Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/VxDksph66aeaspKzby7eQUnMzmk.roa
File: VxDksph66aeaspKzby7eQUnMzmk.roa (raw, json)
Hash identifier: SOfHMdo4SgHht0fOWTmpZM5Dc7X17sIo8S9Od3GuPtU=
Subject key identifier: 57:10:E4:B2:98:7A:E9:A7:9A:B2:92:B3:6F:2E:DE:41:49:CC:CE:69
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018CCA2A8BA54E867F7963189D58AE32E636
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/VxDksph66aeaspKzby7eQUnMzmk.roa
Signing time: Tue 02 Jan 2024 12:33:54 +0000
ROA not before: Tue 02 Jan 2024 12:33:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209043
IP address blocks: 62.76.233.0/24 maxlen: 24
194.87.115.0/24 maxlen: 24
194.87.24.0/24 maxlen: 24
193.124.207.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 28 Jan 2024 08:24:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:8b:a5:4e:86:7f:79:63:18:9d:58:ae:32:e6:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 2 12:33:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5710e4b2987ae9a79ab292b36f2ede4149ccce69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:db:25:e0:58:d6:9a:28:c7:1a:b5:72:9c:44:
b6:4a:f6:7a:41:02:11:60:c4:33:6e:56:28:8b:0f:
8b:ef:b7:8b:c4:41:1c:8b:be:3f:64:5e:4c:c9:90:
d8:83:78:1a:12:60:1f:22:3d:a4:f7:1c:dc:f5:86:
f1:31:60:42:31:d5:ac:7e:32:63:d1:89:7d:94:ba:
64:82:08:7a:a0:60:10:8c:d9:be:8e:77:f8:ef:3c:
e4:5e:06:87:6e:79:14:5a:81:bd:35:33:01:49:d6:
cb:46:d1:ea:01:ea:a5:b6:ea:fb:f1:e5:1a:6d:1d:
f6:96:a3:b1:d9:55:38:b5:09:f7:b6:ff:c9:1e:a8:
06:05:47:1e:29:3e:f2:6c:41:df:3a:75:a6:99:bf:
8b:70:71:fc:bc:02:3c:c6:d5:e4:3c:44:d7:ad:b1:
d2:7d:3f:08:58:f0:0c:0b:28:01:51:fc:64:01:e3:
df:74:40:74:ed:1b:58:2c:13:c2:69:0e:c7:3a:9b:
18:8c:bf:b0:1f:7f:bd:19:9e:0d:bc:47:fa:c1:70:
47:d9:bc:8a:9d:10:6d:b1:77:52:0d:68:10:b4:b2:
9a:6f:62:d1:c9:85:5f:8d:a5:f9:9f:f2:7d:d3:31:
dd:36:b1:e5:a3:c5:22:d0:47:10:30:53:66:e4:11:
8a:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:10:E4:B2:98:7A:E9:A7:9A:B2:92:B3:6F:2E:DE:41:49:CC:CE:69
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/VxDksph66aeaspKzby7eQUnMzmk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.233.0/24
193.124.207.0/24
194.87.24.0/24
194.87.115.0/24
Signature Algorithm: sha256WithRSAEncryption
36:1d:83:9e:42:15:18:14:da:bc:e3:46:92:c8:95:7b:37:c4:
d5:e0:71:fa:2d:7c:b6:93:4a:0b:cd:ec:66:0f:36:6a:cd:31:
b1:3e:9e:52:09:19:1d:5c:00:c6:cc:94:4a:5f:d1:58:15:f2:
c0:6e:ef:22:1d:4d:fd:64:df:cd:bf:fe:a3:1d:38:87:5d:01:
d9:cb:56:31:17:5e:39:88:56:9c:35:8b:c4:b2:f8:ec:57:a5:
b8:09:7c:f3:29:3c:66:aa:28:a6:d5:e6:ba:09:1a:52:4d:c7:
bf:a6:dd:68:ae:dc:9b:70:4f:e2:dd:a0:0e:b3:f5:9b:a2:d5:
0f:e0:5e:38:54:e6:da:6d:86:f3:3b:f6:49:ec:30:ad:66:81:
17:c8:15:9d:52:18:b2:a8:ae:31:bc:de:29:88:14:aa:a9:81:
50:78:4e:b6:59:40:95:9a:3e:95:fe:29:d9:74:ca:75:d3:ed:
e4:3b:0e:1a:5d:ad:e4:d1:bd:e4:8b:3a:77:1c:55:64:18:51:
5d:89:f4:99:13:a7:2b:9b:e5:cf:66:17:e7:57:dd:f1:2a:2c:
e3:66:73:82:06:b8:e3:fc:fa:52:f7:28:ff:27:46:44:33:8d:
fc:0d:f6:bf:6d:25:d8:9e:9d:e9:ce:ba:62:ec:9f:f6:fb:e8:
86:5d:a6:5e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzKKoulToZ/eWMYnViuMuY2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTAyMTIzMzU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzEwZTRiMjk4N2FlOWE3OWFiMjkyYjM2ZjJlZGU0MTQ5Y2NjZTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi9sl4FjWmijHGrVynES2SvZ6QQIR
YMQzblYoiw+L77eLxEEci74/ZF5MyZDYg3gaEmAfIj2k9xzc9YbxMWBCMdWsfjJj
0Yl9lLpkggh6oGAQjNm+jnf47zzkXgaHbnkUWoG9NTMBSdbLRtHqAeqltur78eUa
bR32lqOx2VU4tQn3tv/JHqgGBUceKT7ybEHfOnWmmb+LcHH8vAI8xtXkPETXrbHS
fT8IWPAMCygBUfxkAePfdEB07RtYLBPCaQ7HOpsYjL+wH3+9GZ4NvEf6wXBH2byK
nRBtsXdSDWgQtLKab2LRyYVfjaX5n/J90zHdNrHlo8Ui0EcQMFNm5BGKaQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFcQ5LKYeumnmrKSs28u3kFJzM5pMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvVnhEa3NwaDY2YWVhc3BLemJ5N2VRVW5Nem1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAPkzpAwQA
wXzPAwQAwlcYAwQAwldzMA0GCSqGSIb3DQEBCwUAA4IBAQA2HYOeQhUYFNq840aS
yJV7N8TV4HH6LXy2k0oLzexmDzZqzTGxPp5SCRkdXADGzJRKX9FYFfLAbu8iHU39
ZN/Nv/6jHTiHXQHZy1YxF145iFacNYvEsvjsV6W4CXzzKTxmqiim1ea6CRpSTce/
pt1ortybcE/i3aAOs/WbotUP4F44VObabYbzO/ZJ7DCtZoEXyBWdUhiyqK4xvN4p
iBSqqYFQeE62WUCVmj6V/inZdMp10+3kOw4aXa3k0b3kizp3HFVkGFFdifSZE6cr
m+XPZhfnV93xKizjZnOCBrjj/PpS9yj/J0ZEM438Dfa/bSXYnp3pzrpi7J/2++iG
XaZe
-----END CERTIFICATE-----
Generated at Sun Jan 28 11:37:33 2024 by rpki-client on console-fra.rpki-client.org