Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/f96baf-41f3-4986-b93a-417b4fa564ea/1/VTbdlWpMwjyHDXjyetsvyogIRG4.roa
File: VTbdlWpMwjyHDXjyetsvyogIRG4.roa (raw, json)
Hash identifier: vpGb8yrB1Uj1Vxihv0zG+xPHrTHGwGH+jcrNNbQPudo=
Subject key identifier: 55:36:DD:95:6A:4C:C2:3C:87:0D:78:F2:7A:DB:2F:CA:88:08:44:6E
Certificate issuer: /CN=35902c9b640fc6d57c237714ed24da17f2d3e474
Certificate serial: 0185727125057F9CC39BBC9A305CE41F41E8
Authority key identifier: 35:90:2C:9B:64:0F:C6:D5:7C:23:77:14:ED:24:DA:17:F2:D3:E4:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZAsm2QPxtV8I3cU7STaF_LT5HQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/f96baf-41f3-4986-b93a-417b4fa564ea/1/VTbdlWpMwjyHDXjyetsvyogIRG4.roa
Signing time: Mon 02 Jan 2023 12:24:55 +0000
ROA not before: Mon 02 Jan 2023 12:24:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16007
IP address blocks: 217.25.192.0/20 maxlen: 20
185.120.132.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:71:25:05:7f:9c:c3:9b:bc:9a:30:5c:e4:1f:41:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35902c9b640fc6d57c237714ed24da17f2d3e474
Validity
Not Before: Jan 2 12:24:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5536dd956a4cc23c870d78f27adb2fca8808446e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:df:03:e3:3c:6a:2c:5d:02:e1:44:0d:0b:e3:
3a:f1:03:71:f1:4f:0b:b3:2f:18:e5:bd:49:94:04:
48:45:1f:0c:ae:09:f3:1c:b1:46:03:b6:44:03:a7:
b9:22:88:d0:7a:23:db:5c:8d:6e:61:4f:cf:bc:c2:
95:c5:ab:ae:04:cd:b3:e1:89:c5:30:b1:21:7e:b9:
fe:83:d6:94:12:b2:ec:19:ca:3e:c7:d0:81:5a:d1:
60:47:42:05:df:31:cc:18:ef:c5:37:6e:bf:47:b2:
14:25:7c:86:8f:2e:c3:c0:09:e4:c4:14:8d:e7:1e:
24:7b:c4:94:e8:64:6f:e7:ea:cd:5b:e3:5b:99:46:
ba:a8:66:d9:4c:22:2d:26:61:c4:c7:85:c3:b7:6c:
7a:e9:9c:8e:cf:de:a2:6a:5c:d8:2f:b0:ac:eb:78:
3c:a6:e7:c9:9c:4c:52:ad:cb:87:08:6e:dc:0f:9a:
32:7e:b3:f2:d9:21:3b:48:3e:af:06:ea:e1:2b:c8:
af:29:68:c5:3e:c7:6a:92:e3:76:04:17:45:2f:2f:
8e:5d:ec:54:00:1e:ea:37:04:09:c2:74:01:fd:29:
a8:6c:b5:e7:11:6f:b9:20:64:c8:85:28:b3:83:57:
f3:ab:69:8f:46:a3:eb:df:ca:eb:9a:ff:70:43:e1:
f7:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:36:DD:95:6A:4C:C2:3C:87:0D:78:F2:7A:DB:2F:CA:88:08:44:6E
X509v3 Authority Key Identifier:
keyid:35:90:2C:9B:64:0F:C6:D5:7C:23:77:14:ED:24:DA:17:F2:D3:E4:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZAsm2QPxtV8I3cU7STaF_LT5HQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/f96baf-41f3-4986-b93a-417b4fa564ea/1/VTbdlWpMwjyHDXjyetsvyogIRG4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/f96baf-41f3-4986-b93a-417b4fa564ea/1/NZAsm2QPxtV8I3cU7STaF_LT5HQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.120.132.0/22
217.25.192.0/20
Signature Algorithm: sha256WithRSAEncryption
27:2c:bd:a2:70:3d:7c:ce:74:96:37:4f:92:6f:84:39:05:a3:
a9:ca:89:14:7d:30:78:2e:a2:12:33:62:aa:5b:13:29:0e:00:
ba:c5:6d:13:aa:2a:0e:e8:12:13:8b:05:10:ef:f7:99:64:60:
7a:e4:6a:dd:27:c9:2a:89:4a:01:f9:ae:0c:9b:c4:03:af:f5:
b9:20:3c:71:cd:3c:b0:fa:7a:94:ee:04:c1:35:ac:a6:91:70:
69:09:59:80:47:65:68:5c:94:77:dd:ad:86:4c:04:23:8c:e4:
7a:54:82:42:2c:e7:e0:ce:b8:06:2b:90:24:ea:26:f9:b7:a9:
e7:cd:c9:13:cb:76:58:d9:c4:e1:0b:1e:83:dd:4f:9a:d9:74:
7d:4b:94:8c:8f:1d:ea:4f:78:b3:36:cb:6a:f8:fa:1d:54:9e:
e0:91:ba:19:b5:b0:58:a7:95:97:21:89:20:4b:a2:aa:4e:4d:
e9:ff:d2:b6:d5:e3:34:fe:22:7f:22:df:08:c4:66:8e:ef:58:
70:9d:27:e8:e9:3f:d6:5e:9c:57:31:ca:dd:e2:0e:72:13:8f:
4f:c1:c0:e9:3c:6b:c5:a0:eb:fb:23:66:aa:61:d8:7a:b1:c7:
80:74:86:c7:64:23:8d:80:c3:95:52:30:21:28:0a:6f:9c:23:
20:93:f6:91
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVycSUFf5zDm7yaMFzkH0HoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OTAyYzliNjQwZmM2ZDU3YzIzNzcxNGVkMjRkYTE3ZjJk
M2U0NzQwHhcNMjMwMTAyMTIyNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTM2ZGQ5NTZhNGNjMjNjODcwZDc4ZjI3YWRiMmZjYTg4MDg0NDZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzd8D4zxqLF0C4UQNC+M68QNx8U8L
sy8Y5b1JlARIRR8MrgnzHLFGA7ZEA6e5IojQeiPbXI1uYU/PvMKVxauuBM2z4YnF
MLEhfrn+g9aUErLsGco+x9CBWtFgR0IF3zHMGO/FN26/R7IUJXyGjy7DwAnkxBSN
5x4ke8SU6GRv5+rNW+NbmUa6qGbZTCItJmHEx4XDt2x66ZyOz96ialzYL7Cs63g8
pufJnExSrcuHCG7cD5oyfrPy2SE7SD6vBurhK8ivKWjFPsdqkuN2BBdFLy+OXexU
AB7qNwQJwnQB/SmobLXnEW+5IGTIhSizg1fzq2mPRqPr38rrmv9wQ+H36wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFU23ZVqTMI8hw148nrbL8qICERuMB8GA1UdIwQY
MBaAFDWQLJtkD8bVfCN3FO0k2hfy0+R0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlpBc20yUVB4dFY4STNjVTdTVGFGX0xUNUhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9mOTZiYWYtNDFmMy00OTg2LWI5M2Et
NDE3YjRmYTU2NGVhLzEvVlRiZGxXcE13anlIRFhqeWV0c3Z5b2dJUkc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9mOTZiYWYtNDFmMy00OTg2LWI5M2EtNDE3YjRmYTU2NGVh
LzEvTlpBc20yUVB4dFY4STNjVTdTVGFGX0xUNUhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuXiEAwQE
2RnAMA0GCSqGSIb3DQEBCwUAA4IBAQAnLL2icD18znSWN0+Sb4Q5BaOpyokUfTB4
LqISM2KqWxMpDgC6xW0TqioO6BITiwUQ7/eZZGB65GrdJ8kqiUoB+a4Mm8QDr/W5
IDxxzTyw+nqU7gTBNaymkXBpCVmAR2VoXJR33a2GTAQjjOR6VIJCLOfgzrgGK5Ak
6ib5t6nnzckTy3ZY2cThCx6D3U+a2XR9S5SMjx3qT3izNstq+PodVJ7gkboZtbBY
p5WXIYkgS6KqTk3p/9K21eM0/iJ/It8IxGaO71hwnSfo6T/WXpxXMcrd4g5yE49P
wcDpPGvFoOv7I2aqYdh6sceAdIbHZCONgMOVUjAhKApvnCMgk/aR
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:23:19 2024 by rpki-client on console-ams.rpki-client.org