Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/vctMYONF8jYbG3xnuGqnSGwRijc.roa
File: vctMYONF8jYbG3xnuGqnSGwRijc.roa (raw, json)
Hash identifier: 3lkvkxhqIiktZeTvRdIUV2LQtNtdnF5rQ/8Surhd1Tk=
Subject key identifier: BD:CB:4C:60:E3:45:F2:36:1B:1B:7C:67:B8:6A:A7:48:6C:11:8A:37
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018824AA418A9F9A98637D28FD8328BDF998
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/vctMYONF8jYbG3xnuGqnSGwRijc.roa
Signing time: Tue 16 May 2023 13:05:17 +0000
ROA not before: Tue 16 May 2023 13:05:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 399471
IP address blocks: 195.133.18.0/24 maxlen: 24
194.85.250.0/24 maxlen: 24
194.85.249.0/24 maxlen: 24
212.192.246.0/24 maxlen: 24
195.133.39.0/24 maxlen: 24
212.192.245.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 23 Jun 2023 05:59:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:24:aa:41:8a:9f:9a:98:63:7d:28:fd:83:28:bd:f9:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: May 16 13:05:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bdcb4c60e345f2361b1b7c67b86aa7486c118a37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:95:f6:6c:87:51:99:81:73:43:52:c5:08:f5:
e8:9c:bb:b1:63:c0:87:cb:7a:ef:24:29:b9:05:13:
eb:fc:ac:26:23:82:a0:fa:f8:e3:e4:2d:e1:8f:6b:
31:89:a1:e3:76:9d:ad:9f:dd:da:4a:0d:b6:b7:64:
2a:4c:0a:48:11:74:a5:8e:97:88:05:0c:81:0c:67:
fd:5e:52:0b:a4:dc:d2:36:d3:31:69:43:78:db:01:
94:75:04:1e:98:ef:0f:7f:ff:04:50:56:5d:36:11:
fb:8f:c1:b4:ca:78:ca:1d:91:1e:e7:dd:e9:89:84:
67:ce:6b:a9:6b:5c:41:c7:01:d9:bf:8f:67:3c:b0:
b4:dd:e6:e2:e8:f4:f1:c4:a3:c8:0b:dc:2f:61:95:
06:40:cc:b2:31:7d:18:d2:2c:b1:71:dc:45:f2:50:
c4:f9:78:03:e1:bb:c0:05:c4:a8:fa:37:e3:d3:ac:
29:f8:43:33:c5:62:66:38:14:7c:80:49:2d:82:93:
4e:4d:a7:fc:e1:03:78:52:c2:5e:4c:0f:a9:d2:9b:
ab:53:9e:51:3c:bd:03:72:c4:2e:ec:c8:fb:60:99:
a9:0b:1f:88:f6:80:00:fc:f6:5c:2f:33:da:2d:70:
36:0d:5d:cd:55:a2:8a:7a:91:49:84:c4:ca:7a:75:
d7:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:CB:4C:60:E3:45:F2:36:1B:1B:7C:67:B8:6A:A7:48:6C:11:8A:37
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/vctMYONF8jYbG3xnuGqnSGwRijc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.85.249.0-194.85.250.255
195.133.18.0/24
195.133.39.0/24
212.192.245.0-212.192.246.255
Signature Algorithm: sha256WithRSAEncryption
0c:17:5d:12:38:2f:42:a2:1a:ef:91:a9:b9:6c:85:65:2c:21:
86:65:1d:ee:5c:95:af:ad:fb:c3:e2:55:8a:9c:40:b9:78:c0:
e8:fa:c8:49:98:07:33:e0:40:71:34:01:61:10:cd:cb:c7:01:
82:0b:12:ba:7c:c8:41:03:e9:2d:77:af:82:31:ab:b0:38:1e:
f0:7d:8e:a7:7b:da:8b:31:42:f8:b7:fb:36:5e:e0:03:33:10:
6e:85:18:93:43:86:ae:e8:69:06:3d:6b:8a:82:3c:e8:98:13:
f4:3b:51:f8:c0:6d:f7:ce:fb:0f:41:35:e5:2d:3f:03:ac:a9:
03:7c:c3:34:d4:ce:ca:d3:f8:a5:48:5b:5b:b6:f3:ea:9f:f8:
db:45:44:ef:89:e8:7f:e4:24:f5:c9:6d:26:b1:b7:5a:38:23:
74:18:58:d5:87:3f:16:49:37:48:a3:ec:44:e2:08:29:58:11:
e2:c5:11:3f:e8:17:04:16:77:c3:09:f1:8f:7f:b0:68:9d:ab:
61:8d:83:05:84:11:3a:ae:cf:2d:00:51:ac:01:7a:48:db:70:
d7:c8:26:89:4e:a1:b3:5c:6e:f6:b9:1b:8a:78:ec:9c:84:e3:
2a:db:6c:ae:bc:b8:86:23:7c:7e:e6:9d:34:b0:6f:0a:60:63:
91:79:f9:76
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYgkqkGKn5qYY30o/YMovfmYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNTE2MTMwNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGNiNGM2MGUzNDVmMjM2MWIxYjdjNjdiODZhYTc0ODZjMTE4YTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlJX2bIdRmYFzQ1LFCPXonLuxY8CH
y3rvJCm5BRPr/KwmI4Kg+vjj5C3hj2sxiaHjdp2tn93aSg22t2QqTApIEXSljpeI
BQyBDGf9XlILpNzSNtMxaUN42wGUdQQemO8Pf/8EUFZdNhH7j8G0ynjKHZEe593p
iYRnzmupa1xBxwHZv49nPLC03ebi6PTxxKPIC9wvYZUGQMyyMX0Y0iyxcdxF8lDE
+XgD4bvABcSo+jfj06wp+EMzxWJmOBR8gEktgpNOTaf84QN4UsJeTA+p0purU55R
PL0DcsQu7Mj7YJmpCx+I9oAA/PZcLzPaLXA2DV3NVaKKepFJhMTKenXXzQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFL3LTGDjRfI2Gxt8Z7hqp0hsEYo3MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvdmN0TVlPTkY4alliRzN4bnVHcW5TR3dSaWpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoMAwDBADCVfkD
BADCVfoDBADDhRIDBADDhScwDAMEANTA9QMEANTA9jANBgkqhkiG9w0BAQsFAAOC
AQEADBddEjgvQqIa75GpuWyFZSwhhmUd7lyVr637w+JVipxAuXjA6PrISZgHM+BA
cTQBYRDNy8cBggsSunzIQQPpLXevgjGrsDge8H2Op3vaizFC+Lf7Nl7gAzMQboUY
k0OGruhpBj1rioI86JgT9DtR+MBt9877D0E15S0/A6ypA3zDNNTOytP4pUhbW7bz
6p/420VE74nof+Qk9cltJrG3WjgjdBhY1Yc/Fkk3SKPsROIIKVgR4sURP+gXBBZ3
wwnxj3+waJ2rYY2DBYQROq7PLQBRrAF6SNtw18gmiU6hs1xu9rkbinjsnITjKtts
rry4hiN8fuadNLBvCmBjkXn5dg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:29 2024 by rpki-client on console-fra.rpki-client.org