Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/e5c0b6-8788-4bb9-b885-3fbfb94d9100/1/vcxg-lfKTn1nXqSXKt812PuUNFI.roa
File: vcxg-lfKTn1nXqSXKt812PuUNFI.roa (raw, json)
Hash identifier: 0j+2mYKQrCQgIQL7YoLdaQMX4f6BmQuFSpdFCFvHcE4=
Subject key identifier: BD:CC:60:FA:57:CA:4E:7D:67:5E:A4:97:2A:DF:35:D8:FB:94:34:52
Certificate issuer: /CN=09b9d37450b62ae3f144eb42ac52ce243b628a7a
Certificate serial: 01856C0115D7991EB138F5A3BF87EBEAFAA9
Authority key identifier: 09:B9:D3:74:50:B6:2A:E3:F1:44:EB:42:AC:52:CE:24:3B:62:8A:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CbnTdFC2KuPxROtCrFLOJDtiino.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/e5c0b6-8788-4bb9-b885-3fbfb94d9100/1/vcxg-lfKTn1nXqSXKt812PuUNFI.roa
Signing time: Sun 01 Jan 2023 06:24:48 +0000
ROA not before: Sun 01 Jan 2023 06:24:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43431
IP address blocks: 185.150.19.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:01:15:d7:99:1e:b1:38:f5:a3:bf:87:eb:ea:fa:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09b9d37450b62ae3f144eb42ac52ce243b628a7a
Validity
Not Before: Jan 1 06:24:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bdcc60fa57ca4e7d675ea4972adf35d8fb943452
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:7f:94:97:e1:25:22:dd:62:34:47:d0:31:c9:
bf:a6:37:2c:b0:a6:bb:28:3a:cd:69:95:49:dd:ab:
c0:ad:fb:9a:b7:59:2e:96:07:a4:c7:53:15:e2:07:
81:89:d0:b3:b7:f1:99:96:7e:36:e8:f9:f2:f7:4d:
3e:2f:ed:e8:94:96:a9:b7:a5:95:f4:a7:64:4f:79:
ef:59:f0:4e:c6:f8:ee:a0:66:45:c9:47:b3:6b:48:
dc:36:8e:e4:a9:a9:82:69:c3:d7:fb:2c:97:9c:c5:
9c:7d:e8:31:7f:52:55:7d:94:d6:41:1c:f4:fe:5b:
40:71:7b:0d:f4:2d:07:9f:3a:bc:c0:32:3e:e0:b6:
83:92:86:dd:1a:a9:93:1a:3b:3a:fe:5d:12:79:c6:
9f:e2:ca:ad:3b:08:68:87:c2:c9:9e:fb:76:33:fc:
a3:aa:e1:84:80:b1:74:29:4b:35:80:7a:48:7f:e1:
84:f2:21:13:9d:e2:28:02:cb:53:c9:85:13:9f:bc:
71:19:77:fc:2a:b1:44:05:27:55:2c:8e:35:4a:b4:
8a:8c:ca:0b:36:d1:2c:10:fa:15:38:80:4c:57:28:
57:a1:ba:2a:51:b2:38:20:53:9f:7e:2e:85:14:76:
ce:23:f0:dd:eb:44:4a:e0:65:a1:61:1d:ae:74:fe:
8f:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:CC:60:FA:57:CA:4E:7D:67:5E:A4:97:2A:DF:35:D8:FB:94:34:52
X509v3 Authority Key Identifier:
keyid:09:B9:D3:74:50:B6:2A:E3:F1:44:EB:42:AC:52:CE:24:3B:62:8A:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CbnTdFC2KuPxROtCrFLOJDtiino.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/e5c0b6-8788-4bb9-b885-3fbfb94d9100/1/vcxg-lfKTn1nXqSXKt812PuUNFI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/e5c0b6-8788-4bb9-b885-3fbfb94d9100/1/CbnTdFC2KuPxROtCrFLOJDtiino.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.150.19.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:4b:3f:04:9e:65:a0:82:9b:3d:1a:b4:44:bc:82:66:b7:35:
7b:7c:76:0a:83:e2:87:2e:e0:5d:a8:2c:2e:63:57:f4:8e:32:
a4:43:5a:f2:8e:d1:81:bf:4c:cc:bc:60:9d:f4:c7:b1:c9:15:
bf:08:a8:ad:b8:7a:08:bb:d5:ea:90:7a:6e:9e:50:c2:40:c4:
21:2b:13:61:6c:79:9f:70:c5:3d:83:bf:66:42:c1:ee:cd:1a:
2e:78:f6:28:65:44:7b:f8:c5:05:67:64:1f:0c:9d:76:44:a9:
32:d8:3c:ad:ac:54:5b:c5:8a:3f:29:37:68:5d:34:08:04:d6:
39:36:70:2c:33:7d:09:a5:1e:49:6b:23:a3:06:95:84:45:40:
97:47:f8:ab:b3:1c:db:07:c5:36:34:c0:e8:2c:f1:34:2a:44:
f2:1c:e9:26:eb:72:d9:87:e7:2b:df:52:72:e9:bd:e6:30:ba:
7e:db:c8:9f:0a:f7:09:ab:24:0b:c7:37:1c:de:54:25:0a:28:
08:23:5b:08:e2:f0:2e:80:94:9f:e2:74:75:dc:3f:42:24:d4:
61:bc:43:6b:94:ff:b1:21:3f:59:a1:73:19:fa:a7:ea:dd:2c:
9a:24:08:f7:9e:ed:06:e2:33:87:14:e1:57:48:88:6b:00:11:
6b:7e:58:0c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsARXXmR6xOPWjv4fr6vqpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5YjlkMzc0NTBiNjJhZTNmMTQ0ZWI0MmFjNTJjZTI0M2I2
MjhhN2EwHhcNMjMwMTAxMDYyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGNjNjBmYTU3Y2E0ZTdkNjc1ZWE0OTcyYWRmMzVkOGZiOTQzNDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3+Ul+ElIt1iNEfQMcm/pjcssKa7
KDrNaZVJ3avArfuat1kulgekx1MV4geBidCzt/GZln426Pny900+L+3olJapt6WV
9KdkT3nvWfBOxvjuoGZFyUeza0jcNo7kqamCacPX+yyXnMWcfegxf1JVfZTWQRz0
/ltAcXsN9C0Hnzq8wDI+4LaDkobdGqmTGjs6/l0Secaf4sqtOwhoh8LJnvt2M/yj
quGEgLF0KUs1gHpIf+GE8iETneIoAstTyYUTn7xxGXf8KrFEBSdVLI41SrSKjMoL
NtEsEPoVOIBMVyhXoboqUbI4IFOffi6FFHbOI/Dd60RK4GWhYR2udP6P7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL3MYPpXyk59Z16klyrfNdj7lDRSMB8GA1UdIwQY
MBaAFAm503RQtirj8UTrQqxSziQ7Yop6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2JuVGRGQzJLdVB4Uk90Q3JGTE9KRHRpaW5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9lNWMwYjYtODc4OC00YmI5LWI4ODUt
M2ZiZmI5NGQ5MTAwLzEvdmN4Zy1sZktUbjFuWHFTWEt0ODEyUHVVTkZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9lNWMwYjYtODc4OC00YmI5LWI4ODUtM2ZiZmI5NGQ5MTAw
LzEvQ2JuVGRGQzJLdVB4Uk90Q3JGTE9KRHRpaW5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZYTMA0G
CSqGSIb3DQEBCwUAA4IBAQAOSz8EnmWggps9GrREvIJmtzV7fHYKg+KHLuBdqCwu
Y1f0jjKkQ1ryjtGBv0zMvGCd9MexyRW/CKituHoIu9XqkHpunlDCQMQhKxNhbHmf
cMU9g79mQsHuzRouePYoZUR7+MUFZ2QfDJ12RKky2DytrFRbxYo/KTdoXTQIBNY5
NnAsM30JpR5JayOjBpWERUCXR/irsxzbB8U2NMDoLPE0KkTyHOkm63LZh+cr31Jy
6b3mMLp+28ifCvcJqyQLxzcc3lQlCigII1sI4vAugJSf4nR13D9CJNRhvENrlP+x
IT9ZoXMZ+qfq3SyaJAj3nu0G4jOHFOFXSIhrABFrflgM
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:52 2023 by rpki-client on console-ams.rpki-client.org