Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/vkIB-OZL9bxA1nnJXD9UELMEmIM.roa
File: vkIB-OZL9bxA1nnJXD9UELMEmIM.roa (raw, json)
Hash identifier: qVY7Wnr/NAbNsZA4Ke+2tLzXrOq3wXePhSMwgv7uRR0=
Subject key identifier: BE:42:01:F8:E6:4B:F5:BC:40:D6:79:C9:5C:3F:54:10:B3:04:98:83
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 0187C39A4ADC4950B7D2122D824C63575338
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/vkIB-OZL9bxA1nnJXD9UELMEmIM.roa
Signing time: Thu 27 Apr 2023 16:44:41 +0000
ROA not before: Thu 27 Apr 2023 16:44:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3257
IP address blocks: 195.138.124.0/24 maxlen: 24
195.138.125.0/24 maxlen: 24
195.138.122.0/24 maxlen: 24
195.138.123.0/24 maxlen: 24
195.138.126.0/24 maxlen: 24
195.138.127.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 28 Apr 2023 14:04:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:c3:9a:4a:dc:49:50:b7:d2:12:2d:82:4c:63:57:53:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Apr 27 16:44:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=be4201f8e64bf5bc40d679c95c3f5410b3049883
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:80:cd:9b:b8:0f:8f:5d:06:a5:18:f7:cf:16:
d1:a7:3e:97:e5:18:a0:32:84:fb:de:7f:6f:9e:c0:
1a:fc:81:02:c9:b5:4e:2f:68:9e:ad:9c:75:22:2c:
67:3e:8b:21:ce:1f:90:82:6f:90:8b:d0:57:85:46:
9c:ad:ed:49:09:f2:58:a3:46:62:c0:c1:32:73:e0:
7c:71:10:90:ec:86:bc:68:42:e5:8c:92:83:ea:0b:
27:e4:1b:17:f5:1e:f1:c8:de:d6:6e:20:63:70:8b:
9d:bf:68:d8:33:57:ae:1c:87:ba:dd:6b:46:23:f8:
2e:ab:d6:60:aa:92:a9:83:57:d8:3e:a0:77:6e:ab:
5e:8c:85:21:83:4d:dd:be:3a:b7:8c:8e:4a:1e:c3:
59:41:98:d8:58:58:54:8e:a3:e7:15:d0:5a:a0:f5:
f4:40:38:6e:25:17:61:56:07:17:e9:e4:1e:b7:19:
14:9e:c8:8c:c7:68:39:eb:d0:7e:42:bf:5e:fe:49:
d0:c0:76:ea:67:fd:69:ac:f8:2f:bc:63:c8:3a:73:
18:7b:db:a7:e2:21:1f:c7:60:ed:b7:3a:bd:a2:df:
cd:bc:30:34:27:36:b7:c1:0e:2b:67:c0:36:3b:d7:
16:b9:01:06:f6:9b:10:ef:fe:c3:9b:b3:b8:89:85:
a0:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:42:01:F8:E6:4B:F5:BC:40:D6:79:C9:5C:3F:54:10:B3:04:98:83
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/vkIB-OZL9bxA1nnJXD9UELMEmIM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.138.122.0-195.138.127.255
Signature Algorithm: sha256WithRSAEncryption
b1:06:42:f8:5d:c4:0e:3f:84:cb:6c:8c:0a:94:c9:20:ce:fa:
b0:bf:f3:2c:7d:77:e5:e1:ed:7b:96:7a:3f:d3:81:b8:60:2e:
74:9f:83:bb:9b:3c:49:ca:b0:ce:77:84:b7:53:a4:98:65:6b:
ea:83:03:a5:2c:1e:18:9b:50:f3:37:77:b8:b8:e4:5b:e8:26:
d5:f8:b3:8e:b4:ad:1e:56:fd:ae:44:d3:18:8c:f5:17:4a:c1:
34:8c:76:c0:67:ab:2c:03:6b:6e:89:a9:1d:28:23:aa:57:07:
e4:6b:0b:3a:40:d2:52:3e:0f:0c:88:e1:fc:dd:c7:f8:4f:22:
da:81:62:0f:e5:6a:90:9f:13:cd:b5:99:55:00:2a:56:48:92:
3b:7c:1d:91:f6:cf:5e:fc:84:68:a6:03:47:e2:61:f6:30:ee:
eb:2e:5d:0e:a7:5a:b6:1f:47:5e:05:5e:69:50:3b:5f:8e:ff:
4b:46:c2:77:2c:90:8b:0a:f8:61:49:c7:00:95:54:36:73:f4:
18:6e:e9:ef:59:60:62:f3:57:5f:88:60:2e:f3:43:84:b7:d9:
50:08:c9:20:4f:30:51:60:ff:6d:a2:7f:96:54:70:e2:6e:58:
57:96:01:0d:6c:c9:d9:09:27:49:12:45:5e:86:07:04:77:a7:
81:0e:60:c8
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYfDmkrcSVC30hItgkxjV1M4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMwNDI3MTY0NDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTQyMDFmOGU2NGJmNWJjNDBkNjc5Yzk1YzNmNTQxMGIzMDQ5ODgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgoDNm7gPj10GpRj3zxbRpz6X5Rig
MoT73n9vnsAa/IECybVOL2ierZx1IixnPoshzh+Qgm+Qi9BXhUacre1JCfJYo0Zi
wMEyc+B8cRCQ7Ia8aELljJKD6gsn5BsX9R7xyN7WbiBjcIudv2jYM1euHIe63WtG
I/guq9ZgqpKpg1fYPqB3bqtejIUhg03dvjq3jI5KHsNZQZjYWFhUjqPnFdBaoPX0
QDhuJRdhVgcX6eQetxkUnsiMx2g569B+Qr9e/knQwHbqZ/1prPgvvGPIOnMYe9un
4iEfx2Dttzq9ot/NvDA0Jza3wQ4rZ8A2O9cWuQEG9psQ7/7Dm7O4iYWgZQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFL5CAfjmS/W8QNZ5yVw/VBCzBJiDMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvdmtJQi1PWkw5YnhBMW5uSlhEOVVFTE1FbUlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAHDinoD
BAfDigAwDQYJKoZIhvcNAQELBQADggEBALEGQvhdxA4/hMtsjAqUySDO+rC/8yx9
d+Xh7XuWej/TgbhgLnSfg7ubPEnKsM53hLdTpJhla+qDA6UsHhibUPM3d7i45Fvo
JtX4s460rR5W/a5E0xiM9RdKwTSMdsBnqywDa26JqR0oI6pXB+RrCzpA0lI+DwyI
4fzdx/hPItqBYg/lapCfE821mVUAKlZIkjt8HZH2z178hGimA0fiYfYw7usuXQ6n
WrYfR14FXmlQO1+O/0tGwncskIsK+GFJxwCVVDZz9Bhu6e9ZYGLzV1+IYC7zQ4S3
2VAIySBPMFFg/22if5ZUcOJuWFeWAQ1sydkJJ0kSRV6GBwR3p4EOYMg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:42 2024 by rpki-client on console-fra.rpki-client.org