Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/VF6T9-rWtOPZmY3VyeKNxsBhfYI.roa
File: VF6T9-rWtOPZmY3VyeKNxsBhfYI.roa (raw, json)
Hash identifier: j2wA/P4QJsPKVLLVhGNIbmkpVBMaN0Fn7w5Fx0UVwwE=
Subject key identifier: 54:5E:93:F7:EA:D6:B4:E3:D9:99:8D:D5:C9:E2:8D:C6:C0:61:7D:82
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 0185738FFBF50C99A5A74812FE4B716793A8
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/VF6T9-rWtOPZmY3VyeKNxsBhfYI.roa
Signing time: Mon 02 Jan 2023 17:38:13 +0000
ROA not before: Mon 02 Jan 2023 17:38:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204914
IP address blocks: 2.56.165.0/24 maxlen: 24
77.83.242.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 15 Feb 2023 12:19:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:8f:fb:f5:0c:99:a5:a7:48:12:fe:4b:71:67:93:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 2 17:38:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=545e93f7ead6b4e3d9998dd5c9e28dc6c0617d82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:29:b3:59:46:8c:8f:f2:3d:e8:01:ae:e1:01:
fb:09:2d:f4:13:27:99:63:70:a9:70:6f:f7:d9:dc:
f1:d6:20:8a:39:e4:76:e5:90:bb:7a:fd:6d:0c:95:
60:e4:e8:5c:31:e1:54:87:54:b7:85:02:ed:40:96:
71:1a:34:51:5a:37:4a:b3:79:39:46:ab:a6:98:59:
70:a6:5f:d1:a0:06:68:2b:e9:5e:7b:4b:f7:d6:9a:
54:d4:4b:a8:d9:ce:20:2c:e4:4a:41:d2:b3:57:08:
d5:9d:e6:11:85:a2:35:86:c9:b7:1c:60:82:80:eb:
47:a9:2a:a8:dd:42:a5:75:37:3f:51:03:d5:b5:62:
4a:17:ea:ae:c6:c5:b4:00:56:73:89:df:fb:fe:f2:
82:f7:df:04:f7:84:25:3d:f1:4c:16:33:11:a4:48:
94:63:db:67:08:07:70:cc:5d:72:47:cb:cc:a5:b7:
ca:47:77:47:ab:74:f7:87:8a:43:e6:cb:0b:81:88:
73:cf:83:a7:e4:c5:2f:32:ea:93:d9:57:2f:a1:f7:
83:f7:41:48:1f:7a:81:fb:8b:eb:a2:72:fc:82:bf:
27:27:ec:10:f9:59:2f:02:11:b8:66:e2:39:80:f7:
d3:98:13:13:a6:d4:a1:34:07:46:8d:8c:ab:fd:95:
1d:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:5E:93:F7:EA:D6:B4:E3:D9:99:8D:D5:C9:E2:8D:C6:C0:61:7D:82
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/VF6T9-rWtOPZmY3VyeKNxsBhfYI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.165.0/24
77.83.242.0/24
Signature Algorithm: sha256WithRSAEncryption
80:89:47:e9:d9:b8:fa:93:b6:8f:09:17:56:a2:7a:cc:f3:0f:
b7:0c:b7:a8:24:92:85:8c:22:b5:e6:6e:8f:e2:d3:58:67:32:
3a:54:5a:6e:cc:cd:2d:9a:9b:a3:29:0a:18:db:81:46:24:3f:
63:f0:83:0a:89:20:ba:b0:9d:4e:07:99:d8:33:e3:1d:51:3e:
18:80:b0:7a:9b:8e:7c:f9:99:53:e3:ad:12:e6:f4:b9:ae:a2:
2f:85:e3:f3:c4:da:65:b9:ce:9c:d9:27:36:95:30:95:06:ba:
2c:26:f0:31:dc:34:ac:1a:a0:a4:d3:e5:1f:d9:4b:9e:55:69:
a2:ea:86:d0:7b:63:06:6d:23:33:f8:3a:cf:c3:9c:76:bb:98:
2d:b4:9d:d1:75:d0:0c:df:a0:0f:a4:21:37:6d:cf:24:87:e7:
ff:40:e7:4b:47:db:81:65:ab:80:53:d6:a7:47:3a:ff:92:7e:
ce:1c:d1:1c:3d:cc:b4:1d:d0:72:31:b5:2d:0c:0e:50:99:f7:
1f:c4:ff:58:7e:10:60:84:2c:37:c1:68:57:e7:ca:10:a0:0b:
76:32:c4:c6:54:1f:c3:4b:89:0e:23:47:c7:0b:5f:3e:79:f4:
6b:5f:c7:63:59:ad:5c:59:45:a2:90:6a:54:44:bb:e8:4c:9f:
04:9b:5b:9c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVzj/v1DJmlp0gS/ktxZ5OoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwMTAyMTczODEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDVlOTNmN2VhZDZiNGUzZDk5OThkZDVjOWUyOGRjNmMwNjE3ZDgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlimzWUaMj/I96AGu4QH7CS30EyeZ
Y3CpcG/32dzx1iCKOeR25ZC7ev1tDJVg5OhcMeFUh1S3hQLtQJZxGjRRWjdKs3k5
RqummFlwpl/RoAZoK+lee0v31ppU1Euo2c4gLORKQdKzVwjVneYRhaI1hsm3HGCC
gOtHqSqo3UKldTc/UQPVtWJKF+quxsW0AFZzid/7/vKC998E94QlPfFMFjMRpEiU
Y9tnCAdwzF1yR8vMpbfKR3dHq3T3h4pD5ssLgYhzz4On5MUvMuqT2VcvofeD90FI
H3qB+4vronL8gr8nJ+wQ+VkvAhG4ZuI5gPfTmBMTptShNAdGjYyr/ZUdqQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFRek/fq1rTj2ZmN1cnijcbAYX2CMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvVkY2VDktcld0T1BabVkzVnllS054c0JoZllJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAAjilAwQA
TVPyMA0GCSqGSIb3DQEBCwUAA4IBAQCAiUfp2bj6k7aPCRdWonrM8w+3DLeoJJKF
jCK15m6P4tNYZzI6VFpuzM0tmpujKQoY24FGJD9j8IMKiSC6sJ1OB5nYM+MdUT4Y
gLB6m458+ZlT460S5vS5rqIvhePzxNpluc6c2Sc2lTCVBrosJvAx3DSsGqCk0+Uf
2UueVWmi6obQe2MGbSMz+DrPw5x2u5gttJ3RddAM36APpCE3bc8kh+f/QOdLR9uB
ZauAU9anRzr/kn7OHNEcPcy0HdByMbUtDA5QmfcfxP9YfhBghCw3wWhX58oQoAt2
MsTGVB/DS4kOI0fHC18+efRrX8djWa1cWUWikGpURLvoTJ8Em1uc
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:39 2024 by rpki-client on console-ams.rpki-client.org