Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/135fc4-b35a-42db-8141-220764dc345c/1/tiVVw8wxPIgR90SsR5XxR0usfDA.roa
File: tiVVw8wxPIgR90SsR5XxR0usfDA.roa (raw, json)
Hash identifier: /s/nVUMZlOLNz+Y8kkcS1Yj9KVIMCPNkRt4XEBTtVtE=
Subject key identifier: B6:25:55:C3:CC:31:3C:88:11:F7:44:AC:47:95:F1:47:4B:AC:7C:30
Certificate issuer: /CN=72f862dfe0c34874120d2cc169fc3144938ee8d9
Certificate serial: 018572D5B10118CA14C97145223D31012BCF
Authority key identifier: 72:F8:62:DF:E0:C3:48:74:12:0D:2C:C1:69:FC:31:44:93:8E:E8:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cvhi3-DDSHQSDSzBafwxRJOO6Nk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/135fc4-b35a-42db-8141-220764dc345c/1/tiVVw8wxPIgR90SsR5XxR0usfDA.roa
Signing time: Mon 02 Jan 2023 14:14:45 +0000
ROA not before: Mon 02 Jan 2023 14:14:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198024
IP address blocks: 185.127.72.0/22 maxlen: 22
2a06:c7c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:d5:b1:01:18:ca:14:c9:71:45:22:3d:31:01:2b:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72f862dfe0c34874120d2cc169fc3144938ee8d9
Validity
Not Before: Jan 2 14:14:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b62555c3cc313c8811f744ac4795f1474bac7c30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:4e:63:44:e7:cd:eb:f2:7c:33:38:77:5e:44:
73:e1:df:7b:27:cb:10:e6:5f:6f:28:ae:aa:4c:96:
d0:a7:e6:ad:51:a8:76:38:9f:2c:ba:f7:da:8a:27:
27:d0:ab:80:8e:e5:94:1e:60:63:f5:4f:db:d1:9e:
fc:b3:77:f6:24:d6:29:d6:fc:59:77:af:d2:b5:4a:
4d:aa:8a:a4:e6:46:9d:c9:97:87:c1:22:77:cb:e7:
3b:0b:27:12:2f:be:5b:4f:78:92:20:1e:6a:aa:8d:
59:00:24:17:63:f3:4e:75:15:94:6f:4c:b2:a6:85:
38:39:b0:23:7a:80:55:62:84:91:63:5b:fd:a1:66:
6d:51:34:ee:5a:52:9d:92:51:4d:04:89:6f:cc:06:
7f:81:37:26:1e:6c:6f:c8:3e:56:a3:78:e3:1a:08:
ba:b2:0d:04:5e:e0:f3:b0:e4:7a:d9:55:bc:ef:83:
3d:62:13:94:02:4f:31:d8:f6:2c:dd:d8:d8:72:8b:
73:19:82:0c:87:0f:ff:d1:32:f2:2b:ee:9b:de:6f:
9c:fc:96:46:dc:50:a7:4e:bb:e9:59:d1:db:4b:91:
96:d2:69:26:83:f1:11:b9:03:6f:99:a7:7b:d1:ba:
54:1e:b8:77:d6:0e:bf:e7:c1:fb:57:57:9c:4e:5a:
44:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:25:55:C3:CC:31:3C:88:11:F7:44:AC:47:95:F1:47:4B:AC:7C:30
X509v3 Authority Key Identifier:
keyid:72:F8:62:DF:E0:C3:48:74:12:0D:2C:C1:69:FC:31:44:93:8E:E8:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cvhi3-DDSHQSDSzBafwxRJOO6Nk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/135fc4-b35a-42db-8141-220764dc345c/1/tiVVw8wxPIgR90SsR5XxR0usfDA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/135fc4-b35a-42db-8141-220764dc345c/1/cvhi3-DDSHQSDSzBafwxRJOO6Nk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.127.72.0/22
IPv6:
2a06:c7c0::/29
Signature Algorithm: sha256WithRSAEncryption
81:c3:4f:37:37:b5:42:5d:cf:e1:d2:f0:ce:3c:04:50:c0:16:
72:f2:ed:f3:78:e7:4b:ab:0a:73:11:b1:48:24:53:16:94:91:
d1:46:04:a9:b0:58:f1:6b:f7:f3:4d:07:c1:f5:96:ab:be:eb:
c0:4e:5f:8b:ec:b2:f7:5e:42:b1:0a:dc:99:4a:7c:47:31:3d:
10:ab:4e:2c:23:eb:f5:be:c2:40:e7:5c:f5:c8:49:be:85:d1:
9b:7d:c5:20:28:6a:2c:da:d3:d6:6b:1c:06:eb:35:a3:d1:3e:
1b:4b:ac:bb:a2:d4:b3:5c:cc:0c:d9:f1:fc:b1:72:03:36:b5:
1c:8d:34:37:ac:97:eb:4a:8c:59:1b:68:40:94:38:bb:78:e6:
1c:86:51:90:1b:bd:67:29:f0:d6:87:04:9e:f4:03:ab:1e:c2:
79:54:93:33:c5:7b:a2:d6:92:92:9b:aa:a5:bb:49:15:ce:5d:
3a:6a:ad:02:ee:8b:11:ef:72:06:5a:4d:e2:55:5a:b0:83:df:
55:65:f9:75:14:03:79:f1:4f:42:e1:74:3d:c2:9c:a6:52:b1:
c9:14:9f:8b:c8:d1:31:af:bd:94:fe:f1:ef:d7:c7:4c:2d:ad:
4a:f2:c4:d6:b8:4c:26:b5:69:fb:77:5c:69:60:f1:f1:0f:5c:
5e:9a:20:09
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVy1bEBGMoUyXFFIj0xASvPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyZjg2MmRmZTBjMzQ4NzQxMjBkMmNjMTY5ZmMzMTQ0OTM4
ZWU4ZDkwHhcNMjMwMTAyMTQxNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjI1NTVjM2NjMzEzYzg4MTFmNzQ0YWM0Nzk1ZjE0NzRiYWM3YzMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApU5jROfN6/J8Mzh3XkRz4d97J8sQ
5l9vKK6qTJbQp+atUah2OJ8suvfaiicn0KuAjuWUHmBj9U/b0Z78s3f2JNYp1vxZ
d6/StUpNqoqk5kadyZeHwSJ3y+c7CycSL75bT3iSIB5qqo1ZACQXY/NOdRWUb0yy
poU4ObAjeoBVYoSRY1v9oWZtUTTuWlKdklFNBIlvzAZ/gTcmHmxvyD5Wo3jjGgi6
sg0EXuDzsOR62VW874M9YhOUAk8x2PYs3djYcotzGYIMhw//0TLyK+6b3m+c/JZG
3FCnTrvpWdHbS5GW0mkmg/ERuQNvmad70bpUHrh31g6/58H7V1ecTlpEdQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLYlVcPMMTyIEfdErEeV8UdLrHwwMB8GA1UdIwQY
MBaAFHL4Yt/gw0h0Eg0swWn8MUSTjujZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3ZoaTMtRERTSFFTRFN6QmFmd3hSSk9PNk5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni8xMzVmYzQtYjM1YS00MmRiLTgxNDEt
MjIwNzY0ZGMzNDVjLzEvdGlWVnc4d3hQSWdSOTBTc1I1WHhSMHVzZkRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni8xMzVmYzQtYjM1YS00MmRiLTgxNDEtMjIwNzY0ZGMzNDVj
LzEvY3ZoaTMtRERTSFFTRFN6QmFmd3hSSk9PNk5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuX9IMA0E
AgACMAcDBQMqBsfAMA0GCSqGSIb3DQEBCwUAA4IBAQCBw083N7VCXc/h0vDOPARQ
wBZy8u3zeOdLqwpzEbFIJFMWlJHRRgSpsFjxa/fzTQfB9ZarvuvATl+L7LL3XkKx
CtyZSnxHMT0Qq04sI+v1vsJA51z1yEm+hdGbfcUgKGos2tPWaxwG6zWj0T4bS6y7
otSzXMwM2fH8sXIDNrUcjTQ3rJfrSoxZG2hAlDi7eOYchlGQG71nKfDWhwSe9AOr
HsJ5VJMzxXui1pKSm6qlu0kVzl06aq0C7osR73IGWk3iVVqwg99VZfl1FAN58U9C
4XQ9wpymUrHJFJ+LyNExr72U/vHv18dMLa1K8sTWuEwmtWn7d1xpYPHxD1xemiAJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:41 2024 by rpki-client on console-ams.rpki-client.org