Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/4e5902-e283-4916-a33c-7226a8845e01/1/VGMK47-U4Dm-NqxWPud3lQfQrd8.roa
File: VGMK47-U4Dm-NqxWPud3lQfQrd8.roa (raw, json)
Hash identifier: 4bJ+AeQ+uK/+6eAhMJTf5Cc2192sut7Ktz43FfXb1wE=
Subject key identifier: 54:63:0A:E3:BF:94:E0:39:BE:36:AC:56:3E:E7:77:95:07:D0:AD:DF
Certificate issuer: /CN=0f2f8b2b94721e928f6188b5cf15053144dedf8c
Certificate serial: 01867929F42D08708132D8723CBD20BE418B
Authority key identifier: 0F:2F:8B:2B:94:72:1E:92:8F:61:88:B5:CF:15:05:31:44:DE:DF:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Dy-LK5RyHpKPYYi1zxUFMUTe34w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/4e5902-e283-4916-a33c-7226a8845e01/1/VGMK47-U4Dm-NqxWPud3lQfQrd8.roa
Signing time: Wed 22 Feb 2023 12:47:17 +0000
ROA not before: Wed 22 Feb 2023 12:47:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202777
IP address blocks: 185.124.148.0/24 maxlen: 24
185.124.149.0/24 maxlen: 24
185.124.151.0/24 maxlen: 24
2a06:ee80::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:79:29:f4:2d:08:70:81:32:d8:72:3c:bd:20:be:41:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f2f8b2b94721e928f6188b5cf15053144dedf8c
Validity
Not Before: Feb 22 12:47:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=54630ae3bf94e039be36ac563ee7779507d0addf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:14:2f:1a:d5:d7:bf:14:6a:e6:c3:1d:02:b9:
d5:5c:16:4e:6d:c2:85:cd:3a:51:37:90:7a:24:a9:
de:89:5c:71:12:08:8c:2f:ab:e1:6b:88:32:be:1e:
c6:d0:93:30:46:57:b4:94:66:f1:0a:c7:07:7d:14:
ab:5c:31:3b:61:fb:e8:bb:f9:22:65:56:12:07:63:
d4:19:68:ab:e9:c6:42:31:c0:80:27:85:51:35:b1:
bb:3a:3b:23:d3:8e:13:87:9a:af:28:3b:45:88:5c:
e0:c3:c2:2b:ca:48:56:57:f5:16:cd:0a:98:d4:06:
93:ff:93:70:f2:7a:c9:23:2e:82:43:39:ad:3f:55:
44:6e:6e:b5:78:2b:d7:cf:e9:7b:62:78:c4:7f:c3:
14:78:d1:ae:a4:fc:68:52:54:cc:2d:6f:f1:50:a3:
9e:18:53:1a:4d:08:91:da:d7:c7:00:b7:c0:b1:68:
8d:20:30:43:cd:1e:73:4f:c5:b4:27:f2:67:4b:a9:
d3:80:be:34:02:12:0f:3c:ec:37:88:76:ba:be:37:
98:bd:a5:1f:47:ce:4b:77:9e:92:d3:34:99:05:63:
42:7f:eb:36:58:f0:e8:99:1d:ce:ef:e7:39:93:47:
ff:98:3d:e0:5a:6e:bd:c3:4f:b9:8b:14:15:08:01:
88:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:63:0A:E3:BF:94:E0:39:BE:36:AC:56:3E:E7:77:95:07:D0:AD:DF
X509v3 Authority Key Identifier:
keyid:0F:2F:8B:2B:94:72:1E:92:8F:61:88:B5:CF:15:05:31:44:DE:DF:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dy-LK5RyHpKPYYi1zxUFMUTe34w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/4e5902-e283-4916-a33c-7226a8845e01/1/VGMK47-U4Dm-NqxWPud3lQfQrd8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/4e5902-e283-4916-a33c-7226a8845e01/1/Dy-LK5RyHpKPYYi1zxUFMUTe34w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.124.148.0/23
185.124.151.0/24
IPv6:
2a06:ee80::/29
Signature Algorithm: sha256WithRSAEncryption
c9:b7:20:60:59:4d:de:37:ab:4f:db:f9:56:17:36:74:81:07:
02:1b:e9:76:26:41:78:94:fe:de:29:dd:fb:b2:7a:d1:9f:6e:
5c:ea:7e:5d:a9:62:da:3c:c7:91:1c:48:73:68:f8:9d:0d:a4:
1d:9e:da:4a:2c:e0:b9:20:e1:34:08:49:f9:71:1a:ec:36:a7:
2c:09:30:66:14:49:2f:38:53:f4:4f:cd:5e:f0:67:1c:1a:64:
a7:60:da:43:44:fc:24:92:2b:23:a6:d7:3c:a8:57:40:53:fb:
0b:70:26:e1:4e:79:c2:c6:6a:be:7d:8e:af:f5:45:18:d5:51:
75:5d:ba:f5:a3:ae:84:2b:79:59:74:e1:61:a0:ee:43:6e:a7:
c0:f3:7d:ca:a2:8b:be:51:2d:f1:cf:f1:c1:af:85:8d:6d:81:
98:27:b4:2f:99:d3:2e:c9:7c:e3:62:47:07:a9:e0:bf:f3:c2:
67:c5:34:fd:90:a5:28:da:7a:26:91:ea:45:4c:87:d3:52:c8:
9a:d4:f7:b7:67:85:6c:33:ef:aa:c2:a7:6a:6f:52:3e:11:7b:
89:96:c8:65:ab:f1:69:0b:b9:b2:12:b7:d5:05:ec:59:46:53:
9d:eb:d6:53:35:9a:bd:69:4c:83:9f:f8:f8:c7:0b:7b:04:ae:
6d:ec:62:1d
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYZ5KfQtCHCBMthyPL0gvkGLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmMmY4YjJiOTQ3MjFlOTI4ZjYxODhiNWNmMTUwNTMxNDRk
ZWRmOGMwHhcNMjMwMjIyMTI0NzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDYzMGFlM2JmOTRlMDM5YmUzNmFjNTYzZWU3Nzc5NTA3ZDBhZGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAghQvGtXXvxRq5sMdArnVXBZObcKF
zTpRN5B6JKneiVxxEgiML6vha4gyvh7G0JMwRle0lGbxCscHfRSrXDE7Yfvou/ki
ZVYSB2PUGWir6cZCMcCAJ4VRNbG7Ojsj044Th5qvKDtFiFzgw8IrykhWV/UWzQqY
1AaT/5Nw8nrJIy6CQzmtP1VEbm61eCvXz+l7YnjEf8MUeNGupPxoUlTMLW/xUKOe
GFMaTQiR2tfHALfAsWiNIDBDzR5zT8W0J/JnS6nTgL40AhIPPOw3iHa6vjeYvaUf
R85Ld56S0zSZBWNCf+s2WPDomR3O7+c5k0f/mD3gWm69w0+5ixQVCAGIGwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFRjCuO/lOA5vjasVj7nd5UH0K3fMB8GA1UdIwQY
MBaAFA8viyuUch6Sj2GItc8VBTFE3t+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHktTEs1UnlIcEtQWVlpMXp4VUZNVVRlMzR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi80ZTU5MDItZTI4My00OTE2LWEzM2Mt
NzIyNmE4ODQ1ZTAxLzEvVkdNSzQ3LVU0RG0tTnF4V1B1ZDNsUWZRcmQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi80ZTU5MDItZTI4My00OTE2LWEzM2MtNzIyNmE4ODQ1ZTAx
LzEvRHktTEs1UnlIcEtQWVlpMXp4VUZNVVRlMzR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBuXyUAwQA
uXyXMA0EAgACMAcDBQMqBu6AMA0GCSqGSIb3DQEBCwUAA4IBAQDJtyBgWU3eN6tP
2/lWFzZ0gQcCG+l2JkF4lP7eKd37snrRn25c6n5dqWLaPMeRHEhzaPidDaQdntpK
LOC5IOE0CEn5cRrsNqcsCTBmFEkvOFP0T81e8GccGmSnYNpDRPwkkisjptc8qFdA
U/sLcCbhTnnCxmq+fY6v9UUY1VF1Xbr1o66EK3lZdOFhoO5DbqfA833Koou+US3x
z/HBr4WNbYGYJ7QvmdMuyXzjYkcHqeC/88JnxTT9kKUo2nomkepFTIfTUsia1Pe3
Z4VsM++qwqdqb1I+EXuJlshlq/FpC7myErfVBexZRlOd69ZTNZq9aUyDn/j4xwt7
BK5t7GId
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:57 2023 by rpki-client on console-ams.rpki-client.org