Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/d9cb41-1c3b-46ab-a993-3c3e50dda6cc/1/Vr7kx_lZFzyQEZfdVsw1qrQgEPc.roa
File: Vr7kx_lZFzyQEZfdVsw1qrQgEPc.roa (raw, json)
Hash identifier: 5dXtbUF5xCRYJC/VQRycePMz8746jrr15FEI+25eEf0=
Subject key identifier: 56:BE:E4:C7:F9:59:17:3C:90:11:97:DD:56:CC:35:AA:B4:20:10:F7
Certificate issuer: /CN=d79ea47ae161cbb3daef97789730d70c4cba89d0
Certificate serial: 018A5F904395DACC1BF3229F3825EDBD6800
Authority key identifier: D7:9E:A4:7A:E1:61:CB:B3:DA:EF:97:78:97:30:D7:0C:4C:BA:89:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/156keuFhy7Pa75d4lzDXDEy6idA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/d9cb41-1c3b-46ab-a993-3c3e50dda6cc/1/Vr7kx_lZFzyQEZfdVsw1qrQgEPc.roa
Signing time: Mon 04 Sep 2023 09:40:04 +0000
ROA not before: Mon 04 Sep 2023 09:40:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1942
IP address blocks: 192.33.171.0/24 maxlen: 24
152.77.0.0/16 maxlen: 16
129.88.0.0/16 maxlen: 16
147.171.0.0/16 maxlen: 16
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:5f:90:43:95:da:cc:1b:f3:22:9f:38:25:ed:bd:68:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d79ea47ae161cbb3daef97789730d70c4cba89d0
Validity
Not Before: Sep 4 09:40:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=56bee4c7f959173c901197dd56cc35aab42010f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:3e:8e:ab:57:c5:b2:88:31:3d:e3:fe:f6:ce:
0f:4d:cd:8d:87:1f:43:d0:4b:c8:25:65:83:0a:cf:
c3:97:e7:fc:56:79:e0:01:48:2c:11:81:67:aa:85:
2d:4d:bc:b1:d7:da:68:fd:df:89:1f:52:39:a8:f4:
65:9a:11:fe:13:7a:cc:16:2f:10:ee:40:41:f1:26:
e5:11:1e:18:e2:83:fa:31:a7:83:b2:b5:4f:eb:ec:
cc:9e:0b:a6:74:91:86:7b:68:e8:29:9e:4a:26:f9:
ed:aa:c3:53:f8:19:ba:f6:e3:35:8f:a0:c0:cb:da:
df:13:cd:69:b9:82:36:bc:e7:e6:c2:0c:e6:ff:42:
7e:3d:01:3b:8a:89:fb:c3:19:91:e9:01:85:00:7c:
19:bf:80:47:7e:e9:b1:22:28:e8:32:45:b8:eb:b6:
34:5f:69:ad:6f:87:cc:16:aa:3d:7f:cc:e2:a9:a7:
ba:61:26:91:12:5d:49:2b:d5:3b:50:19:ca:ed:d7:
b9:1a:15:83:89:a1:da:15:15:bb:dc:c8:62:31:52:
59:8a:93:cd:1f:f3:47:b1:98:df:33:16:ba:39:3a:
f4:aa:d4:13:04:d8:80:01:3c:db:a9:55:14:1f:d8:
07:7d:7c:67:7d:98:84:32:1d:16:91:10:10:0a:37:
97:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:BE:E4:C7:F9:59:17:3C:90:11:97:DD:56:CC:35:AA:B4:20:10:F7
X509v3 Authority Key Identifier:
keyid:D7:9E:A4:7A:E1:61:CB:B3:DA:EF:97:78:97:30:D7:0C:4C:BA:89:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/156keuFhy7Pa75d4lzDXDEy6idA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/d9cb41-1c3b-46ab-a993-3c3e50dda6cc/1/Vr7kx_lZFzyQEZfdVsw1qrQgEPc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/d9cb41-1c3b-46ab-a993-3c3e50dda6cc/1/156keuFhy7Pa75d4lzDXDEy6idA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
129.88.0.0/16
147.171.0.0/16
152.77.0.0/16
192.33.171.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:aa:16:f9:17:11:0d:b5:b9:d2:9a:9b:08:27:80:78:03:ff:
30:6f:09:46:5a:0d:6c:38:3c:94:ed:2c:29:90:9b:f6:91:d9:
af:d2:d6:f7:d5:bb:bf:b7:e3:bb:61:8b:d4:86:65:5a:d1:11:
ee:2b:3c:54:88:3a:84:c4:4d:0c:53:84:1f:fd:08:45:2d:6c:
f2:e4:9b:24:06:f8:af:b8:fa:a4:66:b7:f8:4c:65:66:9c:8a:
cb:32:16:d1:9a:98:67:a0:ee:f6:8d:67:ef:c6:04:4d:af:34:
5c:ea:e4:7f:53:28:d7:26:93:3b:71:00:7f:1b:5a:70:34:ee:
52:30:a6:68:a1:57:d5:ae:f8:1e:38:7e:7a:55:d2:0f:61:ce:
f1:41:d8:f5:7c:f6:09:5d:19:ef:19:f3:bc:ae:fd:52:e2:14:
5d:74:b6:df:16:de:a1:2b:83:a7:25:03:6d:fe:90:0b:f5:56:
1c:7b:be:5d:86:26:0d:d0:d2:b5:17:6c:21:94:e2:49:c2:4a:
d6:b8:5c:85:c2:a8:c6:ac:1d:fa:db:48:e9:0a:9b:c9:7d:15:
bf:7f:89:3d:5b:02:41:9e:ba:21:e1:09:5e:e6:ff:bf:bf:36:
9b:ed:1d:b5:13:d8:80:fa:bc:54:01:9d:22:f9:10:d8:af:45:
bd:9a:29:46
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYpfkEOV2swb8yKfOCXtvWgAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3OWVhNDdhZTE2MWNiYjNkYWVmOTc3ODk3MzBkNzBjNGNi
YTg5ZDAwHhcNMjMwOTA0MDk0MDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmJlZTRjN2Y5NTkxNzNjOTAxMTk3ZGQ1NmNjMzVhYWI0MjAxMGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkj6Oq1fFsogxPeP+9s4PTc2Nhx9D
0EvIJWWDCs/Dl+f8VnngAUgsEYFnqoUtTbyx19po/d+JH1I5qPRlmhH+E3rMFi8Q
7kBB8SblER4Y4oP6MaeDsrVP6+zMngumdJGGe2joKZ5KJvntqsNT+Bm69uM1j6DA
y9rfE81puYI2vOfmwgzm/0J+PQE7ion7wxmR6QGFAHwZv4BHfumxIijoMkW467Y0
X2mtb4fMFqo9f8ziqae6YSaREl1JK9U7UBnK7de5GhWDiaHaFRW73MhiMVJZipPN
H/NHsZjfMxa6OTr0qtQTBNiAATzbqVUUH9gHfXxnfZiEMh0WkRAQCjeXfwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFa+5Mf5WRc8kBGX3VbMNaq0IBD3MB8GA1UdIwQY
MBaAFNeepHrhYcuz2u+XeJcw1wxMuonQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTU2a2V1Rmh5N1BhNzVkNGx6RFhERXk2aWRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9kOWNiNDEtMWMzYi00NmFiLWE5OTMt
M2MzZTUwZGRhNmNjLzEvVnI3a3hfbFpGenlRRVpmZFZzdzFxclFnRVBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9kOWNiNDEtMWMzYi00NmFiLWE5OTMtM2MzZTUwZGRhNmNj
LzEvMTU2a2V1Rmh5N1BhNzVkNGx6RFhERXk2aWRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAATAVAwMAgVgDAwCT
qwMDAJhNAwQAwCGrMA0GCSqGSIb3DQEBCwUAA4IBAQCKqhb5FxENtbnSmpsIJ4B4
A/8wbwlGWg1sODyU7SwpkJv2kdmv0tb31bu/t+O7YYvUhmVa0RHuKzxUiDqExE0M
U4Qf/QhFLWzy5JskBvivuPqkZrf4TGVmnIrLMhbRmphnoO72jWfvxgRNrzRc6uR/
UyjXJpM7cQB/G1pwNO5SMKZooVfVrvgeOH56VdIPYc7xQdj1fPYJXRnvGfO8rv1S
4hRddLbfFt6hK4OnJQNt/pAL9VYce75dhiYN0NK1F2whlOJJwkrWuFyFwqjGrB36
20jpCpvJfRW/f4k9WwJBnroh4Qle5v+/vzab7R21E9iA+rxUAZ0i+RDYr0W9milG
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:23:48 2024 by rpki-client on console-ams.rpki-client.org