Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/d0cc41-c8f1-4a44-91f0-d1a4599cb0e5/1/VEW5CHN_HMYyHkxpQjjPUMOh8N0.roa
File: VEW5CHN_HMYyHkxpQjjPUMOh8N0.roa (raw, json)
Hash identifier: 2bF5uNJOUo5e6SJpqFnJN5LQGdQCVikXFtrN7LnRh9w=
Subject key identifier: 54:45:B9:08:73:7F:1C:C6:32:1E:4C:69:42:38:CF:50:C3:A1:F0:DD
Certificate issuer: /CN=f7d32e75294187d46e8eae0f8fe72b5fd7abf886
Certificate serial: 0185704BAABFC344AD6D9241348DB06C9D97
Authority key identifier: F7:D3:2E:75:29:41:87:D4:6E:8E:AE:0F:8F:E7:2B:5F:D7:AB:F8:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/99MudSlBh9Rujq4Pj-crX9er-IY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/d0cc41-c8f1-4a44-91f0-d1a4599cb0e5/1/VEW5CHN_HMYyHkxpQjjPUMOh8N0.roa
Signing time: Mon 02 Jan 2023 02:24:45 +0000
ROA not before: Mon 02 Jan 2023 02:24:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6895
IP address blocks: 193.149.0.0/23 maxlen: 24
193.149.0.0/24 maxlen: 24
195.95.153.0/24 maxlen: 24
185.79.172.0/22 maxlen: 22
2001:7f8:f::/48 maxlen: 48
2a03:5e60::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:4b:aa:bf:c3:44:ad:6d:92:41:34:8d:b0:6c:9d:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f7d32e75294187d46e8eae0f8fe72b5fd7abf886
Validity
Not Before: Jan 2 02:24:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5445b908737f1cc6321e4c694238cf50c3a1f0dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:ec:f1:bb:ae:f3:64:d5:07:73:35:a2:b1:aa:
95:86:6f:46:06:f0:9f:a0:89:80:dd:5c:10:64:74:
e2:44:0e:47:e3:42:43:5b:49:cf:0c:45:c6:30:01:
b3:c4:d9:96:e4:64:b1:cb:0e:d7:23:60:97:47:cc:
c3:82:91:d4:37:bc:f2:90:d8:90:ea:d0:ee:fe:3c:
c5:86:f1:75:16:41:35:39:e7:c2:f0:7c:c8:14:4f:
36:a9:86:b8:61:3e:a7:b6:24:1c:41:0e:6d:a1:fb:
f1:14:93:dc:fb:8c:fd:78:0b:37:4e:f6:5c:94:88:
f8:c2:7f:cd:04:97:65:0c:a9:8d:9e:98:8a:aa:a5:
db:09:b5:1c:ee:e3:e4:61:9d:45:01:05:0f:0c:b6:
50:b0:2c:34:d8:59:9c:ad:9f:01:39:8d:61:b6:cd:
f6:7d:d7:ae:e3:e5:63:74:6a:4c:28:c3:55:c1:ec:
e1:ec:b6:0e:3a:fb:7a:2f:1a:03:e0:ff:b8:3c:8e:
13:80:27:4f:33:4c:79:11:8f:94:11:d0:6a:5a:29:
fc:d5:05:8c:91:86:da:02:b9:2d:75:f2:49:73:17:
a4:b7:d0:a2:ef:74:8c:09:f6:73:89:d7:b5:88:e7:
bf:d3:0c:1d:16:0f:1d:d2:e9:b6:18:17:ab:3d:6b:
57:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:45:B9:08:73:7F:1C:C6:32:1E:4C:69:42:38:CF:50:C3:A1:F0:DD
X509v3 Authority Key Identifier:
keyid:F7:D3:2E:75:29:41:87:D4:6E:8E:AE:0F:8F:E7:2B:5F:D7:AB:F8:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/99MudSlBh9Rujq4Pj-crX9er-IY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/d0cc41-c8f1-4a44-91f0-d1a4599cb0e5/1/VEW5CHN_HMYyHkxpQjjPUMOh8N0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/d0cc41-c8f1-4a44-91f0-d1a4599cb0e5/1/99MudSlBh9Rujq4Pj-crX9er-IY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.79.172.0/22
193.149.0.0/23
195.95.153.0/24
IPv6:
2001:7f8:f::/48
2a03:5e60::/32
Signature Algorithm: sha256WithRSAEncryption
09:c3:ed:6f:d1:34:33:d6:eb:2a:5c:f7:72:f3:b3:ba:aa:09:
a8:bd:13:ad:a8:3f:4a:27:2d:0f:c4:1d:44:e7:99:91:70:61:
c3:19:d8:13:5e:d4:37:21:db:9f:41:0c:83:be:ee:e0:54:c1:
8e:be:90:81:1f:4f:db:e7:00:85:d8:ac:52:81:c9:6a:56:8b:
62:70:aa:01:34:2a:78:98:f1:c9:16:c8:93:10:18:a8:cd:13:
f9:b8:77:79:01:c4:31:21:0f:d9:b9:ee:b3:3b:bb:dc:cf:22:
1e:60:74:d0:05:0b:64:99:d4:8b:d2:b7:45:d1:e1:65:b1:e5:
2b:bd:43:e0:bc:2c:57:da:58:51:b0:d9:80:6c:eb:16:cb:32:
f1:b0:71:bc:69:fe:84:bd:93:24:9d:98:ed:88:b7:12:04:93:
d3:64:d4:cb:88:4f:f1:21:9e:d8:dc:aa:ca:a6:8d:11:5c:76:
98:3f:9d:3d:65:08:60:05:1d:e4:da:80:de:18:8c:81:51:07:
c6:ff:d4:29:bf:cb:a2:8a:fc:78:57:8d:73:63:69:b4:9f:4d:
08:08:55:28:9a:62:dd:03:60:e9:e5:50:8f:ee:8d:ce:8a:cb:
da:45:11:0d:8e:5f:57:7f:56:71:11:32:66:96:d2:2d:76:07:
2f:de:65:28
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYVwS6q/w0StbZJBNI2wbJ2XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3ZDMyZTc1Mjk0MTg3ZDQ2ZThlYWUwZjhmZTcyYjVmZDdh
YmY4ODYwHhcNMjMwMTAyMDIyNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDQ1YjkwODczN2YxY2M2MzIxZTRjNjk0MjM4Y2Y1MGMzYTFmMGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqOzxu67zZNUHczWisaqVhm9GBvCf
oImA3VwQZHTiRA5H40JDW0nPDEXGMAGzxNmW5GSxyw7XI2CXR8zDgpHUN7zykNiQ
6tDu/jzFhvF1FkE1OefC8HzIFE82qYa4YT6ntiQcQQ5tofvxFJPc+4z9eAs3TvZc
lIj4wn/NBJdlDKmNnpiKqqXbCbUc7uPkYZ1FAQUPDLZQsCw02FmcrZ8BOY1hts32
fdeu4+VjdGpMKMNVwezh7LYOOvt6LxoD4P+4PI4TgCdPM0x5EY+UEdBqWin81QWM
kYbaArktdfJJcxekt9Ci73SMCfZzide1iOe/0wwdFg8d0um2GBerPWtXEQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFFRFuQhzfxzGMh5MaUI4z1DDofDdMB8GA1UdIwQY
MBaAFPfTLnUpQYfUbo6uD4/nK1/Xq/iGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTlNdWRTbEJoOVJ1anE0UGotY3JYOWVyLUlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9kMGNjNDEtYzhmMS00YTQ0LTkxZjAt
ZDFhNDU5OWNiMGU1LzEvVkVXNUNITl9ITVl5SGt4cFFqalBVTU9oOE4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9kMGNjNDEtYzhmMS00YTQ0LTkxZjAtZDFhNDU5OWNiMGU1
LzEvOTlNdWRTbEJoOVJ1anE0UGotY3JYOWVyLUlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAYBAIAATASAwQCuU+sAwQB
wZUAAwQAw1+ZMBYEAgACMBADBwAgAQf4AA8DBQAqA15gMA0GCSqGSIb3DQEBCwUA
A4IBAQAJw+1v0TQz1usqXPdy87O6qgmovROtqD9KJy0PxB1E55mRcGHDGdgTXtQ3
IdufQQyDvu7gVMGOvpCBH0/b5wCF2KxSgclqVoticKoBNCp4mPHJFsiTEBiozRP5
uHd5AcQxIQ/Zue6zO7vczyIeYHTQBQtkmdSL0rdF0eFlseUrvUPgvCxX2lhRsNmA
bOsWyzLxsHG8af6EvZMknZjtiLcSBJPTZNTLiE/xIZ7Y3KrKpo0RXHaYP509ZQhg
BR3k2oDeGIyBUQfG/9Qpv8uiivx4V41zY2m0n00ICFUommLdA2Dp5VCP7o3Oisva
RRENjl9Xf1ZxETJmltItdgcv3mUo
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:05 2023 by rpki-client on console-fra.rpki-client.org