Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/09bf98-590d-4ad5-9eb3-9b86bffc833c/1/tvVkiVlZAU3m7LHorjdVXC6Xaa0.roa
File: tvVkiVlZAU3m7LHorjdVXC6Xaa0.roa (raw, json)
Hash identifier: rZVOR5cVk8FsPRQXUJuKPfbLXc2Sf4QaI2Sotwvxi0M=
Subject key identifier: B6:F5:64:89:59:59:01:4D:E6:EC:B1:E8:AE:37:55:5C:2E:97:69:AD
Certificate issuer: /CN=56cc7f4ac700bb5ad7f4b21c11111493ff6977a4
Certificate serial: 018CCA2BD6C6156FAFB1D0CD024165C28F79
Authority key identifier: 56:CC:7F:4A:C7:00:BB:5A:D7:F4:B2:1C:11:11:14:93:FF:69:77:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Vsx_SscAu1rX9LIcEREUk_9pd6Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/09bf98-590d-4ad5-9eb3-9b86bffc833c/1/tvVkiVlZAU3m7LHorjdVXC6Xaa0.roa
Signing time: Tue 02 Jan 2024 12:35:19 +0000
ROA not before: Tue 02 Jan 2024 12:35:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199403
IP address blocks: 185.17.208.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:48:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:d6:c6:15:6f:af:b1:d0:cd:02:41:65:c2:8f:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56cc7f4ac700bb5ad7f4b21c11111493ff6977a4
Validity
Not Before: Jan 2 12:35:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b6f564895959014de6ecb1e8ae37555c2e9769ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:c5:5f:86:0d:e1:22:17:11:25:d4:00:ab:3a:
de:2a:b5:09:d0:a2:25:f9:a6:a4:1a:76:ed:e9:0d:
fc:14:8d:c0:09:71:33:39:b2:1e:97:20:0c:01:18:
4c:a0:14:80:44:fc:84:0f:34:99:58:79:3c:15:2e:
f0:3b:c9:83:f4:a2:b6:64:19:eb:89:57:97:0b:86:
0a:2f:21:c4:50:2a:3c:89:12:55:18:25:60:d7:7e:
13:ce:a8:6b:59:61:7a:1b:4c:22:f8:3a:ca:d6:74:
62:74:e9:81:bd:0a:de:ca:69:c6:88:85:b5:6f:69:
0c:be:ab:99:d8:ed:e9:5a:28:40:d5:72:7b:46:cc:
63:a6:b0:aa:7a:5d:97:93:52:87:5a:b2:68:38:a0:
f3:7f:ec:e8:2c:c8:d6:a2:2a:6d:97:1d:61:12:4f:
df:8a:bb:2e:c9:e7:93:b6:dc:94:91:9a:b4:2e:6f:
62:57:33:e7:9b:68:ed:75:0b:d5:84:0a:ea:a3:3f:
1d:3a:69:d0:ff:2e:28:e0:eb:c6:b7:31:69:7e:80:
30:98:ae:37:8c:2b:58:b3:26:1c:5a:69:b1:4f:86:
ba:48:de:6f:fd:05:91:81:61:78:8a:0b:5d:9a:fd:
29:74:59:91:bd:5a:d1:20:e5:fd:92:a2:7d:8b:5d:
da:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:F5:64:89:59:59:01:4D:E6:EC:B1:E8:AE:37:55:5C:2E:97:69:AD
X509v3 Authority Key Identifier:
keyid:56:CC:7F:4A:C7:00:BB:5A:D7:F4:B2:1C:11:11:14:93:FF:69:77:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vsx_SscAu1rX9LIcEREUk_9pd6Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/09bf98-590d-4ad5-9eb3-9b86bffc833c/1/tvVkiVlZAU3m7LHorjdVXC6Xaa0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/09bf98-590d-4ad5-9eb3-9b86bffc833c/1/Vsx_SscAu1rX9LIcEREUk_9pd6Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.17.208.0/22
Signature Algorithm: sha256WithRSAEncryption
93:de:73:7f:03:22:48:cf:6e:56:bf:47:6c:66:fe:2f:1d:30:
bd:9e:ff:6b:56:87:cd:60:71:eb:94:36:ae:3f:ba:dd:ee:22:
96:f6:38:a0:c1:1d:8b:5d:2a:23:4b:20:50:58:56:67:56:d5:
8f:53:a2:8d:c0:f1:e1:0e:4a:e7:cb:e4:e0:84:de:e8:c8:05:
26:63:1c:4b:df:44:ca:00:a7:7c:77:15:b5:df:96:35:73:3b:
57:f3:fb:8b:bd:b9:fc:2a:b8:8a:99:6d:07:e2:1f:20:52:2b:
df:d3:be:9d:fb:53:b4:ec:8c:39:65:1c:a0:e1:5c:b0:0a:8b:
7a:06:f3:3b:bb:78:46:a5:dd:bc:f2:73:e7:f1:6a:9f:bb:c8:
0b:f4:49:14:4b:63:81:2e:2d:53:c6:c7:eb:bd:8f:c1:83:63:
32:d4:59:46:3a:0b:eb:0b:6e:d6:7b:1a:b1:e2:f5:b8:dc:de:
0e:25:5c:a7:ae:7f:c6:62:ee:2e:81:49:90:eb:c0:e2:25:c2:
28:3f:b3:79:43:5d:e7:8d:e0:6d:ec:13:66:b2:a8:49:60:db:
71:a2:dd:e5:3b:84:4c:57:51:e6:b8:4f:03:b9:ee:ca:10:ed:
de:21:9c:45:94:3f:be:87:de:6d:ac:0e:92:81:8b:5c:36:7c:
a0:22:a2:48
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKK9bGFW+vsdDNAkFlwo95MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2Y2M3ZjRhYzcwMGJiNWFkN2Y0YjIxYzExMTExNDkzZmY2
OTc3YTQwHhcNMjQwMTAyMTIzNTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmY1NjQ4OTU5NTkwMTRkZTZlY2IxZThhZTM3NTU1YzJlOTc2OWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk8Vfhg3hIhcRJdQAqzreKrUJ0KIl
+aakGnbt6Q38FI3ACXEzObIelyAMARhMoBSARPyEDzSZWHk8FS7wO8mD9KK2ZBnr
iVeXC4YKLyHEUCo8iRJVGCVg134TzqhrWWF6G0wi+DrK1nRidOmBvQreymnGiIW1
b2kMvquZ2O3pWihA1XJ7RsxjprCqel2Xk1KHWrJoOKDzf+zoLMjWoiptlx1hEk/f
irsuyeeTttyUkZq0Lm9iVzPnm2jtdQvVhArqoz8dOmnQ/y4o4OvGtzFpfoAwmK43
jCtYsyYcWmmxT4a6SN5v/QWRgWF4igtdmv0pdFmRvVrRIOX9kqJ9i13asQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLb1ZIlZWQFN5uyx6K43VVwul2mtMB8GA1UdIwQY
MBaAFFbMf0rHALta1/SyHBERFJP/aXekMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnN4X1NzY0F1MXJYOUxJY0VSRVVrXzlwZDZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8wOWJmOTgtNTkwZC00YWQ1LTllYjMt
OWI4NmJmZmM4MzNjLzEvdHZWa2lWbFpBVTNtN0xIb3JqZFZYQzZYYWEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy8wOWJmOTgtNTkwZC00YWQ1LTllYjMtOWI4NmJmZmM4MzNj
LzEvVnN4X1NzY0F1MXJYOUxJY0VSRVVrXzlwZDZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuRHQMA0G
CSqGSIb3DQEBCwUAA4IBAQCT3nN/AyJIz25Wv0dsZv4vHTC9nv9rVofNYHHrlDau
P7rd7iKW9jigwR2LXSojSyBQWFZnVtWPU6KNwPHhDkrny+TghN7oyAUmYxxL30TK
AKd8dxW135Y1cztX8/uLvbn8KriKmW0H4h8gUivf076d+1O07Iw5ZRyg4VywCot6
BvM7u3hGpd288nPn8Wqfu8gL9EkUS2OBLi1TxsfrvY/Bg2My1FlGOgvrC27Wexqx
4vW43N4OJVynrn/GYu4ugUmQ68DiJcIoP7N5Q13njeBt7BNmsqhJYNtxot3lO4RM
V1HmuE8Due7KEO3eIZxFlD++h95trA6SgYtcNnygIqJI
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:06:33 2025 by rpki-client