Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/vtyoicsDm7StJj0IWTnU_kazdP0.roa
File: vtyoicsDm7StJj0IWTnU_kazdP0.roa (raw, json)
Hash identifier: pZv5dBvVUUI83OIKv29j6O3AsXUGzOaWYQuFcpNhQYk=
Subject key identifier: BE:DC:A8:89:CB:03:9B:B4:AD:26:3D:08:59:39:D4:FE:46:B3:74:FD
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0189BCD6C411244A5319BC1606AD0AF6C363
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/vtyoicsDm7StJj0IWTnU_kazdP0.roa
Signing time: Thu 03 Aug 2023 19:18:58 +0000
ROA not before: Thu 03 Aug 2023 19:18:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199614
IP address blocks: 194.87.135.0/24 maxlen: 24
194.87.134.0/24 maxlen: 24
194.87.171.0/24 maxlen: 24
194.58.61.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:bc:d6:c4:11:24:4a:53:19:bc:16:06:ad:0a:f6:c3:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 3 19:18:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bedca889cb039bb4ad263d085939d4fe46b374fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:ab:6c:b4:bb:99:29:c3:ec:63:78:95:79:e1:
10:c4:be:64:8c:cd:54:ee:50:c4:14:9b:1c:fb:bf:
53:35:eb:2a:f7:26:c4:fd:5e:ee:03:80:97:5e:c1:
79:23:89:86:35:7a:28:d2:23:ba:9b:ad:96:4c:39:
1b:8e:5d:ca:42:9d:f0:9b:52:5b:a6:5a:0e:59:3b:
93:84:5e:76:df:ef:14:c8:67:09:72:c4:56:5f:dd:
ad:3c:0f:ae:d3:05:d5:32:73:b5:35:ef:5d:fd:76:
07:6b:c1:1b:db:f1:56:9b:99:70:75:de:31:93:e7:
68:9d:90:12:5e:b0:83:ac:6f:8e:df:ce:e5:67:40:
28:27:35:6e:3b:fc:49:c8:69:73:ab:72:34:71:e3:
e2:8d:d8:4b:cb:f0:6f:b8:d6:1a:35:77:2b:c9:91:
63:96:e5:12:cd:f1:90:25:a1:97:51:08:e5:f2:e1:
b9:b8:0c:a9:87:e5:99:e7:cf:3e:81:8b:10:0b:9c:
dc:9c:c3:ea:29:1a:28:5d:3b:dc:6b:c1:2c:14:23:
3d:63:f5:7f:5e:e0:31:c4:ba:5a:a0:41:65:3e:a1:
75:82:68:2c:51:66:ec:cf:2e:47:ad:59:61:6a:d3:
57:70:4d:71:30:fb:d2:f6:08:be:ed:da:ea:0a:48:
b6:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:DC:A8:89:CB:03:9B:B4:AD:26:3D:08:59:39:D4:FE:46:B3:74:FD
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/vtyoicsDm7StJj0IWTnU_kazdP0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.58.61.0/24
194.87.134.0/23
194.87.171.0/24
Signature Algorithm: sha256WithRSAEncryption
34:5a:08:b5:26:d2:3c:88:0f:30:7b:82:4f:0a:55:6e:b8:c9:
82:a0:c9:b4:6d:be:fb:70:10:2a:41:29:25:f9:df:4a:53:4c:
9c:23:b7:f6:fc:87:12:f6:79:aa:88:88:9b:cc:75:38:0c:31:
4f:11:38:42:41:4f:60:07:77:25:c1:a5:bb:61:bd:61:36:5c:
f5:ee:4b:d3:82:e2:24:15:42:05:66:7c:57:0b:5b:d2:c2:5c:
dc:24:a1:3d:87:91:f0:fc:74:73:c0:87:73:69:68:99:3a:e3:
bd:96:e8:53:6f:e2:a7:2c:ad:51:fb:92:e9:95:cc:8f:c1:a4:
cf:42:a7:d9:d7:91:cb:3e:01:b9:b3:74:a6:c2:e5:a1:a2:7f:
b5:4a:bf:a6:34:25:a1:c4:be:74:6d:fc:85:1b:af:b4:76:21:
0f:94:c6:8c:27:fe:41:24:ec:a5:72:c9:85:98:fe:be:75:cc:
2c:75:7b:27:82:cb:57:c6:f5:62:6e:b2:d1:2f:db:cb:53:19:
a3:82:12:9f:b8:66:e6:30:81:36:57:d3:ca:d7:be:39:08:81:
a2:4a:d4:ec:ca:60:54:24:67:a1:1d:ce:85:44:2e:fa:a5:84:
dc:cc:d3:e6:af:57:e4:79:bb:06:bc:2f:ab:3b:a7:d6:64:19:
4e:1c:b2:65
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYm81sQRJEpTGbwWBq0K9sNjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwODAzMTkxODU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWRjYTg4OWNiMDM5YmI0YWQyNjNkMDg1OTM5ZDRmZTQ2YjM3NGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhKtstLuZKcPsY3iVeeEQxL5kjM1U
7lDEFJsc+79TNesq9ybE/V7uA4CXXsF5I4mGNXoo0iO6m62WTDkbjl3KQp3wm1Jb
ploOWTuThF523+8UyGcJcsRWX92tPA+u0wXVMnO1Ne9d/XYHa8Eb2/FWm5lwdd4x
k+donZASXrCDrG+O387lZ0AoJzVuO/xJyGlzq3I0cePijdhLy/BvuNYaNXcryZFj
luUSzfGQJaGXUQjl8uG5uAyph+WZ588+gYsQC5zcnMPqKRooXTvca8EsFCM9Y/V/
XuAxxLpaoEFlPqF1gmgsUWbszy5HrVlhatNXcE1xMPvS9gi+7drqCki29QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFL7cqInLA5u0rSY9CFk51P5Gs3T9MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvdnR5b2ljc0RtN1N0SmowSVdUblVfa2F6ZFAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwjo9AwQB
wleGAwQAwlerMA0GCSqGSIb3DQEBCwUAA4IBAQA0Wgi1JtI8iA8we4JPClVuuMmC
oMm0bb77cBAqQSkl+d9KU0ycI7f2/IcS9nmqiIibzHU4DDFPEThCQU9gB3clwaW7
Yb1hNlz17kvTguIkFUIFZnxXC1vSwlzcJKE9h5Hw/HRzwIdzaWiZOuO9luhTb+Kn
LK1R+5LplcyPwaTPQqfZ15HLPgG5s3SmwuWhon+1Sr+mNCWhxL50bfyFG6+0diEP
lMaMJ/5BJOylcsmFmP6+dcwsdXsngstXxvVibrLRL9vLUxmjghKfuGbmMIE2V9PK
1745CIGiStTsymBUJGehHc6FRC76pYTczNPmr1fkebsGvC+rO6fWZBlOHLJl
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:50 2024 by rpki-client on console-ams.rpki-client.org