Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/VkBSfEINmC_ISULwzF8BH9bR2Wg.roa
File: VkBSfEINmC_ISULwzF8BH9bR2Wg.roa (raw, json)
Hash identifier: 1qsvfSjeRt638mVjcXJ7JcPWi8Fc6yJRkH1faivwVMc=
Subject key identifier: 56:40:52:7C:42:0D:98:2F:C8:49:42:F0:CC:5F:01:1F:D6:D1:D9:68
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0187706CC2D4273C9FF2981A2AA2EBB68D55
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/VkBSfEINmC_ISULwzF8BH9bR2Wg.roa
Signing time: Tue 11 Apr 2023 13:06:28 +0000
ROA not before: Tue 11 Apr 2023 13:06:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203639
IP address blocks: 194.87.204.0/24 maxlen: 24
212.193.14.0/24 maxlen: 24
194.87.208.0/24 maxlen: 24
194.87.221.0/24 maxlen: 24
194.87.226.0/24 maxlen: 24
194.87.231.0/24 maxlen: 24
195.133.15.0/24 maxlen: 24
192.124.190.0/24 maxlen: 24
194.87.76.0/24 maxlen: 24
193.124.202.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:70:6c:c2:d4:27:3c:9f:f2:98:1a:2a:a2:eb:b6:8d:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Apr 11 13:06:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5640527c420d982fc84942f0cc5f011fd6d1d968
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:ba:bc:83:aa:95:e1:d2:54:07:8c:75:f4:94:
74:e0:0e:d2:ac:24:4a:ad:cf:66:f1:71:ee:f0:e4:
83:2a:6a:bd:31:69:a2:3b:ac:c2:c0:ae:85:fc:06:
2f:9f:3b:55:82:ea:71:25:ba:2e:76:a4:22:3c:75:
bf:73:ca:16:d2:63:06:90:c6:e7:3f:24:bb:19:55:
e5:42:c7:62:7d:38:9d:f7:27:bf:e6:41:00:38:78:
8d:97:81:58:2a:91:a6:85:08:a2:27:06:3e:36:f2:
2f:db:49:aa:8e:3c:87:6b:5b:0e:e6:e0:4c:f8:09:
dc:87:5a:c2:f4:eb:2e:a6:f0:4f:03:62:d7:d6:c9:
c6:15:a8:6a:81:69:f4:1a:99:cd:ac:ba:72:6b:45:
31:a9:d8:a1:66:5e:be:a8:22:46:7e:a9:1c:7a:24:
ea:ff:c9:4a:cd:85:4f:f0:7e:3b:f5:3a:b5:97:62:
5f:cc:48:65:4e:75:00:6a:5c:e7:4a:e4:f8:64:e5:
2b:0a:f7:2e:c8:ef:6c:91:85:75:29:f4:06:a3:4e:
70:52:da:6c:ea:21:b4:fa:ee:89:ca:51:0d:53:1e:
d8:24:6f:90:b7:38:5c:7a:bc:e7:0e:1a:ce:ce:9b:
b0:4a:c6:04:d6:36:59:68:4f:a9:d8:37:cc:16:84:
39:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:40:52:7C:42:0D:98:2F:C8:49:42:F0:CC:5F:01:1F:D6:D1:D9:68
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/VkBSfEINmC_ISULwzF8BH9bR2Wg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.190.0/24
193.124.202.0/24
194.87.76.0/24
194.87.204.0/24
194.87.208.0/24
194.87.221.0/24
194.87.226.0/24
194.87.231.0/24
195.133.15.0/24
212.193.14.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:46:b4:e6:23:38:5b:11:28:8c:a3:36:29:37:90:15:be:4a:
7e:68:22:16:6c:59:90:29:c0:3f:de:ce:d7:da:72:48:bb:f8:
f5:ec:12:ba:f6:bb:f0:72:ff:94:41:a4:16:59:f0:cc:0c:51:
6b:e8:5e:97:c4:01:16:73:82:14:2d:eb:78:37:80:7a:05:9b:
7e:9b:73:65:e3:e2:6e:0f:d0:c8:2d:d1:30:72:7b:1b:4b:2e:
1b:15:68:b7:1a:9b:13:98:3d:3b:6b:7c:a4:64:1b:99:da:3a:
0c:51:ed:85:94:d1:0c:e1:f4:de:8d:94:c9:48:5e:3b:f0:5f:
bb:be:ef:86:0a:7b:1b:b3:de:7f:06:6f:0c:2c:61:93:72:72:
f7:38:10:e9:c4:4e:49:b2:f6:da:f0:e2:82:e4:f2:72:b0:0b:
61:35:26:4e:94:8a:97:2c:2d:69:e0:c1:83:7d:90:53:99:88:
cd:64:0e:f8:f9:6d:13:9e:7c:53:0c:28:9f:f8:4a:24:6a:bd:
40:d8:ba:a8:bc:af:e6:43:af:05:c2:14:24:cb:f9:98:3f:4b:
fc:01:51:f9:ac:00:29:c4:0d:c0:34:f6:6f:c3:00:8d:7e:5e:
b9:97:ce:6a:22:cd:a2:5f:02:27:65:8d:ea:c5:1e:2b:4d:de:
7c:95:52:04
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYdwbMLUJzyf8pgaKqLrto1VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNDExMTMwNjI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjQwNTI3YzQyMGQ5ODJmYzg0OTQyZjBjYzVmMDExZmQ2ZDFkOTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg7q8g6qV4dJUB4x19JR04A7SrCRK
rc9m8XHu8OSDKmq9MWmiO6zCwK6F/AYvnztVgupxJboudqQiPHW/c8oW0mMGkMbn
PyS7GVXlQsdifTid9ye/5kEAOHiNl4FYKpGmhQiiJwY+NvIv20mqjjyHa1sO5uBM
+Anch1rC9OsupvBPA2LX1snGFahqgWn0GpnNrLpya0UxqdihZl6+qCJGfqkceiTq
/8lKzYVP8H479Tq1l2JfzEhlTnUAalznSuT4ZOUrCvcuyO9skYV1KfQGo05wUtps
6iG0+u6JylENUx7YJG+QtzhcerznDhrOzpuwSsYE1jZZaE+p2DfMFoQ5JwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFFZAUnxCDZgvyElC8MxfAR/W0dloMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvVmtCU2ZFSU5tQ19JU1VMd3pGOEJIOWJSMldnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAwHy+AwQA
wXzKAwQAwldMAwQAwlfMAwQAwlfQAwQAwlfdAwQAwlfiAwQAwlfnAwQAw4UPAwQA
1MEOMA0GCSqGSIb3DQEBCwUAA4IBAQBORrTmIzhbESiMozYpN5AVvkp+aCIWbFmQ
KcA/3s7X2nJIu/j17BK69rvwcv+UQaQWWfDMDFFr6F6XxAEWc4IULet4N4B6BZt+
m3Nl4+JuD9DILdEwcnsbSy4bFWi3GpsTmD07a3ykZBuZ2joMUe2FlNEM4fTejZTJ
SF478F+7vu+GCnsbs95/Bm8MLGGTcnL3OBDpxE5Jsvba8OKC5PJysAthNSZOlIqX
LC1p4MGDfZBTmYjNZA74+W0TnnxTDCif+Eokar1A2LqovK/mQ68FwhQky/mYP0v8
AVH5rAApxA3ANPZvwwCNfl65l85qIs2iXwInZY3qxR4rTd58lVIE
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:59 2023 by rpki-client on console-ams.rpki-client.org