Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/64d910-945c-42e8-bb44-62821c2c299f/1/0vdtLpsLg0zeSxSaE8g_nQQJV94.roa
File: 0vdtLpsLg0zeSxSaE8g_nQQJV94.roa (raw, json)
Hash identifier: odz557ZfJdedxK+brUpP1neabkkf2PFDUaHXRdvXg0E=
Subject key identifier: D2:F7:6D:2E:9B:0B:83:4C:DE:4B:14:9A:13:C8:3F:9D:04:09:57:DE
Certificate issuer: /CN=0950228904b9dbeb4792a697727e36aafd84d2e9
Certificate serial: 018E18A43F833DD79A92E4C352712DF29CAB
Authority key identifier: 09:50:22:89:04:B9:DB:EB:47:92:A6:97:72:7E:36:AA:FD:84:D2:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CVAiiQS52-tHkqaXcn42qv2E0uk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/64d910-945c-42e8-bb44-62821c2c299f/1/0vdtLpsLg0zeSxSaE8g_nQQJV94.roa
Signing time: Thu 07 Mar 2024 11:20:01 +0000
ROA not before: Thu 07 Mar 2024 11:20:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199008
IP address blocks: 176.122.48.0/24 maxlen: 24
176.122.49.0/24 maxlen: 24
176.122.50.0/24 maxlen: 24
176.122.51.0/24 maxlen: 24
176.122.52.0/22 maxlen: 22
176.122.52.0/24 maxlen: 24
176.122.53.0/24 maxlen: 24
176.122.54.0/24 maxlen: 24
176.122.55.0/24 maxlen: 24
176.122.56.0/21 maxlen: 21
176.122.56.0/22 maxlen: 22
176.122.60.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 15 Mar 2024 08:15:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:18:a4:3f:83:3d:d7:9a:92:e4:c3:52:71:2d:f2:9c:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0950228904b9dbeb4792a697727e36aafd84d2e9
Validity
Not Before: Mar 7 11:20:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d2f76d2e9b0b834cde4b149a13c83f9d040957de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:d6:8d:b1:3e:32:38:21:47:88:19:54:3d:84:
6f:f8:3a:24:0a:a2:4d:68:13:3f:44:d5:63:28:3d:
af:67:df:d2:12:cf:27:88:ce:33:82:0e:c8:17:86:
d4:98:03:33:3d:93:35:9f:00:03:8a:89:9a:4b:a6:
68:88:8f:87:bf:65:cd:a0:57:fc:5a:cd:a5:4f:03:
e5:a9:7e:f7:a8:d5:7f:ea:a0:9f:31:32:1b:91:72:
93:18:fa:29:0c:72:ec:0f:88:6e:5e:9b:aa:db:1b:
97:c7:98:22:a2:cf:99:cb:61:a3:ed:8c:2f:f2:bb:
8b:ad:80:e9:2e:fc:97:e9:76:92:7e:2c:39:9c:16:
25:34:fe:8c:c5:09:e9:a5:33:03:3b:e3:01:d3:04:
cd:a9:e8:70:a1:07:6f:3b:93:99:d8:cc:cb:ca:c1:
a6:ce:46:f2:a3:6b:8e:89:cd:07:ad:8f:80:03:6b:
12:e2:21:fe:71:ef:93:0f:73:ca:0d:58:42:23:86:
5f:c3:82:e0:08:c3:21:30:11:d8:ea:7c:64:b4:a6:
59:5b:8d:44:d1:2e:b7:34:46:8c:cb:08:b6:6a:1a:
83:64:9b:97:6c:cb:2c:fe:92:51:b0:65:21:3d:c7:
6d:d6:1e:70:e9:55:08:57:cc:36:15:72:f4:a9:dd:
db:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:F7:6D:2E:9B:0B:83:4C:DE:4B:14:9A:13:C8:3F:9D:04:09:57:DE
X509v3 Authority Key Identifier:
keyid:09:50:22:89:04:B9:DB:EB:47:92:A6:97:72:7E:36:AA:FD:84:D2:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CVAiiQS52-tHkqaXcn42qv2E0uk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/64d910-945c-42e8-bb44-62821c2c299f/1/0vdtLpsLg0zeSxSaE8g_nQQJV94.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/64d910-945c-42e8-bb44-62821c2c299f/1/CVAiiQS52-tHkqaXcn42qv2E0uk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.122.48.0/20
Signature Algorithm: sha256WithRSAEncryption
88:95:cb:be:ed:e2:65:86:2e:4a:aa:21:11:a4:bb:8b:d9:d3:
a8:55:44:9f:00:0b:8c:97:de:fa:7e:cd:04:37:d6:0d:85:ee:
19:20:f9:f6:ea:3f:3f:b3:2e:38:7c:7b:47:e7:8e:c5:c0:77:
47:ff:67:2e:a0:4d:b0:f9:93:12:0d:f3:75:2e:45:10:05:73:
36:9d:63:35:87:7b:a3:88:cf:e4:03:10:8f:82:99:af:b5:4a:
a0:31:d0:6e:38:fd:39:90:49:14:65:2f:5e:f1:2a:55:89:9c:
47:6e:5d:99:c3:80:b2:e1:74:a9:20:7b:07:aa:9b:6f:18:99:
ba:23:6d:29:e0:46:68:77:6f:ae:66:39:42:ff:93:78:70:cd:
62:d0:3c:0f:18:c5:ca:1b:d2:3e:08:22:39:be:0f:fe:41:38:
d4:4d:0c:a9:fe:4c:54:a3:97:1e:e4:1d:75:5a:4a:c5:57:e9:
3c:64:e2:8d:97:84:af:0c:a2:81:a8:24:23:8e:96:a1:dc:d1:
75:fa:7b:0e:53:58:a7:0e:2f:5d:bb:eb:9f:b2:85:06:47:fd:
90:ac:28:55:80:70:1b:6e:78:d9:fe:72:5b:44:c6:04:af:aa:
84:8c:0f:8e:21:56:b6:9a:19:c3:77:00:c9:93:c5:d7:ee:2a:
dd:f0:d7:ac
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY4YpD+DPdeakuTDUnEt8pyrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5NTAyMjg5MDRiOWRiZWI0NzkyYTY5NzcyN2UzNmFhZmQ4
NGQyZTkwHhcNMjQwMzA3MTEyMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmY3NmQyZTliMGI4MzRjZGU0YjE0OWExM2M4M2Y5ZDA0MDk1N2RlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs9aNsT4yOCFHiBlUPYRv+DokCqJN
aBM/RNVjKD2vZ9/SEs8niM4zgg7IF4bUmAMzPZM1nwADiomaS6ZoiI+Hv2XNoFf8
Ws2lTwPlqX73qNV/6qCfMTIbkXKTGPopDHLsD4huXpuq2xuXx5gios+Zy2Gj7Ywv
8ruLrYDpLvyX6XaSfiw5nBYlNP6MxQnppTMDO+MB0wTNqehwoQdvO5OZ2MzLysGm
zkbyo2uOic0HrY+AA2sS4iH+ce+TD3PKDVhCI4Zfw4LgCMMhMBHY6nxktKZZW41E
0S63NEaMywi2ahqDZJuXbMss/pJRsGUhPcdt1h5w6VUIV8w2FXL0qd3bXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNL3bS6bC4NM3ksUmhPIP50ECVfeMB8GA1UdIwQY
MBaAFAlQIokEudvrR5Kml3J+Nqr9hNLpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ZBaWlRUzUyLXRIa3FhWGNuNDJxdjJFMHVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS82NGQ5MTAtOTQ1Yy00MmU4LWJiNDQt
NjI4MjFjMmMyOTlmLzEvMHZkdExwc0xnMHplU3hTYUU4Z19uUVFKVjk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS82NGQ5MTAtOTQ1Yy00MmU4LWJiNDQtNjI4MjFjMmMyOTlm
LzEvQ1ZBaWlRUzUyLXRIa3FhWGNuNDJxdjJFMHVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEsHowMA0G
CSqGSIb3DQEBCwUAA4IBAQCIlcu+7eJlhi5KqiERpLuL2dOoVUSfAAuMl976fs0E
N9YNhe4ZIPn26j8/sy44fHtH547FwHdH/2cuoE2w+ZMSDfN1LkUQBXM2nWM1h3uj
iM/kAxCPgpmvtUqgMdBuOP05kEkUZS9e8SpViZxHbl2Zw4Cy4XSpIHsHqptvGJm6
I20p4EZod2+uZjlC/5N4cM1i0DwPGMXKG9I+CCI5vg/+QTjUTQyp/kxUo5ce5B11
WkrFV+k8ZOKNl4SvDKKBqCQjjpah3NF1+nsOU1inDi9du+ufsoUGR/2QrChVgHAb
bnjZ/nJbRMYEr6qEjA+OIVa2mhnDdwDJk8XX7ird8Nes
-----END CERTIFICATE-----
Generated at Fri Mar 15 10:43:01 2024 by rpki-client on console-ams.rpki-client.org