Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/vlEnGsem0rj7a4GMURR95CaK9cU.roa
File: vlEnGsem0rj7a4GMURR95CaK9cU.roa (raw, json)
Hash identifier: xVlQJzra6T4i66aH4FfpMufXxu97m6iuJ1gfInfwVpc=
Subject key identifier: BE:51:27:1A:C7:A6:D2:B8:FB:6B:81:8C:51:14:7D:E4:26:8A:F5:C5
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018DB149D3BF19AE19B2DBABD2A9144A9F52
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/vlEnGsem0rj7a4GMURR95CaK9cU.roa
Signing time: Fri 16 Feb 2024 09:40:22 +0000
ROA not before: Fri 16 Feb 2024 09:40:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 55154
IP address blocks: 193.124.207.0/24 maxlen: 24
194.87.73.0/24 maxlen: 24
212.193.0.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 13 Mar 2024 05:12:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:b1:49:d3:bf:19:ae:19:b2:db:ab:d2:a9:14:4a:9f:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Feb 16 09:40:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=be51271ac7a6d2b8fb6b818c51147de4268af5c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:b8:1b:1c:a6:ca:1f:0c:51:da:3f:44:ab:25:
65:02:31:b7:aa:41:13:71:1f:52:40:70:8c:b5:67:
9c:e9:bc:f4:17:03:73:73:e4:c5:70:4c:f7:f1:ed:
0f:74:f4:0b:7f:b3:32:51:85:86:8e:90:c2:9f:96:
f2:6f:c8:20:1e:9c:d2:08:29:35:db:8b:a3:f7:c4:
b1:ea:d8:7c:69:94:8f:77:0c:c4:61:fe:1e:60:4e:
b0:72:a7:bf:b9:fd:04:6b:50:9a:5a:29:9f:22:10:
3b:87:f3:9c:c4:91:9b:9a:73:4b:25:25:49:a6:56:
10:b1:15:c8:aa:37:e3:8f:2d:22:78:4b:03:17:11:
df:7a:2e:94:79:8c:ae:a2:2e:f9:5a:c0:98:c1:fb:
51:1b:5e:6d:ee:33:58:a3:6f:fb:d7:e7:d9:f4:db:
4b:ce:6a:7e:c0:f4:b1:db:2f:7b:d8:9f:d5:db:6c:
e4:a2:9b:c2:7a:fd:ce:1b:9a:a7:15:13:b6:76:6f:
14:9b:6c:c4:35:52:22:18:cd:35:b9:63:cf:2a:5c:
66:7d:f7:ae:34:3e:84:e9:13:e7:c4:90:0a:87:fa:
b0:31:29:05:05:66:f5:5c:94:bd:31:4d:75:04:98:
5d:90:f7:64:99:f9:a5:96:26:1d:dc:75:17:cc:65:
35:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:51:27:1A:C7:A6:D2:B8:FB:6B:81:8C:51:14:7D:E4:26:8A:F5:C5
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/vlEnGsem0rj7a4GMURR95CaK9cU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.207.0/24
194.87.73.0/24
212.193.0.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:a4:5a:86:df:d2:46:ab:93:3e:87:16:29:4e:d5:b2:21:00:
1c:ff:09:ac:74:f9:76:3c:5b:f4:7f:3f:8d:41:e1:b6:a7:d1:
2f:d2:54:72:fa:d1:03:99:aa:06:e9:dd:67:9b:67:6b:cb:35:
8a:3a:03:21:8e:4f:1d:31:4a:cf:94:e4:26:bd:3a:48:21:8a:
3b:c8:1b:c9:dc:83:aa:f5:fa:ed:52:9b:3c:c6:fc:9d:cd:76:
a1:56:95:d9:7b:29:5c:f9:f1:2e:8b:9d:e7:3c:5d:a9:94:d8:
d2:c0:6a:e2:c2:3f:60:6d:9a:fa:b2:a8:58:4e:1f:db:3d:1b:
0b:d9:46:19:a4:6d:12:b4:53:08:a7:17:7b:09:a9:ea:3d:73:
84:ee:31:2b:0f:bf:66:e5:aa:69:c9:23:b7:84:e4:53:b5:b1:
89:14:f1:55:51:82:3d:b4:21:4f:71:5b:66:af:f9:ae:f5:f8:
91:3a:cd:ad:15:24:69:b0:73:38:40:45:f9:f8:72:7c:e3:a7:
b5:ae:2b:94:a9:23:eb:79:ee:f6:fb:ad:ac:c7:eb:17:a5:41:
94:b1:4f:2d:05:49:72:96:1a:09:e2:86:b0:64:60:19:55:1c:
95:db:c7:01:75:52:10:3a:65:37:d4:47:90:60:2a:a2:a2:65:
05:b9:e0:d2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY2xSdO/Ga4Zstur0qkUSp9SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMjE2MDk0MDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTUxMjcxYWM3YTZkMmI4ZmI2YjgxOGM1MTE0N2RlNDI2OGFmNWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAirgbHKbKHwxR2j9EqyVlAjG3qkET
cR9SQHCMtWec6bz0FwNzc+TFcEz38e0PdPQLf7MyUYWGjpDCn5byb8ggHpzSCCk1
24uj98Sx6th8aZSPdwzEYf4eYE6wcqe/uf0Ea1CaWimfIhA7h/OcxJGbmnNLJSVJ
plYQsRXIqjfjjy0ieEsDFxHfei6UeYyuoi75WsCYwftRG15t7jNYo2/71+fZ9NtL
zmp+wPSx2y972J/V22zkopvCev3OG5qnFRO2dm8Um2zENVIiGM01uWPPKlxmffeu
ND6E6RPnxJAKh/qwMSkFBWb1XJS9MU11BJhdkPdkmfmlliYd3HUXzGU1wQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFL5RJxrHptK4+2uBjFEUfeQmivXFMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvdmxFbkdzZW0wcmo3YTRHTVVSUjk1Q2FLOWNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwXzPAwQA
wldJAwQA1MEAMA0GCSqGSIb3DQEBCwUAA4IBAQCOpFqG39JGq5M+hxYpTtWyIQAc
/wmsdPl2PFv0fz+NQeG2p9Ev0lRy+tEDmaoG6d1nm2dryzWKOgMhjk8dMUrPlOQm
vTpIIYo7yBvJ3IOq9frtUps8xvydzXahVpXZeylc+fEui53nPF2plNjSwGriwj9g
bZr6sqhYTh/bPRsL2UYZpG0StFMIpxd7CanqPXOE7jErD79m5appySO3hORTtbGJ
FPFVUYI9tCFPcVtmr/mu9fiROs2tFSRpsHM4QEX5+HJ846e1riuUqSPree72+62s
x+sXpUGUsU8tBUlylhoJ4oawZGAZVRyV28cBdVIQOmU31EeQYCqiomUFueDS
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:50 2024 by rpki-client on console-ams.rpki-client.org