Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/c38797-d7fa-4a57-9f83-a16a34c46f30/1/VDPX5BXO_eDlhNmECFdMIESqkH0.roa
File: VDPX5BXO_eDlhNmECFdMIESqkH0.roa (raw, json)
Hash identifier: ncR26CbGCSkYpReS77F7sM00bg8GztnnMw9gjEua3Mw=
Subject key identifier: 54:33:D7:E4:15:CE:FD:E0:E5:84:D9:84:08:57:4C:20:44:AA:90:7D
Certificate issuer: /CN=38879a78a58a485ccd8970f0432db8f3d771725b
Certificate serial: 01856FA71EE7CA3C6EEBC2C2CC6103C6972D
Authority key identifier: 38:87:9A:78:A5:8A:48:5C:CD:89:70:F0:43:2D:B8:F3:D7:71:72:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OIeaeKWKSFzNiXDwQy2489dxcls.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/c38797-d7fa-4a57-9f83-a16a34c46f30/1/VDPX5BXO_eDlhNmECFdMIESqkH0.roa
Signing time: Sun 01 Jan 2023 23:25:01 +0000
ROA not before: Sun 01 Jan 2023 23:25:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207006
IP address blocks: 185.196.232.0/22 maxlen: 24
2a0a:73c0::/29 maxlen: 64
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:a7:1e:e7:ca:3c:6e:eb:c2:c2:cc:61:03:c6:97:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38879a78a58a485ccd8970f0432db8f3d771725b
Validity
Not Before: Jan 1 23:25:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5433d7e415cefde0e584d98408574c2044aa907d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:00:d2:62:5e:4a:75:63:d2:d3:64:e5:c9:3e:
0d:32:95:3b:49:ac:70:bb:bf:ff:b7:cd:1a:82:d1:
68:85:c4:d0:f4:76:49:5f:2e:99:df:34:0a:f4:12:
f3:e9:9b:84:75:23:8e:97:ca:2e:61:c5:c2:44:cb:
14:ba:f6:67:91:56:ca:69:15:21:12:33:3e:c8:98:
fe:7b:45:74:70:22:c9:2e:df:83:e7:a1:b1:48:74:
69:9d:5e:2a:45:da:6e:7a:8f:7d:1e:f1:42:a7:4a:
ed:d4:ad:0b:d1:63:1d:82:11:34:7e:d1:7a:22:9d:
e1:1c:17:26:d0:db:1d:f7:e5:e3:84:fa:ef:17:af:
fc:20:b7:d2:ee:94:e9:be:28:58:7e:99:38:74:5b:
59:ff:fe:10:e2:a8:c5:24:f9:cb:1c:8c:41:1c:f3:
47:96:a9:a8:d9:2f:4a:58:1b:94:76:06:52:53:7e:
6c:5e:2c:5e:2e:47:67:ed:24:93:a3:9b:12:f5:75:
e9:87:3e:43:cb:35:a6:7d:4c:68:47:1f:81:0d:e3:
6b:d1:12:55:b9:52:fa:89:a2:9d:42:f5:b2:2e:00:
f1:93:ea:e4:1c:da:52:33:fe:bd:d6:86:05:97:4c:
2d:6f:f3:34:30:0a:f0:bb:1f:85:26:15:81:33:ab:
23:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:33:D7:E4:15:CE:FD:E0:E5:84:D9:84:08:57:4C:20:44:AA:90:7D
X509v3 Authority Key Identifier:
keyid:38:87:9A:78:A5:8A:48:5C:CD:89:70:F0:43:2D:B8:F3:D7:71:72:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OIeaeKWKSFzNiXDwQy2489dxcls.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/c38797-d7fa-4a57-9f83-a16a34c46f30/1/VDPX5BXO_eDlhNmECFdMIESqkH0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/c38797-d7fa-4a57-9f83-a16a34c46f30/1/OIeaeKWKSFzNiXDwQy2489dxcls.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.196.232.0/22
IPv6:
2a0a:73c0::/29
Signature Algorithm: sha256WithRSAEncryption
02:de:d4:bf:87:7f:bd:66:1a:d1:a7:50:86:f5:d0:79:be:bf:
80:62:29:46:4d:6c:0b:16:0a:3a:60:cc:3c:86:9c:65:46:95:
6f:fe:c8:80:0b:2d:38:5e:42:76:d3:2d:9b:94:12:ce:34:6e:
55:61:f9:a4:11:86:be:8c:38:25:1a:a0:4a:c4:8e:3a:d2:18:
23:a3:43:97:a2:8a:d1:ed:da:c2:b2:a3:23:58:51:86:eb:31:
13:d6:cf:bb:95:5b:6d:e8:06:56:8e:d6:16:67:16:fb:e4:30:
a1:a9:01:91:d8:27:1f:b0:d4:c3:87:ae:96:69:56:8b:3d:ee:
2a:6b:02:be:90:a6:ed:27:a0:d4:05:39:ce:30:19:29:64:60:
d8:80:71:72:be:e8:21:8e:db:50:3c:d8:17:80:a8:79:77:c7:
8c:be:87:8f:da:86:29:dd:7f:52:10:c7:37:94:95:aa:af:fe:
fc:3b:23:c1:ad:0d:e5:fa:78:6c:f7:cf:72:60:89:fb:87:45:
86:0e:28:5e:be:b1:36:28:20:6b:8c:9b:fe:92:41:73:7f:f8:
c8:82:99:b6:80:a9:9d:2f:71:1b:b6:3f:10:d7:61:d1:24:1e:
46:5e:25:ed:71:93:f6:ea:fb:a9:60:ab:e6:d7:d1:92:cf:ef:
28:3d:96:a7
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvpx7nyjxu68LCzGEDxpctMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4ODc5YTc4YTU4YTQ4NWNjZDg5NzBmMDQzMmRiOGYzZDc3
MTcyNWIwHhcNMjMwMTAxMjMyNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDMzZDdlNDE1Y2VmZGUwZTU4NGQ5ODQwODU3NGMyMDQ0YWE5MDdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArADSYl5KdWPS02TlyT4NMpU7Saxw
u7//t80agtFohcTQ9HZJXy6Z3zQK9BLz6ZuEdSOOl8ouYcXCRMsUuvZnkVbKaRUh
EjM+yJj+e0V0cCLJLt+D56GxSHRpnV4qRdpueo99HvFCp0rt1K0L0WMdghE0ftF6
Ip3hHBcm0Nsd9+XjhPrvF6/8ILfS7pTpvihYfpk4dFtZ//4Q4qjFJPnLHIxBHPNH
lqmo2S9KWBuUdgZSU35sXixeLkdn7SSTo5sS9XXphz5DyzWmfUxoRx+BDeNr0RJV
uVL6iaKdQvWyLgDxk+rkHNpSM/691oYFl0wtb/M0MArwux+FJhWBM6sjKQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFQz1+QVzv3g5YTZhAhXTCBEqpB9MB8GA1UdIwQY
MBaAFDiHmnilikhczYlw8EMtuPPXcXJbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0llYWVLV0tTRnpOaVhEd1F5MjQ4OWR4Y2xzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9jMzg3OTctZDdmYS00YTU3LTlmODMt
YTE2YTM0YzQ2ZjMwLzEvVkRQWDVCWE9fZURsaE5tRUNGZE1JRVNxa0gwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9jMzg3OTctZDdmYS00YTU3LTlmODMtYTE2YTM0YzQ2ZjMw
LzEvT0llYWVLV0tTRnpOaVhEd1F5MjQ4OWR4Y2xzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCucToMA0E
AgACMAcDBQMqCnPAMA0GCSqGSIb3DQEBCwUAA4IBAQAC3tS/h3+9ZhrRp1CG9dB5
vr+AYilGTWwLFgo6YMw8hpxlRpVv/siACy04XkJ20y2blBLONG5VYfmkEYa+jDgl
GqBKxI460hgjo0OXoorR7drCsqMjWFGG6zET1s+7lVtt6AZWjtYWZxb75DChqQGR
2CcfsNTDh66WaVaLPe4qawK+kKbtJ6DUBTnOMBkpZGDYgHFyvughjttQPNgXgKh5
d8eMvoeP2oYp3X9SEMc3lJWqr/78OyPBrQ3l+nhs989yYIn7h0WGDihevrE2KCBr
jJv+kkFzf/jIgpm2gKmdL3Ebtj8Q12HRJB5GXiXtcZP26vupYKvm19GSz+8oPZan
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:14 2024 by rpki-client on console-ams.rpki-client.org