Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/3e6687-7a44-40d8-993f-895a5a392438/1/VWHZwNztOP3lnS1S-qCCA1iz224.roa
File: VWHZwNztOP3lnS1S-qCCA1iz224.roa (raw, json)
Hash identifier: 71LR+/kqvXJ2ZGfPxaVnOqg2DTtRp/SQ7rIYlsWG5/E=
Subject key identifier: 55:61:D9:C0:DC:ED:38:FD:E5:9D:2D:52:FA:A0:82:03:58:B3:DB:6E
Certificate issuer: /CN=3df8a40c6a2c6993c9fbe81df3ea7dd372f96dec
Certificate serial: 0187994D15AD1A0D33568718E97DFD4F7DA8
Authority key identifier: 3D:F8:A4:0C:6A:2C:69:93:C9:FB:E8:1D:F3:EA:7D:D3:72:F9:6D:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PfikDGosaZPJ--gd8-p903L5bew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/3e6687-7a44-40d8-993f-895a5a392438/1/VWHZwNztOP3lnS1S-qCCA1iz224.roa
Signing time: Wed 19 Apr 2023 11:36:18 +0000
ROA not before: Wed 19 Apr 2023 11:36:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12665
IP address blocks: 212.4.224.0/19 maxlen: 19
195.238.128.0/19 maxlen: 20
Validation: Failed, certificate revoked on Fri 21 Apr 2023 08:09:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:99:4d:15:ad:1a:0d:33:56:87:18:e9:7d:fd:4f:7d:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3df8a40c6a2c6993c9fbe81df3ea7dd372f96dec
Validity
Not Before: Apr 19 11:36:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5561d9c0dced38fde59d2d52faa0820358b3db6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:37:eb:27:3d:22:72:d7:d2:41:e4:a7:73:6b:
02:1a:bd:c8:92:c0:17:72:a7:b3:1e:6c:ee:4b:18:
19:49:f8:a1:e0:43:46:20:de:f1:a4:dc:79:99:95:
3b:43:b7:06:e6:d4:17:84:fd:2f:89:0a:38:c8:ed:
a2:78:12:39:0d:64:fc:33:a4:7d:79:c0:6e:d7:2f:
d6:e4:d9:fd:2b:91:b9:7d:09:28:41:84:85:f1:af:
fc:4c:dc:e4:0d:da:17:4a:2a:ff:24:33:b9:a2:a0:
65:6d:c4:38:25:36:38:34:4e:63:87:c6:7b:57:fe:
d4:f2:aa:e3:58:f5:7a:72:51:68:be:7e:74:62:b3:
7f:49:7f:59:e8:c8:92:c7:ce:b1:9e:d4:0c:b7:2a:
27:80:56:65:38:7b:e8:f8:bf:cb:99:e5:73:1b:eb:
33:2a:d8:26:37:5f:24:54:86:cc:7a:20:4e:66:45:
10:d3:fa:eb:0f:33:a6:45:d0:75:89:58:ca:97:06:
6d:6d:9d:8d:5f:3e:da:aa:f4:e3:01:d3:ae:eb:6b:
e9:37:ca:ac:21:9b:e3:e1:f2:6f:59:1f:62:42:df:
f5:3d:16:a1:9c:3c:ce:8f:19:fa:c6:35:8b:55:ac:
01:12:03:1e:15:3a:41:cc:44:39:03:87:8a:ce:b8:
03:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:61:D9:C0:DC:ED:38:FD:E5:9D:2D:52:FA:A0:82:03:58:B3:DB:6E
X509v3 Authority Key Identifier:
keyid:3D:F8:A4:0C:6A:2C:69:93:C9:FB:E8:1D:F3:EA:7D:D3:72:F9:6D:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PfikDGosaZPJ--gd8-p903L5bew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/3e6687-7a44-40d8-993f-895a5a392438/1/VWHZwNztOP3lnS1S-qCCA1iz224.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/3e6687-7a44-40d8-993f-895a5a392438/1/PfikDGosaZPJ--gd8-p903L5bew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.238.128.0/19
212.4.224.0/19
Signature Algorithm: sha256WithRSAEncryption
86:e0:c2:9c:8d:3f:1b:32:e6:81:54:e7:9b:cc:a2:bb:eb:f5:
1b:08:1e:ac:60:84:e1:dc:d5:2a:05:ac:10:6f:4a:8a:cb:d5:
89:bb:9b:b5:3c:2f:0d:be:96:df:dd:d4:47:92:ba:86:ea:88:
fe:99:5f:99:99:8d:c0:b8:e6:8c:07:94:85:07:55:36:98:45:
4e:69:c4:b6:33:a2:f7:ec:fa:89:59:f0:9c:ba:b5:f7:d8:f3:
9e:c9:fe:8f:3d:37:22:70:0a:6b:4a:d5:6d:3c:09:d6:d0:f0:
27:73:2b:c9:4c:7d:c2:a2:72:4f:b1:a1:14:9b:84:a0:b6:1d:
ba:00:57:f8:7e:2c:d0:67:d6:59:f8:c5:b1:a7:4d:14:93:cb:
a5:b9:ab:8f:4e:e4:4b:36:61:43:9e:0f:e1:dc:f1:98:b3:c0:
d5:1a:2a:06:59:69:83:9a:f4:3e:e7:f5:39:27:26:e5:2b:fe:
6c:ad:7a:7c:e4:38:f6:4a:60:96:a7:f2:14:25:1a:77:b4:7d:
36:dc:cf:da:b8:9f:cb:67:5d:fa:4a:a1:11:ff:74:5c:30:70:
7a:72:50:96:bf:3f:21:70:40:39:19:77:e1:bc:ae:94:ef:5c:
75:59:0c:c4:54:36:0c:ce:e5:d2:98:15:d4:0c:c1:6a:f9:3b:
16:35:94:8d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYeZTRWtGg0zVocY6X39T32oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkZjhhNDBjNmEyYzY5OTNjOWZiZTgxZGYzZWE3ZGQzNzJm
OTZkZWMwHhcNMjMwNDE5MTEzNjE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTYxZDljMGRjZWQzOGZkZTU5ZDJkNTJmYWEwODIwMzU4YjNkYjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApDfrJz0ictfSQeSnc2sCGr3IksAX
cqezHmzuSxgZSfih4ENGIN7xpNx5mZU7Q7cG5tQXhP0viQo4yO2ieBI5DWT8M6R9
ecBu1y/W5Nn9K5G5fQkoQYSF8a/8TNzkDdoXSir/JDO5oqBlbcQ4JTY4NE5jh8Z7
V/7U8qrjWPV6clFovn50YrN/SX9Z6MiSx86xntQMtyongFZlOHvo+L/LmeVzG+sz
KtgmN18kVIbMeiBOZkUQ0/rrDzOmRdB1iVjKlwZtbZ2NXz7aqvTjAdOu62vpN8qs
IZvj4fJvWR9iQt/1PRahnDzOjxn6xjWLVawBEgMeFTpBzEQ5A4eKzrgDSQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFVh2cDc7Tj95Z0tUvqgggNYs9tuMB8GA1UdIwQY
MBaAFD34pAxqLGmTyfvoHfPqfdNy+W3sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGZpa0RHb3NhWlBKLS1nZDgtcDkwM0w1YmV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy8zZTY2ODctN2E0NC00MGQ4LTk5M2Yt
ODk1YTVhMzkyNDM4LzEvVldIWndOenRPUDNsblMxUy1xQ0NBMWl6MjI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy8zZTY2ODctN2E0NC00MGQ4LTk5M2YtODk1YTVhMzkyNDM4
LzEvUGZpa0RHb3NhWlBKLS1nZDgtcDkwM0w1YmV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFw+6AAwQF
1ATgMA0GCSqGSIb3DQEBCwUAA4IBAQCG4MKcjT8bMuaBVOebzKK76/UbCB6sYITh
3NUqBawQb0qKy9WJu5u1PC8Nvpbf3dRHkrqG6oj+mV+ZmY3AuOaMB5SFB1U2mEVO
acS2M6L37PqJWfCcurX32POeyf6PPTcicAprStVtPAnW0PAncyvJTH3ConJPsaEU
m4Sgth26AFf4fizQZ9ZZ+MWxp00Uk8uluauPTuRLNmFDng/h3PGYs8DVGioGWWmD
mvQ+5/U5JyblK/5srXp85Dj2SmCWp/IUJRp3tH023M/auJ/LZ136SqER/3RcMHB6
clCWvz8hcEA5GXfhvK6U71x1WQzEVDYMzuXSmBXUDMFq+TsWNZSN
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:28 2024 by rpki-client on console-ams.rpki-client.org