthg5VtH8vlhVlSzGfXBvxUdiQc
XM7GUbqymDNad8vIXBuzuw0h8iW+++yCz+nU+uxW3MswRx7vfo4gM6U0FiiMs8Zx
pozL/AzksHwsrHif8Cdb4n2pT1tIFU9Y4Dot0anFhukXzDe/MccF+kNGqq/uAh2f
bX79FOjJj5xqcKizq3/lh9hSma1dyxF7EN2bNecIh/oujsHsl0S2IiXy9HCowOWY
Y/0e7QLrFeUobWMEZH0/M+psE8dXJdq3r6fUzrHWPQNIvGrZSgY9wc/625TCk5Fk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:22 2024 by rpki-client on console-fra.rpki-client.org