Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/9d0e14-113b-4cba-8308-acc56977b6f4/1/vpJtOfv5RGgCDiGIVQm2CEaCync.roa
File: vpJtOfv5RGgCDiGIVQm2CEaCync.roa (raw, json)
Hash identifier: 7b6VCBdO+KnuymvbQ2VQuXq0NBVqV60+nvxSZ2QO4Nk=
Subject key identifier: BE:92:6D:39:FB:F9:44:68:02:0E:21:88:55:09:B6:08:46:82:CA:77
Certificate issuer: /CN=0f9c77a1dcdb8eed62cd3ca80a5144dc4e243f4e
Certificate serial: 0186789FB21280A7068AFC48A6B2FE439CBF
Authority key identifier: 0F:9C:77:A1:DC:DB:8E:ED:62:CD:3C:A8:0A:51:44:DC:4E:24:3F:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D5x3odzbju1izTyoClFE3E4kP04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/9d0e14-113b-4cba-8308-acc56977b6f4/1/vpJtOfv5RGgCDiGIVQm2CEaCync.roa
Signing time: Wed 22 Feb 2023 10:16:17 +0000
ROA not before: Wed 22 Feb 2023 10:16:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15924
IP address blocks: 195.177.230.0/24 maxlen: 24
195.177.231.0/24 maxlen: 24
195.178.104.0/24 maxlen: 24
195.178.104.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 23 Feb 2023 11:45:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:78:9f:b2:12:80:a7:06:8a:fc:48:a6:b2:fe:43:9c:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f9c77a1dcdb8eed62cd3ca80a5144dc4e243f4e
Validity
Not Before: Feb 22 10:16:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=be926d39fbf94468020e21885509b6084682ca77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:c5:30:5e:b4:1d:2a:30:89:9d:6b:0b:44:31:
13:ab:80:76:61:4d:3f:cf:c1:00:47:9b:f0:96:ce:
8e:1b:b8:8d:6d:f5:76:7a:b7:25:d1:83:ef:15:f6:
55:0d:be:ef:96:e4:e7:75:bb:76:e3:e2:0d:2b:83:
78:ec:f2:11:72:80:68:76:22:be:08:ee:35:f4:8f:
2d:78:19:42:59:bd:2e:17:88:8b:3f:42:df:8e:b3:
2c:88:83:05:86:18:f4:de:b6:06:41:2b:0d:95:a0:
26:72:5c:80:07:18:41:1c:f1:fc:5b:21:57:86:03:
8f:77:d5:39:1b:ab:a7:cf:f3:35:50:0b:fa:8f:1a:
17:63:a9:f9:b8:8a:ac:11:f0:b9:48:da:28:79:1b:
94:5a:3d:09:10:01:0c:b2:16:e1:ad:10:59:a1:89:
90:64:e9:13:ff:ae:55:ac:13:39:4e:02:56:4a:5c:
4c:26:84:4c:41:46:2c:c6:8d:51:70:f1:b8:cd:79:
96:96:8a:5d:59:b6:fb:50:5e:f0:18:f5:21:73:11:
3e:95:3c:7a:e1:81:e2:46:a8:b7:fa:a1:e2:ee:e7:
6d:7b:72:48:2e:36:e5:05:ab:f9:99:eb:96:86:c1:
5f:f8:17:2e:16:b3:1c:8f:89:97:13:5d:7d:3c:3f:
b8:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:92:6D:39:FB:F9:44:68:02:0E:21:88:55:09:B6:08:46:82:CA:77
X509v3 Authority Key Identifier:
keyid:0F:9C:77:A1:DC:DB:8E:ED:62:CD:3C:A8:0A:51:44:DC:4E:24:3F:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D5x3odzbju1izTyoClFE3E4kP04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/9d0e14-113b-4cba-8308-acc56977b6f4/1/vpJtOfv5RGgCDiGIVQm2CEaCync.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/9d0e14-113b-4cba-8308-acc56977b6f4/1/D5x3odzbju1izTyoClFE3E4kP04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.177.230.0/23
195.178.104.0/23
Signature Algorithm: sha256WithRSAEncryption
8e:b3:7b:64:25:74:d0:b6:88:a5:46:78:15:80:9c:37:3e:26:
ab:ef:ab:63:d7:71:33:b7:38:32:8c:88:ec:a1:75:c6:42:ac:
3e:f2:1f:7f:78:14:97:84:83:60:62:d9:b6:b7:33:f8:3f:37:
64:91:cd:a7:19:80:b8:cc:20:14:73:e4:9a:4d:a4:b0:36:ef:
94:c2:a4:5c:fd:28:b7:00:ae:ac:1f:73:9f:c4:0b:d8:15:72:
e6:40:6b:46:c9:e2:b8:9a:86:c1:84:30:af:32:96:61:0b:65:
2f:3a:48:9c:fa:1a:07:28:3d:fe:91:90:5d:87:70:ac:71:b4:
35:b8:4d:29:ca:5c:f8:49:2c:33:c8:a8:36:ef:44:84:be:97:
3b:4e:b1:80:bc:af:d6:35:62:c7:b0:03:62:f0:17:2e:80:ea:
79:05:c3:c9:d2:7c:6a:cc:5c:ed:b1:10:8a:4c:4e:e5:eb:23:
50:76:cd:7a:a4:ef:f9:3d:25:33:44:1a:b2:e0:e8:74:dd:0b:
1e:06:c7:26:86:b3:84:18:27:be:fa:45:4a:aa:d3:29:ec:d9:
c6:85:ff:9a:f2:9b:ee:d8:7a:a2:37:6f:09:af:26:c6:51:23:
83:cf:d8:2d:2c:03:f1:c1:e6:72:65:21:16:45:12:78:98:90:
dd:45:d2:5b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYZ4n7ISgKcGivxIprL+Q5y/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmOWM3N2ExZGNkYjhlZWQ2MmNkM2NhODBhNTE0NGRjNGUy
NDNmNGUwHhcNMjMwMjIyMTAxNjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTkyNmQzOWZiZjk0NDY4MDIwZTIxODg1NTA5YjYwODQ2ODJjYTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnsUwXrQdKjCJnWsLRDETq4B2YU0/
z8EAR5vwls6OG7iNbfV2ercl0YPvFfZVDb7vluTndbt24+INK4N47PIRcoBodiK+
CO419I8teBlCWb0uF4iLP0LfjrMsiIMFhhj03rYGQSsNlaAmclyABxhBHPH8WyFX
hgOPd9U5G6unz/M1UAv6jxoXY6n5uIqsEfC5SNooeRuUWj0JEAEMshbhrRBZoYmQ
ZOkT/65VrBM5TgJWSlxMJoRMQUYsxo1RcPG4zXmWlopdWbb7UF7wGPUhcxE+lTx6
4YHiRqi3+qHi7udte3JILjblBav5meuWhsFf+BcuFrMcj4mXE119PD+4cwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFL6SbTn7+URoAg4hiFUJtghGgsp3MB8GA1UdIwQY
MBaAFA+cd6Hc247tYs08qApRRNxOJD9OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDV4M29kemJqdTFpelR5b0NsRkUzRTRrUDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS85ZDBlMTQtMTEzYi00Y2JhLTgzMDgt
YWNjNTY5NzdiNmY0LzEvdnBKdE9mdjVSR2dDRGlHSVZRbTJDRWFDeW5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS85ZDBlMTQtMTEzYi00Y2JhLTgzMDgtYWNjNTY5NzdiNmY0
LzEvRDV4M29kemJqdTFpelR5b0NsRkUzRTRrUDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBw7HmAwQB
w7JoMA0GCSqGSIb3DQEBCwUAA4IBAQCOs3tkJXTQtoilRngVgJw3Piar76tj13Ez
tzgyjIjsoXXGQqw+8h9/eBSXhINgYtm2tzP4Pzdkkc2nGYC4zCAUc+SaTaSwNu+U
wqRc/Si3AK6sH3OfxAvYFXLmQGtGyeK4mobBhDCvMpZhC2UvOkic+hoHKD3+kZBd
h3CscbQ1uE0pylz4SSwzyKg270SEvpc7TrGAvK/WNWLHsANi8BcugOp5BcPJ0nxq
zFztsRCKTE7l6yNQds16pO/5PSUzRBqy4Oh03QseBscmhrOEGCe++kVKqtMp7NnG
hf+a8pvu2HqiN28JrybGUSODz9gtLAPxweZyZSEWRRJ4mJDdRdJb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:57 2024 by rpki-client on console-fra.rpki-client.org