Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/b78e69-29dc-4e5c-ac47-8aa4ebad4e65/1/Vst_xHWNbST0vkSnIdbNz4MkAOo.roa
File: Vst_xHWNbST0vkSnIdbNz4MkAOo.roa (raw, json)
Hash identifier: T8Q3gCX391AVB5B4f2jTtNkyB6iPdHJnh779bm47Rrg=
Subject key identifier: 56:CB:7F:C4:75:8D:6D:24:F4:BE:44:A7:21:D6:CD:CF:83:24:00:EA
Certificate issuer: /CN=90f8fafcf7c441ae49c1cef95c518b28228c7c62
Certificate serial: 018741BCF1DE8B6436C04BEFFDD54DEB1987
Authority key identifier: 90:F8:FA:FC:F7:C4:41:AE:49:C1:CE:F9:5C:51:8B:28:22:8C:7C:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kPj6_PfEQa5Jwc75XFGLKCKMfGI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/b78e69-29dc-4e5c-ac47-8aa4ebad4e65/1/Vst_xHWNbST0vkSnIdbNz4MkAOo.roa
Signing time: Sun 02 Apr 2023 11:31:54 +0000
ROA not before: Sun 02 Apr 2023 11:31:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34953
IP address blocks: 185.166.4.0/22 maxlen: 22
2a13:700::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:32:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:41:bc:f1:de:8b:64:36:c0:4b:ef:fd:d5:4d:eb:19:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90f8fafcf7c441ae49c1cef95c518b28228c7c62
Validity
Not Before: Apr 2 11:31:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=56cb7fc4758d6d24f4be44a721d6cdcf832400ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:f0:f6:cf:70:a2:1f:46:fa:66:f6:63:78:f7:
11:10:96:57:8b:56:3e:c3:9d:0e:e1:3a:d0:20:1c:
73:f9:e7:d3:a8:19:d6:72:2b:1f:d0:6d:88:ba:73:
7c:20:72:03:e5:05:b6:3e:c8:2f:b4:32:35:f9:be:
6a:57:f4:fd:0a:e0:7a:6d:71:8f:b8:26:db:c5:46:
77:91:9d:0d:ac:c0:f8:63:e7:e2:38:c8:52:dc:35:
b0:29:89:fd:d4:fb:3c:f7:e3:d7:c8:7e:27:ff:6f:
5c:23:db:ce:eb:24:4b:87:22:76:e1:57:a3:70:3a:
56:ee:85:4d:84:ea:45:4c:99:0c:f9:fb:78:76:f3:
fb:bb:33:63:c7:46:e9:aa:97:8a:b1:b4:d9:61:5c:
e5:1c:63:b1:ae:2a:88:47:d0:02:73:f9:a5:2f:83:
80:50:e5:49:c3:dd:ec:86:2c:38:a1:24:c1:9a:85:
5a:73:26:ba:f3:75:8e:16:b3:68:4b:ff:92:40:9e:
da:e3:57:7d:d1:40:76:50:59:eb:ae:2d:91:4e:52:
3e:a7:3b:a6:b4:a0:72:25:fd:38:44:ab:2b:e0:62:
74:30:67:24:ea:41:1a:e3:a8:82:85:b3:8d:3f:6f:
b2:e0:1f:2a:d6:34:ea:11:52:5f:ed:39:06:fd:15:
8a:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:CB:7F:C4:75:8D:6D:24:F4:BE:44:A7:21:D6:CD:CF:83:24:00:EA
X509v3 Authority Key Identifier:
keyid:90:F8:FA:FC:F7:C4:41:AE:49:C1:CE:F9:5C:51:8B:28:22:8C:7C:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kPj6_PfEQa5Jwc75XFGLKCKMfGI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b78e69-29dc-4e5c-ac47-8aa4ebad4e65/1/Vst_xHWNbST0vkSnIdbNz4MkAOo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b78e69-29dc-4e5c-ac47-8aa4ebad4e65/1/kPj6_PfEQa5Jwc75XFGLKCKMfGI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.166.4.0/22
IPv6:
2a13:700::/32
Signature Algorithm: sha256WithRSAEncryption
4e:1a:cd:d5:a9:95:7d:80:07:cc:8c:8a:ec:72:03:f0:85:71:
86:aa:08:48:b7:2f:11:3e:11:22:4d:60:94:44:2e:46:77:a4:
e5:32:4c:37:d2:cd:a7:9e:0d:a1:54:e3:79:8c:1b:c1:8d:c0:
03:02:72:bf:a4:8d:88:12:9b:c8:87:c9:3d:d4:3d:20:2a:f4:
4a:c4:a7:2d:7a:4b:d3:40:97:19:79:e7:83:23:95:0f:9d:59:
15:0d:2f:6c:63:85:a9:ec:7a:5c:89:fd:de:2f:63:18:ad:3d:
1e:14:87:36:27:99:52:b5:f5:57:75:c1:46:1c:d1:72:58:9e:
16:e8:b8:e0:93:8d:0f:85:d2:9e:6a:f2:54:41:b4:a7:e4:e2:
58:22:9e:da:c4:63:5d:86:d1:65:48:88:6b:28:5b:53:c8:4f:
ac:d3:85:ee:f5:f8:8f:9f:db:28:df:52:0a:6f:dd:ce:0d:d2:
10:3b:9f:97:50:d8:91:df:f4:3c:fb:8e:20:22:11:c8:64:78:
7f:30:2b:21:37:d4:5f:9e:42:8f:6b:7e:05:c9:62:70:a9:83:
2e:d5:fc:0c:47:e5:7e:c6:4b:6d:c7:89:d1:a9:33:be:2b:c2:
87:6d:4e:07:98:3c:9b:32:9d:49:2d:fa:d9:49:d3:6c:5a:b9:
9b:e8:34:06
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYdBvPHei2Q2wEvv/dVN6xmHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwZjhmYWZjZjdjNDQxYWU0OWMxY2VmOTVjNTE4YjI4MjI4
YzdjNjIwHhcNMjMwNDAyMTEzMTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmNiN2ZjNDc1OGQ2ZDI0ZjRiZTQ0YTcyMWQ2Y2RjZjgzMjQwMGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl/D2z3CiH0b6ZvZjePcREJZXi1Y+
w50O4TrQIBxz+efTqBnWcisf0G2IunN8IHID5QW2PsgvtDI1+b5qV/T9CuB6bXGP
uCbbxUZ3kZ0NrMD4Y+fiOMhS3DWwKYn91Ps89+PXyH4n/29cI9vO6yRLhyJ24Vej
cDpW7oVNhOpFTJkM+ft4dvP7uzNjx0bpqpeKsbTZYVzlHGOxriqIR9ACc/mlL4OA
UOVJw93shiw4oSTBmoVacya683WOFrNoS/+SQJ7a41d90UB2UFnrri2RTlI+pzum
tKByJf04RKsr4GJ0MGck6kEa46iChbONP2+y4B8q1jTqEVJf7TkG/RWKCQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFbLf8R1jW0k9L5EpyHWzc+DJADqMB8GA1UdIwQY
MBaAFJD4+vz3xEGuScHO+VxRiygijHxiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1BqNl9QZkVRYTVKd2M3NVhGR0xLQ0tNZkdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC9iNzhlNjktMjlkYy00ZTVjLWFjNDct
OGFhNGViYWQ0ZTY1LzEvVnN0X3hIV05iU1QwdmtTbklkYk56NE1rQU9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC9iNzhlNjktMjlkYy00ZTVjLWFjNDctOGFhNGViYWQ0ZTY1
LzEva1BqNl9QZkVRYTVKd2M3NVhGR0xLQ0tNZkdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuaYEMA0E
AgACMAcDBQAqEwcAMA0GCSqGSIb3DQEBCwUAA4IBAQBOGs3VqZV9gAfMjIrscgPw
hXGGqghIty8RPhEiTWCURC5Gd6TlMkw30s2nng2hVON5jBvBjcADAnK/pI2IEpvI
h8k91D0gKvRKxKctekvTQJcZeeeDI5UPnVkVDS9sY4Wp7Hpcif3eL2MYrT0eFIc2
J5lStfVXdcFGHNFyWJ4W6Ljgk40PhdKeavJUQbSn5OJYIp7axGNdhtFlSIhrKFtT
yE+s04Xu9fiPn9so31IKb93ODdIQO5+XUNiR3/Q8+44gIhHIZHh/MCshN9RfnkKP
a34FyWJwqYMu1fwMR+V+xkttx4nRqTO+K8KHbU4HmDybMp1JLfrZSdNsWrmb6DQG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:13 2024 by rpki-client on console-fra.rpki-client.org