Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/dfec40-b86e-494c-ba10-3a5628cc81d9/1/VCSjKusH6Pof0tI3DZozWmL_NdY.roa
File: VCSjKusH6Pof0tI3DZozWmL_NdY.roa (raw, json)
Hash identifier: UlXs0+mvsPDUqoyViVQTiqEJWfmM7I9X3ZepSUTZTjE=
Subject key identifier: 54:24:A3:2A:EB:07:E8:FA:1F:D2:D2:37:0D:9A:33:5A:62:FF:35:D6
Certificate issuer: /CN=b1a4a601ca35c6c8376b89aaf443b63ea439cdb8
Certificate serial: 0185707083D3D8087866534B151370C690AB
Authority key identifier: B1:A4:A6:01:CA:35:C6:C8:37:6B:89:AA:F4:43:B6:3E:A4:39:CD:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saSmAco1xsg3a4mq9EO2PqQ5zbg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/dfec40-b86e-494c-ba10-3a5628cc81d9/1/VCSjKusH6Pof0tI3DZozWmL_NdY.roa
Signing time: Mon 02 Jan 2023 03:04:59 +0000
ROA not before: Mon 02 Jan 2023 03:04:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15435
IP address blocks: 81.172.128.0/17 maxlen: 24
141.224.192.0/18 maxlen: 24
149.143.32.0/19 maxlen: 24
204.168.128.0/17 maxlen: 24
149.143.64.0/18 maxlen: 24
87.99.128.0/17 maxlen: 24
2a07:31c0::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:70:83:d3:d8:08:78:66:53:4b:15:13:70:c6:90:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a4a601ca35c6c8376b89aaf443b63ea439cdb8
Validity
Not Before: Jan 2 03:04:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5424a32aeb07e8fa1fd2d2370d9a335a62ff35d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:14:9d:b2:bc:60:6d:8e:ad:7b:32:2c:ba:32:
10:24:f1:c9:5c:84:c9:ec:a4:41:68:fc:a5:8d:cc:
2c:27:6e:1b:52:3b:42:50:1d:5f:e4:e9:99:d2:bb:
66:8c:29:a9:1d:45:5f:bd:16:27:1f:dd:bc:73:f6:
c8:ee:5a:08:97:33:80:3d:12:60:6f:7f:22:25:26:
82:be:b7:44:d1:68:54:fe:b0:84:6c:6d:5e:13:46:
2c:8f:cd:0f:f2:69:a7:81:e1:d3:9b:f5:aa:1f:66:
18:9f:61:c7:01:20:fe:38:f3:09:ef:ed:af:5e:c4:
e6:7a:84:e8:f7:4c:e7:a6:d0:b0:e5:65:ee:a9:de:
32:16:60:56:97:8b:a5:27:a7:18:99:27:29:84:ea:
01:49:60:78:1d:31:d9:82:d7:e3:4c:a1:5a:75:86:
51:52:3b:ee:b6:06:85:63:ad:ee:bb:b3:de:04:ea:
50:f5:ef:4f:50:88:e2:47:a5:4f:13:69:bd:b4:9a:
dd:7e:3b:d1:2f:59:40:bb:eb:13:42:c0:36:12:70:
c3:0f:b1:ee:2c:81:10:db:f9:78:f4:07:e2:28:2c:
70:7a:1c:50:44:26:36:8d:8b:4a:41:c3:2c:d5:a6:
c6:6f:78:bd:56:36:5b:f4:31:42:e8:38:3d:77:6c:
ea:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:24:A3:2A:EB:07:E8:FA:1F:D2:D2:37:0D:9A:33:5A:62:FF:35:D6
X509v3 Authority Key Identifier:
keyid:B1:A4:A6:01:CA:35:C6:C8:37:6B:89:AA:F4:43:B6:3E:A4:39:CD:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saSmAco1xsg3a4mq9EO2PqQ5zbg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/dfec40-b86e-494c-ba10-3a5628cc81d9/1/VCSjKusH6Pof0tI3DZozWmL_NdY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/dfec40-b86e-494c-ba10-3a5628cc81d9/1/saSmAco1xsg3a4mq9EO2PqQ5zbg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.172.128.0/17
87.99.128.0/17
141.224.192.0/18
149.143.32.0-149.143.127.255
204.168.128.0/17
IPv6:
2a07:31c0::/29
Signature Algorithm: sha256WithRSAEncryption
68:ff:d5:50:9b:1b:b6:bd:db:c6:b4:c9:de:9c:e0:f4:9e:ad:
62:1a:aa:0a:99:e9:50:a6:f2:04:23:eb:35:93:95:35:b7:3d:
ec:fb:2f:21:fe:42:d2:cc:d7:18:b8:15:70:57:cb:02:3a:c1:
46:1b:12:b3:0c:60:e8:c0:e5:e9:df:ab:d1:fc:6c:08:53:35:
ef:ea:58:03:15:4f:5b:67:6c:d3:5a:30:78:d9:6a:3c:c2:69:
59:9b:5e:7b:0d:79:57:ab:be:67:a3:dc:92:1a:1f:b2:f2:18:
1c:19:d6:c4:ef:4a:7c:ac:dd:4b:a8:04:28:16:8f:16:b9:a3:
f1:d2:29:f3:0f:8c:fb:2c:98:75:dc:a7:55:d4:d2:6f:42:77:
4b:31:fd:24:d6:82:a9:f3:37:cc:e8:3d:c9:22:b1:b6:33:6b:
70:d7:e2:27:a0:67:84:8b:04:a2:6a:f5:6e:67:aa:5f:b1:d2:
19:e7:72:f0:c7:37:12:53:dc:83:4a:91:8a:fa:7b:91:b6:32:
ab:1e:ad:1b:c5:d6:26:3e:da:34:06:2c:93:d7:a8:35:65:39:
13:9c:5d:cc:ff:48:50:d5:f9:74:91:77:24:93:a4:4b:06:dc:
da:86:f4:ce:10:04:b9:b5:4b:d3:d8:5e:cd:0b:1c:7d:55:2c:
d4:08:4c:14
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYVwcIPT2Ah4ZlNLFRNwxpCrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTRhNjAxY2EzNWM2YzgzNzZiODlhYWY0NDNiNjNlYTQz
OWNkYjgwHhcNMjMwMTAyMDMwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDI0YTMyYWViMDdlOGZhMWZkMmQyMzcwZDlhMzM1YTYyZmYzNWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuRSdsrxgbY6tezIsujIQJPHJXITJ
7KRBaPyljcwsJ24bUjtCUB1f5OmZ0rtmjCmpHUVfvRYnH928c/bI7loIlzOAPRJg
b38iJSaCvrdE0WhU/rCEbG1eE0Ysj80P8mmngeHTm/WqH2YYn2HHASD+OPMJ7+2v
XsTmeoTo90znptCw5WXuqd4yFmBWl4ulJ6cYmScphOoBSWB4HTHZgtfjTKFadYZR
UjvutgaFY63uu7PeBOpQ9e9PUIjiR6VPE2m9tJrdfjvRL1lAu+sTQsA2EnDDD7Hu
LIEQ2/l49AfiKCxwehxQRCY2jYtKQcMs1abGb3i9VjZb9DFC6Dg9d2zqSQIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFFQkoyrrB+j6H9LSNw2aM1pi/zXWMB8GA1UdIwQY
MBaAFLGkpgHKNcbIN2uJqvRDtj6kOc24MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FTbUFjbzF4c2czYTRtcTlFTzJQcVE1emJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9kZmVjNDAtYjg2ZS00OTRjLWJhMTAt
M2E1NjI4Y2M4MWQ5LzEvVkNTakt1c0g2UG9mMHRJM0Rab3pXbUxfTmRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9kZmVjNDAtYjg2ZS00OTRjLWJhMTAtM2E1NjI4Y2M4MWQ5
LzEvc2FTbUFjbzF4c2czYTRtcTlFTzJQcVE1emJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQHUayAAwQH
V2OAAwQGjeDAMAwDBAWVjyADBAeVjwADBAfMqIAwDQQCAAIwBwMFAyoHMcAwDQYJ
KoZIhvcNAQELBQADggEBAGj/1VCbG7a928a0yd6c4PSerWIaqgqZ6VCm8gQj6zWT
lTW3Pez7LyH+QtLM1xi4FXBXywI6wUYbErMMYOjA5enfq9H8bAhTNe/qWAMVT1tn
bNNaMHjZajzCaVmbXnsNeVervmej3JIaH7LyGBwZ1sTvSnys3UuoBCgWjxa5o/HS
KfMPjPssmHXcp1XU0m9Cd0sx/STWgqnzN8zoPckisbYza3DX4iegZ4SLBKJq9W5n
ql+x0hnncvDHNxJT3INKkYr6e5G2MqserRvF1iY+2jQGLJPXqDVlOROcXcz/SFDV
+XSRdySTpEsG3NqG9M4QBLm1S9PYXs0LHH1VLNQITBQ=
-----END CERTIFICATE-----
Generated at Tue Dec 19 11:05:18 2023 by rpki-client on console-fra.rpki-client.org