Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/VZ3qN6Hj1rcnU0qrd5c073GcBrg.roa
File: VZ3qN6Hj1rcnU0qrd5c073GcBrg.roa (raw, json)
Hash identifier: D+WDm5kQwjowwJlfZYkjwmJOCoe3WPEIBnMRSu2Y34Y=
Subject key identifier: 55:9D:EA:37:A1:E3:D6:B7:27:53:4A:AB:77:97:34:EF:71:9C:06:B8
Certificate issuer: /CN=5b698c4b612afee2cbb1cdd509e4f0246fbb80e1
Certificate serial: 01856F94C927EEB399FD46C3F606502AF622
Authority key identifier: 5B:69:8C:4B:61:2A:FE:E2:CB:B1:CD:D5:09:E4:F0:24:6F:BB:80:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/VZ3qN6Hj1rcnU0qrd5c073GcBrg.roa
Signing time: Sun 01 Jan 2023 23:04:59 +0000
ROA not before: Sun 01 Jan 2023 23:04:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203558
IP address blocks: 188.75.71.0/24 maxlen: 24
188.75.109.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:94:c9:27:ee:b3:99:fd:46:c3:f6:06:50:2a:f6:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b698c4b612afee2cbb1cdd509e4f0246fbb80e1
Validity
Not Before: Jan 1 23:04:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=559dea37a1e3d6b727534aab779734ef719c06b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:2a:9b:f7:8d:62:83:ad:cf:70:63:fb:26:95:
b7:9a:4f:eb:f9:64:2f:0b:9f:e3:46:79:92:d6:bb:
91:cb:c2:18:47:b1:d2:84:f5:1e:39:86:60:bd:b1:
b1:56:54:b0:da:11:aa:cb:ee:82:35:a7:a1:bb:39:
6d:a9:a4:a9:14:11:a5:f1:12:98:77:11:b1:51:ca:
37:ac:ec:15:e1:0c:80:82:e9:8e:fb:4c:ef:83:0a:
6d:9a:8a:b0:8d:5f:0e:24:43:91:a5:2c:17:ec:ac:
dc:e6:f4:87:2a:1f:12:15:d4:98:af:20:ce:4d:c3:
15:ba:f6:60:df:43:bc:aa:88:6e:a3:89:85:d2:d7:
ad:77:98:09:2d:68:44:a9:0f:7f:2f:8f:c8:bb:a6:
c2:e6:a4:d9:40:b3:44:f4:e5:d1:92:c0:13:c2:5c:
43:66:8c:d9:54:01:8f:b6:02:98:f1:b8:75:3a:c8:
33:98:9f:bf:1e:10:ed:3b:54:72:d9:a0:7b:1d:a5:
67:d0:97:63:eb:73:af:81:45:7d:67:ac:f5:06:45:
3a:cf:51:a3:4c:74:69:ff:27:be:8c:5d:10:41:9a:
2b:f8:c5:19:9b:08:43:c3:90:3a:5a:7a:d9:9f:38:
97:49:0b:cd:82:a2:8c:67:15:7d:3f:c4:48:c1:12:
f8:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:9D:EA:37:A1:E3:D6:B7:27:53:4A:AB:77:97:34:EF:71:9C:06:B8
X509v3 Authority Key Identifier:
keyid:5B:69:8C:4B:61:2A:FE:E2:CB:B1:CD:D5:09:E4:F0:24:6F:BB:80:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/VZ3qN6Hj1rcnU0qrd5c073GcBrg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.75.71.0/24
188.75.109.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:14:a2:b7:3a:af:58:83:32:a9:76:56:79:a0:a5:6a:a6:ab:
b1:96:4c:2e:2f:7a:df:5a:5d:a2:3e:04:da:06:bf:be:9a:77:
6b:d2:11:27:ac:b3:a9:6a:e6:c2:f1:2b:c3:82:7f:40:87:7c:
a6:f6:8b:9c:26:31:d9:8b:d6:83:9c:38:c8:85:e7:db:71:be:
27:fe:b3:ee:33:f9:45:bc:6d:bf:e3:b8:56:3f:56:98:7e:48:
40:ec:09:a8:28:ce:d0:8d:15:79:8d:88:c8:99:bb:80:08:e8:
c8:93:c8:16:a0:2c:17:73:1b:91:e7:fe:f7:0d:9c:00:04:26:
df:d6:b1:fc:f8:f3:41:e0:7f:85:fb:e6:3e:50:ea:15:6f:f1:
eb:e8:74:44:fa:a6:05:ea:b8:0f:0f:87:44:07:a1:46:40:d3:
60:58:3a:e2:c0:42:a0:c0:f8:53:be:90:2d:c0:ba:62:0d:41:
f1:1f:9d:98:80:9d:61:f3:bf:47:52:08:a8:3a:83:83:bc:1b:
02:56:46:00:6d:86:e4:30:eb:d6:ee:30:07:01:32:1c:09:b2:
5d:73:a0:27:b3:fb:22:3b:c6:59:9d:20:ea:3f:47:b1:4f:71:
df:0e:fd:e5:fe:79:96:c9:5e:44:ab:b5:3a:5e:77:ff:c9:58:
55:4d:34:0b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvlMkn7rOZ/UbD9gZQKvYiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViNjk4YzRiNjEyYWZlZTJjYmIxY2RkNTA5ZTRmMDI0NmZi
YjgwZTEwHhcNMjMwMTAxMjMwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTlkZWEzN2ExZTNkNmI3Mjc1MzRhYWI3Nzk3MzRlZjcxOWMwNmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgSqb941ig63PcGP7JpW3mk/r+WQv
C5/jRnmS1ruRy8IYR7HShPUeOYZgvbGxVlSw2hGqy+6CNaehuzltqaSpFBGl8RKY
dxGxUco3rOwV4QyAgumO+0zvgwptmoqwjV8OJEORpSwX7Kzc5vSHKh8SFdSYryDO
TcMVuvZg30O8qohuo4mF0tetd5gJLWhEqQ9/L4/Iu6bC5qTZQLNE9OXRksATwlxD
ZozZVAGPtgKY8bh1OsgzmJ+/HhDtO1Ry2aB7HaVn0Jdj63OvgUV9Z6z1BkU6z1Gj
THRp/ye+jF0QQZor+MUZmwhDw5A6WnrZnziXSQvNgqKMZxV9P8RIwRL4CQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFWd6jeh49a3J1NKq3eXNO9xnAa4MB8GA1UdIwQY
MBaAFFtpjEthKv7iy7HN1Qnk8CRvu4DhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzJtTVMyRXFfdUxMc2MzVkNlVHdKRy03Z09FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9jMTZmNTUtYjQ0ZC00MGMzLTlkYWMt
Y2MyZmFmZTNhOGI0LzEvVlozcU42SGoxcmNuVTBxcmQ1YzA3M0djQnJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9jMTZmNTUtYjQ0ZC00MGMzLTlkYWMtY2MyZmFmZTNhOGI0
LzEvVzJtTVMyRXFfdUxMc2MzVkNlVHdKRy03Z09FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAvEtHAwQA
vEttMA0GCSqGSIb3DQEBCwUAA4IBAQCsFKK3Oq9YgzKpdlZ5oKVqpquxlkwuL3rf
Wl2iPgTaBr++mndr0hEnrLOpaubC8SvDgn9Ah3ym9oucJjHZi9aDnDjIhefbcb4n
/rPuM/lFvG2/47hWP1aYfkhA7AmoKM7QjRV5jYjImbuACOjIk8gWoCwXcxuR5/73
DZwABCbf1rH8+PNB4H+F++Y+UOoVb/Hr6HRE+qYF6rgPD4dEB6FGQNNgWDriwEKg
wPhTvpAtwLpiDUHxH52YgJ1h879HUgioOoODvBsCVkYAbYbkMOvW7jAHATIcCbJd
c6Ans/siO8ZZnSDqP0exT3HfDv3l/nmWyV5Eq7U6Xnf/yVhVTTQL
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:06 2024 by rpki-client on console-ams.rpki-client.org