Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/vBQv2kDKqbl30jXbNWNKhlK5DEw.roa
File: vBQv2kDKqbl30jXbNWNKhlK5DEw.roa (raw, json)
Hash identifier: QL3Ml+Ot8ryhgVksZlkd52U0UP/zwKWsNnl7wNVNzBE=
Subject key identifier: BC:14:2F:DA:40:CA:A9:B9:77:D2:35:DB:35:63:4A:86:52:B9:0C:4C
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018C81E9684FC3FB2CD7052D71E2C193DC23
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/vBQv2kDKqbl30jXbNWNKhlK5DEw.roa
Signing time: Tue 19 Dec 2023 11:50:06 +0000
ROA not before: Tue 19 Dec 2023 11:50:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31133
IP address blocks: 92.38.42.0/24 maxlen: 24
92.38.80.0/22 maxlen: 24
146.158.88.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:81:e9:68:4f:c3:fb:2c:d7:05:2d:71:e2:c1:93:dc:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Dec 19 11:50:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bc142fda40caa9b977d235db35634a8652b90c4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:dd:6f:0e:41:1f:47:a9:38:b8:55:14:da:0b:
0e:39:7a:70:9e:cc:41:39:b4:46:ac:a8:3c:be:93:
27:5b:7a:25:8a:d5:a7:bc:71:95:bd:cb:ba:9e:b7:
0a:79:27:c1:34:ce:bf:6f:3a:5f:e3:7f:98:14:e0:
ee:5f:3c:63:f3:29:b0:ab:6a:4a:80:6d:aa:9d:0d:
31:64:1b:a1:bb:6a:e2:9a:f0:2f:b8:52:b8:a4:13:
84:e7:af:9c:33:7e:60:38:2d:fd:af:00:bf:7f:1d:
0e:12:7e:59:7b:51:78:2a:b9:d1:f3:5f:de:f9:f6:
b7:33:18:f8:9a:ae:73:0a:67:b0:72:4b:33:37:2e:
d9:7d:4b:da:14:6b:36:f0:d2:b8:74:7d:3f:10:94:
38:f5:70:06:ab:2e:62:a5:03:84:b9:95:af:ca:c9:
52:01:88:b5:03:a5:3a:60:b5:86:a7:89:f5:b0:c8:
b6:5f:f0:db:3e:73:f2:f7:f1:bf:cf:f9:bc:52:f3:
36:56:f4:da:47:46:0b:bd:ee:31:e6:39:d0:90:ae:
7c:aa:6a:6c:fc:a6:d1:23:06:fb:1a:36:28:d2:1b:
29:a7:9e:dd:a4:1d:0b:f3:78:e5:86:d9:86:83:e9:
0b:0d:6c:b1:a5:e6:2e:18:06:9d:06:aa:d3:bb:1f:
a5:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:14:2F:DA:40:CA:A9:B9:77:D2:35:DB:35:63:4A:86:52:B9:0C:4C
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/vBQv2kDKqbl30jXbNWNKhlK5DEw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.38.42.0/24
92.38.80.0/22
146.158.88.0/22
Signature Algorithm: sha256WithRSAEncryption
23:6b:26:fa:9c:b5:ae:f6:a8:42:85:fd:37:f2:24:41:69:4a:
d0:61:5c:c7:a6:82:04:f9:73:dd:1e:e9:44:8f:64:4f:23:d9:
85:78:87:a7:7c:12:c9:7f:85:75:ec:99:24:7c:1b:cf:ef:30:
11:ae:24:bc:36:ab:74:d2:f0:2a:2c:f8:3e:30:57:ef:ab:7f:
b7:8f:bd:ed:c6:86:d2:e0:ca:60:6b:88:c5:00:58:92:2e:0c:
db:83:f7:9d:46:d3:46:fe:11:c8:e5:3f:a0:1d:d3:16:37:c1:
c5:5b:d1:07:24:fe:19:52:eb:c4:d3:8d:5e:e9:bb:ab:82:fa:
4f:8a:0a:71:c9:9e:9d:5b:a8:6e:0e:3c:bd:70:b4:99:9a:24:
d8:7e:12:bb:87:8b:c1:17:02:72:72:5a:66:18:74:a5:e6:f1:
06:fb:9b:12:81:9a:c5:7c:5d:88:59:3d:cd:9e:71:c8:7c:f1:
71:36:85:75:c1:af:c1:85:c3:11:9a:3e:81:f9:38:33:21:9c:
48:9e:99:a5:06:f0:cc:67:6d:5e:7b:af:34:b6:12:08:91:76:
f4:8e:37:fc:82:02:89:15:7b:5e:f5:9a:36:34:f9:1c:6e:2a:
d6:6d:55:fd:b2:a5:de:8b:01:25:73:fb:b0:5b:32:ee:d0:b9:
84:da:b3:89
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYyB6WhPw/ss1wUtceLBk9wjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMxMjE5MTE1MDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzE0MmZkYTQwY2FhOWI5NzdkMjM1ZGIzNTYzNGE4NjUyYjkwYzRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhd1vDkEfR6k4uFUU2gsOOXpwnsxB
ObRGrKg8vpMnW3olitWnvHGVvcu6nrcKeSfBNM6/bzpf43+YFODuXzxj8ymwq2pK
gG2qnQ0xZBuhu2rimvAvuFK4pBOE56+cM35gOC39rwC/fx0OEn5Ze1F4KrnR81/e
+fa3Mxj4mq5zCmewckszNy7ZfUvaFGs28NK4dH0/EJQ49XAGqy5ipQOEuZWvyslS
AYi1A6U6YLWGp4n1sMi2X/DbPnPy9/G/z/m8UvM2VvTaR0YLve4x5jnQkK58qmps
/KbRIwb7GjYo0hspp57dpB0L83jlhtmGg+kLDWyxpeYuGAadBqrTux+l6QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLwUL9pAyqm5d9I12zVjSoZSuQxMMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvdkJRdjJrREtxYmwzMGpYYk5XTktobEs1REV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAXCYqAwQC
XCZQAwQCkp5YMA0GCSqGSIb3DQEBCwUAA4IBAQAjayb6nLWu9qhChf038iRBaUrQ
YVzHpoIE+XPdHulEj2RPI9mFeIenfBLJf4V17JkkfBvP7zARriS8Nqt00vAqLPg+
MFfvq3+3j73txobS4Mpga4jFAFiSLgzbg/edRtNG/hHI5T+gHdMWN8HFW9EHJP4Z
UuvE041e6burgvpPigpxyZ6dW6huDjy9cLSZmiTYfhK7h4vBFwJyclpmGHSl5vEG
+5sSgZrFfF2IWT3NnnHIfPFxNoV1wa/BhcMRmj6B+TgzIZxInpmlBvDMZ21ee680
thIIkXb0jjf8ggKJFXte9Zo2NPkcbirWbVX9sqXeiwElc/uwWzLu0LmE2rOJ
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:34:32 2024 by rpki-client on console-fra.rpki-client.org