Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/VrbV8QwkcL_HEA9JXT937G_FKvY.roa
File: VrbV8QwkcL_HEA9JXT937G_FKvY.roa (raw, json)
Hash identifier: GWAGn87/1jLl/Up8dLgIKMtUN6p3ZOV1VL4MZV4k/tg=
Subject key identifier: 56:B6:D5:F1:0C:24:70:BF:C7:10:0F:49:5D:3F:77:EC:6F:C5:2A:F6
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018A50AA2DCB80374B2AB10C8790B6968947
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/VrbV8QwkcL_HEA9JXT937G_FKvY.roa
Signing time: Fri 01 Sep 2023 12:14:04 +0000
ROA not before: Fri 01 Sep 2023 12:14:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211256
IP address blocks: 194.87.25.0/24 maxlen: 24
195.133.14.0/24 maxlen: 24
195.58.38.0/24 maxlen: 24
195.58.35.0/24 maxlen: 24
194.87.51.0/24 maxlen: 24
194.87.163.0/24 maxlen: 24
194.87.54.0/24 maxlen: 24
194.58.44.0/24 maxlen: 24
194.87.55.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 03 Sep 2023 09:55:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:50:aa:2d:cb:80:37:4b:2a:b1:0c:87:90:b6:96:89:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Sep 1 12:14:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=56b6d5f10c2470bfc7100f495d3f77ec6fc52af6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:38:ac:f2:ba:cd:a0:ab:bc:fb:48:7d:85:2c:
ac:d0:7c:63:59:b2:27:eb:ab:fc:13:7a:9e:af:53:
4b:d5:fa:3f:ad:2b:2e:17:2c:25:f3:07:60:ae:f7:
db:11:03:45:f2:86:59:cf:e6:9a:74:97:dc:d1:f0:
2c:8f:5b:e1:ba:e5:f8:a6:36:79:96:dc:fe:7a:42:
bd:fb:c4:0a:ed:76:3b:1a:bd:63:a4:60:4b:8f:5f:
d7:6e:2c:ca:3a:bd:7e:05:c3:83:a8:23:06:2b:0d:
7f:f1:17:a8:ef:3e:19:47:74:16:2c:78:4c:36:fe:
27:3e:ef:54:0e:73:63:0b:ce:5c:6c:52:e3:40:9e:
fb:68:4b:2c:67:ff:33:da:ba:da:56:19:b0:25:a9:
cc:aa:c1:b5:cd:18:26:85:c7:fa:32:42:bb:c0:a5:
82:e2:e6:3e:55:97:aa:32:7c:c1:bb:09:a1:aa:15:
9e:10:4a:6e:57:34:93:82:7b:91:93:0b:ac:60:d6:
de:f7:b5:ea:a3:c8:80:31:f9:dd:05:e2:53:67:d3:
8c:5b:02:f6:64:a7:e7:95:e0:5c:8d:31:fa:d3:16:
2e:0c:0f:0c:ea:82:f7:9b:92:58:d3:f1:ba:5b:0b:
7f:4f:bb:93:e5:ea:f6:99:9a:59:d2:73:23:f6:c9:
c1:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:B6:D5:F1:0C:24:70:BF:C7:10:0F:49:5D:3F:77:EC:6F:C5:2A:F6
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/VrbV8QwkcL_HEA9JXT937G_FKvY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.181.0/24
194.58.44.0/24
194.87.25.0/24
194.87.51.0/24
194.87.54.0/23
194.87.163.0/24
195.58.35.0/24
195.58.38.0/24
195.133.14.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:23:8d:98:b2:4e:cd:9f:8b:dd:08:3c:22:77:13:bd:3d:d6:
57:9e:a7:37:3d:27:2d:8b:a8:48:9b:80:85:1c:ef:0f:0d:81:
a0:57:c1:27:bf:ee:d0:0f:68:6d:fd:48:a1:fb:5d:71:23:86:
bb:05:fb:06:63:1a:e5:4d:87:7c:d4:d6:73:f0:4d:42:f7:8f:
2a:71:19:f1:a4:3c:bb:16:12:32:de:95:5b:ab:0b:9a:3e:4f:
b9:e2:bd:b4:bb:8f:9b:95:9b:74:21:3a:1e:de:d0:09:cb:bb:
75:9b:ce:00:79:91:c5:0a:cc:c3:c8:6c:05:7b:77:4c:c4:23:
d7:af:9e:41:17:28:e5:02:1a:c8:0a:c7:fe:70:9a:ed:b6:bd:
cb:40:27:95:9a:4d:e1:87:a0:c8:65:77:e8:31:c8:03:fc:9f:
c2:1f:43:7c:a9:26:ad:c3:c5:02:d8:3f:5b:de:24:3a:d2:d1:
12:72:77:81:70:9c:29:2c:ef:65:3b:46:c6:dc:ec:67:9f:b8:
3a:9a:97:0e:3e:2c:46:cf:71:b9:dc:fd:be:47:c7:15:ed:1b:
1c:06:37:56:bc:16:01:dd:4d:b3:41:91:2e:dd:43:1f:27:f7:
3c:5c:4e:69:5f:51:c8:62:af:f3:db:c0:ce:cb:fe:67:03:9d:
77:e5:20:66
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYpQqi3LgDdLKrEMh5C2lolHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwOTAxMTIxNDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmI2ZDVmMTBjMjQ3MGJmYzcxMDBmNDk1ZDNmNzdlYzZmYzUyYWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnjis8rrNoKu8+0h9hSys0HxjWbIn
66v8E3qer1NL1fo/rSsuFywl8wdgrvfbEQNF8oZZz+aadJfc0fAsj1vhuuX4pjZ5
ltz+ekK9+8QK7XY7Gr1jpGBLj1/XbizKOr1+BcODqCMGKw1/8Reo7z4ZR3QWLHhM
Nv4nPu9UDnNjC85cbFLjQJ77aEssZ/8z2rraVhmwJanMqsG1zRgmhcf6MkK7wKWC
4uY+VZeqMnzBuwmhqhWeEEpuVzSTgnuRkwusYNbe97Xqo8iAMfndBeJTZ9OMWwL2
ZKfnleBcjTH60xYuDA8M6oL3m5JY0/G6Wwt/T7uT5er2mZpZ0nMj9snBMwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFFa21fEMJHC/xxAPSV0/d+xvxSr2MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvVnJiVjhRd2tjTF9IRUE5SlhUOTM3R19GS3ZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAwHy1AwQA
wjosAwQAwlcZAwQAwlczAwQBwlc2AwQAwlejAwQAwzojAwQAwzomAwQAw4UOMA0G
CSqGSIb3DQEBCwUAA4IBAQBrI42Ysk7Nn4vdCDwidxO9PdZXnqc3PScti6hIm4CF
HO8PDYGgV8Env+7QD2ht/Uih+11xI4a7BfsGYxrlTYd81NZz8E1C948qcRnxpDy7
FhIy3pVbqwuaPk+54r20u4+blZt0IToe3tAJy7t1m84AeZHFCszDyGwFe3dMxCPX
r55BFyjlAhrICsf+cJrttr3LQCeVmk3hh6DIZXfoMcgD/J/CH0N8qSatw8UC2D9b
3iQ60tEScneBcJwpLO9lO0bG3Oxnn7g6mpcOPixGz3G53P2+R8cV7RscBjdWvBYB
3U2zQZEu3UMfJ/c8XE5pX1HIYq/z28DOy/5nA5135SBm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:18 2024 by rpki-client on console-fra.rpki-client.org