Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/VWXPEbsbN0VC1A5qoz4FoHmffps.roa
File: VWXPEbsbN0VC1A5qoz4FoHmffps.roa (raw, json)
Hash identifier: 9MsyQkpb1n2zaG3UbBB0SkATi2rvXah0VkRZ3IRhO2c=
Subject key identifier: 55:65:CF:11:BB:1B:37:45:42:D4:0E:6A:A3:3E:05:A0:79:9F:7E:9B
Certificate issuer: /CN=5a6f9295521df30a158f506ba7cb873ab9529dc3
Certificate serial: 018572BA470402385DB1EC0BB9B09536B30A
Authority key identifier: 5A:6F:92:95:52:1D:F3:0A:15:8F:50:6B:A7:CB:87:3A:B9:52:9D:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wm-SlVId8woVj1Brp8uHOrlSncM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/VWXPEbsbN0VC1A5qoz4FoHmffps.roa
Signing time: Mon 02 Jan 2023 13:44:48 +0000
ROA not before: Mon 02 Jan 2023 13:44:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12364
IP address blocks: 195.251.208.0/20 maxlen: 20
83.212.88.0/22 maxlen: 22
2001:648:2810::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:ba:47:04:02:38:5d:b1:ec:0b:b9:b0:95:36:b3:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a6f9295521df30a158f506ba7cb873ab9529dc3
Validity
Not Before: Jan 2 13:44:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5565cf11bb1b374542d40e6aa33e05a0799f7e9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:a6:81:c0:0e:8b:0a:66:e6:a2:4c:89:7f:f5:
4f:0c:af:8b:26:e0:9d:6e:9e:b3:f2:f0:5c:84:75:
7f:7e:0e:7f:57:75:53:b5:7b:7b:7c:cc:aa:3f:bc:
40:5a:b4:5d:f1:3e:69:c1:2d:10:16:37:b7:91:ad:
52:8e:13:7b:f7:85:ec:ff:13:39:3a:c8:1a:95:d2:
3f:f4:f1:a6:bc:ae:20:01:c8:5c:e5:c1:b2:df:ad:
49:0c:1b:65:eb:5b:4f:2d:a4:03:64:88:97:02:cb:
7a:75:8b:72:9a:5e:04:86:c1:b7:12:ed:77:ec:1b:
90:4a:ce:93:bd:35:02:17:ce:51:df:e1:1c:6e:b7:
07:ab:09:44:51:47:4f:10:e9:6c:f6:ba:c6:aa:ab:
3d:8e:f7:2c:0f:3d:2f:ab:54:34:86:59:f2:e0:bb:
25:3e:bd:d4:c2:fa:1d:c8:4b:6a:c8:18:02:db:d7:
cb:07:31:43:36:1f:91:89:64:96:ab:19:da:cd:a7:
bc:80:3d:52:72:cb:a9:e5:ed:4a:b5:fb:5f:4e:23:
92:33:56:24:f7:3e:8e:fa:d6:5a:87:f1:a3:d7:2e:
1a:86:f1:eb:35:d8:4f:6f:e4:d4:ee:7b:5d:d9:d1:
37:2b:e9:a2:70:d7:4c:c1:ef:8d:6e:7a:83:74:bd:
83:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:65:CF:11:BB:1B:37:45:42:D4:0E:6A:A3:3E:05:A0:79:9F:7E:9B
X509v3 Authority Key Identifier:
keyid:5A:6F:92:95:52:1D:F3:0A:15:8F:50:6B:A7:CB:87:3A:B9:52:9D:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wm-SlVId8woVj1Brp8uHOrlSncM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/VWXPEbsbN0VC1A5qoz4FoHmffps.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/Wm-SlVId8woVj1Brp8uHOrlSncM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.212.88.0/22
195.251.208.0/20
IPv6:
2001:648:2810::/48
Signature Algorithm: sha256WithRSAEncryption
7c:8d:ea:05:14:48:9a:8d:c0:2a:ba:f4:87:94:2a:a9:c4:78:
e4:99:2c:14:2d:06:fb:26:b9:4d:95:ed:7a:f2:97:c5:b6:c0:
c2:73:82:7b:b6:45:ca:cd:65:3c:4b:a8:23:c8:44:f1:98:2c:
f6:4b:68:3a:21:2d:5a:73:ce:c6:09:99:c4:7b:cd:a7:c4:64:
ce:c1:c1:94:ec:53:b8:8d:02:5b:a8:f6:34:13:f8:a3:4c:22:
69:21:10:89:f8:98:32:2a:8d:fa:88:7a:4b:65:60:7b:b6:eb:
9f:10:b4:d4:d7:f7:c9:cf:67:59:c8:fb:4c:1b:d3:fe:18:42:
97:c8:3c:16:30:f5:56:c3:b8:97:97:57:fa:28:94:51:67:1c:
3c:f4:de:a9:7f:32:de:9a:68:5d:70:fd:21:cf:8c:3b:f2:9e:
cb:34:2a:9a:4b:a4:ab:a3:73:ae:60:45:60:4e:79:20:d1:cd:
49:bd:c4:66:b1:e3:6f:e0:d5:32:91:56:80:5b:28:e2:c3:e7:
2d:90:5f:4c:d2:c8:8e:ca:d0:62:55:94:06:f0:4d:03:78:f0:
47:2a:f8:a6:be:2f:12:13:23:1f:60:96:a3:63:0b:76:1d:27:
aa:fb:35:fb:b2:df:e1:8d:4b:51:49:a0:2d:81:6e:30:c8:fb:
9b:0c:13:0e
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVyukcEAjhdsewLubCVNrMKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNmY5Mjk1NTIxZGYzMGExNThmNTA2YmE3Y2I4NzNhYjk1
MjlkYzMwHhcNMjMwMTAyMTM0NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTY1Y2YxMWJiMWIzNzQ1NDJkNDBlNmFhMzNlMDVhMDc5OWY3ZTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhqaBwA6LCmbmokyJf/VPDK+LJuCd
bp6z8vBchHV/fg5/V3VTtXt7fMyqP7xAWrRd8T5pwS0QFje3ka1SjhN794Xs/xM5
OsgaldI/9PGmvK4gAchc5cGy361JDBtl61tPLaQDZIiXAst6dYtyml4EhsG3Eu13
7BuQSs6TvTUCF85R3+EcbrcHqwlEUUdPEOls9rrGqqs9jvcsDz0vq1Q0hlny4Lsl
Pr3UwvodyEtqyBgC29fLBzFDNh+RiWSWqxnazae8gD1Scsup5e1KtftfTiOSM1Yk
9z6O+tZah/Gj1y4ahvHrNdhPb+TU7ntd2dE3K+micNdMwe+NbnqDdL2DawIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFFVlzxG7GzdFQtQOaqM+BaB5n36bMB8GA1UdIwQY
MBaAFFpvkpVSHfMKFY9Qa6fLhzq5Up3DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV20tU2xWSWQ4d29WajFCcnA4dUhPcmxTbmNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWY5M2ItYmUzMS00NWNmLWFhN2Ut
YWFhNDU1M2QyYWJkLzEvVldYUEVic2JOMFZDMUE1cW96NEZvSG1mZnBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOWY5M2ItYmUzMS00NWNmLWFhN2UtYWFhNDU1M2QyYWJk
LzEvV20tU2xWSWQ4d29WajFCcnA4dUhPcmxTbmNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQCU9RYAwQE
w/vQMA8EAgACMAkDBwAgAQZIKBAwDQYJKoZIhvcNAQELBQADggEBAHyN6gUUSJqN
wCq69IeUKqnEeOSZLBQtBvsmuU2V7Xryl8W2wMJzgnu2RcrNZTxLqCPIRPGYLPZL
aDohLVpzzsYJmcR7zafEZM7BwZTsU7iNAluo9jQT+KNMImkhEIn4mDIqjfqIektl
YHu2658QtNTX98nPZ1nI+0wb0/4YQpfIPBYw9VbDuJeXV/oolFFnHDz03ql/Mt6a
aF1w/SHPjDvynss0KppLpKujc65gRWBOeSDRzUm9xGax42/g1TKRVoBbKOLD5y2Q
X0zSyI7K0GJVlAbwTQN48Ecq+Ka+LxITIx9glqNjC3YdJ6r7Nfuy3+GNS1FJoC2B
bjDI+5sMEw4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:35 2024 by rpki-client on console-fra.rpki-client.org