Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/VRaWOy7rgyJvPKKE424-zddOtQs.roa
File: VRaWOy7rgyJvPKKE424-zddOtQs.roa (raw, json)
Hash identifier: sgVgPmk0QGKPFh9xBTQCD/gqJm7DLXaWRjhAbOHgTOI=
Subject key identifier: 55:16:96:3B:2E:EB:83:22:6F:3C:A2:84:E3:6E:3E:CD:D7:4E:B5:0B
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01856F66EC9275CACF9F4B8D6B489241FE0C
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/VRaWOy7rgyJvPKKE424-zddOtQs.roa
Signing time: Sun 01 Jan 2023 22:14:53 +0000
ROA not before: Sun 01 Jan 2023 22:14:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 193.124.3.0/24 maxlen: 24
193.124.9.0/24 maxlen: 24
194.87.1.0/24 maxlen: 24
193.124.44.0/24 maxlen: 24
194.87.38.0/24 maxlen: 24
195.58.36.0/24 maxlen: 24
195.58.35.0/24 maxlen: 24
195.58.50.0/24 maxlen: 24
195.58.56.0/24 maxlen: 24
194.87.130.0/24 maxlen: 24
194.87.131.0/24 maxlen: 24
195.133.0.0/24 maxlen: 24
194.87.42.0/24 maxlen: 24
194.87.73.0/24 maxlen: 24
194.135.18.0/24 maxlen: 24
194.135.23.0/24 maxlen: 24
195.133.30.0/24 maxlen: 24
194.87.166.0/24 maxlen: 24
194.87.168.0/24 maxlen: 24
195.133.35.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
212.192.31.0/24 maxlen: 24
194.87.178.0/24 maxlen: 24
194.87.187.0/24 maxlen: 24
195.133.195.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:66:ec:92:75:ca:cf:9f:4b:8d:6b:48:92:41:fe:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 1 22:14:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5516963b2eeb83226f3ca284e36e3ecdd74eb50b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:7c:39:0e:81:27:25:b0:96:d9:e5:52:44:06:
c1:62:c1:74:8f:71:bc:79:3f:67:49:29:99:f7:90:
fe:82:90:c6:48:91:a0:ac:02:9b:77:28:59:a3:63:
95:c1:e7:47:8c:34:2c:c7:18:5e:cc:81:31:84:e6:
e8:41:58:93:93:be:9c:46:fa:44:fc:0e:3a:0a:4d:
15:48:e4:41:40:06:77:ac:a2:78:87:47:a7:7d:92:
6d:e9:77:31:52:40:f6:a2:8a:97:0a:83:08:7b:e3:
47:de:e2:ce:da:56:be:68:fa:bc:85:3d:19:29:56:
c4:ac:01:ed:3f:ef:ac:7b:a7:40:b6:53:0b:bb:b0:
66:14:a6:1a:a4:20:4c:7f:bf:d1:3a:f9:ff:04:0f:
1d:17:5d:ca:06:75:2a:60:72:6d:3f:63:dd:5e:64:
fd:a8:dc:7a:c0:f9:ea:d2:27:fd:cd:65:14:35:e5:
f6:e2:7f:1b:69:22:f2:73:98:60:33:61:e8:7c:3c:
f9:8b:59:06:a7:a7:15:ee:01:a1:bd:e5:db:01:34:
8a:02:7f:a5:8b:62:23:77:cd:40:26:30:35:83:4f:
9e:cf:26:32:78:d7:df:0a:21:c1:a1:cf:f1:d0:31:
b1:ce:7a:bf:19:ef:33:61:ea:9f:16:54:0f:3e:58:
5f:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:16:96:3B:2E:EB:83:22:6F:3C:A2:84:E3:6E:3E:CD:D7:4E:B5:0B
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/VRaWOy7rgyJvPKKE424-zddOtQs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.3.0/24
193.124.9.0/24
193.124.44.0/24
194.87.1.0/24
194.87.38.0/24
194.87.42.0/24
194.87.73.0/24
194.87.130.0/23
194.87.166.0/24
194.87.168.0/24
194.87.178.0/23
194.87.187.0/24
194.135.18.0/24
194.135.23.0/24
195.58.35.0-195.58.36.255
195.58.50.0/24
195.58.56.0/24
195.133.0.0/24
195.133.30.0/24
195.133.35.0/24
195.133.195.0/24
212.192.31.0/24
Signature Algorithm: sha256WithRSAEncryption
86:e4:5c:bc:e5:f1:aa:7a:b0:f2:61:c7:e0:06:19:77:19:5e:
c8:f5:4c:39:b1:19:c9:55:44:c8:64:19:22:2e:25:24:6e:44:
45:9b:e3:d9:75:a8:e3:94:c9:56:0b:05:dc:41:24:99:ea:78:
a7:2f:f9:7d:8e:a1:c6:68:e9:d3:57:55:86:0c:7a:ec:c7:b7:
cb:88:a8:f1:97:22:1b:81:50:47:52:d0:18:52:f1:d7:be:b3:
57:98:c3:30:84:04:09:cf:5f:c1:5b:b3:40:71:72:0c:33:52:
b3:63:f6:60:94:10:02:72:fa:80:97:d0:bf:3b:2f:8f:7a:b3:
c7:d7:1e:36:2f:65:12:59:be:8b:5c:02:02:5f:4f:61:97:c1:
ae:77:c2:38:25:e2:de:bf:a3:e0:c8:d7:e8:b5:ca:68:41:fe:
06:2d:2d:49:fa:0b:a6:f6:bd:98:54:2c:0f:25:80:f6:30:d5:
a0:78:75:e8:79:16:3a:33:b7:11:30:56:84:e6:5c:cc:30:47:
2b:d1:d7:67:37:02:1c:97:fd:be:06:7c:07:aa:49:c5:6c:d3:
cb:00:a2:7c:ce:dd:e5:b2:21:e6:ac:9f:44:01:b8:77:71:56:
5b:97:7a:60:6e:1d:bf:dc:f5:86:58:c5:25:92:15:a4:84:6e:
7f:98:38:ee
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgISAYVvZuySdcrPn0uNa0iSQf4MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTAxMjIxNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTE2OTYzYjJlZWI4MzIyNmYzY2EyODRlMzZlM2VjZGQ3NGViNTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsXw5DoEnJbCW2eVSRAbBYsF0j3G8
eT9nSSmZ95D+gpDGSJGgrAKbdyhZo2OVwedHjDQsxxhezIExhOboQViTk76cRvpE
/A46Ck0VSORBQAZ3rKJ4h0enfZJt6XcxUkD2ooqXCoMIe+NH3uLO2la+aPq8hT0Z
KVbErAHtP++se6dAtlMLu7BmFKYapCBMf7/ROvn/BA8dF13KBnUqYHJtP2PdXmT9
qNx6wPnq0if9zWUUNeX24n8baSLyc5hgM2HofDz5i1kGp6cV7gGhveXbATSKAn+l
i2Ijd81AJjA1g0+ezyYyeNffCiHBoc/x0DGxznq/Ge8zYeqfFlQPPlhfVQIDAQAB
o4IClDCCApAwHQYDVR0OBBYEFFUWljsu64MibzyihONuPs3XTrULMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvVlJhV095N3JneUp2UEtLRTQyNC16ZGRPdFFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljCBkwQCAAEwgYwDBADB
fAMDBADBfAkDBADBfCwDBADCVwEDBADCVyYDBADCVyoDBADCV0kDBAHCV4IDBADC
V6YDBADCV6gDBAHCV7IDBADCV7sDBADChxIDBADChxcwDAMEAMM6IwMEAMM6JAME
AMM6MgMEAMM6OAMEAMOFAAMEAMOFHgMEAMOFIwMEAMOFwwMEANTAHzANBgkqhkiG
9w0BAQsFAAOCAQEAhuRcvOXxqnqw8mHH4AYZdxleyPVMObEZyVVEyGQZIi4lJG5E
RZvj2XWo45TJVgsF3EEkmep4py/5fY6hxmjp01dVhgx67Me3y4io8ZciG4FQR1LQ
GFLx176zV5jDMIQECc9fwVuzQHFyDDNSs2P2YJQQAnL6gJfQvzsvj3qzx9ceNi9l
Elm+i1wCAl9PYZfBrnfCOCXi3r+j4MjX6LXKaEH+Bi0tSfoLpva9mFQsDyWA9jDV
oHh16HkWOjO3ETBWhOZczDBHK9HXZzcCHJf9vgZ8B6pJxWzTywCifM7d5bIh5qyf
RAG4d3FWW5d6YG4dv9z1hljFJZIVpIRuf5g47g==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:59 2023 by rpki-client on console-ams.rpki-client.org