Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/VCp72yIZbM828YkN5aPLWzcVZYA.roa
File: VCp72yIZbM828YkN5aPLWzcVZYA.roa (raw, json)
Hash identifier: I8gZVV+XjiZAye49r063+mBU1w/QJNk0SBiCFw7uxLM=
Subject key identifier: 54:2A:7B:DB:22:19:6C:CF:36:F1:89:0D:E5:A3:CB:5B:37:15:65:80
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0187571EB33675B816300EB8116397D3F020
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/VCp72yIZbM828YkN5aPLWzcVZYA.roa
Signing time: Thu 06 Apr 2023 15:10:42 +0000
ROA not before: Thu 06 Apr 2023 15:10:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398343
IP address blocks: 194.135.104.0/24 maxlen: 24
193.124.15.0/24 maxlen: 24
195.133.83.0/24 maxlen: 24
193.124.24.0/24 maxlen: 24
194.87.29.0/24 maxlen: 24
195.133.21.0/24 maxlen: 24
195.133.26.0/23 maxlen: 23
195.133.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 06 Apr 2023 15:41:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:57:1e:b3:36:75:b8:16:30:0e:b8:11:63:97:d3:f0:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Apr 6 15:10:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=542a7bdb22196ccf36f1890de5a3cb5b37156580
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:4c:c0:7b:2d:f8:53:e8:43:eb:a8:a3:c9:3b:
69:f3:f4:af:9a:4a:a1:f6:93:38:c6:60:c0:f5:c7:
c5:5a:34:31:3e:e7:6d:b8:c9:41:6f:a4:16:e4:5d:
81:18:75:d8:40:d9:0d:38:2a:f0:4e:e2:18:e9:2c:
0c:4d:94:17:40:99:36:ad:ec:51:35:43:83:c5:76:
f7:4b:ce:4a:bc:3a:50:e7:83:d2:c3:3d:b2:08:c2:
bc:de:6b:80:bc:7f:24:43:2f:5b:92:b4:81:80:a1:
0a:22:52:6f:15:d6:fc:7e:52:85:5d:9e:c9:4c:f1:
dd:8b:11:9c:4f:d5:08:c8:39:a8:0c:f2:e3:99:73:
d1:b1:58:9f:fd:8a:78:ac:1e:f2:b8:f7:0b:6e:92:
7d:f0:80:ae:8e:c2:3b:48:fe:b8:7d:41:e7:81:85:
ae:2d:95:7e:03:94:7c:e4:f2:1e:d6:57:28:b4:1c:
eb:08:2b:28:92:2c:24:78:43:01:71:de:9c:27:9a:
27:1b:04:39:61:f2:90:14:2e:a3:28:7b:6c:f5:fa:
fb:2e:36:64:c9:84:c7:ca:70:d6:32:4a:b8:d8:a4:
11:76:b1:6e:c6:d4:3b:cc:5e:0b:e6:27:fb:f2:d3:
da:45:bb:71:d4:d9:27:62:b1:e2:47:22:a5:49:71:
28:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:2A:7B:DB:22:19:6C:CF:36:F1:89:0D:E5:A3:CB:5B:37:15:65:80
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/VCp72yIZbM828YkN5aPLWzcVZYA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.15.0/24
193.124.24.0/24
194.87.29.0/24
194.135.104.0/24
195.133.21.0/24
195.133.26.0/23
195.133.59.0/24
195.133.83.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:61:7e:8c:39:77:bc:5f:31:aa:cb:57:e3:36:53:5a:f4:c2:
f9:90:87:fd:4b:a4:de:34:4c:13:18:99:1e:13:b9:37:fe:74:
ac:61:be:7b:6e:e2:6b:9d:cc:5d:df:0d:36:f9:9c:60:a2:64:
25:b0:af:c1:cc:67:2d:13:bf:26:b1:24:30:b2:94:02:27:f0:
28:81:a8:da:68:d7:26:8e:25:ac:98:0a:3f:8a:88:71:4c:37:
87:f7:a5:41:21:15:3d:9c:8a:0b:b8:ce:b4:bf:82:6f:45:05:
f8:be:9c:2e:1f:ca:5f:0d:8a:54:81:57:d8:74:74:f8:5a:4e:
ae:bc:d3:77:09:22:cc:6c:95:ef:73:db:04:0a:98:56:d4:21:
b8:54:b6:19:f0:27:7b:b7:f1:45:11:10:05:f1:79:7e:a7:e0:
98:eb:8e:47:09:a5:4a:80:df:fd:62:7c:b2:50:b4:75:a1:cb:
77:66:e7:e3:ba:77:83:0c:00:ee:21:7a:e1:e1:26:55:43:fb:
4d:19:1f:48:f3:18:a9:d3:b2:3d:65:7b:3c:7c:f0:07:61:fd:
34:c8:ca:a8:6d:73:09:c0:3c:a6:da:11:1a:25:c6:96:67:4c:
d7:14:59:31:e5:2a:04:dc:21:28:ce:4b:dc:d8:67:45:02:20:
48:b0:68:b3
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYdXHrM2dbgWMA64EWOX0/AgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNDA2MTUxMDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDJhN2JkYjIyMTk2Y2NmMzZmMTg5MGRlNWEzY2I1YjM3MTU2NTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqUzAey34U+hD66ijyTtp8/Svmkqh
9pM4xmDA9cfFWjQxPudtuMlBb6QW5F2BGHXYQNkNOCrwTuIY6SwMTZQXQJk2rexR
NUODxXb3S85KvDpQ54PSwz2yCMK83muAvH8kQy9bkrSBgKEKIlJvFdb8flKFXZ7J
TPHdixGcT9UIyDmoDPLjmXPRsVif/Yp4rB7yuPcLbpJ98ICujsI7SP64fUHngYWu
LZV+A5R85PIe1lcotBzrCCsokiwkeEMBcd6cJ5onGwQ5YfKQFC6jKHts9fr7LjZk
yYTHynDWMkq42KQRdrFuxtQ7zF4L5if78tPaRbtx1NknYrHiRyKlSXEoQQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFFQqe9siGWzPNvGJDeWjy1s3FWWAMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvVkNwNzJ5SVpiTTgyOFlrTjVhUExXemNWWllBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAwXwPAwQA
wXwYAwQAwlcdAwQAwodoAwQAw4UVAwQBw4UaAwQAw4U7AwQAw4VTMA0GCSqGSIb3
DQEBCwUAA4IBAQCOYX6MOXe8XzGqy1fjNlNa9ML5kIf9S6TeNEwTGJkeE7k3/nSs
Yb57buJrncxd3w02+ZxgomQlsK/BzGctE78msSQwspQCJ/AogajaaNcmjiWsmAo/
iohxTDeH96VBIRU9nIoLuM60v4JvRQX4vpwuH8pfDYpUgVfYdHT4Wk6uvNN3CSLM
bJXvc9sECphW1CG4VLYZ8Cd7t/FFERAF8Xl+p+CY645HCaVKgN/9YnyyULR1oct3
ZufjuneDDADuIXrh4SZVQ/tNGR9I8xip07I9ZXs8fPAHYf00yMqobXMJwDym2hEa
JcaWZ0zXFFkx5SoE3CEozkvc2GdFAiBIsGiz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:18 2024 by rpki-client on console-fra.rpki-client.org