Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/f35406-d8c4-4f5c-92ac-256da95d1345/1/vblfFGG_gV6cPrTCcLHEQo102mE.roa
File: vblfFGG_gV6cPrTCcLHEQo102mE.roa (raw, json)
Hash identifier: cHRzk9rucDc3su0GMbPvRT7MBujnJYji8+PjrlzJzcs=
Subject key identifier: BD:B9:5F:14:61:BF:81:5E:9C:3E:B4:C2:70:B1:C4:42:8D:74:DA:61
Certificate issuer: /CN=91381bc969de6adc3d1ddc0eb89bdeeace9805cd
Certificate serial: 018968AB578295CD985C13E671782ABAA993
Authority key identifier: 91:38:1B:C9:69:DE:6A:DC:3D:1D:DC:0E:B8:9B:DE:EA:CE:98:05:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kTgbyWneatw9HdwOuJve6s6YBc0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/f35406-d8c4-4f5c-92ac-256da95d1345/1/vblfFGG_gV6cPrTCcLHEQo102mE.roa
Signing time: Tue 18 Jul 2023 11:03:26 +0000
ROA not before: Tue 18 Jul 2023 11:03:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12213
IP address blocks: 185.143.78.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:68:ab:57:82:95:cd:98:5c:13:e6:71:78:2a:ba:a9:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91381bc969de6adc3d1ddc0eb89bdeeace9805cd
Validity
Not Before: Jul 18 11:03:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bdb95f1461bf815e9c3eb4c270b1c4428d74da61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:3e:c4:f3:08:58:9c:96:72:20:9e:0e:54:cf:
c6:71:01:60:a9:65:a2:f0:c7:7e:c4:be:d2:68:8b:
45:7e:42:bd:58:e2:d9:d5:e7:17:10:22:69:ac:9e:
1b:74:83:67:83:bd:2c:74:96:4a:5c:5c:b8:e2:c8:
b4:fb:31:24:eb:57:99:9f:de:5a:3a:95:24:63:08:
6e:ee:cd:35:7a:1b:a8:31:9c:c8:7a:ca:ba:12:0e:
de:d2:30:e4:bd:ca:ef:91:3f:31:9f:14:d4:9f:94:
19:07:d1:f3:86:c2:c8:14:a4:67:1b:b2:01:77:6d:
7e:22:25:3e:ab:fb:1d:3c:18:00:6e:03:fd:9b:76:
6c:84:23:ea:34:07:ef:ed:91:7a:0a:49:60:8f:d3:
44:c8:a8:03:07:ed:b8:84:62:d2:29:a7:5f:86:13:
dd:e5:b4:e0:8a:62:7b:b7:41:18:b4:2e:3a:01:fc:
3c:18:56:e1:bf:c8:a3:8b:a2:70:48:6f:37:78:0a:
a0:94:c5:2a:f9:4b:ae:ea:44:be:0b:e6:14:c0:7f:
3b:3a:93:19:7c:42:72:d7:39:91:4c:6c:5d:ab:3c:
6f:87:e5:48:88:61:5a:92:e9:dc:c0:ae:56:53:a2:
6b:6b:15:04:2b:54:43:a3:f8:54:5c:bc:4e:b8:b2:
3b:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:B9:5F:14:61:BF:81:5E:9C:3E:B4:C2:70:B1:C4:42:8D:74:DA:61
X509v3 Authority Key Identifier:
keyid:91:38:1B:C9:69:DE:6A:DC:3D:1D:DC:0E:B8:9B:DE:EA:CE:98:05:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kTgbyWneatw9HdwOuJve6s6YBc0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/f35406-d8c4-4f5c-92ac-256da95d1345/1/vblfFGG_gV6cPrTCcLHEQo102mE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/f35406-d8c4-4f5c-92ac-256da95d1345/1/kTgbyWneatw9HdwOuJve6s6YBc0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.143.78.0/24
Signature Algorithm: sha256WithRSAEncryption
19:8c:ce:0a:05:38:be:fa:ca:bb:83:b1:97:73:22:31:af:d0:
4c:c1:65:fe:96:66:d5:76:38:08:87:50:c2:57:b5:a9:8b:84:
d7:89:9a:cf:e9:fa:c6:bd:3a:ed:58:26:84:c4:7a:69:25:be:
85:dd:af:e4:b6:43:49:42:88:21:1a:c3:dd:fc:7c:24:e3:db:
b3:19:39:31:b3:a1:1a:b3:fc:cc:97:30:43:d0:b9:f1:1c:7f:
8d:48:02:49:09:74:17:07:7f:e5:93:56:c2:05:21:bd:0f:23:
9e:b1:f8:e7:07:c0:8c:4b:e6:af:be:00:cb:a4:35:1c:70:bb:
3e:8e:0f:f5:0f:81:df:4f:a6:31:aa:ff:d6:19:a5:e3:26:01:
83:40:91:fd:c2:ab:45:03:ff:78:2b:26:36:28:2c:aa:dc:5e:
23:2c:a5:ea:09:6a:fa:01:f4:62:a1:38:57:cb:a2:01:75:2b:
45:f5:e3:a5:7f:50:8b:0a:40:47:36:7a:ef:a8:00:0d:b5:61:
6f:6c:1c:08:e3:d7:3c:fc:24:4f:e1:8c:ac:d2:6d:56:e2:24:
2d:d2:1c:0d:a9:b6:84:f6:1d:65:9a:a8:37:81:e3:8d:b3:1b:
ec:55:9e:5e:6c:f6:bc:3c:6a:d7:ea:35:0e:f9:18:0b:09:c9:
02:01:af:c0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYloq1eClc2YXBPmcXgquqmTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxMzgxYmM5NjlkZTZhZGMzZDFkZGMwZWI4OWJkZWVhY2U5
ODA1Y2QwHhcNMjMwNzE4MTEwMzI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGI5NWYxNDYxYmY4MTVlOWMzZWI0YzI3MGIxYzQ0MjhkNzRkYTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjD7E8whYnJZyIJ4OVM/GcQFgqWWi
8Md+xL7SaItFfkK9WOLZ1ecXECJprJ4bdINng70sdJZKXFy44si0+zEk61eZn95a
OpUkYwhu7s01ehuoMZzIesq6Eg7e0jDkvcrvkT8xnxTUn5QZB9HzhsLIFKRnG7IB
d21+IiU+q/sdPBgAbgP9m3ZshCPqNAfv7ZF6Cklgj9NEyKgDB+24hGLSKadfhhPd
5bTgimJ7t0EYtC46Afw8GFbhv8iji6JwSG83eAqglMUq+Uuu6kS+C+YUwH87OpMZ
fEJy1zmRTGxdqzxvh+VIiGFakuncwK5WU6JraxUEK1RDo/hUXLxOuLI7yQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL25XxRhv4FenD60wnCxxEKNdNphMB8GA1UdIwQY
MBaAFJE4G8lp3mrcPR3cDrib3urOmAXNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1RnYnlXbmVhdHc5SGR3T3VKdmU2czZZQmMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9mMzU0MDYtZDhjNC00ZjVjLTkyYWMt
MjU2ZGE5NWQxMzQ1LzEvdmJsZkZHR19nVjZjUHJUQ2NMSEVRbzEwMm1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9mMzU0MDYtZDhjNC00ZjVjLTkyYWMtMjU2ZGE5NWQxMzQ1
LzEva1RnYnlXbmVhdHc5SGR3T3VKdmU2czZZQmMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuY9OMA0G
CSqGSIb3DQEBCwUAA4IBAQAZjM4KBTi++sq7g7GXcyIxr9BMwWX+lmbVdjgIh1DC
V7Wpi4TXiZrP6frGvTrtWCaExHppJb6F3a/ktkNJQoghGsPd/Hwk49uzGTkxs6Ea
s/zMlzBD0LnxHH+NSAJJCXQXB3/lk1bCBSG9DyOesfjnB8CMS+avvgDLpDUccLs+
jg/1D4HfT6Yxqv/WGaXjJgGDQJH9wqtFA/94KyY2KCyq3F4jLKXqCWr6AfRioThX
y6IBdStF9eOlf1CLCkBHNnrvqAANtWFvbBwI49c8/CRP4Yys0m1W4iQt0hwNqbaE
9h1lmqg3geONsxvsVZ5ebPa8PGrX6jUO+RgLCckCAa/A
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:11:01 2024 by rpki-client on console-ams.rpki-client.org