Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/VYkHfun9LXGbTDHVg4LpGJv30QA.roa
File: VYkHfun9LXGbTDHVg4LpGJv30QA.roa (raw, json)
Hash identifier: A1YJF7FhGiAF8h7DlJABN0ADd3PFuj+ZJv2I0a+ktnc=
Subject key identifier: 55:89:07:7E:E9:FD:2D:71:9B:4C:31:D5:83:82:E9:18:9B:F7:D1:00
Certificate issuer: /CN=ef3e71b96992da3d91c88dd74ef41f9b95b9485b
Certificate serial: 01909C8B9FC1791898F58FAA22E0F6B96D82
Authority key identifier: EF:3E:71:B9:69:92:DA:3D:91:C8:8D:D7:4E:F4:1F:9B:95:B9:48:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7z5xuWmS2j2RyI3XTvQfm5W5SFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/VYkHfun9LXGbTDHVg4LpGJv30QA.roa
Signing time: Wed 10 Jul 2024 12:08:34 +0000
ROA not before: Wed 10 Jul 2024 12:08:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206833
IP address blocks: 195.5.68.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 11 Jul 2024 19:10:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:9c:8b:9f:c1:79:18:98:f5:8f:aa:22:e0:f6:b9:6d:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef3e71b96992da3d91c88dd74ef41f9b95b9485b
Validity
Not Before: Jul 10 12:08:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5589077ee9fd2d719b4c31d58382e9189bf7d100
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:d0:2b:c2:2b:c3:9c:36:73:5a:18:23:d2:9f:
f9:cc:72:27:60:ed:18:9d:af:3c:d5:38:5d:81:7b:
8f:1e:63:56:86:85:ac:c7:cd:e6:92:d3:67:cb:22:
cd:44:65:59:44:42:97:ae:44:ed:8f:17:10:fd:d4:
7b:fd:64:6a:a1:c8:aa:dc:92:b8:55:2e:46:f1:31:
e0:ca:20:23:73:26:2a:db:f5:bf:13:93:7d:08:53:
66:16:68:8e:28:01:6a:47:f7:48:b2:da:f7:3a:74:
ea:f2:57:ef:7a:98:d3:2d:8f:c9:ff:51:39:b2:00:
20:88:8a:86:d9:d3:0e:88:11:7d:5c:95:0b:f5:82:
35:17:95:a4:4c:d1:6d:47:3e:bc:43:42:bc:a1:7d:
5a:9b:38:a7:40:43:1d:35:90:bd:25:f6:a9:fb:98:
e5:ba:f1:a0:95:b8:0a:70:76:ec:a8:2b:e9:89:5a:
2b:86:54:f3:db:a2:a7:84:a9:a9:fc:69:f0:10:f7:
0a:22:21:53:67:ac:d6:d5:f1:6f:b6:3a:3b:c0:d9:
63:e8:63:ac:6c:e6:f6:a5:4b:83:59:47:a4:45:17:
5c:6d:53:0c:e8:be:22:b8:73:e5:b0:b4:1f:ca:b7:
47:a3:c7:23:d0:7e:7b:79:d5:2d:2f:91:82:4d:ff:
b0:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:89:07:7E:E9:FD:2D:71:9B:4C:31:D5:83:82:E9:18:9B:F7:D1:00
X509v3 Authority Key Identifier:
keyid:EF:3E:71:B9:69:92:DA:3D:91:C8:8D:D7:4E:F4:1F:9B:95:B9:48:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7z5xuWmS2j2RyI3XTvQfm5W5SFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/VYkHfun9LXGbTDHVg4LpGJv30QA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/7z5xuWmS2j2RyI3XTvQfm5W5SFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.5.68.0/23
Signature Algorithm: sha256WithRSAEncryption
4a:fa:f7:69:f7:6a:b4:12:2b:db:46:27:fe:53:e2:66:ea:e0:
5a:bd:52:b3:cb:11:b9:40:de:53:1b:5e:a7:2f:55:86:12:bb:
a0:ef:d4:c7:33:6f:9b:a4:a0:6d:ff:36:df:c1:27:7e:fd:4a:
ad:00:e5:6f:4f:53:bb:98:66:3f:3f:fc:8e:a7:65:92:6e:dd:
65:b1:32:f3:a6:ad:b7:8b:76:38:36:db:71:3a:f5:8a:14:92:
17:a6:25:dd:22:5e:2a:2f:c8:61:ca:af:83:af:84:49:e4:77:
cb:4f:54:1a:db:77:f9:68:be:d3:08:5f:11:76:00:21:6a:9a:
f1:94:d5:c2:f5:cb:a7:e2:ab:65:72:f3:9b:3f:94:aa:51:2f:
e1:7e:95:61:83:84:e7:92:f5:6d:89:12:d8:fd:8f:9a:5d:19:
49:e6:03:23:ea:1d:a7:f9:cc:93:47:b3:ee:ea:a0:3a:7c:f4:
51:eb:5a:bf:b6:fa:12:b7:3d:c0:cc:b3:bb:16:3c:fb:95:b8:
35:36:44:20:a9:3b:4e:9e:1d:0d:0b:15:f4:7c:87:69:83:92:
50:63:8c:a1:70:04:00:2f:5f:e1:f2:b5:4d:3f:11:c2:4c:d8:
1b:a7:b6:5c:d0:ad:3d:34:7a:0c:25:46:5d:f0:83:ec:a8:a3:
01:6f:cd:79
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZCci5/BeRiY9Y+qIuD2uW2CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmM2U3MWI5Njk5MmRhM2Q5MWM4OGRkNzRlZjQxZjliOTVi
OTQ4NWIwHhcNMjQwNzEwMTIwODM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTg5MDc3ZWU5ZmQyZDcxOWI0YzMxZDU4MzgyZTkxODliZjdkMTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAodArwivDnDZzWhgj0p/5zHInYO0Y
na881ThdgXuPHmNWhoWsx83mktNnyyLNRGVZREKXrkTtjxcQ/dR7/WRqociq3JK4
VS5G8THgyiAjcyYq2/W/E5N9CFNmFmiOKAFqR/dIstr3OnTq8lfvepjTLY/J/1E5
sgAgiIqG2dMOiBF9XJUL9YI1F5WkTNFtRz68Q0K8oX1amzinQEMdNZC9Jfap+5jl
uvGglbgKcHbsqCvpiVorhlTz26KnhKmp/GnwEPcKIiFTZ6zW1fFvtjo7wNlj6GOs
bOb2pUuDWUekRRdcbVMM6L4iuHPlsLQfyrdHo8cj0H57edUtL5GCTf+wXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFWJB37p/S1xm0wx1YOC6Rib99EAMB8GA1UdIwQY
MBaAFO8+cblpkto9kciN1070H5uVuUhbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3o1eHVXbVMyajJSeUkzWFR2UWZtNVc1U0ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9hZDRlNTctZDkwMS00NDg1LTk4ZDIt
OTE5NmNlNDQ2NTI3LzEvVllrSGZ1bjlMWEdiVERIVmc0THBHSnYzMFFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9hZDRlNTctZDkwMS00NDg1LTk4ZDItOTE5NmNlNDQ2NTI3
LzEvN3o1eHVXbVMyajJSeUkzWFR2UWZtNVc1U0ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwwVEMA0G
CSqGSIb3DQEBCwUAA4IBAQBK+vdp92q0EivbRif+U+Jm6uBavVKzyxG5QN5TG16n
L1WGErug79THM2+bpKBt/zbfwSd+/UqtAOVvT1O7mGY/P/yOp2WSbt1lsTLzpq23
i3Y4NttxOvWKFJIXpiXdIl4qL8hhyq+Dr4RJ5HfLT1Qa23f5aL7TCF8RdgAhaprx
lNXC9cun4qtlcvObP5SqUS/hfpVhg4TnkvVtiRLY/Y+aXRlJ5gMj6h2n+cyTR7Pu
6qA6fPRR61q/tvoStz3AzLO7Fjz7lbg1NkQgqTtOnh0NCxX0fIdpg5JQY4yhcAQA
L1/h8rVNPxHCTNgbp7Zc0K09NHoMJUZd8IPsqKMBb815
-----END CERTIFICATE-----
Generated at Thu Jul 11 20:57:29 2024 by rpki-client on console-ams.rpki-client.org