Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/ecb197-e0f5-438d-8fc5-e4d45971b13d/1/ru0_vmsUy4Z7zVPppLft6IqhCP8.roa
File: ru0_vmsUy4Z7zVPppLft6IqhCP8.roa (raw, json)
Hash identifier: ygK5OvTYttFxDpvhZEf5kOyn10l5ZWA0i1nH3O5wjmQ=
Subject key identifier: AE:ED:3F:BE:6B:14:CB:86:7B:CD:53:E9:A4:B7:ED:E8:8A:A1:08:FF
Certificate issuer: /CN=7b827acc680aa29ddac823889d87863e414b2411
Certificate serial: 01856CAF1637BF1F0E4EA9211D50BCDE6361
Authority key identifier: 7B:82:7A:CC:68:0A:A2:9D:DA:C8:23:88:9D:87:86:3E:41:4B:24:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e4J6zGgKop3ayCOInYeGPkFLJBE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/ecb197-e0f5-438d-8fc5-e4d45971b13d/1/ru0_vmsUy4Z7zVPppLft6IqhCP8.roa
Signing time: Sun 01 Jan 2023 09:34:51 +0000
ROA not before: Sun 01 Jan 2023 09:34:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59752
IP address blocks: 185.95.128.0/22 maxlen: 24
164.177.168.0/21 maxlen: 24
2a03:2500::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:af:16:37:bf:1f:0e:4e:a9:21:1d:50:bc:de:63:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b827acc680aa29ddac823889d87863e414b2411
Validity
Not Before: Jan 1 09:34:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aeed3fbe6b14cb867bcd53e9a4b7ede88aa108ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:d1:0a:16:d9:f6:ec:4f:68:c8:09:6b:ca:89:
f3:03:2a:35:57:05:0c:3a:70:bf:8e:a4:4b:da:19:
78:a9:a0:f9:bf:68:92:18:d6:1a:f4:14:17:e2:fe:
b4:d1:61:6d:13:d9:07:0c:ad:02:28:87:72:aa:d6:
a1:75:d1:05:1a:97:d9:67:d6:66:30:2a:82:49:d4:
bd:e0:31:de:b1:23:7a:bd:38:a2:d5:f2:ba:66:ef:
ff:8a:b2:60:e7:0a:de:b4:be:7b:ec:b6:7c:7f:5c:
50:ec:a9:09:3b:d8:69:e7:30:ff:11:4b:39:4e:81:
83:2f:0e:10:aa:6c:39:5e:b2:4b:96:d2:f9:61:19:
6b:b8:36:80:fd:b6:a4:09:b4:d4:53:fe:13:19:80:
05:14:1b:65:b5:9c:7b:6b:bb:ec:32:4c:41:00:48:
f6:ff:54:18:bf:ff:73:d9:f2:d8:fa:d4:68:f5:db:
e0:51:46:ff:09:d9:26:2c:61:91:4e:d7:de:8f:22:
3e:21:ac:f2:47:bf:da:12:eb:ed:05:9c:df:b5:af:
2c:05:b2:6f:28:16:94:b8:83:7f:23:be:e9:a8:fc:
0d:48:be:7c:6d:79:26:9b:99:ee:fa:54:64:43:8d:
6d:73:6f:09:91:3a:42:64:b7:10:74:87:d5:3d:86:
10:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:ED:3F:BE:6B:14:CB:86:7B:CD:53:E9:A4:B7:ED:E8:8A:A1:08:FF
X509v3 Authority Key Identifier:
keyid:7B:82:7A:CC:68:0A:A2:9D:DA:C8:23:88:9D:87:86:3E:41:4B:24:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4J6zGgKop3ayCOInYeGPkFLJBE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/ecb197-e0f5-438d-8fc5-e4d45971b13d/1/ru0_vmsUy4Z7zVPppLft6IqhCP8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/ecb197-e0f5-438d-8fc5-e4d45971b13d/1/e4J6zGgKop3ayCOInYeGPkFLJBE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
164.177.168.0/21
185.95.128.0/22
IPv6:
2a03:2500::/32
Signature Algorithm: sha256WithRSAEncryption
23:2c:68:f9:73:35:ce:a7:85:9b:11:ec:28:84:f6:a0:8c:5a:
45:c5:8b:93:e7:9c:10:0a:a5:ab:72:05:9d:c0:a2:f8:3d:dd:
ed:c1:16:17:91:f2:a7:86:59:c1:7c:5c:14:07:27:9a:96:e0:
6f:b4:b9:e9:58:16:4f:79:c9:b3:a6:60:98:fb:0f:5d:08:a2:
c1:72:a3:c4:b9:75:6b:4d:a2:db:a8:fe:c9:bf:6c:4b:7f:fb:
02:07:1d:dc:89:a0:7a:26:47:f4:ed:ec:94:56:44:4a:4b:5b:
79:97:eb:a6:fb:5a:95:de:28:6b:a9:c7:a6:58:3d:58:f3:ca:
26:cb:b9:47:44:29:db:7d:64:27:1a:de:4d:f9:4f:76:45:91:
3f:db:54:fd:88:7a:c7:d2:ba:9a:6d:7f:40:de:bd:d1:c1:cf:
8b:9e:cd:2b:b4:a6:00:6b:dd:16:a9:2e:32:ff:5a:5f:d0:2b:
51:3d:0b:44:4a:52:37:10:7f:11:07:20:0a:72:6c:97:d2:fd:
38:ea:05:7e:d8:a6:71:8b:67:e7:3e:fa:a1:78:36:2e:2f:48:
d1:9d:c5:1e:df:a9:5b:7e:e5:c2:10:b6:4e:f7:ad:bc:dc:03:
a2:60:0d:80:e8:1d:86:8a:f0:5a:46:2c:7e:f3:db:aa:85:a7:
8e:de:24:b8
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVsrxY3vx8OTqkhHVC83mNhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiODI3YWNjNjgwYWEyOWRkYWM4MjM4ODlkODc4NjNlNDE0
YjI0MTEwHhcNMjMwMTAxMDkzNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWVkM2ZiZTZiMTRjYjg2N2JjZDUzZTlhNGI3ZWRlODhhYTEwOGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgtEKFtn27E9oyAlryonzAyo1VwUM
OnC/jqRL2hl4qaD5v2iSGNYa9BQX4v600WFtE9kHDK0CKIdyqtahddEFGpfZZ9Zm
MCqCSdS94DHesSN6vTii1fK6Zu//irJg5wretL577LZ8f1xQ7KkJO9hp5zD/EUs5
ToGDLw4Qqmw5XrJLltL5YRlruDaA/bakCbTUU/4TGYAFFBtltZx7a7vsMkxBAEj2
/1QYv/9z2fLY+tRo9dvgUUb/CdkmLGGRTtfejyI+IazyR7/aEuvtBZzfta8sBbJv
KBaUuIN/I77pqPwNSL58bXkmm5nu+lRkQ41tc28JkTpCZLcQdIfVPYYQKwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFK7tP75rFMuGe81T6aS37eiKoQj/MB8GA1UdIwQY
MBaAFHuCesxoCqKd2sgjiJ2Hhj5BSyQRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTRKNnpHZ0tvcDNheUNPSW5ZZUdQa0ZMSkJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9lY2IxOTctZTBmNS00MzhkLThmYzUt
ZTRkNDU5NzFiMTNkLzEvcnUwX3Ztc1V5NFo3elZQcHBMZnQ2SXFoQ1A4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9lY2IxOTctZTBmNS00MzhkLThmYzUtZTRkNDU5NzFiMTNk
LzEvZTRKNnpHZ0tvcDNheUNPSW5ZZUdQa0ZMSkJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDpLGoAwQC
uV+AMA0EAgACMAcDBQAqAyUAMA0GCSqGSIb3DQEBCwUAA4IBAQAjLGj5czXOp4Wb
EewohPagjFpFxYuT55wQCqWrcgWdwKL4Pd3twRYXkfKnhlnBfFwUByealuBvtLnp
WBZPecmzpmCY+w9dCKLBcqPEuXVrTaLbqP7Jv2xLf/sCBx3ciaB6Jkf07eyUVkRK
S1t5l+um+1qV3ihrqcemWD1Y88omy7lHRCnbfWQnGt5N+U92RZE/21T9iHrH0rqa
bX9A3r3Rwc+Lns0rtKYAa90WqS4y/1pf0CtRPQtESlI3EH8RByAKcmyX0v046gV+
2KZxi2fnPvqheDYuL0jRncUe36lbfuXCELZO96283AOiYA2A6B2GivBaRix+89uq
haeO3iS4
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:19:44 2024 by rpki-client on console-ams.rpki-client.org