Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/A__vVpxl0X9tDO8MA4rbR4yBxIE.roa
File: A__vVpxl0X9tDO8MA4rbR4yBxIE.roa (raw, json)
Hash identifier: tcGaIegpLoA3IMRF/aTbOu0+yiU7NJtFBvJdkkIvT70=
Subject key identifier: 03:FF:EF:56:9C:65:D1:7F:6D:0C:EF:0C:03:8A:DB:47:8C:81:C4:81
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 018B3DA1FA53D56D28522FAA9A279A6FDD66
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/A__vVpxl0X9tDO8MA4rbR4yBxIE.roa
Signing time: Tue 17 Oct 2023 12:35:07 +0000
ROA not before: Tue 17 Oct 2023 12:35:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5606
IP address blocks: 217.156.46.0/24 maxlen: 24
217.156.47.0/24 maxlen: 24
85.120.17.0/24 maxlen: 24
85.120.16.0/24 maxlen: 24
85.120.19.0/24 maxlen: 24
85.120.18.0/24 maxlen: 24
193.226.71.0/24 maxlen: 24
193.226.69.0/24 maxlen: 24
193.226.70.0/24 maxlen: 24
193.226.68.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:3d:a1:fa:53:d5:6d:28:52:2f:aa:9a:27:9a:6f:dd:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Oct 17 12:35:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=03ffef569c65d17f6d0cef0c038adb478c81c481
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:20:16:12:da:73:4f:01:71:b8:e2:7a:bf:c2:
4f:33:9e:d7:62:8e:9e:63:af:7c:4a:74:2b:30:70:
03:01:57:dc:b0:c8:24:1b:3d:d5:ba:4d:ba:c0:3e:
16:8c:97:d4:b2:c0:7b:36:a7:84:39:a4:1f:22:5d:
21:a7:6c:3f:82:a9:db:fb:95:bf:bb:92:55:48:69:
d2:67:6f:05:e0:d2:8f:b6:03:8d:f4:e4:b8:86:ed:
24:52:67:d5:a8:92:41:ff:08:7c:45:6c:39:71:da:
36:5d:8f:d3:3c:4f:87:01:a8:78:7b:df:0b:33:8b:
8a:6d:e5:04:11:8e:87:f0:16:8d:f2:a3:a4:ba:90:
56:29:ff:69:0a:f5:c6:86:be:fc:b9:d5:d3:1e:fe:
e0:53:eb:81:2d:52:49:55:05:1f:dc:53:84:ed:4c:
42:dc:8d:eb:be:76:19:f8:fe:97:8a:7e:80:85:23:
42:78:c7:75:05:46:ef:80:d0:4b:de:f4:f5:bb:23:
f2:52:b7:0b:f1:f2:e1:05:b5:30:ac:46:ad:51:a0:
9e:2b:1a:54:b9:92:3b:15:4d:e8:27:cb:53:a0:87:
0c:69:70:fb:10:ea:14:3e:51:b7:40:e6:76:91:5a:
e8:15:99:a7:91:de:ed:f1:7e:d3:c0:4f:f4:d8:6d:
63:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:FF:EF:56:9C:65:D1:7F:6D:0C:EF:0C:03:8A:DB:47:8C:81:C4:81
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/A__vVpxl0X9tDO8MA4rbR4yBxIE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.120.16.0/22
193.226.68.0/22
217.156.46.0/23
Signature Algorithm: sha256WithRSAEncryption
3a:ca:39:c5:eb:4d:62:34:25:54:08:c3:69:2f:13:ca:81:02:
ee:a0:7d:71:60:07:ee:0e:e1:e3:0d:1f:a8:fd:34:74:e2:c5:
38:4e:71:b5:42:23:f5:82:a7:ea:1e:22:9e:9b:3a:db:a6:6e:
9f:45:c6:a5:ce:01:13:d5:fa:65:dc:50:57:91:6d:48:ba:67:
b8:a3:66:30:89:51:c6:bf:57:7f:d1:d6:f6:11:fb:c2:55:3f:
bb:e7:d7:1f:9d:f0:1f:98:77:81:86:db:7f:d7:4f:aa:13:12:
51:56:3b:01:70:67:58:23:02:a8:4e:71:20:a3:88:80:47:f9:
52:74:67:cf:bb:89:15:ce:6c:35:d8:98:a8:d2:6e:cf:38:02:
36:78:ec:65:8b:88:da:09:93:ad:63:9b:59:4a:71:9c:9c:dc:
81:0b:84:ee:f9:be:c0:cd:89:2c:e5:75:78:b6:93:55:11:5e:
9a:1c:86:e5:34:65:e2:45:8b:37:62:75:66:49:1f:1f:70:71:
d4:e9:a0:3c:15:51:16:78:14:fd:62:65:17:00:a9:b4:55:e4:
bb:f0:b2:55:51:64:bc:fc:5d:d1:5d:89:95:e5:cc:b5:49:38:
ec:0e:58:c6:e2:08:45:02:31:d3:7d:47:3e:88:83:d4:74:83:
ef:ed:36:d0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYs9ofpT1W0oUi+qmieab91mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjMxMDE3MTIzNTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2ZmZWY1NjljNjVkMTdmNmQwY2VmMGMwMzhhZGI0NzhjODFjNDgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsCAWEtpzTwFxuOJ6v8JPM57XYo6e
Y698SnQrMHADAVfcsMgkGz3Vuk26wD4WjJfUssB7NqeEOaQfIl0hp2w/gqnb+5W/
u5JVSGnSZ28F4NKPtgON9OS4hu0kUmfVqJJB/wh8RWw5cdo2XY/TPE+HAah4e98L
M4uKbeUEEY6H8BaN8qOkupBWKf9pCvXGhr78udXTHv7gU+uBLVJJVQUf3FOE7UxC
3I3rvnYZ+P6Xin6AhSNCeMd1BUbvgNBL3vT1uyPyUrcL8fLhBbUwrEatUaCeKxpU
uZI7FU3oJ8tToIcMaXD7EOoUPlG3QOZ2kVroFZmnkd7t8X7TwE/02G1jgwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAP/71acZdF/bQzvDAOK20eMgcSBMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvQV9fdlZweGwwWDl0RE84TUE0cmJSNHlCeElFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCVXgQAwQC
weJEAwQB2ZwuMA0GCSqGSIb3DQEBCwUAA4IBAQA6yjnF601iNCVUCMNpLxPKgQLu
oH1xYAfuDuHjDR+o/TR04sU4TnG1QiP1gqfqHiKemzrbpm6fRcalzgET1fpl3FBX
kW1Iume4o2YwiVHGv1d/0db2EfvCVT+759cfnfAfmHeBhtt/10+qExJRVjsBcGdY
IwKoTnEgo4iAR/lSdGfPu4kVzmw12Jio0m7POAI2eOxli4jaCZOtY5tZSnGcnNyB
C4Tu+b7AzYks5XV4tpNVEV6aHIblNGXiRYs3YnVmSR8fcHHU6aA8FVEWeBT9YmUX
AKm0VeS78LJVUWS8/F3RXYmV5cy1STjsDljG4ghFAjHTfUc+iIPUdIPv7TbQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:04 2024 by rpki-client on console-ams.rpki-client.org