Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/VaZsaL3QLgZepFrit9y3LXL3mic.roa
File: VaZsaL3QLgZepFrit9y3LXL3mic.roa (raw, json)
Hash identifier: kykiSDfwhv65TZlVgsXwnVljx4WCCd8UaoC8a9Fulo8=
Subject key identifier: 55:A6:6C:68:BD:D0:2E:06:5E:A4:5A:E2:B7:DC:B7:2D:72:F7:9A:27
Certificate issuer: /CN=0f6363d428b7915c108825f09706004b8ea3d4b5
Certificate serial: 018C79114DF0C9E71C9784E80D3CCD1382E3
Authority key identifier: 0F:63:63:D4:28:B7:91:5C:10:88:25:F0:97:06:00:4B:8E:A3:D4:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/VaZsaL3QLgZepFrit9y3LXL3mic.roa
Signing time: Sun 17 Dec 2023 18:37:06 +0000
ROA not before: Sun 17 Dec 2023 18:37:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 37.143.4.0/22 maxlen: 24
37.143.0.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:79:11:4d:f0:c9:e7:1c:97:84:e8:0d:3c:cd:13:82:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f6363d428b7915c108825f09706004b8ea3d4b5
Validity
Not Before: Dec 17 18:37:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=55a66c68bdd02e065ea45ae2b7dcb72d72f79a27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:9a:3b:85:6a:7e:1b:1f:83:16:4e:80:b3:19:
9f:5d:35:fb:46:37:91:b4:0a:cf:cf:5c:35:c1:0e:
b7:b8:00:3f:fe:a1:97:9a:40:33:c5:7a:f7:8b:30:
3e:4b:80:ca:67:a5:c8:75:e1:15:63:b8:74:92:87:
52:b1:76:69:0e:95:f3:fa:09:4d:50:32:6c:a3:d1:
43:0b:2b:b7:cb:b1:f6:39:0a:c6:04:0b:25:5a:7d:
f3:9e:2d:a4:1c:2a:b5:3e:80:4b:d4:80:c7:2c:12:
15:41:bb:b3:81:ac:14:66:33:be:aa:8d:7a:1b:6a:
f2:f3:0c:8c:6a:4c:aa:6d:b3:f1:e6:e9:29:4c:a5:
12:e2:fa:d1:8d:54:84:35:92:b1:15:c8:e8:92:8d:
26:b5:17:c6:ba:4f:bc:06:57:88:fc:77:9f:b0:a9:
b8:73:77:23:31:ce:38:b7:43:a0:c5:aa:aa:d4:34:
4c:17:2e:77:77:41:7c:9f:b8:b3:29:0e:15:86:e6:
ab:f5:3e:c6:94:e7:6a:7d:ff:de:c7:a2:1c:e0:70:
c9:fd:29:38:54:6d:f5:04:57:38:07:0b:d7:61:55:
aa:35:16:8c:ae:d4:57:f5:8f:ec:dd:51:97:f7:96:
3c:34:15:00:4a:9f:2c:c9:a0:ee:cd:28:97:9c:d5:
42:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:A6:6C:68:BD:D0:2E:06:5E:A4:5A:E2:B7:DC:B7:2D:72:F7:9A:27
X509v3 Authority Key Identifier:
keyid:0F:63:63:D4:28:B7:91:5C:10:88:25:F0:97:06:00:4B:8E:A3:D4:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/VaZsaL3QLgZepFrit9y3LXL3mic.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.143.0.0/21
Signature Algorithm: sha256WithRSAEncryption
d8:0a:d0:8e:da:55:06:15:f0:4b:a2:1c:b9:8d:4e:e6:62:8b:
f1:c6:ac:9d:22:e5:5f:11:08:de:5a:9f:8d:7e:1d:64:eb:46:
24:86:f6:96:ab:fe:28:af:5c:48:8d:25:26:3b:c1:28:92:7c:
8a:d0:de:bd:33:5c:a2:ab:1f:ad:f3:6b:4a:b5:44:87:a6:ca:
5f:88:93:f6:f8:c5:b1:9a:3b:2d:84:00:22:ab:f2:5e:9e:7c:
72:b5:c2:95:63:4f:d4:bf:b0:b8:8f:8a:fd:61:6f:b8:cc:09:
4a:12:6b:a7:4e:9b:0d:30:31:6d:72:3a:b1:6a:e0:0e:e4:77:
cc:8a:6d:2d:94:42:ed:38:e5:90:a3:78:e1:1a:e1:09:f5:56:
de:60:ca:97:4b:89:5e:b7:e0:c5:39:4f:9e:0e:23:b5:40:c7:
ca:ca:01:83:b3:1c:36:7a:84:a9:5d:25:5b:2e:20:58:56:ed:
64:da:1f:04:4a:43:23:e0:e3:a4:1d:a5:9f:bd:70:dd:7b:9d:
03:a1:83:80:2a:96:21:0c:e1:78:44:42:83:0f:f4:fc:a2:31:
f3:ee:36:40:2c:bb:7e:5e:92:d2:5d:72:fa:45:2e:ef:99:89:
f0:84:5b:b5:d2:c1:ee:bf:fc:22:10:dc:1d:c3:6f:72:b8:91:
7f:97:72:c5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYx5EU3wyeccl4ToDTzNE4LjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmNjM2M2Q0MjhiNzkxNWMxMDg4MjVmMDk3MDYwMDRiOGVh
M2Q0YjUwHhcNMjMxMjE3MTgzNzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWE2NmM2OGJkZDAyZTA2NWVhNDVhZTJiN2RjYjcyZDcyZjc5YTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy5o7hWp+Gx+DFk6AsxmfXTX7RjeR
tArPz1w1wQ63uAA//qGXmkAzxXr3izA+S4DKZ6XIdeEVY7h0kodSsXZpDpXz+glN
UDJso9FDCyu3y7H2OQrGBAslWn3zni2kHCq1PoBL1IDHLBIVQbuzgawUZjO+qo16
G2ry8wyMakyqbbPx5ukpTKUS4vrRjVSENZKxFcjoko0mtRfGuk+8BleI/HefsKm4
c3cjMc44t0Ogxaqq1DRMFy53d0F8n7izKQ4Vhuar9T7GlOdqff/ex6Ic4HDJ/Sk4
VG31BFc4BwvXYVWqNRaMrtRX9Y/s3VGX95Y8NBUASp8syaDuzSiXnNVCaQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFWmbGi90C4GXqRa4rfcty1y95onMB8GA1UdIwQY
MBaAFA9jY9Qot5FcEIgl8JcGAEuOo9S1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDJOajFDaTNrVndRaUNYd2x3WUFTNDZqMUxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy82YmVjYjAtMThmZC00YWRkLWJiNDEt
MmUxYzBhZjRmYWE0LzEvVmFac2FMM1FMZ1plcEZyaXQ5eTNMWEwzbWljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy82YmVjYjAtMThmZC00YWRkLWJiNDEtMmUxYzBhZjRmYWE0
LzEvRDJOajFDaTNrVndRaUNYd2x3WUFTNDZqMUxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDJY8AMA0G
CSqGSIb3DQEBCwUAA4IBAQDYCtCO2lUGFfBLohy5jU7mYovxxqydIuVfEQjeWp+N
fh1k60YkhvaWq/4or1xIjSUmO8EoknyK0N69M1yiqx+t82tKtUSHpspfiJP2+MWx
mjsthAAiq/JennxytcKVY0/Uv7C4j4r9YW+4zAlKEmunTpsNMDFtcjqxauAO5HfM
im0tlELtOOWQo3jhGuEJ9VbeYMqXS4let+DFOU+eDiO1QMfKygGDsxw2eoSpXSVb
LiBYVu1k2h8ESkMj4OOkHaWfvXDde50DoYOAKpYhDOF4REKDD/T8ojHz7jZALLt+
XpLSXXL6RS7vmYnwhFu10sHuv/wiENwdw29yuJF/l3LF
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:10:45 2024 by rpki-client on console-ams.rpki-client.org