Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/VGyBT7BrIgxl1KHL6AHjP67zE0I.roa
File: VGyBT7BrIgxl1KHL6AHjP67zE0I.roa (raw, json)
Hash identifier: VDi7dHq+UNhE7j+3lkIdTP3pJkur6NPdvkHZj2RHuuU=
Subject key identifier: 54:6C:81:4F:B0:6B:22:0C:65:D4:A1:CB:E8:01:E3:3F:AE:F3:13:42
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018977942F83B4F1D27CEEA0ABF75CD9B19A
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/VGyBT7BrIgxl1KHL6AHjP67zE0I.roa
Signing time: Fri 21 Jul 2023 08:32:27 +0000
ROA not before: Fri 21 Jul 2023 08:32:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2118
IP address blocks: 194.87.208.0/23 maxlen: 24
194.87.222.0/23 maxlen: 24
195.133.195.0/24 maxlen: 24
194.87.27.0/24 maxlen: 24
212.192.0.0/23 maxlen: 24
194.58.46.0/23 maxlen: 24
194.58.45.0/24 maxlen: 24
195.58.56.0/21 maxlen: 24
212.193.0.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:77:94:2f:83:b4:f1:d2:7c:ee:a0:ab:f7:5c:d9:b1:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jul 21 08:32:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=546c814fb06b220c65d4a1cbe801e33faef31342
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:aa:14:91:06:02:c0:33:42:cd:c5:44:d6:85:
02:ff:b4:09:78:f2:42:a3:6a:17:14:2b:ed:4b:67:
00:1a:db:69:4f:c4:35:87:2d:01:b1:35:52:9a:fe:
f7:39:c4:f0:3a:b2:5a:e3:e6:c6:b6:57:96:e4:8a:
ad:c9:25:5e:69:66:ee:9e:e6:d8:bc:8b:69:29:ea:
e6:20:65:5a:66:6f:7f:c0:e0:da:0d:75:7c:a0:45:
26:4b:5e:71:89:fc:db:e4:fb:e6:14:fa:f6:b8:38:
41:65:07:cc:7b:40:68:50:82:31:83:4d:46:4a:93:
e1:82:60:81:2e:b3:70:73:4f:44:b2:eb:26:d9:3e:
f6:d2:40:6c:27:f1:12:d0:60:e0:f3:51:2f:33:cf:
6b:0b:b8:4e:f3:19:b8:2a:ac:d4:4d:b7:cf:9d:51:
fd:34:fb:57:f0:5c:8f:10:dc:ae:96:89:9c:84:62:
a8:6e:74:9c:2b:0d:1c:2e:95:fa:2d:fc:5d:5c:ca:
9a:ac:2d:1f:94:39:8d:77:93:16:a5:05:17:68:57:
6c:93:63:56:cf:06:e0:79:f3:f4:9b:d1:ad:3f:b6:
98:c5:e5:04:25:c9:32:f7:dc:fe:94:64:f1:03:86:
f2:1a:8a:18:cb:a4:19:3d:99:6f:02:73:42:67:ec:
8e:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:6C:81:4F:B0:6B:22:0C:65:D4:A1:CB:E8:01:E3:3F:AE:F3:13:42
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/VGyBT7BrIgxl1KHL6AHjP67zE0I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.58.45.0-194.58.47.255
194.87.27.0/24
194.87.198.0/24
194.87.208.0/23
194.87.222.0/23
195.58.56.0/21
195.133.55.0/24
195.133.195.0/24
212.192.0.0/23
212.193.0.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:2a:8e:c0:d6:49:fe:0d:0d:e0:2d:ac:ca:c3:ed:f8:7a:26:
cb:8a:2c:86:2f:63:6a:f1:61:35:6d:51:7b:21:0d:64:94:2f:
b3:3d:dd:dd:0f:8e:10:aa:c8:0c:86:ee:43:e2:6f:03:2e:d2:
9d:da:ab:5c:1c:d9:4f:90:22:fa:73:e0:3a:15:bd:d4:65:a5:
41:6b:52:cf:9b:63:9c:7a:fd:a2:88:cb:ad:20:3e:94:89:93:
60:5e:fa:73:55:02:e5:e9:9b:57:a5:2b:78:b4:f6:8a:a8:9e:
aa:9a:99:2d:30:a7:f5:c1:d7:f0:fd:e3:5f:b2:b1:60:1c:22:
5e:58:c8:97:e8:43:9c:eb:ce:ac:06:e4:f2:2c:2f:3a:21:1b:
96:38:d7:ef:65:ad:1e:15:1d:78:a6:3e:bd:a5:1b:de:11:0c:
6f:56:74:02:ed:7c:12:ce:36:02:d5:20:1a:1f:22:e4:c6:f6:
dc:24:9d:a9:5b:06:71:e0:1c:67:6b:19:21:db:22:5f:49:5c:
db:0d:f7:fb:63:75:9b:6c:5f:7d:3f:8b:32:64:18:7d:10:a9:
23:74:70:cf:02:f0:ff:3d:53:93:f5:46:08:df:b6:e4:82:a7:
8c:d8:96:53:8d:ad:73:e5:f8:63:ab:fb:dd:8b:34:b1:97:53:
a2:b4:fb:2d
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAYl3lC+DtPHSfO6gq/dc2bGaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNzIxMDgzMjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDZjODE0ZmIwNmIyMjBjNjVkNGExY2JlODAxZTMzZmFlZjMxMzQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiKoUkQYCwDNCzcVE1oUC/7QJePJC
o2oXFCvtS2cAGttpT8Q1hy0BsTVSmv73OcTwOrJa4+bGtleW5IqtySVeaWbunubY
vItpKermIGVaZm9/wODaDXV8oEUmS15xifzb5PvmFPr2uDhBZQfMe0BoUIIxg01G
SpPhgmCBLrNwc09Esusm2T720kBsJ/ES0GDg81EvM89rC7hO8xm4KqzUTbfPnVH9
NPtX8FyPENyulomchGKobnScKw0cLpX6LfxdXMqarC0flDmNd5MWpQUXaFdsk2NW
zwbgefP0m9GtP7aYxeUEJcky99z+lGTxA4byGooYy6QZPZlvAnNCZ+yO1wIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFFRsgU+wayIMZdShy+gB4z+u8xNCMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvVkd5QlQ3QnJJZ3hsMUtITDZBSGpQNjd6RTBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEMAwDBADCOi0D
BATCOiADBADCVxsDBADCV8YDBAHCV9ADBAHCV94DBAPDOjgDBADDhTcDBADDhcMD
BAHUwAADBADUwQAwDQYJKoZIhvcNAQELBQADggEBAI8qjsDWSf4NDeAtrMrD7fh6
JsuKLIYvY2rxYTVtUXshDWSUL7M93d0PjhCqyAyG7kPibwMu0p3aq1wc2U+QIvpz
4DoVvdRlpUFrUs+bY5x6/aKIy60gPpSJk2Be+nNVAuXpm1elK3i09oqonqqamS0w
p/XB1/D941+ysWAcIl5YyJfoQ5zrzqwG5PIsLzohG5Y41+9lrR4VHXimPr2lG94R
DG9WdALtfBLONgLVIBofIuTG9twknalbBnHgHGdrGSHbIl9JXNsN9/tjdZtsX30/
izJkGH0QqSN0cM8C8P89U5P1RgjftuSCp4zYllONrXPl+GOr+92LNLGXU6K0+y0=
-----END CERTIFICATE-----
Generated at Wed Jul 26 12:21:53 2023 by rpki-client on console-ams.rpki-client.org