Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/vZ4z5f5AI4jdicxnmhGfPoEVpaY.roa
File: vZ4z5f5AI4jdicxnmhGfPoEVpaY.roa (raw, json)
Hash identifier: 4qsRqhN0e6pwNyYE47TK/bPAqDzAkvxGRZKuAV+wZCU=
Subject key identifier: BD:9E:33:E5:FE:40:23:88:DD:89:CC:67:9A:11:9F:3E:81:15:A5:A6
Certificate issuer: /CN=84f824d32df1a5113d82101345d785a38addbde5
Certificate serial: 018806CCCADBC1844AF4F4C7B1FAADAB65FC
Authority key identifier: 84:F8:24:D3:2D:F1:A5:11:3D:82:10:13:45:D7:85:A3:8A:DD:BD:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hPgk0y3xpRE9ghATRdeFo4rdveU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/vZ4z5f5AI4jdicxnmhGfPoEVpaY.roa
Signing time: Wed 10 May 2023 17:54:24 +0000
ROA not before: Wed 10 May 2023 17:54:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209854
IP address blocks: 188.209.125.0/24 maxlen: 24
188.209.124.0/24 maxlen: 24
89.41.27.0/24 maxlen: 24
188.208.223.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:06:cc:ca:db:c1:84:4a:f4:f4:c7:b1:fa:ad:ab:65:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84f824d32df1a5113d82101345d785a38addbde5
Validity
Not Before: May 10 17:54:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bd9e33e5fe402388dd89cc679a119f3e8115a5a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:d5:1f:04:25:7b:4a:7c:7c:6c:de:8d:53:b5:
bc:37:c8:75:16:cc:cc:ea:7d:a2:e6:42:fe:33:10:
32:9d:c6:79:7d:cb:a6:1f:73:a4:e9:8d:6c:a5:1f:
c1:c8:36:24:d8:74:fe:b1:f0:60:66:70:2d:4b:8b:
5c:ed:6c:99:2c:ff:5c:51:a6:32:7c:7d:f6:7f:ee:
c7:23:5c:89:ec:db:d7:37:4a:d8:53:2f:e1:d0:a2:
a7:04:e7:49:28:25:52:3e:40:bc:19:cf:34:7f:23:
ec:14:39:1b:3f:84:2a:f8:f8:86:7c:fa:c0:f7:dc:
e1:34:ea:8f:dd:20:32:4a:46:30:07:b9:6f:eb:58:
4d:82:39:28:ad:6d:0c:c5:fb:ab:fd:b5:c3:de:eb:
5f:44:51:a0:fc:d1:36:9e:4b:4d:ee:7a:f2:4b:b3:
b2:13:b8:74:b8:9d:ca:e5:c2:e0:a5:d3:30:60:9e:
d3:7b:4a:c4:cd:26:bf:bb:82:b9:b3:07:73:b0:be:
7e:f3:26:c0:5e:34:cf:1e:fd:65:13:35:4a:d6:4c:
14:d2:41:94:dd:38:c1:5b:94:3d:5a:fe:00:7f:19:
9a:2a:45:81:37:56:f0:21:28:d3:bb:f3:b8:d8:ce:
bd:f5:81:6f:d6:09:68:27:50:25:57:cf:52:47:93:
59:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:9E:33:E5:FE:40:23:88:DD:89:CC:67:9A:11:9F:3E:81:15:A5:A6
X509v3 Authority Key Identifier:
keyid:84:F8:24:D3:2D:F1:A5:11:3D:82:10:13:45:D7:85:A3:8A:DD:BD:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hPgk0y3xpRE9ghATRdeFo4rdveU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/vZ4z5f5AI4jdicxnmhGfPoEVpaY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/hPgk0y3xpRE9ghATRdeFo4rdveU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.41.27.0/24
188.208.223.0/24
188.209.124.0/23
Signature Algorithm: sha256WithRSAEncryption
a8:4e:63:4e:af:13:a0:25:6a:c2:da:81:24:98:fd:0f:8d:17:
64:24:e1:f0:a1:39:60:f2:5c:77:b4:0f:96:5e:80:c2:f0:16:
90:98:f5:30:37:cf:56:d5:12:df:6c:a7:29:0e:19:05:f0:dc:
c6:b8:c7:65:5b:e1:d9:35:7d:17:34:c0:db:34:da:41:09:ff:
a8:d0:39:dc:21:d8:28:ae:7b:5e:9a:18:3d:58:e4:d9:ec:e0:
06:8b:1d:f6:55:f3:98:26:c6:da:ff:44:d6:a7:1b:62:65:64:
7a:69:1b:91:99:d3:3f:77:5b:76:07:da:ab:11:db:41:62:c6:
d6:36:5f:29:df:bd:f4:11:87:21:e1:02:77:b2:5d:d0:ea:fe:
b0:a4:49:78:78:fb:c1:c4:1d:12:db:39:3f:14:ad:19:7d:32:
a8:62:16:d6:78:cd:12:fa:16:98:cd:30:ec:62:7a:e4:0e:86:
6a:bf:66:4c:99:fe:83:24:9d:e6:25:a8:3a:34:8e:5c:e2:58:
08:b3:1a:6d:a2:cc:f5:10:25:0b:e9:86:f8:73:74:d2:6a:84:
e0:26:fd:a4:36:39:38:32:5e:af:91:f7:9a:a9:6b:a6:3c:38:
19:cd:5b:de:77:f8:16:df:a5:2a:f1:4b:9f:d6:a8:6c:7c:84:
f0:97:7f:5e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYgGzMrbwYRK9PTHsfqtq2X8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0ZjgyNGQzMmRmMWE1MTEzZDgyMTAxMzQ1ZDc4NWEzOGFk
ZGJkZTUwHhcNMjMwNTEwMTc1NDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDllMzNlNWZlNDAyMzg4ZGQ4OWNjNjc5YTExOWYzZTgxMTVhNWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm9UfBCV7Snx8bN6NU7W8N8h1FszM
6n2i5kL+MxAyncZ5fcumH3Ok6Y1spR/ByDYk2HT+sfBgZnAtS4tc7WyZLP9cUaYy
fH32f+7HI1yJ7NvXN0rYUy/h0KKnBOdJKCVSPkC8Gc80fyPsFDkbP4Qq+PiGfPrA
99zhNOqP3SAySkYwB7lv61hNgjkorW0Mxfur/bXD3utfRFGg/NE2nktN7nryS7Oy
E7h0uJ3K5cLgpdMwYJ7Te0rEzSa/u4K5swdzsL5+8ybAXjTPHv1lEzVK1kwU0kGU
3TjBW5Q9Wv4AfxmaKkWBN1bwISjTu/O42M699YFv1gloJ1AlV89SR5NZEwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFL2eM+X+QCOI3YnMZ5oRnz6BFaWmMB8GA1UdIwQY
MBaAFIT4JNMt8aURPYIQE0XXhaOK3b3lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFBnazB5M3hwUkU5Z2hBVFJkZUZvNHJkdmVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85ZDY1YmItYWI0Zi00M2FhLWJiYTgt
NDM3Mzk0OTM4YzUyLzEvdlo0ejVmNUFJNGpkaWN4bm1oR2ZQb0VWcGFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85ZDY1YmItYWI0Zi00M2FhLWJiYTgtNDM3Mzk0OTM4YzUy
LzEvaFBnazB5M3hwUkU5Z2hBVFJkZUZvNHJkdmVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWSkbAwQA
vNDfAwQBvNF8MA0GCSqGSIb3DQEBCwUAA4IBAQCoTmNOrxOgJWrC2oEkmP0PjRdk
JOHwoTlg8lx3tA+WXoDC8BaQmPUwN89W1RLfbKcpDhkF8NzGuMdlW+HZNX0XNMDb
NNpBCf+o0DncIdgorntemhg9WOTZ7OAGix32VfOYJsba/0TWpxtiZWR6aRuRmdM/
d1t2B9qrEdtBYsbWNl8p3730EYch4QJ3sl3Q6v6wpEl4ePvBxB0S2zk/FK0ZfTKo
YhbWeM0S+haYzTDsYnrkDoZqv2ZMmf6DJJ3mJag6NI5c4lgIsxptosz1ECUL6Yb4
c3TSaoTgJv2kNjk4Ml6vkfeaqWumPDgZzVved/gW36Uq8Uuf1qhsfITwl39e
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:50 2023 by rpki-client on console.sobornost.net