Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/8c9aa8-c10a-4e2d-9b64-227302d59572/1/VhuG7a_2xaLAbTAFIpHOjFatAj4.roa
File: VhuG7a_2xaLAbTAFIpHOjFatAj4.roa (raw, json)
Hash identifier: n+0k7vvc4pE/O9EQr6ioxdq3k94AwfofGBlW3fUrfeI=
Subject key identifier: 56:1B:86:ED:AF:F6:C5:A2:C0:6D:30:05:22:91:CE:8C:56:AD:02:3E
Certificate issuer: /CN=0462e00564a9340ff4739d3951216c46a8efc64f
Certificate serial: 0189BD59ACB2E1307850B20CDB72C16CB47C
Authority key identifier: 04:62:E0:05:64:A9:34:0F:F4:73:9D:39:51:21:6C:46:A8:EF:C6:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BGLgBWSpNA_0c505USFsRqjvxk8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/8c9aa8-c10a-4e2d-9b64-227302d59572/1/VhuG7a_2xaLAbTAFIpHOjFatAj4.roa
Signing time: Thu 03 Aug 2023 21:41:58 +0000
ROA not before: Thu 03 Aug 2023 21:41:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60398
IP address blocks: 217.150.87.0/24 maxlen: 24
217.150.86.0/24 maxlen: 24
2a02:65c0::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:bd:59:ac:b2:e1:30:78:50:b2:0c:db:72:c1:6c:b4:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0462e00564a9340ff4739d3951216c46a8efc64f
Validity
Not Before: Aug 3 21:41:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=561b86edaff6c5a2c06d30052291ce8c56ad023e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:6a:ac:17:2b:88:c2:ca:72:c8:09:48:d3:09:
26:61:e8:4c:3b:8a:d9:28:f5:6f:45:c0:68:cd:ec:
3d:1d:05:ac:19:7d:94:a1:9b:d5:5f:b5:0f:c7:9c:
de:55:b3:30:3b:4b:ec:31:cb:7e:6f:ad:19:05:4d:
e9:b5:5f:fc:af:77:0e:60:20:d4:e1:3a:f8:01:7c:
8c:9d:24:c4:91:41:dd:44:e0:0d:c2:71:a3:02:f1:
af:a2:c6:45:6c:30:0a:62:d9:9c:e2:a0:76:33:09:
a6:70:9d:77:b5:e6:9a:a1:56:c1:c7:fe:32:2a:08:
e1:d2:a9:69:05:88:4c:e1:f9:d6:5a:e2:85:94:9f:
9e:e1:0d:56:d1:62:a5:ed:5e:10:ac:46:cc:84:fa:
f4:29:85:c9:a4:13:31:5f:87:ac:54:0e:de:db:2c:
e7:22:36:0e:80:e4:16:4e:d3:9c:a8:0e:14:a6:c2:
b2:70:20:b1:cf:62:1e:28:15:12:d3:7c:2a:d1:a1:
4a:b8:1d:76:09:d7:58:61:cc:0f:96:1c:42:2e:da:
d9:0c:62:67:4f:72:c3:b1:9e:c7:e1:7e:0a:8a:29:
7d:23:88:3b:86:c6:2d:19:4e:19:d6:ab:e9:78:d9:
f1:2f:60:94:c4:12:1e:a7:d1:68:91:fc:e5:32:f7:
75:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:1B:86:ED:AF:F6:C5:A2:C0:6D:30:05:22:91:CE:8C:56:AD:02:3E
X509v3 Authority Key Identifier:
keyid:04:62:E0:05:64:A9:34:0F:F4:73:9D:39:51:21:6C:46:A8:EF:C6:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BGLgBWSpNA_0c505USFsRqjvxk8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/8c9aa8-c10a-4e2d-9b64-227302d59572/1/VhuG7a_2xaLAbTAFIpHOjFatAj4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/8c9aa8-c10a-4e2d-9b64-227302d59572/1/BGLgBWSpNA_0c505USFsRqjvxk8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.150.86.0/23
IPv6:
2a02:65c0::/32
Signature Algorithm: sha256WithRSAEncryption
03:48:22:58:92:4e:14:2a:17:a6:ea:ee:c1:11:ec:8a:01:7b:
b9:d9:a1:55:fc:1b:f1:f3:c4:35:05:f3:36:91:d4:46:79:34:
2c:4e:75:e7:fa:a2:66:68:c4:f3:d4:62:55:f2:b0:8f:68:19:
aa:43:d4:c8:b1:e8:3e:47:a8:e3:f3:67:e7:b5:f7:e7:0b:0d:
d3:d2:80:b5:07:f2:4f:44:12:c4:2a:cb:84:bf:03:97:4b:d5:
29:54:c6:06:08:8d:1c:74:65:1b:ba:62:c4:64:55:08:aa:18:
e2:fe:42:95:1c:bd:b1:72:4f:5f:4b:17:ff:0e:31:80:3a:62:
ad:5f:57:71:ff:ca:95:f5:6e:16:56:73:03:8c:c3:37:da:5d:
94:ab:7d:dc:19:ad:c6:47:e3:e7:c8:ea:e3:50:61:57:89:d8:
6e:ba:92:15:b5:4c:45:9f:3e:75:cb:0e:87:15:a8:3b:8a:39:
2b:41:e7:ba:14:7d:c5:01:63:b1:96:fd:4a:2f:ac:4d:a0:39:
2f:6b:24:57:10:dd:36:e3:e0:d3:3b:ab:05:17:bd:8b:e6:d3:
32:05:53:0f:28:2f:ac:6c:52:e5:f0:b8:f9:4b:52:c8:7f:c3:
79:0d:14:42:85:88:e6:14:51:79:87:4a:f2:1a:15:f5:93:b7:
46:fd:94:ae
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYm9Wayy4TB4ULIM23LBbLR8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0NjJlMDA1NjRhOTM0MGZmNDczOWQzOTUxMjE2YzQ2YThl
ZmM2NGYwHhcNMjMwODAzMjE0MTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjFiODZlZGFmZjZjNWEyYzA2ZDMwMDUyMjkxY2U4YzU2YWQwMjNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkGqsFyuIwspyyAlI0wkmYehMO4rZ
KPVvRcBozew9HQWsGX2UoZvVX7UPx5zeVbMwO0vsMct+b60ZBU3ptV/8r3cOYCDU
4Tr4AXyMnSTEkUHdROANwnGjAvGvosZFbDAKYtmc4qB2MwmmcJ13teaaoVbBx/4y
Kgjh0qlpBYhM4fnWWuKFlJ+e4Q1W0WKl7V4QrEbMhPr0KYXJpBMxX4esVA7e2yzn
IjYOgOQWTtOcqA4UpsKycCCxz2IeKBUS03wq0aFKuB12CddYYcwPlhxCLtrZDGJn
T3LDsZ7H4X4Kiil9I4g7hsYtGU4Z1qvpeNnxL2CUxBIep9FokfzlMvd1vQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFYbhu2v9sWiwG0wBSKRzoxWrQI+MB8GA1UdIwQY
MBaAFARi4AVkqTQP9HOdOVEhbEao78ZPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkdMZ0JXU3BOQV8wYzUwNVVTRnNScWp2eGs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC84YzlhYTgtYzEwYS00ZTJkLTliNjQt
MjI3MzAyZDU5NTcyLzEvVmh1RzdhXzJ4YUxBYlRBRklwSE9qRmF0QWo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC84YzlhYTgtYzEwYS00ZTJkLTliNjQtMjI3MzAyZDU5NTcy
LzEvQkdMZ0JXU3BOQV8wYzUwNVVTRnNScWp2eGs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQB2ZZWMA0E
AgACMAcDBQAqAmXAMA0GCSqGSIb3DQEBCwUAA4IBAQADSCJYkk4UKhem6u7BEeyK
AXu52aFV/Bvx88Q1BfM2kdRGeTQsTnXn+qJmaMTz1GJV8rCPaBmqQ9TIseg+R6jj
82fntffnCw3T0oC1B/JPRBLEKsuEvwOXS9UpVMYGCI0cdGUbumLEZFUIqhji/kKV
HL2xck9fSxf/DjGAOmKtX1dx/8qV9W4WVnMDjMM32l2Uq33cGa3GR+PnyOrjUGFX
idhuupIVtUxFnz51yw6HFag7ijkrQee6FH3FAWOxlv1KL6xNoDkvayRXEN024+DT
O6sFF72L5tMyBVMPKC+sbFLl8Lj5S1LIf8N5DRRChYjmFFF5h0ryGhX1k7dG/ZSu
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:16:30 2024 by rpki-client on console-ams.rpki-client.org