Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/VZHcfxwXkY67Nfy3Vs74Vfb9Z6o.roa
File: VZHcfxwXkY67Nfy3Vs74Vfb9Z6o.roa (raw, json)
Hash identifier: TkwvD0Bw9lSApmCn7b/ih6X0MZ2xk/L+r4zIHFE0nOw=
Subject key identifier: 55:91:DC:7F:1C:17:91:8E:BB:35:FC:B7:56:CE:F8:55:F6:FD:67:AA
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0189730E0B92C87DFD559265E136759EBC1B
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/VZHcfxwXkY67Nfy3Vs74Vfb9Z6o.roa
Signing time: Thu 20 Jul 2023 11:27:27 +0000
ROA not before: Thu 20 Jul 2023 11:27:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 194.87.1.0/24 maxlen: 24
193.124.16.0/24 maxlen: 24
194.87.7.0/24 maxlen: 24
194.87.11.0/24 maxlen: 24
194.87.12.0/24 maxlen: 24
194.87.24.0/22 maxlen: 24
194.87.26.0/23 maxlen: 23
194.87.36.0/24 maxlen: 24
194.87.108.0/24 maxlen: 24
194.87.114.0/23 maxlen: 23
194.87.122.0/24 maxlen: 24
194.87.124.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.130.0/24 maxlen: 24
194.87.131.0/24 maxlen: 24
194.87.134.0/23 maxlen: 23
194.87.40.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
193.124.80.0/24 maxlen: 24
194.87.73.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
195.133.73.0/24 maxlen: 24
195.133.85.0/24 maxlen: 24
195.133.84.0/23 maxlen: 23
195.133.30.0/24 maxlen: 24
195.133.35.0/24 maxlen: 24
195.133.194.0/24 maxlen: 24
195.133.195.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
212.192.241.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
195.58.58.0/23 maxlen: 23
212.192.248.0/22 maxlen: 22
195.58.62.0/23 maxlen: 23
194.58.223.0/24 maxlen: 24
195.133.0.0/24 maxlen: 24
195.133.6.0/24 maxlen: 24
195.133.7.0/24 maxlen: 24
194.58.154.0/24 maxlen: 24
194.87.200.0/24 maxlen: 24
194.87.222.0/24 maxlen: 24
194.87.151.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
194.87.166.0/24 maxlen: 24
194.87.162.0/24 maxlen: 24
194.87.168.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
192.124.189.0/24 maxlen: 24
192.124.191.0/24 maxlen: 24
194.87.187.0/24 maxlen: 24
194.87.190.0/24 maxlen: 24
193.124.200.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 22 Jul 2023 10:06:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:73:0e:0b:92:c8:7d:fd:55:92:65:e1:36:75:9e:bc:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jul 20 11:27:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5591dc7f1c17918ebb35fcb756cef855f6fd67aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:4e:e4:7f:9a:19:48:68:7b:87:84:38:d8:8d:
3a:72:d9:0f:01:c9:87:b4:64:0a:4e:fc:ff:33:07:
30:a1:f3:c3:38:78:08:6d:dd:06:ea:7a:c7:e7:bf:
8a:8c:0b:ff:46:f2:e4:fb:d8:d4:3f:0e:43:78:b6:
27:ba:6f:d1:34:48:80:6d:f1:05:2d:81:b9:b4:6a:
37:f0:84:8d:e9:e8:70:c1:40:f5:e8:7c:fc:75:5e:
2f:30:fe:cf:7c:23:99:e8:0d:ce:3d:a2:09:54:0d:
38:34:df:c7:97:51:16:21:d1:13:4e:13:e5:35:0d:
44:f1:ef:f7:e2:33:21:24:00:7a:7c:91:c4:ab:ec:
af:d0:8e:8d:8d:ea:8b:c9:37:7d:a2:73:e0:d1:52:
a3:91:59:75:03:1e:a4:93:04:ad:f4:cf:5b:56:ec:
94:36:e9:7b:ae:82:14:9c:95:d4:53:df:b7:cf:84:
f5:c4:a4:49:ef:1b:09:c3:55:11:74:34:2b:90:78:
9e:09:ed:31:d7:ce:7b:e9:5c:0a:ae:38:6d:b8:eb:
86:3d:40:e0:49:b3:f7:4f:6c:c2:46:42:6d:a3:dc:
04:18:8c:ca:24:c8:64:5f:29:e2:ba:ae:83:cb:0e:
9e:c9:66:ac:96:98:3f:49:29:d1:42:bf:bb:5c:3c:
9e:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:91:DC:7F:1C:17:91:8E:BB:35:FC:B7:56:CE:F8:55:F6:FD:67:AA
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/VZHcfxwXkY67Nfy3Vs74Vfb9Z6o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.178.0/24
192.124.189.0/24
192.124.191.0/24
193.124.16.0/24
193.124.80.0/24
193.124.133.0/24
193.124.200.0/24
194.58.47.0/24
194.58.154.0/24
194.58.223.0/24
194.87.1.0/24
194.87.7.0/24
194.87.11.0-194.87.12.255
194.87.24.0/22
194.87.36.0/24
194.87.40.0/24
194.87.56.0/24
194.87.73.0/24
194.87.83.0/24
194.87.108.0/24
194.87.114.0/23
194.87.122.0/24
194.87.124.0/24
194.87.130.0/23
194.87.134.0/23
194.87.151.0/24
194.87.162.0/24
194.87.166.0/24
194.87.168.0/24
194.87.179.0/24
194.87.187.0/24
194.87.190.0/24
194.87.200.0/24
194.87.222.0/24
195.58.54.0/24
195.58.58.0/23
195.58.62.0/23
195.133.0.0/24
195.133.6.0/23
195.133.30.0/24
195.133.35.0/24
195.133.73.0/24
195.133.84.0/23
195.133.194.0/23
212.192.241.0/24
212.192.248.0/22
Signature Algorithm: sha256WithRSAEncryption
94:6e:08:f4:9c:9e:69:45:b0:e3:1b:7a:cc:c2:f7:7d:b3:0a:
00:dc:b8:5b:7e:ae:84:6a:b4:ff:a3:fa:a3:3e:78:7b:b4:56:
3c:3b:45:17:ce:43:ea:cb:a1:22:32:ef:00:9a:9b:27:81:59:
80:6b:d8:45:9b:67:65:59:14:d5:43:3e:76:5e:06:af:b3:03:
39:95:50:46:52:55:27:ed:f5:38:a6:3a:cd:cd:ac:db:70:26:
a4:65:4d:30:53:e2:7a:01:f7:50:c3:76:f8:4d:bc:0f:fe:f8:
51:3a:af:3f:e5:b2:4d:67:20:b0:85:4c:2c:f6:66:63:b6:d5:
15:b0:66:ce:70:73:8d:8d:7d:4e:c8:e8:4b:db:ab:0e:a7:a9:
07:54:6b:d6:5d:12:b3:c8:5f:91:2e:37:6e:19:66:4e:13:b9:
3c:6a:63:53:49:4d:ea:8f:b5:75:d5:18:19:a4:71:b4:79:c9:
77:03:af:f9:5a:94:73:e1:06:93:3f:1f:9f:a3:5b:f6:5c:29:
e9:5a:88:5c:47:18:b0:ff:09:22:70:91:40:de:96:89:6b:82:
09:55:2b:dc:ba:e9:b0:f1:da:07:e0:6b:8a:75:10:67:85:93:
7a:45:41:13:3b:fb:26:ca:da:6c:4c:0d:18:ca:eb:da:48:9d:
57:66:0b:88
-----BEGIN CERTIFICATE-----
MIIGHTCCBQWgAwIBAgISAYlzDguSyH39VZJl4TZ1nrwbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNzIwMTEyNzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTkxZGM3ZjFjMTc5MThlYmIzNWZjYjc1NmNlZjg1NWY2ZmQ2N2FhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh07kf5oZSGh7h4Q42I06ctkPAcmH
tGQKTvz/MwcwofPDOHgIbd0G6nrH57+KjAv/RvLk+9jUPw5DeLYnum/RNEiAbfEF
LYG5tGo38ISN6ehwwUD16Hz8dV4vMP7PfCOZ6A3OPaIJVA04NN/Hl1EWIdETThPl
NQ1E8e/34jMhJAB6fJHEq+yv0I6NjeqLyTd9onPg0VKjkVl1Ax6kkwSt9M9bVuyU
Nul7roIUnJXUU9+3z4T1xKRJ7xsJw1URdDQrkHieCe0x18576VwKrjhtuOuGPUDg
SbP3T2zCRkJto9wEGIzKJMhkXyniuq6Dyw6eyWaslpg/SSnRQr+7XDyebQIDAQAB
o4IDKTCCAyUwHQYDVR0OBBYEFFWR3H8cF5GOuzX8t1bO+FX2/WeqMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvVlpIY2Z4d1hrWTY3TmZ5M1ZzNzRWZmI5WjZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBPQYIKwYBBQUHAQcBAf8EggEsMIIBKDCCASQEAgABMIIB
HAMEAMB8sgMEAMB8vQMEAMB8vwMEAMF8EAMEAMF8UAMEAMF8hQMEAMF8yAMEAMI6
LwMEAMI6mgMEAMI63wMEAMJXAQMEAMJXBzAMAwQAwlcLAwQAwlcMAwQCwlcYAwQA
wlckAwQAwlcoAwQAwlc4AwQAwldJAwQAwldTAwQAwldsAwQBwldyAwQAwld6AwQA
wld8AwQBwleCAwQBwleGAwQAwleXAwQAwleiAwQAwlemAwQAwleoAwQAwlezAwQA
wle7AwQAwle+AwQAwlfIAwQAwlfeAwQAwzo2AwQBwzo6AwQBwzo+AwQAw4UAAwQB
w4UGAwQAw4UeAwQAw4UjAwQAw4VJAwQBw4VUAwQBw4XCAwQA1MDxAwQC1MD4MA0G
CSqGSIb3DQEBCwUAA4IBAQCUbgj0nJ5pRbDjG3rMwvd9swoA3Lhbfq6EarT/o/qj
Pnh7tFY8O0UXzkPqy6EiMu8AmpsngVmAa9hFm2dlWRTVQz52XgavswM5lVBGUlUn
7fU4pjrNzazbcCakZU0wU+J6AfdQw3b4TbwP/vhROq8/5bJNZyCwhUws9mZjttUV
sGbOcHONjX1OyOhL26sOp6kHVGvWXRKzyF+RLjduGWZOE7k8amNTSU3qj7V11RgZ
pHG0ecl3A6/5WpRz4QaTPx+fo1v2XCnpWohcRxiw/wkicJFA3paJa4IJVSvcuumw
8doH4GuKdRBnhZN6RUETO/smytpsTA0YyuvaSJ1XZguI
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:18 2024 by rpki-client on console-fra.rpki-client.org