Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/43d63a-a936-4593-8826-ebb3982c2eb0/1/VvP4dfiMKWCmYzTHoHjZ7fHmrwo.roa
File: VvP4dfiMKWCmYzTHoHjZ7fHmrwo.roa (raw, json)
Hash identifier: vtWkjfNJsl2qr5n5+8bw8YibORZ79rkn4L4LOEA6cxg=
Subject key identifier: 56:F3:F8:75:F8:8C:29:60:A6:63:34:C7:A0:78:D9:ED:F1:E6:AF:0A
Certificate issuer: /CN=60dc5a00368d8ae1fba995431f03a4131add8a9a
Certificate serial: 01899827B7DA882A93414087BD335057AECA
Authority key identifier: 60:DC:5A:00:36:8D:8A:E1:FB:A9:95:43:1F:03:A4:13:1A:DD:8A:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YNxaADaNiuH7qZVDHwOkExrdipo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/43d63a-a936-4593-8826-ebb3982c2eb0/1/VvP4dfiMKWCmYzTHoHjZ7fHmrwo.roa
Signing time: Thu 27 Jul 2023 16:21:26 +0000
ROA not before: Thu 27 Jul 2023 16:21:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41085
IP address blocks: 195.189.102.0/24 maxlen: 24
195.189.102.0/23 maxlen: 23
195.189.100.0/22 maxlen: 22
195.189.103.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:98:27:b7:da:88:2a:93:41:40:87:bd:33:50:57:ae:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60dc5a00368d8ae1fba995431f03a4131add8a9a
Validity
Not Before: Jul 27 16:21:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=56f3f875f88c2960a66334c7a078d9edf1e6af0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:1b:88:06:09:e8:f6:a2:e4:44:dc:d9:8e:b3:
7c:ef:19:be:fb:04:2a:50:7a:15:61:45:d7:b1:d0:
7d:57:f6:af:36:73:4f:e5:70:f6:87:b3:32:01:e4:
0f:b2:c1:a2:b8:b4:d8:1b:56:d9:b1:71:23:7f:41:
ca:af:1e:29:d3:cc:1c:37:cd:85:58:12:3a:10:31:
26:b8:50:a2:f9:5f:19:fd:bb:1a:cb:6a:38:f7:22:
30:e3:98:5e:f6:16:66:31:a5:34:a2:0f:d5:07:f4:
11:31:f9:88:2e:46:53:3e:22:69:0f:38:06:13:70:
7c:6b:0a:6f:b3:61:0e:74:43:57:01:59:b1:a5:e8:
08:40:ee:8f:a9:bc:cd:48:20:fa:72:29:f7:d7:73:
5a:54:29:8e:37:95:8b:7f:eb:f0:e0:a1:7c:33:18:
b3:c4:77:6b:3b:ba:ad:38:65:6b:13:89:8d:9e:e2:
6e:20:30:ad:3c:bc:f3:c7:e0:a6:de:62:03:46:af:
67:d3:75:f2:85:9a:9f:ae:a0:04:63:bc:d6:c4:a6:
13:a9:09:df:72:b7:4d:57:19:7d:0f:10:25:1a:7b:
1f:dd:4e:af:78:e0:e0:cf:f7:82:c6:f5:e1:e9:fc:
b1:af:93:fe:81:98:b3:19:6b:13:38:db:39:5a:8e:
47:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:F3:F8:75:F8:8C:29:60:A6:63:34:C7:A0:78:D9:ED:F1:E6:AF:0A
X509v3 Authority Key Identifier:
keyid:60:DC:5A:00:36:8D:8A:E1:FB:A9:95:43:1F:03:A4:13:1A:DD:8A:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YNxaADaNiuH7qZVDHwOkExrdipo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/43d63a-a936-4593-8826-ebb3982c2eb0/1/VvP4dfiMKWCmYzTHoHjZ7fHmrwo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/43d63a-a936-4593-8826-ebb3982c2eb0/1/YNxaADaNiuH7qZVDHwOkExrdipo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.189.100.0/22
Signature Algorithm: sha256WithRSAEncryption
57:b3:e9:46:a5:85:a3:5d:2c:1e:04:de:3c:dd:c6:00:35:06:
3e:50:53:21:b7:57:01:e0:1d:f4:77:95:34:3e:a3:78:03:67:
cb:fc:68:c5:3e:17:ce:e4:93:a4:10:e8:8a:c9:18:f8:b6:82:
08:d5:90:6d:be:46:05:6b:f8:2a:d8:13:a8:cf:94:74:bd:4a:
73:5e:09:f8:0a:df:92:9a:38:b4:c0:77:d3:e4:27:7d:ad:89:
35:0f:52:7c:09:99:a7:e8:65:3f:7e:dc:56:76:6f:75:a9:36:
cc:cf:72:fe:f3:a1:32:a2:d8:12:2d:df:28:99:62:8e:c3:2b:
49:8a:c7:2f:8c:3c:60:d6:64:72:ff:c9:5d:5e:06:35:55:57:
37:1f:9d:bf:cc:f5:40:d4:19:85:ca:32:06:91:a1:44:dd:51:
45:de:31:85:d2:e1:5a:5e:c6:a9:18:cb:8e:45:f3:c3:df:19:
43:19:e1:e6:ac:9c:d5:eb:c5:d5:25:ee:c3:02:44:4f:b3:b5:
52:24:17:94:9b:c1:fc:af:fd:5e:4e:9d:9f:0b:5c:0d:02:ce:
e0:52:43:f0:bb:76:ac:de:8f:2f:d9:16:bf:90:00:76:a7:2c:
06:07:fc:08:1b:bb:0f:3b:c7:b6:b9:14:9c:c0:83:80:5d:c2:
7a:e5:e9:1d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYmYJ7faiCqTQUCHvTNQV67KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwZGM1YTAwMzY4ZDhhZTFmYmE5OTU0MzFmMDNhNDEzMWFk
ZDhhOWEwHhcNMjMwNzI3MTYyMTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmYzZjg3NWY4OGMyOTYwYTY2MzM0YzdhMDc4ZDllZGYxZTZhZjBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAghuIBgno9qLkRNzZjrN87xm++wQq
UHoVYUXXsdB9V/avNnNP5XD2h7MyAeQPssGiuLTYG1bZsXEjf0HKrx4p08wcN82F
WBI6EDEmuFCi+V8Z/bsay2o49yIw45he9hZmMaU0og/VB/QRMfmILkZTPiJpDzgG
E3B8awpvs2EOdENXAVmxpegIQO6PqbzNSCD6cin313NaVCmON5WLf+vw4KF8Mxiz
xHdrO7qtOGVrE4mNnuJuIDCtPLzzx+Cm3mIDRq9n03XyhZqfrqAEY7zWxKYTqQnf
crdNVxl9DxAlGnsf3U6veODgz/eCxvXh6fyxr5P+gZizGWsTONs5Wo5HRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFbz+HX4jClgpmM0x6B42e3x5q8KMB8GA1UdIwQY
MBaAFGDcWgA2jYrh+6mVQx8DpBMa3YqaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWU54YUFEYU5pdUg3cVpWREh3T2tFeHJkaXBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi80M2Q2M2EtYTkzNi00NTkzLTg4MjYt
ZWJiMzk4MmMyZWIwLzEvVnZQNGRmaU1LV0NtWXpUSG9Ialo3ZkhtcndvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi80M2Q2M2EtYTkzNi00NTkzLTg4MjYtZWJiMzk4MmMyZWIw
LzEvWU54YUFEYU5pdUg3cVpWREh3T2tFeHJkaXBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCw71kMA0G
CSqGSIb3DQEBCwUAA4IBAQBXs+lGpYWjXSweBN483cYANQY+UFMht1cB4B30d5U0
PqN4A2fL/GjFPhfO5JOkEOiKyRj4toII1ZBtvkYFa/gq2BOoz5R0vUpzXgn4Ct+S
mji0wHfT5Cd9rYk1D1J8CZmn6GU/ftxWdm91qTbMz3L+86EyotgSLd8omWKOwytJ
iscvjDxg1mRy/8ldXgY1VVc3H52/zPVA1BmFyjIGkaFE3VFF3jGF0uFaXsapGMuO
RfPD3xlDGeHmrJzV68XVJe7DAkRPs7VSJBeUm8H8r/1eTp2fC1wNAs7gUkPwu3as
3o8v2Ra/kAB2pywGB/wIG7sPO8e2uRScwIOAXcJ65ekd
-----END CERTIFICATE-----
Generated at Tue Sep 5 12:42:13 2023 by rpki-client on console-ams.rpki-client.org