Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/bab194-5e24-4ead-8f49-37ed99143aae/1/vtSbb2Rs99OnqlnP1Hz3LDunvYM.roa
File: vtSbb2Rs99OnqlnP1Hz3LDunvYM.roa (raw, json)
Hash identifier: my+b26Nyme5+balsxw4TOL3cnsU0ddqSogh7oPjOUOo=
Subject key identifier: BE:D4:9B:6F:64:6C:F7:D3:A7:AA:59:CF:D4:7C:F7:2C:3B:A7:BD:83
Certificate issuer: /CN=44f885220f1719f5837cb5a36fa62f3f537e8e3f
Certificate serial: 01856E5D4C0F27658BA418E8468F934EF26D
Authority key identifier: 44:F8:85:22:0F:17:19:F5:83:7C:B5:A3:6F:A6:2F:3F:53:7E:8E:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RPiFIg8XGfWDfLWjb6YvP1N-jj8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/bab194-5e24-4ead-8f49-37ed99143aae/1/vtSbb2Rs99OnqlnP1Hz3LDunvYM.roa
Signing time: Sun 01 Jan 2023 17:24:46 +0000
ROA not before: Sun 01 Jan 2023 17:24:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44548
IP address blocks: 91.220.199.0/24 maxlen: 24
195.93.156.0/24 maxlen: 24
195.93.157.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 30 Jun 2023 13:37:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:5d:4c:0f:27:65:8b:a4:18:e8:46:8f:93:4e:f2:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44f885220f1719f5837cb5a36fa62f3f537e8e3f
Validity
Not Before: Jan 1 17:24:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bed49b6f646cf7d3a7aa59cfd47cf72c3ba7bd83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:07:ad:29:8d:71:00:b5:72:8a:6c:81:fa:c3:
03:41:d7:d1:71:cb:ef:1a:c1:3a:63:1b:37:d1:13:
9d:9d:84:6c:eb:1a:4d:ff:07:01:8e:68:2d:cc:1e:
cb:73:86:2b:8e:7b:33:93:00:7c:0c:c0:d9:58:26:
49:80:48:5e:23:8c:55:5a:ed:37:da:72:7e:e4:86:
a1:0c:2f:1e:78:e8:4d:48:26:59:cf:c7:1c:92:d5:
fa:56:3b:44:6c:f8:b9:27:8e:5a:c4:f7:26:9c:0f:
a4:a4:27:7c:1f:31:fb:95:11:c1:88:82:24:b3:2d:
c0:a3:8b:3b:82:08:d2:73:34:05:be:39:8d:6e:64:
48:13:32:d8:50:da:12:3d:40:7a:38:34:ce:68:a9:
12:ed:47:7c:86:a1:ea:b8:0f:29:7b:bd:97:0a:0e:
38:80:7b:45:4b:39:65:d9:0f:aa:c8:2d:ef:d7:09:
c4:26:fa:0f:43:0c:70:99:fa:94:50:c4:c9:f1:de:
90:ff:95:88:fd:f6:c2:66:c4:a0:b2:76:78:35:e2:
dc:37:a5:69:b5:cc:cb:20:6f:02:fe:63:eb:35:55:
62:3b:7f:71:6b:b3:07:80:8e:ef:98:a9:c5:bd:68:
da:9c:81:dc:c4:f0:e2:d6:fc:c5:2a:cb:7a:49:e0:
a0:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:D4:9B:6F:64:6C:F7:D3:A7:AA:59:CF:D4:7C:F7:2C:3B:A7:BD:83
X509v3 Authority Key Identifier:
keyid:44:F8:85:22:0F:17:19:F5:83:7C:B5:A3:6F:A6:2F:3F:53:7E:8E:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RPiFIg8XGfWDfLWjb6YvP1N-jj8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/bab194-5e24-4ead-8f49-37ed99143aae/1/vtSbb2Rs99OnqlnP1Hz3LDunvYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/bab194-5e24-4ead-8f49-37ed99143aae/1/RPiFIg8XGfWDfLWjb6YvP1N-jj8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.199.0/24
195.93.156.0/23
Signature Algorithm: sha256WithRSAEncryption
5b:38:5d:ac:3e:36:f6:85:f3:59:2c:a9:6b:4d:04:91:1f:af:
fc:9d:17:e3:c8:b7:fd:65:d4:e4:1b:97:1d:ed:c8:30:aa:e1:
d0:79:82:45:9d:a7:10:af:c2:eb:6a:6b:fb:10:34:4e:2b:22:
28:55:06:4b:fa:60:37:c2:59:17:aa:03:aa:d0:c9:a0:cd:ca:
ec:72:7f:8d:3f:b5:74:9c:7f:9b:8c:31:44:a1:b0:6d:b2:9c:
b8:dc:b4:a7:20:08:67:99:7d:d0:7a:31:9b:25:c6:b2:ba:17:
9c:01:99:6e:51:cb:97:be:03:b1:ca:40:2d:dd:58:30:a2:47:
e1:fe:01:94:32:27:ca:3b:ef:e8:e1:27:dd:8a:61:6a:26:c6:
6d:01:ed:be:ac:b4:a6:97:4a:a2:6d:98:7c:93:cd:5d:f5:9e:
56:5e:f0:fd:64:91:b7:4d:96:8f:9f:19:02:d0:d5:4a:8d:44:
ae:8b:24:09:c0:d2:f7:bb:09:fa:86:f9:45:a5:f8:61:f6:5c:
7a:0b:40:fd:e9:5e:3e:63:92:56:3e:48:f8:26:39:f7:67:6c:
38:6c:df:9b:82:b5:88:a7:86:de:2e:cb:51:45:01:90:05:be:
ff:c0:e2:ae:a7:85:9e:e9:9e:87:e5:ec:b4:58:26:26:65:d1:
53:c7:c0:f5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVuXUwPJ2WLpBjoRo+TTvJtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0Zjg4NTIyMGYxNzE5ZjU4MzdjYjVhMzZmYTYyZjNmNTM3
ZThlM2YwHhcNMjMwMTAxMTcyNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWQ0OWI2ZjY0NmNmN2QzYTdhYTU5Y2ZkNDdjZjcyYzNiYTdiZDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2getKY1xALVyimyB+sMDQdfRccvv
GsE6Yxs30ROdnYRs6xpN/wcBjmgtzB7Lc4YrjnszkwB8DMDZWCZJgEheI4xVWu03
2nJ+5IahDC8eeOhNSCZZz8ccktX6VjtEbPi5J45axPcmnA+kpCd8HzH7lRHBiIIk
sy3Ao4s7ggjSczQFvjmNbmRIEzLYUNoSPUB6ODTOaKkS7Ud8hqHquA8pe72XCg44
gHtFSzll2Q+qyC3v1wnEJvoPQwxwmfqUUMTJ8d6Q/5WI/fbCZsSgsnZ4NeLcN6Vp
tczLIG8C/mPrNVViO39xa7MHgI7vmKnFvWjanIHcxPDi1vzFKst6SeCgiQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFL7Um29kbPfTp6pZz9R89yw7p72DMB8GA1UdIwQY
MBaAFET4hSIPFxn1g3y1o2+mLz9Tfo4/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlBpRklnOFhHZldEZkxXamI2WXZQMU4tamo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9iYWIxOTQtNWUyNC00ZWFkLThmNDkt
MzdlZDk5MTQzYWFlLzEvdnRTYmIyUnM5OU9ucWxuUDFIejNMRHVudllNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9iYWIxOTQtNWUyNC00ZWFkLThmNDktMzdlZDk5MTQzYWFl
LzEvUlBpRklnOFhHZldEZkxXamI2WXZQMU4tamo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9zHAwQB
w12cMA0GCSqGSIb3DQEBCwUAA4IBAQBbOF2sPjb2hfNZLKlrTQSRH6/8nRfjyLf9
ZdTkG5cd7cgwquHQeYJFnacQr8Lramv7EDROKyIoVQZL+mA3wlkXqgOq0Mmgzcrs
cn+NP7V0nH+bjDFEobBtspy43LSnIAhnmX3QejGbJcayuhecAZluUcuXvgOxykAt
3Vgwokfh/gGUMifKO+/o4SfdimFqJsZtAe2+rLSml0qibZh8k81d9Z5WXvD9ZJG3
TZaPnxkC0NVKjUSuiyQJwNL3uwn6hvlFpfhh9lx6C0D96V4+Y5JWPkj4Jjn3Z2w4
bN+bgrWIp4beLstRRQGQBb7/wOKup4We6Z6H5ey0WCYmZdFTx8D1
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:12:06 2024 by rpki-client on console-ams.rpki-client.org