Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/83df5b-d153-4cb6-baf3-4cd38b758d5c/1/vY9jbnRDx1NMmna9DUHpJnZDoyM.roa
File: vY9jbnRDx1NMmna9DUHpJnZDoyM.roa (raw, json)
Hash identifier: 81w/lUJWJ66kiNaCFONWXEuEemSxc7q99L/yJP7sRno=
Subject key identifier: BD:8F:63:6E:74:43:C7:53:4C:9A:76:BD:0D:41:E9:26:76:43:A3:23
Certificate issuer: /CN=1e5aaf3d0683dc8a0d58c643826e166d3c28cca9
Certificate serial: 018DEF988CC9C9CA30842DBEA443C2EB2410
Authority key identifier: 1E:5A:AF:3D:06:83:DC:8A:0D:58:C6:43:82:6E:16:6D:3C:28:CC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HlqvPQaD3IoNWMZDgm4WbTwozKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/83df5b-d153-4cb6-baf3-4cd38b758d5c/1/vY9jbnRDx1NMmna9DUHpJnZDoyM.roa
Signing time: Wed 28 Feb 2024 12:02:48 +0000
ROA not before: Wed 28 Feb 2024 12:02:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57910
IP address blocks: 194.56.236.0/22 maxlen: 24
194.127.158.0/23 maxlen: 24
194.127.162.0/23 maxlen: 24
2a00:b5c0::/32 maxlen: 32
2a02:2110::/32 maxlen: 32
2a0c:7a00::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 28 Feb 2024 15:59:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ef:98:8c:c9:c9:ca:30:84:2d:be:a4:43:c2:eb:24:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e5aaf3d0683dc8a0d58c643826e166d3c28cca9
Validity
Not Before: Feb 28 12:02:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bd8f636e7443c7534c9a76bd0d41e9267643a323
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:97:db:ad:88:bc:cb:f4:a3:7b:0b:57:63:45:
a1:ca:48:f8:4b:bf:fd:ee:56:e1:df:9c:ff:6e:db:
0a:8d:42:9f:26:2d:63:2e:0e:d1:54:98:9b:d2:4d:
85:d4:69:65:17:a9:31:34:b6:a5:93:a1:a1:fc:dc:
8d:1f:2e:bf:f4:fd:0f:62:3a:1e:3f:2a:d8:b7:25:
ce:b3:25:d5:7d:5f:af:58:6a:12:b2:ae:bb:d6:6a:
59:86:a2:c8:36:e8:42:78:83:f8:7e:1d:1d:cf:21:
c4:8e:38:99:99:4a:ed:4f:08:fa:d8:0a:80:ac:5c:
da:0f:b0:69:74:52:07:31:00:68:e3:f0:31:33:4e:
b3:ac:0a:49:ec:4f:3a:90:fd:89:93:34:34:60:ee:
f2:11:7d:fa:6a:a5:d9:65:0e:83:39:16:ee:02:36:
a3:64:18:9e:58:d2:8e:9a:8b:d7:fa:ad:c1:1c:c2:
46:e4:9b:16:27:1c:65:d8:94:cc:0c:46:5f:d4:70:
39:36:d4:c6:07:b9:9f:ed:c8:9a:dc:5f:83:c4:6a:
3a:5e:6c:0b:d4:97:5d:3e:b0:aa:9f:52:ce:f0:e9:
66:d2:8f:2e:03:fd:00:a8:bc:5d:c4:ee:ae:ca:c4:
02:e8:d9:30:20:08:3e:91:ae:86:76:94:1a:5e:8b:
e5:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:8F:63:6E:74:43:C7:53:4C:9A:76:BD:0D:41:E9:26:76:43:A3:23
X509v3 Authority Key Identifier:
keyid:1E:5A:AF:3D:06:83:DC:8A:0D:58:C6:43:82:6E:16:6D:3C:28:CC:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HlqvPQaD3IoNWMZDgm4WbTwozKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/83df5b-d153-4cb6-baf3-4cd38b758d5c/1/vY9jbnRDx1NMmna9DUHpJnZDoyM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/83df5b-d153-4cb6-baf3-4cd38b758d5c/1/HlqvPQaD3IoNWMZDgm4WbTwozKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.56.236.0/22
194.127.158.0/23
194.127.162.0/23
IPv6:
2a00:b5c0::/32
2a02:2110::/32
2a0c:7a00::/29
Signature Algorithm: sha256WithRSAEncryption
29:08:77:63:4c:a1:7b:ae:5e:b9:c5:3a:19:72:00:d2:7f:b5:
a9:ca:76:28:ac:b9:83:af:de:7d:24:ef:c8:35:be:8c:d3:06:
03:10:88:8c:5a:11:5c:15:fe:62:85:7c:04:30:7d:27:f6:d2:
52:d4:5c:8b:f2:16:36:d9:98:11:2b:9d:94:8e:af:01:47:c2:
8b:b2:08:ca:26:f0:a0:cf:95:20:56:21:18:49:6d:7d:2e:e8:
de:9e:75:74:54:fb:49:50:16:3c:92:cf:40:d6:18:2a:28:b4:
a7:d5:ca:4f:c1:a9:2b:31:a9:c3:ad:b1:4d:28:35:ff:4d:41:
3f:23:43:a0:62:6f:6e:1f:1f:80:2f:3a:22:5a:fb:2c:45:47:
63:f7:80:b9:14:58:9e:ae:ac:da:20:bd:90:9e:47:02:c7:92:
1d:1f:ca:2f:05:b7:e4:f6:c4:ad:aa:b7:08:72:12:d0:45:87:
67:79:59:3d:e0:2e:6e:a8:2b:02:de:53:a1:6b:c5:20:66:32:
6e:50:d8:7c:aa:cb:84:75:a7:62:ac:6f:88:e0:68:80:46:45:
cc:5c:34:c6:b1:ad:13:b1:24:f4:e8:28:27:3d:29:31:85:04:
2f:49:be:ff:1c:54:e6:42:89:7a:f2:82:3f:10:47:a7:39:32:
47:b5:ad:d7
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAY3vmIzJycowhC2+pEPC6yQQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNWFhZjNkMDY4M2RjOGEwZDU4YzY0MzgyNmUxNjZkM2My
OGNjYTkwHhcNMjQwMjI4MTIwMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDhmNjM2ZTc0NDNjNzUzNGM5YTc2YmQwZDQxZTkyNjc2NDNhMzIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZfbrYi8y/SjewtXY0Whykj4S7/9
7lbh35z/btsKjUKfJi1jLg7RVJib0k2F1GllF6kxNLalk6Gh/NyNHy6/9P0PYjoe
PyrYtyXOsyXVfV+vWGoSsq671mpZhqLINuhCeIP4fh0dzyHEjjiZmUrtTwj62AqA
rFzaD7BpdFIHMQBo4/AxM06zrApJ7E86kP2JkzQ0YO7yEX36aqXZZQ6DORbuAjaj
ZBieWNKOmovX+q3BHMJG5JsWJxxl2JTMDEZf1HA5NtTGB7mf7cia3F+DxGo6XmwL
1JddPrCqn1LO8Olm0o8uA/0AqLxdxO6uysQC6NkwIAg+ka6GdpQaXovlSwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFL2PY250Q8dTTJp2vQ1B6SZ2Q6MjMB8GA1UdIwQY
MBaAFB5arz0Gg9yKDVjGQ4JuFm08KMypMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGxxdlBRYUQzSW9OV01aRGdtNFdiVHdvektrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi84M2RmNWItZDE1My00Y2I2LWJhZjMt
NGNkMzhiNzU4ZDVjLzEvdlk5amJuUkR4MU5NbW5hOURVSHBKblpEb3lNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi84M2RmNWItZDE1My00Y2I2LWJhZjMtNGNkMzhiNzU4ZDVj
LzEvSGxxdlBRYUQzSW9OV01aRGdtNFdiVHdvektrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAYBAIAATASAwQCwjjsAwQB
wn+eAwQBwn+iMBsEAgACMBUDBQAqALXAAwUAKgIhEAMFAyoMegAwDQYJKoZIhvcN
AQELBQADggEBACkId2NMoXuuXrnFOhlyANJ/tanKdiisuYOv3n0k78g1vozTBgMQ
iIxaEVwV/mKFfAQwfSf20lLUXIvyFjbZmBErnZSOrwFHwouyCMom8KDPlSBWIRhJ
bX0u6N6edXRU+0lQFjySz0DWGCootKfVyk/BqSsxqcOtsU0oNf9NQT8jQ6Bib24f
H4AvOiJa+yxFR2P3gLkUWJ6urNogvZCeRwLHkh0fyi8Ft+T2xK2qtwhyEtBFh2d5
WT3gLm6oKwLeU6FrxSBmMm5Q2Hyqy4R1p2Ksb4jgaIBGRcxcNMaxrROxJPToKCc9
KTGFBC9Jvv8cVOZCiXrygj8QR6c5Mke1rdc=
-----END CERTIFICATE-----
Generated at Wed Feb 28 20:12:25 2024 by rpki-client on console-fra.rpki-client.org