Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/vx1Ab9rFDtCUk2P5Ini0o5SzTX4.roa
File: vx1Ab9rFDtCUk2P5Ini0o5SzTX4.roa (raw, json)
Hash identifier: Rt1OPMI6W1aGW6wihsZ1fDvKLfA29sIR6QPs3em0eVQ=
Subject key identifier: BF:1D:40:6F:DA:C5:0E:D0:94:93:63:F9:22:78:B4:A3:94:B3:4D:7E
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018C155F88614A50D76065B0424E2676BC3E
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/vx1Ab9rFDtCUk2P5Ini0o5SzTX4.roa
Signing time: Tue 28 Nov 2023 10:00:31 +0000
ROA not before: Tue 28 Nov 2023 10:00:31 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198981
IP address blocks: 194.87.228.0/24 maxlen: 24
212.192.250.0/24 maxlen: 24
212.192.255.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:15:5f:88:61:4a:50:d7:60:65:b0:42:4e:26:76:bc:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 28 10:00:31 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bf1d406fdac50ed0949363f92278b4a394b34d7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:e3:05:64:f4:f8:04:02:cf:0c:f6:50:20:c4:
a2:8e:0f:72:b2:d4:45:cc:50:e0:e8:6c:7a:54:48:
4e:8e:bb:27:85:4a:c0:e6:8e:43:fe:a1:0a:72:6d:
18:d4:22:02:be:a5:97:fb:7c:f7:59:67:42:ca:52:
48:2a:26:71:47:48:b8:11:74:b5:8c:ab:ce:94:c6:
88:9d:47:75:d4:a1:80:21:7e:a3:3b:56:0d:61:9c:
30:38:1e:c9:82:2a:03:d2:36:52:f8:9f:d5:f0:2e:
dc:73:fb:6f:79:4d:c7:7d:05:4e:e9:a0:74:40:8a:
24:8d:fe:2a:e7:73:be:e8:42:6a:75:9e:ac:bc:3a:
06:1f:54:34:85:ec:f5:47:ef:19:20:e5:38:bc:c8:
fc:56:30:a4:1a:de:24:00:94:82:ed:d1:6b:9f:0a:
13:ac:0b:53:e9:93:6b:c8:a9:80:88:b9:5d:7d:50:
8e:0d:45:5f:60:33:b9:63:74:f3:70:28:61:b8:95:
62:68:c0:ce:16:16:2c:d9:c9:c9:a0:44:03:bd:5d:
8f:73:1a:f3:e6:2f:9f:30:c1:db:31:94:6b:83:5b:
2c:2e:d3:49:14:56:16:d8:a2:a3:7e:88:38:2b:68:
28:2a:cf:83:23:1f:31:5c:88:39:d2:94:f6:e7:d5:
6f:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:1D:40:6F:DA:C5:0E:D0:94:93:63:F9:22:78:B4:A3:94:B3:4D:7E
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/vx1Ab9rFDtCUk2P5Ini0o5SzTX4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.228.0/24
212.192.250.0/24
212.192.255.0/24
Signature Algorithm: sha256WithRSAEncryption
29:a6:4b:bf:41:dc:d6:93:df:ee:c9:a1:e1:41:e7:02:9c:95:
93:a3:a1:c3:0f:b0:d9:33:47:a9:f1:77:27:9f:be:18:fd:c2:
75:33:33:32:66:be:43:bb:40:d4:6e:95:ce:d3:3e:5d:de:87:
ba:01:ac:8a:d9:f6:9e:d3:25:df:d9:d5:b7:0a:2d:46:31:fc:
f1:db:b0:e6:40:3c:a5:e7:fe:37:7c:80:25:56:eb:54:a0:58:
0c:a4:fe:73:3b:bf:30:02:c8:fc:47:c7:5c:b6:d0:b6:38:40:
b1:9f:93:18:b4:13:55:c0:8d:33:15:cd:99:12:4b:00:cd:cb:
5d:8a:4d:9f:ec:da:ec:da:dc:7f:4c:46:8a:4b:58:48:56:23:
41:58:90:8b:34:9b:3f:36:60:e0:c8:7d:e3:f3:72:4f:0b:20:
cc:a6:a6:4b:c2:91:1e:53:86:50:49:97:1e:85:22:4d:ac:16:
7a:27:37:d7:83:6e:f9:d1:82:00:65:55:0a:06:dc:3f:df:ae:
de:53:6f:87:9f:1e:2d:2e:d5:54:ca:32:68:9e:71:6f:60:9f:
dd:19:7f:be:30:c6:5e:78:45:09:9d:c6:54:53:d8:3a:7f:0c:
97:6e:6d:2b:a7:37:00:da:ec:2d:c1:95:69:e5:52:36:53:0f:
7c:03:32:09
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYwVX4hhSlDXYGWwQk4mdrw+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMTI4MTAwMDMxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjFkNDA2ZmRhYzUwZWQwOTQ5MzYzZjkyMjc4YjRhMzk0YjM0ZDdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkOMFZPT4BALPDPZQIMSijg9ystRF
zFDg6Gx6VEhOjrsnhUrA5o5D/qEKcm0Y1CICvqWX+3z3WWdCylJIKiZxR0i4EXS1
jKvOlMaInUd11KGAIX6jO1YNYZwwOB7JgioD0jZS+J/V8C7cc/tveU3HfQVO6aB0
QIokjf4q53O+6EJqdZ6svDoGH1Q0hez1R+8ZIOU4vMj8VjCkGt4kAJSC7dFrnwoT
rAtT6ZNryKmAiLldfVCODUVfYDO5Y3TzcChhuJViaMDOFhYs2cnJoEQDvV2Pcxrz
5i+fMMHbMZRrg1ssLtNJFFYW2KKjfog4K2goKs+DIx8xXIg50pT259Vv0QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFL8dQG/axQ7QlJNj+SJ4tKOUs01+MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvdngxQWI5ckZEdENVazJQNUluaTBvNVN6VFg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwlfkAwQA
1MD6AwQA1MD/MA0GCSqGSIb3DQEBCwUAA4IBAQAppku/QdzWk9/uyaHhQecCnJWT
o6HDD7DZM0ep8Xcnn74Y/cJ1MzMyZr5Du0DUbpXO0z5d3oe6AayK2fae0yXf2dW3
Ci1GMfzx27DmQDyl5/43fIAlVutUoFgMpP5zO78wAsj8R8dcttC2OECxn5MYtBNV
wI0zFc2ZEksAzctdik2f7Nrs2tx/TEaKS1hIViNBWJCLNJs/NmDgyH3j83JPCyDM
pqZLwpEeU4ZQSZcehSJNrBZ6JzfXg2750YIAZVUKBtw/367eU2+Hnx4tLtVUyjJo
nnFvYJ/dGX++MMZeeEUJncZUU9g6fwyXbm0rpzcA2uwtwZVp5VI2Uw98AzIJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:50 2024 by rpki-client on console-ams.rpki-client.org