Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/669ebf-ee7f-4eb7-8486-95ad92ac8698/1/VxbHRDf27eJwLqNjcM6QqV1zMeY.roa
File: VxbHRDf27eJwLqNjcM6QqV1zMeY.roa (raw, json)
Hash identifier: pK/sG+SLNEyil548gsis1iclm+JswJdi1hroGyhAKp8=
Subject key identifier: 57:16:C7:44:37:F6:ED:E2:70:2E:A3:63:70:CE:90:A9:5D:73:31:E6
Certificate issuer: /CN=1062bc36512658a0f7d3f96bc1d8e67d9fd4918b
Certificate serial: 01856DA662F5F6FA5157D481DE923E8C7EF2
Authority key identifier: 10:62:BC:36:51:26:58:A0:F7:D3:F9:6B:C1:D8:E6:7D:9F:D4:91:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EGK8NlEmWKD30_lrwdjmfZ_UkYs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/669ebf-ee7f-4eb7-8486-95ad92ac8698/1/VxbHRDf27eJwLqNjcM6QqV1zMeY.roa
Signing time: Sun 01 Jan 2023 14:04:58 +0000
ROA not before: Sun 01 Jan 2023 14:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197297
IP address blocks: 195.245.86.0/23 maxlen: 24
46.253.144.0/20 maxlen: 24
46.253.145.0/24 maxlen: 24
193.24.252.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:a6:62:f5:f6:fa:51:57:d4:81:de:92:3e:8c:7e:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1062bc36512658a0f7d3f96bc1d8e67d9fd4918b
Validity
Not Before: Jan 1 14:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5716c74437f6ede2702ea36370ce90a95d7331e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:ea:74:7a:20:4a:0a:66:8e:17:bb:77:7c:be:
42:6f:c0:30:01:89:1e:37:d9:af:a4:73:20:1c:31:
73:e0:ed:7c:1f:75:f3:5f:08:a1:4e:00:51:f2:c0:
5b:91:1d:72:7e:56:0d:19:6f:4a:da:81:a7:33:56:
c6:2c:88:67:b4:24:0c:f1:80:92:37:e6:9c:e1:f1:
5e:d1:2a:fc:74:6b:89:32:51:b3:91:f3:53:75:06:
a0:83:7b:cb:d9:02:7d:21:00:a5:ca:f7:a2:21:6e:
76:c7:b6:c9:32:2e:06:65:73:92:77:6e:1f:dc:2e:
4c:0e:47:ff:10:b6:cb:37:88:f3:c9:a3:b1:65:69:
90:f5:68:16:c9:67:35:69:74:ee:a8:80:37:81:ee:
ca:c5:4a:63:51:5e:37:e4:ec:1a:e8:8e:ca:1d:76:
0c:cb:d8:3f:79:43:89:f9:b0:fd:eb:9c:c4:cc:7e:
72:c7:68:db:62:b7:dc:90:5e:2f:0b:db:f9:c3:c2:
d8:71:48:76:b2:83:6a:06:44:b4:4f:7a:23:58:c1:
8c:69:20:f4:ef:13:86:c0:50:ce:fa:a3:08:ed:37:
2f:fb:73:2d:4b:49:04:f2:d4:80:5c:3f:66:93:c3:
0d:ad:43:2f:f5:4f:75:1d:65:c6:e6:81:d3:4e:d1:
71:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:16:C7:44:37:F6:ED:E2:70:2E:A3:63:70:CE:90:A9:5D:73:31:E6
X509v3 Authority Key Identifier:
keyid:10:62:BC:36:51:26:58:A0:F7:D3:F9:6B:C1:D8:E6:7D:9F:D4:91:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EGK8NlEmWKD30_lrwdjmfZ_UkYs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/669ebf-ee7f-4eb7-8486-95ad92ac8698/1/VxbHRDf27eJwLqNjcM6QqV1zMeY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/669ebf-ee7f-4eb7-8486-95ad92ac8698/1/EGK8NlEmWKD30_lrwdjmfZ_UkYs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.253.144.0/20
193.24.252.0/22
195.245.86.0/23
Signature Algorithm: sha256WithRSAEncryption
3d:1a:af:6f:a0:60:a0:c4:3f:d6:fd:4b:41:15:1b:57:8c:ad:
2b:bf:3b:e8:fa:6a:61:df:16:c3:3f:0c:38:07:11:0d:1a:df:
a3:5e:3d:02:57:70:0e:2f:42:85:58:65:e8:70:15:d7:6a:4e:
6c:12:c2:b4:30:ce:f3:4c:66:8f:44:47:7f:c5:be:3f:6d:86:
b5:7d:ef:75:5f:4b:e6:18:f2:69:a7:c9:c1:35:62:39:c1:ce:
28:d2:3c:e5:f6:a3:1b:69:bc:32:88:54:ce:1b:e7:1e:1c:f1:
07:59:a1:dd:08:6e:a7:d9:ce:cc:41:2e:e9:ef:da:d2:97:a8:
fe:5b:a2:90:42:8d:0c:9f:d8:6e:7c:ad:5f:8a:b9:e2:d4:a6:
1e:59:50:1f:49:4a:66:e7:95:b5:23:34:af:03:8b:ba:af:8c:
30:f8:79:22:45:fa:79:73:04:b4:ea:4c:70:40:3e:4b:71:e3:
cc:88:53:28:69:52:a1:0c:0a:c9:9e:e1:1d:60:b6:ce:e8:19:
01:af:28:98:dd:87:14:b5:59:6c:51:6d:7c:83:5a:42:35:b1:
31:0a:80:35:8b:69:ee:f9:4c:dd:ae:ec:05:51:9c:cc:ec:36:
a5:9c:cc:c1:89:c7:77:17:b3:ed:57:69:3c:0a:d5:ac:25:38:
f0:82:34:60
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVtpmL19vpRV9SB3pI+jH7yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNjJiYzM2NTEyNjU4YTBmN2QzZjk2YmMxZDhlNjdkOWZk
NDkxOGIwHhcNMjMwMTAxMTQwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzE2Yzc0NDM3ZjZlZGUyNzAyZWEzNjM3MGNlOTBhOTVkNzMzMWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwep0eiBKCmaOF7t3fL5Cb8AwAYke
N9mvpHMgHDFz4O18H3XzXwihTgBR8sBbkR1yflYNGW9K2oGnM1bGLIhntCQM8YCS
N+ac4fFe0Sr8dGuJMlGzkfNTdQagg3vL2QJ9IQClyveiIW52x7bJMi4GZXOSd24f
3C5MDkf/ELbLN4jzyaOxZWmQ9WgWyWc1aXTuqIA3ge7KxUpjUV435Owa6I7KHXYM
y9g/eUOJ+bD965zEzH5yx2jbYrfckF4vC9v5w8LYcUh2soNqBkS0T3ojWMGMaSD0
7xOGwFDO+qMI7Tcv+3MtS0kE8tSAXD9mk8MNrUMv9U91HWXG5oHTTtFxDwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFcWx0Q39u3icC6jY3DOkKldczHmMB8GA1UdIwQY
MBaAFBBivDZRJlig99P5a8HY5n2f1JGLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUdLOE5sRW1XS0QzMF9scndkam1mWl9Va1lzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC82NjllYmYtZWU3Zi00ZWI3LTg0ODYt
OTVhZDkyYWM4Njk4LzEvVnhiSFJEZjI3ZUp3THFOamNNNlFxVjF6TWVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC82NjllYmYtZWU3Zi00ZWI3LTg0ODYtOTVhZDkyYWM4Njk4
LzEvRUdLOE5sRW1XS0QzMF9scndkam1mWl9Va1lzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQELv2QAwQC
wRj8AwQBw/VWMA0GCSqGSIb3DQEBCwUAA4IBAQA9Gq9voGCgxD/W/UtBFRtXjK0r
vzvo+mph3xbDPww4BxENGt+jXj0CV3AOL0KFWGXocBXXak5sEsK0MM7zTGaPREd/
xb4/bYa1fe91X0vmGPJpp8nBNWI5wc4o0jzl9qMbabwyiFTOG+ceHPEHWaHdCG6n
2c7MQS7p79rSl6j+W6KQQo0Mn9hufK1firni1KYeWVAfSUpm55W1IzSvA4u6r4ww
+HkiRfp5cwS06kxwQD5LcePMiFMoaVKhDArJnuEdYLbO6BkBryiY3YcUtVlsUW18
g1pCNbExCoA1i2nu+UzdruwFUZzM7DalnMzBicd3F7PtV2k8CtWsJTjwgjRg
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:04 2024 by rpki-client on console-ams.rpki-client.org