Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/vUOTO-sYJtfm-JCy3tKU1bd6kQ0.roa
File: vUOTO-sYJtfm-JCy3tKU1bd6kQ0.roa (raw, json)
Hash identifier: yH7XHc248eJEaQABjkgf2VZYMWbpl+GDeEBdgOMVZ0c=
Subject key identifier: BD:43:93:3B:EB:18:26:D7:E6:F8:90:B2:DE:D2:94:D5:B7:7A:91:0D
Certificate issuer: /CN=b4852ffba7d57c5a8afbb6ea5beaf7dfec0c145a
Certificate serial: 01856C4A7A93BDFDCE28346F8C75321FB459
Authority key identifier: B4:85:2F:FB:A7:D5:7C:5A:8A:FB:B6:EA:5B:EA:F7:DF:EC:0C:14:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tIUv-6fVfFqK-7bqW-r33-wMFFo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/vUOTO-sYJtfm-JCy3tKU1bd6kQ0.roa
Signing time: Sun 01 Jan 2023 07:44:58 +0000
ROA not before: Sun 01 Jan 2023 07:44:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 138380
IP address blocks: 192.157.12.0/24 maxlen: 24
192.157.13.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:4a:7a:93:bd:fd:ce:28:34:6f:8c:75:32:1f:b4:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4852ffba7d57c5a8afbb6ea5beaf7dfec0c145a
Validity
Not Before: Jan 1 07:44:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bd43933beb1826d7e6f890b2ded294d5b77a910d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:e1:e3:98:50:ff:cc:b3:19:1d:cd:5b:eb:de:
d8:a5:25:0f:4c:c6:5b:32:52:b5:e2:77:54:ea:b7:
8b:90:67:ca:47:af:a8:57:08:04:92:57:ec:73:ac:
08:39:1a:b0:55:75:15:6c:b4:0f:47:e5:76:5e:ed:
f7:bd:92:9b:36:52:bb:13:ae:3a:b9:14:d4:f3:50:
04:7d:46:e0:fa:2f:ec:97:70:0b:a4:90:0c:79:68:
0c:3e:f7:cc:74:9b:c1:10:fc:e3:a1:bd:89:63:bf:
60:bd:00:95:65:7f:09:2d:06:ff:5d:32:2c:ab:71:
85:32:3d:bd:40:2c:84:c0:43:de:22:0c:f5:b4:fe:
81:41:e9:94:1f:33:31:49:b3:bb:c2:a7:44:45:8c:
fb:9e:13:33:5f:7a:71:1f:74:02:b4:8f:1a:c7:7d:
9e:55:3f:f4:34:02:f7:29:23:1a:8b:0b:56:2b:ce:
cb:99:09:93:fa:4d:36:26:36:7f:8e:0f:a7:e4:7b:
5d:86:f8:19:3a:f3:a1:38:11:0c:9c:d5:4b:b5:fd:
e9:ea:e4:d9:a0:3e:5d:31:a2:70:e1:ae:8d:e0:81:
5e:24:15:8c:9d:51:74:65:5e:d4:e1:ad:27:1c:b6:
33:d8:a4:07:9f:44:05:11:5e:96:20:51:6c:7b:82:
2f:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:43:93:3B:EB:18:26:D7:E6:F8:90:B2:DE:D2:94:D5:B7:7A:91:0D
X509v3 Authority Key Identifier:
keyid:B4:85:2F:FB:A7:D5:7C:5A:8A:FB:B6:EA:5B:EA:F7:DF:EC:0C:14:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tIUv-6fVfFqK-7bqW-r33-wMFFo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/vUOTO-sYJtfm-JCy3tKU1bd6kQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/tIUv-6fVfFqK-7bqW-r33-wMFFo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.157.12.0/23
Signature Algorithm: sha256WithRSAEncryption
4f:1e:41:8f:ea:54:f8:f2:36:6e:f9:92:e2:f2:18:e6:9b:b5:
bd:6e:5b:c8:75:8c:e0:de:1b:4b:c2:be:62:12:31:20:38:ca:
2e:f4:d9:97:f3:14:2b:14:89:d8:06:27:c3:f7:75:69:69:d7:
32:47:d9:ad:14:f0:c1:87:4e:4d:aa:fe:28:df:c2:5b:8f:15:
ab:1d:10:d6:8c:81:a7:2c:14:d9:2e:29:b6:9d:c0:de:3b:68:
82:fe:34:09:b2:d2:c5:e8:e9:59:60:0c:72:f6:35:bf:60:c0:
ea:aa:e9:72:70:92:80:91:18:14:6c:8b:7f:5b:3c:b8:4e:fe:
f9:6e:b2:a9:f9:b5:d3:1d:fc:5e:eb:16:32:fe:e8:69:53:20:
fd:54:3c:02:50:74:a2:1d:9c:45:5e:f1:b1:fb:c9:c9:dc:4f:
48:cc:c1:b7:f4:ab:02:cb:c5:7b:fe:85:f7:2e:a9:f9:52:82:
c3:26:6e:2c:11:74:64:6c:53:28:cd:7d:b6:69:1e:f4:1d:c3:
65:8c:6a:81:ed:7d:4b:fe:d2:8d:90:13:52:a7:62:3e:88:3f:
c2:c0:00:ec:85:b5:44:fb:98:9e:61:c1:1a:c9:6d:a1:4f:90:
e1:e1:63:be:e8:8b:86:0a:ff:bf:d9:33:b7:09:aa:80:f8:3c:
7b:b2:fa:e7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsSnqTvf3OKDRvjHUyH7RZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ODUyZmZiYTdkNTdjNWE4YWZiYjZlYTViZWFmN2RmZWMw
YzE0NWEwHhcNMjMwMTAxMDc0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDQzOTMzYmViMTgyNmQ3ZTZmODkwYjJkZWQyOTRkNWI3N2E5MTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3OHjmFD/zLMZHc1b697YpSUPTMZb
MlK14ndU6reLkGfKR6+oVwgEklfsc6wIORqwVXUVbLQPR+V2Xu33vZKbNlK7E646
uRTU81AEfUbg+i/sl3ALpJAMeWgMPvfMdJvBEPzjob2JY79gvQCVZX8JLQb/XTIs
q3GFMj29QCyEwEPeIgz1tP6BQemUHzMxSbO7wqdERYz7nhMzX3pxH3QCtI8ax32e
VT/0NAL3KSMaiwtWK87LmQmT+k02JjZ/jg+n5HtdhvgZOvOhOBEMnNVLtf3p6uTZ
oD5dMaJw4a6N4IFeJBWMnVF0ZV7U4a0nHLYz2KQHn0QFEV6WIFFse4IvsQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL1DkzvrGCbX5viQst7SlNW3epENMB8GA1UdIwQY
MBaAFLSFL/un1Xxaivu26lvq99/sDBRaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdElVdi02ZlZmRnFLLTdicVctcjMzLXdNRkZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9lNDVlMzAtZTdkOC00ZmI4LTkwYWQt
ZjcxMDM4ZTk2N2E0LzEvdlVPVE8tc1lKdGZtLUpDeTN0S1UxYmQ2a1EwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC9lNDVlMzAtZTdkOC00ZmI4LTkwYWQtZjcxMDM4ZTk2N2E0
LzEvdElVdi02ZlZmRnFLLTdicVctcjMzLXdNRkZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwJ0MMA0G
CSqGSIb3DQEBCwUAA4IBAQBPHkGP6lT48jZu+ZLi8hjmm7W9blvIdYzg3htLwr5i
EjEgOMou9NmX8xQrFInYBifD93VpadcyR9mtFPDBh05Nqv4o38JbjxWrHRDWjIGn
LBTZLim2ncDeO2iC/jQJstLF6OlZYAxy9jW/YMDqqulycJKAkRgUbIt/Wzy4Tv75
brKp+bXTHfxe6xYy/uhpUyD9VDwCUHSiHZxFXvGx+8nJ3E9IzMG39KsCy8V7/oX3
Lqn5UoLDJm4sEXRkbFMozX22aR70HcNljGqB7X1L/tKNkBNSp2I+iD/CwADshbVE
+5ieYcEayW2hT5Dh4WO+6IuGCv+/2TO3CaqA+Dx7svrn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:31 2024 by rpki-client on console-fra.rpki-client.org