Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/9c1362-46fd-489a-bb95-669a8feb7147/1/vbgpORVv77h5-QSjeyPA88Xsicg.roa
File: vbgpORVv77h5-QSjeyPA88Xsicg.roa (raw, json)
Hash identifier: ykv3KkYp3X8emYCASCHFmYcMzWCPHzqpKoTseuS+cgY=
Subject key identifier: BD:B8:29:39:15:6F:EF:B8:79:F9:04:A3:7B:23:C0:F3:C5:EC:89:C8
Certificate issuer: /CN=4812ff485ffd794a6948078afe4e076afe617635
Certificate serial: 018CC26D0A27875A4A4E181E633AED3DA888
Authority key identifier: 48:12:FF:48:5F:FD:79:4A:69:48:07:8A:FE:4E:07:6A:FE:61:76:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SBL_SF_9eUppSAeK_k4Hav5hdjU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/9c1362-46fd-489a-bb95-669a8feb7147/1/vbgpORVv77h5-QSjeyPA88Xsicg.roa
Signing time: Mon 01 Jan 2024 00:29:35 +0000
ROA not before: Mon 01 Jan 2024 00:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56559
IP address blocks: 147.78.96.0/24 maxlen: 24
147.78.98.0/24 maxlen: 24
147.78.97.0/24 maxlen: 24
147.78.99.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 09 Feb 2024 14:25:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:0a:27:87:5a:4a:4e:18:1e:63:3a:ed:3d:a8:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4812ff485ffd794a6948078afe4e076afe617635
Validity
Not Before: Jan 1 00:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bdb82939156fefb879f904a37b23c0f3c5ec89c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:55:4b:2b:81:1e:86:f2:13:8d:e9:88:24:09:
f4:fb:9e:ab:56:0c:52:bb:05:ef:da:35:10:64:41:
61:2f:fb:94:29:12:13:5a:ef:70:44:fc:40:24:a6:
64:ab:b8:b0:ff:39:21:7a:51:2e:3e:7d:42:d0:2b:
77:30:3f:28:e0:a0:5d:d8:e9:9a:8c:4a:f3:7d:86:
7b:15:16:b5:9c:e3:45:f6:91:92:f6:52:fd:54:60:
7b:ce:0b:a7:ac:7b:ab:48:0a:f5:8c:f7:22:16:af:
d5:8b:ed:8f:83:4d:2d:7f:4c:2b:4e:4f:db:a5:0d:
75:2f:79:ef:f9:a9:af:69:c2:ea:9e:76:23:f7:26:
b9:1b:0b:94:89:2a:8f:b6:34:3e:99:85:75:c5:fc:
60:b3:ad:53:a8:fd:82:29:83:3c:a5:f1:7f:db:ed:
8b:fe:cd:6f:41:d0:3d:79:b5:57:73:16:3b:81:c6:
28:2c:3f:60:aa:3a:21:40:85:5a:75:49:50:e7:6d:
02:46:30:b6:53:0e:cc:f9:c4:88:1a:7d:91:55:d7:
17:2b:14:09:b3:cd:86:9e:44:dd:d3:61:10:ce:86:
b0:f1:f3:5b:34:a1:e1:04:97:e1:e8:70:60:07:c0:
ed:8f:ac:41:0f:01:7c:13:fd:db:ba:e9:0c:35:92:
0a:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:B8:29:39:15:6F:EF:B8:79:F9:04:A3:7B:23:C0:F3:C5:EC:89:C8
X509v3 Authority Key Identifier:
keyid:48:12:FF:48:5F:FD:79:4A:69:48:07:8A:FE:4E:07:6A:FE:61:76:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SBL_SF_9eUppSAeK_k4Hav5hdjU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/9c1362-46fd-489a-bb95-669a8feb7147/1/vbgpORVv77h5-QSjeyPA88Xsicg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/9c1362-46fd-489a-bb95-669a8feb7147/1/SBL_SF_9eUppSAeK_k4Hav5hdjU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.96.0/22
Signature Algorithm: sha256WithRSAEncryption
15:b7:7a:c0:10:1f:1e:c6:77:3d:b6:f0:2b:96:64:f2:f0:b1:
d4:18:d6:1c:74:f5:61:c4:c4:71:01:cd:ef:d3:62:87:74:81:
87:42:d8:26:9e:8f:96:50:5c:bf:18:b2:01:32:b6:b0:b3:1d:
e1:c7:44:70:6b:12:86:e6:43:40:6b:6b:ab:c7:1c:8f:e9:20:
e7:48:2a:53:3f:80:da:29:f8:6e:23:17:ae:21:af:60:d0:bb:
23:d6:48:31:8b:96:87:77:62:cd:c0:6c:a1:7e:ee:49:b9:bb:
a8:c8:1e:ad:5c:67:9e:b2:5f:9d:cb:be:96:d3:0d:4c:59:be:
e3:86:8c:7d:92:a0:04:20:4a:6d:97:59:a7:3f:b8:bb:0d:61:
8d:51:e5:ce:42:45:43:60:57:57:f0:75:67:c3:c4:ee:94:24:
c7:76:5e:18:d8:64:f7:66:4a:a0:a8:a5:f9:39:c2:66:df:9e:
83:5c:ae:1f:bc:83:92:70:a5:6b:68:b1:25:15:59:a0:d8:f3:
37:78:89:f0:77:f2:48:71:d3:a9:e4:b4:57:5a:a5:e8:06:18:
98:67:62:b3:3c:e2:b6:50:8f:ca:a7:4a:3b:de:8e:c7:64:da:
48:5f:5d:20:73:d4:8e:2c:f5:fd:c7:25:56:5e:90:f0:95:fd:
64:35:71:be
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbQonh1pKThgeYzrtPaiIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MTJmZjQ4NWZmZDc5NGE2OTQ4MDc4YWZlNGUwNzZhZmU2
MTc2MzUwHhcNMjQwMTAxMDAyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGI4MjkzOTE1NmZlZmI4NzlmOTA0YTM3YjIzYzBmM2M1ZWM4OWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhlVLK4EehvITjemIJAn0+56rVgxS
uwXv2jUQZEFhL/uUKRITWu9wRPxAJKZkq7iw/zkhelEuPn1C0Ct3MD8o4KBd2Oma
jErzfYZ7FRa1nONF9pGS9lL9VGB7zgunrHurSAr1jPciFq/Vi+2Pg00tf0wrTk/b
pQ11L3nv+amvacLqnnYj9ya5GwuUiSqPtjQ+mYV1xfxgs61TqP2CKYM8pfF/2+2L
/s1vQdA9ebVXcxY7gcYoLD9gqjohQIVadUlQ520CRjC2Uw7M+cSIGn2RVdcXKxQJ
s82GnkTd02EQzoaw8fNbNKHhBJfh6HBgB8Dtj6xBDwF8E/3buukMNZIKKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL24KTkVb++4efkEo3sjwPPF7InIMB8GA1UdIwQY
MBaAFEgS/0hf/XlKaUgHiv5OB2r+YXY1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0JMX1NGXzllVXBwU0FlS19rNEhhdjVoZGpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS85YzEzNjItNDZmZC00ODlhLWJiOTUt
NjY5YThmZWI3MTQ3LzEvdmJncE9SVnY3N2g1LVFTamV5UEE4OFhzaWNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS85YzEzNjItNDZmZC00ODlhLWJiOTUtNjY5YThmZWI3MTQ3
LzEvU0JMX1NGXzllVXBwU0FlS19rNEhhdjVoZGpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCk05gMA0G
CSqGSIb3DQEBCwUAA4IBAQAVt3rAEB8exnc9tvArlmTy8LHUGNYcdPVhxMRxAc3v
02KHdIGHQtgmno+WUFy/GLIBMrawsx3hx0RwaxKG5kNAa2urxxyP6SDnSCpTP4Da
KfhuIxeuIa9g0Lsj1kgxi5aHd2LNwGyhfu5JubuoyB6tXGeesl+dy76W0w1MWb7j
hox9kqAEIEptl1mnP7i7DWGNUeXOQkVDYFdX8HVnw8TulCTHdl4Y2GT3ZkqgqKX5
OcJm356DXK4fvIOScKVraLElFVmg2PM3eInwd/JIcdOp5LRXWqXoBhiYZ2KzPOK2
UI/Kp0o73o7HZNpIX10gc9SOLPX9xyVWXpDwlf1kNXG+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:15 2024 by rpki-client on console-fra.rpki-client.org