Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/d45da9-7718-49b9-bc83-02b87221f1ef/1/VDZiTceW4WsSg_wpuFg9-KoUGN4.roa
File: VDZiTceW4WsSg_wpuFg9-KoUGN4.roa (raw, json)
Hash identifier: w1Sf4xCPOCQT54bTwQzI3DQX5y8/D+97XSLmfCFkHI4=
Subject key identifier: 54:36:62:4D:C7:96:E1:6B:12:83:FC:29:B8:58:3D:F8:AA:14:18:DE
Certificate issuer: /CN=e188d5c34c4c1e1768fd8afc8d0659c710e1111b
Certificate serial: 018BF09D977D4E912FACCFBBEF2FBCEC3B3D
Authority key identifier: E1:88:D5:C3:4C:4C:1E:17:68:FD:8A:FC:8D:06:59:C7:10:E1:11:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4YjVw0xMHhdo_Yr8jQZZxxDhERs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/d45da9-7718-49b9-bc83-02b87221f1ef/1/VDZiTceW4WsSg_wpuFg9-KoUGN4.roa
Signing time: Tue 21 Nov 2023 06:42:21 +0000
ROA not before: Tue 21 Nov 2023 06:42:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9123
IP address blocks: 80.68.156.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f0:9d:97:7d:4e:91:2f:ac:cf:bb:ef:2f:bc:ec:3b:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e188d5c34c4c1e1768fd8afc8d0659c710e1111b
Validity
Not Before: Nov 21 06:42:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5436624dc796e16b1283fc29b8583df8aa1418de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:b7:ac:27:e3:33:8f:60:0d:20:29:47:cc:ef:
82:aa:80:c4:f1:28:1c:6f:51:78:11:16:8a:83:30:
a5:5d:61:c6:0a:1d:ff:c1:88:67:89:56:47:9e:4e:
ab:53:20:b1:2d:ea:68:ad:23:2f:76:fe:20:84:24:
7d:28:ea:19:36:57:9a:20:c9:00:c5:ea:62:48:ff:
c1:ca:77:90:63:27:92:f5:77:b4:66:89:f0:b5:bc:
0c:3c:de:17:b9:3f:db:ef:b0:e9:29:06:0d:3b:c2:
d5:4f:62:b2:6d:18:7c:38:69:8f:a5:84:b8:3d:66:
e8:4f:b6:a2:86:42:f8:e4:b7:1b:95:cd:55:e1:ee:
87:d3:5c:78:8f:34:bd:51:37:88:b6:2e:19:a8:46:
eb:44:0e:01:29:ad:58:03:31:49:69:29:50:c3:61:
f5:15:22:d9:1e:c7:1d:8a:af:d2:68:b3:8f:5d:9d:
a8:c6:8b:a4:9e:b5:a4:c0:26:a4:b0:29:09:77:11:
e4:f4:b2:5a:4d:ff:59:d3:a4:c5:83:ea:8d:18:b2:
08:1d:b5:8f:3e:cb:98:42:14:e7:b4:1e:9d:69:0d:
2c:a2:4a:ca:66:16:72:36:ab:97:03:39:0a:2b:0e:
e4:cc:2d:ab:11:4e:53:f5:b7:ae:31:18:0a:28:04:
de:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:36:62:4D:C7:96:E1:6B:12:83:FC:29:B8:58:3D:F8:AA:14:18:DE
X509v3 Authority Key Identifier:
keyid:E1:88:D5:C3:4C:4C:1E:17:68:FD:8A:FC:8D:06:59:C7:10:E1:11:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4YjVw0xMHhdo_Yr8jQZZxxDhERs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/d45da9-7718-49b9-bc83-02b87221f1ef/1/VDZiTceW4WsSg_wpuFg9-KoUGN4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/d45da9-7718-49b9-bc83-02b87221f1ef/1/4YjVw0xMHhdo_Yr8jQZZxxDhERs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.68.156.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:a7:ce:be:5f:ab:d7:01:61:c1:82:fb:0b:df:f0:44:15:32:
ca:5f:d3:d7:18:eb:2c:34:b2:3e:82:8a:55:0e:73:c8:6b:b8:
3b:0a:4a:81:a1:66:1e:97:69:50:ba:d6:1f:bb:2d:fb:aa:c7:
0c:b8:2c:94:ee:2a:1a:64:fa:a9:76:1d:44:9b:52:e8:70:d0:
04:12:d7:f8:33:ea:4f:21:b3:8b:f0:65:c5:d3:9a:39:7e:e2:
03:58:9a:ed:97:17:8c:4d:74:9b:36:5c:70:88:ea:84:ab:af:
5c:97:c2:9a:94:ca:3f:f5:00:eb:e0:ea:81:14:4d:67:35:d8:
42:d4:6a:87:44:f6:ca:01:f3:03:ae:d8:39:49:0c:ed:09:b4:
cb:e7:02:b1:8c:77:d7:42:59:0c:70:92:90:f5:88:e2:34:b8:
7a:3f:78:97:ed:88:56:f6:3a:b4:f3:bd:8b:b3:60:d9:e5:de:
71:e5:38:8c:ef:d2:3f:23:86:34:c0:68:b9:43:11:54:be:92:
40:68:ba:ad:e6:20:4f:8e:36:70:fb:6c:eb:e6:81:1e:06:60:
32:da:82:56:95:80:c9:a3:2a:10:a3:ee:5b:b5:02:f4:dc:36:
1e:e0:cf:a4:d8:c0:cb:e6:86:7d:42:5e:79:a4:a0:26:9d:9a:
8d:98:40:aa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYvwnZd9TpEvrM+77y+87Ds9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxODhkNWMzNGM0YzFlMTc2OGZkOGFmYzhkMDY1OWM3MTBl
MTExMWIwHhcNMjMxMTIxMDY0MjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDM2NjI0ZGM3OTZlMTZiMTI4M2ZjMjliODU4M2RmOGFhMTQxOGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv7esJ+Mzj2ANIClHzO+CqoDE8Sgc
b1F4ERaKgzClXWHGCh3/wYhniVZHnk6rUyCxLeporSMvdv4ghCR9KOoZNleaIMkA
xepiSP/ByneQYyeS9Xe0ZonwtbwMPN4XuT/b77DpKQYNO8LVT2KybRh8OGmPpYS4
PWboT7aihkL45Lcblc1V4e6H01x4jzS9UTeIti4ZqEbrRA4BKa1YAzFJaSlQw2H1
FSLZHscdiq/SaLOPXZ2oxouknrWkwCaksCkJdxHk9LJaTf9Z06TFg+qNGLIIHbWP
PsuYQhTntB6daQ0sokrKZhZyNquXAzkKKw7kzC2rEU5T9beuMRgKKATegQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFQ2Yk3HluFrEoP8KbhYPfiqFBjeMB8GA1UdIwQY
MBaAFOGI1cNMTB4XaP2K/I0GWccQ4REbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFlqVncweE1IaGRvX1lyOGpRWlp4eERoRVJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9kNDVkYTktNzcxOC00OWI5LWJjODMt
MDJiODcyMjFmMWVmLzEvVkRaaVRjZVc0V3NTZ193cHVGZzktS29VR040LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9kNDVkYTktNzcxOC00OWI5LWJjODMtMDJiODcyMjFmMWVm
LzEvNFlqVncweE1IaGRvX1lyOGpRWlp4eERoRVJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUEScMA0G
CSqGSIb3DQEBCwUAA4IBAQA8p86+X6vXAWHBgvsL3/BEFTLKX9PXGOssNLI+gopV
DnPIa7g7CkqBoWYel2lQutYfuy37qscMuCyU7ioaZPqpdh1Em1LocNAEEtf4M+pP
IbOL8GXF05o5fuIDWJrtlxeMTXSbNlxwiOqEq69cl8KalMo/9QDr4OqBFE1nNdhC
1GqHRPbKAfMDrtg5SQztCbTL5wKxjHfXQlkMcJKQ9YjiNLh6P3iX7YhW9jq0872L
s2DZ5d5x5TiM79I/I4Y0wGi5QxFUvpJAaLqt5iBPjjZw+2zr5oEeBmAy2oJWlYDJ
oyoQo+5btQL03DYe4M+k2MDL5oZ9Ql55pKAmnZqNmECq
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:30:05 2024 by rpki-client on console-ams.rpki-client.org