Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/f0f5ff-a820-4dba-8ee1-cda57426de22/1/vcgkHcZKsISRVjFgOZq0mC9LBsw.roa
File: vcgkHcZKsISRVjFgOZq0mC9LBsw.roa (raw, json)
Hash identifier: +d/AUtH1d8v8jxHLwhwMCOry8GgdG4vVnYxUb1Iup1w=
Subject key identifier: BD:C8:24:1D:C6:4A:B0:84:91:56:31:60:39:9A:B4:98:2F:4B:06:CC
Certificate issuer: /CN=480423aa17d04f56c690040345d6762bbfd1f88b
Certificate serial: 01856F4288FB4009B2935D809742242AFB9D
Authority key identifier: 48:04:23:AA:17:D0:4F:56:C6:90:04:03:45:D6:76:2B:BF:D1:F8:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAQjqhfQT1bGkAQDRdZ2K7_R-Is.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/f0f5ff-a820-4dba-8ee1-cda57426de22/1/vcgkHcZKsISRVjFgOZq0mC9LBsw.roa
Signing time: Sun 01 Jan 2023 21:35:09 +0000
ROA not before: Sun 01 Jan 2023 21:35:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48593
IP address blocks: 91.209.195.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:88:fb:40:09:b2:93:5d:80:97:42:24:2a:fb:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=480423aa17d04f56c690040345d6762bbfd1f88b
Validity
Not Before: Jan 1 21:35:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bdc8241dc64ab08491563160399ab4982f4b06cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:e7:ed:00:e7:dd:5f:c6:55:9f:b8:f2:17:17:
cd:93:17:2d:08:59:1f:43:53:c9:f5:c2:31:0e:2d:
e4:31:e0:c0:e5:87:a5:a4:08:99:0a:2c:c1:0e:66:
02:e3:12:33:5b:df:62:bf:16:7c:6b:c4:3d:f4:58:
2c:aa:cb:71:5d:84:a5:c9:10:ca:30:5c:79:9f:f4:
26:e5:ee:8e:33:5c:18:62:36:78:f0:f4:3a:ae:f3:
01:f5:4c:c5:20:d6:c1:08:13:a9:2e:8c:e1:85:3d:
80:29:43:6d:ba:b7:6f:1f:08:ad:28:7e:44:ee:4a:
c0:da:3c:88:19:b2:80:7c:51:3b:f3:46:2b:1d:54:
88:10:02:5d:1b:66:f1:fc:02:38:33:a0:26:e4:f6:
cd:1c:4e:86:6d:16:85:93:41:ba:a9:17:c3:5e:c2:
b8:e2:d0:af:33:b2:ae:96:96:5b:9f:dd:5e:74:b1:
bb:77:73:1f:3d:ca:1e:c1:a9:90:ef:4c:98:64:a1:
9b:b8:07:6d:59:22:a0:34:de:72:39:d4:aa:1e:4c:
83:30:6d:48:51:23:5d:9b:f1:d1:32:9d:81:9e:11:
9d:18:ad:ff:e3:f8:15:7d:d6:8f:41:b1:b1:66:6d:
a8:3c:36:4e:0b:9a:c6:97:cf:10:df:4f:ba:ce:1f:
bd:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:C8:24:1D:C6:4A:B0:84:91:56:31:60:39:9A:B4:98:2F:4B:06:CC
X509v3 Authority Key Identifier:
keyid:48:04:23:AA:17:D0:4F:56:C6:90:04:03:45:D6:76:2B:BF:D1:F8:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAQjqhfQT1bGkAQDRdZ2K7_R-Is.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/f0f5ff-a820-4dba-8ee1-cda57426de22/1/vcgkHcZKsISRVjFgOZq0mC9LBsw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/f0f5ff-a820-4dba-8ee1-cda57426de22/1/SAQjqhfQT1bGkAQDRdZ2K7_R-Is.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.195.0/24
Signature Algorithm: sha256WithRSAEncryption
87:96:d5:5a:f6:57:02:13:e4:2e:5d:a2:62:f2:4a:fb:7b:d8:
b1:78:0d:69:60:6a:91:07:07:4c:c2:40:cd:a1:25:e3:00:a6:
8f:e0:f8:39:de:1f:8b:5f:ff:5f:7e:2e:7b:04:57:b0:7f:c7:
48:08:9a:b6:5e:c4:90:89:47:1c:c8:1f:b1:6f:eb:a8:dd:bd:
88:9b:77:a1:f6:eb:d0:ac:06:f2:28:16:e8:ef:c9:a8:0d:af:
ea:20:2c:e8:4f:00:13:3d:fd:37:db:ab:55:46:67:61:37:de:
fc:44:1f:9e:a8:3e:e6:09:33:11:f6:07:59:7d:a7:d2:90:71:
87:e9:ad:04:7f:c1:76:2d:d6:f6:02:3d:ef:41:e2:87:13:c2:
9e:e5:4d:93:42:89:48:14:fe:5f:81:66:a6:a6:c3:86:03:38:
94:04:8b:62:5f:f3:93:77:51:e5:e9:a0:dc:e7:46:09:40:42:
b2:74:b7:85:b4:76:c3:19:60:cb:ca:d4:91:59:61:36:84:d9:
fd:ad:92:f9:73:3b:1a:9e:2b:6e:90:de:6d:c7:58:ba:10:e4:
f1:12:a3:1d:35:72:87:0c:ff:19:c1:48:9d:6d:9d:ab:1d:d6:
f3:0c:50:25:0f:42:4a:88:a9:be:2b:21:e5:88:3c:09:8d:56:
88:ab:c8:49
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvQoj7QAmyk12Al0IkKvudMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MDQyM2FhMTdkMDRmNTZjNjkwMDQwMzQ1ZDY3NjJiYmZk
MWY4OGIwHhcNMjMwMTAxMjEzNTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGM4MjQxZGM2NGFiMDg0OTE1NjMxNjAzOTlhYjQ5ODJmNGIwNmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg+ftAOfdX8ZVn7jyFxfNkxctCFkf
Q1PJ9cIxDi3kMeDA5YelpAiZCizBDmYC4xIzW99ivxZ8a8Q99FgsqstxXYSlyRDK
MFx5n/Qm5e6OM1wYYjZ48PQ6rvMB9UzFINbBCBOpLozhhT2AKUNturdvHwitKH5E
7krA2jyIGbKAfFE780YrHVSIEAJdG2bx/AI4M6Am5PbNHE6GbRaFk0G6qRfDXsK4
4tCvM7KulpZbn91edLG7d3MfPcoewamQ70yYZKGbuAdtWSKgNN5yOdSqHkyDMG1I
USNdm/HRMp2BnhGdGK3/4/gVfdaPQbGxZm2oPDZOC5rGl88Q30+6zh+9/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL3IJB3GSrCEkVYxYDmatJgvSwbMMB8GA1UdIwQY
MBaAFEgEI6oX0E9WxpAEA0XWdiu/0fiLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0FRanFoZlFUMWJHa0FRRFJkWjJLN19SLUlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS9mMGY1ZmYtYTgyMC00ZGJhLThlZTEt
Y2RhNTc0MjZkZTIyLzEvdmNna0hjWktzSVNSVmpGZ09acTBtQzlMQnN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS9mMGY1ZmYtYTgyMC00ZGJhLThlZTEtY2RhNTc0MjZkZTIy
LzEvU0FRanFoZlFUMWJHa0FRRFJkWjJLN19SLUlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9HDMA0G
CSqGSIb3DQEBCwUAA4IBAQCHltVa9lcCE+QuXaJi8kr7e9ixeA1pYGqRBwdMwkDN
oSXjAKaP4Pg53h+LX/9ffi57BFewf8dICJq2XsSQiUccyB+xb+uo3b2Im3eh9uvQ
rAbyKBbo78moDa/qICzoTwATPf0326tVRmdhN978RB+eqD7mCTMR9gdZfafSkHGH
6a0Ef8F2Ldb2Aj3vQeKHE8Ke5U2TQolIFP5fgWampsOGAziUBItiX/OTd1Hl6aDc
50YJQEKydLeFtHbDGWDLytSRWWE2hNn9rZL5czsanitukN5tx1i6EOTxEqMdNXKH
DP8ZwUidbZ2rHdbzDFAlD0JKiKm+KyHliDwJjVaIq8hJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:11 2024 by rpki-client on console-ams.rpki-client.org