Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/vBKBd4VLstXmEbPxD3ERHsPt638.roa
File: vBKBd4VLstXmEbPxD3ERHsPt638.roa (raw, json)
Hash identifier: /NEPiwkgeuiSTeJDrOOflZ/RetLWcAhffemiZx97j/4=
Subject key identifier: BC:12:81:77:85:4B:B2:D5:E6:11:B3:F1:0F:71:11:1E:C3:ED:EB:7F
Certificate issuer: /CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Certificate serial: 018CC7935460C63B4EE0C75637A5D1ADCF52
Authority key identifier: D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/vBKBd4VLstXmEbPxD3ERHsPt638.roa
Signing time: Tue 02 Jan 2024 00:29:30 +0000
ROA not before: Tue 02 Jan 2024 00:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21700
IP address blocks: 194.195.48.0/20 maxlen: 20
194.195.16.0/20 maxlen: 24
62.138.76.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 25 Jan 2024 10:14:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:54:60:c6:3b:4e:e0:c7:56:37:a5:d1:ad:cf:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Validity
Not Before: Jan 2 00:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bc128177854bb2d5e611b3f10f71111ec3edeb7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:f1:37:c9:06:f6:05:48:50:aa:01:20:c1:81:
19:10:b9:49:74:10:e8:4f:22:c4:72:af:4c:d4:bf:
1c:81:33:38:d5:7e:4c:39:3e:bc:ff:b6:bd:83:c7:
b2:94:35:53:16:4f:43:08:f6:28:8e:e4:15:c4:c5:
76:87:70:c2:66:22:c9:ce:29:69:9c:1f:75:52:c7:
9c:9c:17:3a:91:ad:c5:b2:8d:04:68:b3:a7:df:72:
16:eb:95:c3:da:2b:1f:3f:e4:60:63:1a:9a:61:ef:
7d:b9:52:4b:6e:1c:f0:9f:48:49:7d:b7:68:04:07:
e8:a1:d2:5e:54:a1:72:67:cd:8b:e0:7a:a4:b8:94:
0b:81:cf:eb:b9:5d:c1:6f:3a:e9:7b:fc:57:d5:0c:
1c:a2:a8:c3:56:20:6a:9f:8c:fd:95:52:82:dd:56:
0d:08:1b:52:e5:b4:47:6a:1e:b1:5b:8e:28:c4:30:
f4:ce:c0:e6:df:64:31:f6:68:78:06:00:72:e5:b8:
ee:12:f0:8f:77:56:96:1b:df:c0:9e:f3:ff:4b:61:
be:d9:5a:e6:0d:f5:eb:50:39:d0:c5:53:93:63:16:
9d:66:e2:db:9a:ea:2d:8c:58:2c:67:9c:8a:46:65:
74:c1:92:db:6c:8f:59:9a:d0:23:a5:be:ce:d6:82:
cf:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:12:81:77:85:4B:B2:D5:E6:11:B3:F1:0F:71:11:1E:C3:ED:EB:7F
X509v3 Authority Key Identifier:
keyid:D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/vBKBd4VLstXmEbPxD3ERHsPt638.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/10cBdWTHEby9V2gKDf0A8qXQmds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.138.76.0/22
194.195.16.0/20
194.195.48.0/20
Signature Algorithm: sha256WithRSAEncryption
11:65:f7:d8:17:4b:0e:1f:66:c2:3e:63:8f:90:d4:a8:46:1a:
17:9e:9e:3f:25:e4:72:ae:24:af:41:0d:77:83:94:51:75:87:
74:59:64:0c:01:5f:1c:11:6d:5a:43:bb:f9:fc:32:4d:ad:a0:
bd:c2:d5:13:eb:bf:e7:0a:46:47:1a:93:ad:28:df:d3:eb:96:
9b:ff:9e:2b:ea:7e:80:c4:f0:91:a4:19:ec:95:07:14:27:af:
19:8f:47:84:7f:5c:9c:7c:69:f9:42:7f:bb:fc:52:cb:00:aa:
55:02:ae:3b:94:b6:3d:98:2d:05:f3:bd:a0:86:44:f0:7c:98:
b0:a3:ab:a3:21:14:17:92:50:62:ac:e0:9f:ff:4d:c8:ae:0f:
d6:ae:48:a5:67:cf:56:bc:62:47:74:49:f1:39:d5:64:7c:8a:
43:5c:10:b9:bd:bc:0e:84:3c:b7:bd:81:67:3c:69:7b:c2:b5:
8a:81:af:93:6b:b8:ff:45:66:a3:84:a2:98:95:24:f7:15:9e:
89:dc:00:83:34:b3:e0:b2:a9:44:50:be:b7:84:87:3b:10:c9:
b8:38:2d:0e:01:ce:fc:3d:9c:d2:54:bb:ac:6e:0b:40:2c:9d:
15:2c:cf:0d:07:bd:07:de:5a:2f:3b:4f:b6:2e:cc:43:39:14:
47:26:0b:8d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzHk1RgxjtO4MdWN6XRrc9SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NDcwMTc1NjRjNzExYmNiZDU3NjgwYTBkZmQwMGYyYTVk
MDk5ZGIwHhcNMjQwMTAyMDAyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzEyODE3Nzg1NGJiMmQ1ZTYxMWIzZjEwZjcxMTExZWMzZWRlYjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2PE3yQb2BUhQqgEgwYEZELlJdBDo
TyLEcq9M1L8cgTM41X5MOT68/7a9g8eylDVTFk9DCPYojuQVxMV2h3DCZiLJzilp
nB91UsecnBc6ka3Fso0EaLOn33IW65XD2isfP+RgYxqaYe99uVJLbhzwn0hJfbdo
BAfoodJeVKFyZ82L4HqkuJQLgc/ruV3Bbzrpe/xX1QwcoqjDViBqn4z9lVKC3VYN
CBtS5bRHah6xW44oxDD0zsDm32Qx9mh4BgBy5bjuEvCPd1aWG9/AnvP/S2G+2Vrm
DfXrUDnQxVOTYxadZuLbmuotjFgsZ5yKRmV0wZLbbI9ZmtAjpb7O1oLPAQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLwSgXeFS7LV5hGz8Q9xER7D7et/MB8GA1UdIwQY
MBaAFNdHAXVkxxG8vVdoCg39APKl0JnbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTBjQmRXVEhFYnk5VjJnS0RmMEE4cVhRbWRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9iYTIzNjItMGNjNS00OWJkLWE1MjIt
NGYwZThjZTExYTdkLzEvdkJLQmQ0VkxzdFhtRWJQeEQzRVJIc1B0NjM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9iYTIzNjItMGNjNS00OWJkLWE1MjItNGYwZThjZTExYTdk
LzEvMTBjQmRXVEhFYnk5VjJnS0RmMEE4cVhRbWRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCPopMAwQE
wsMQAwQEwsMwMA0GCSqGSIb3DQEBCwUAA4IBAQARZffYF0sOH2bCPmOPkNSoRhoX
np4/JeRyriSvQQ13g5RRdYd0WWQMAV8cEW1aQ7v5/DJNraC9wtUT67/nCkZHGpOt
KN/T65ab/54r6n6AxPCRpBnslQcUJ68Zj0eEf1ycfGn5Qn+7/FLLAKpVAq47lLY9
mC0F872ghkTwfJiwo6ujIRQXklBirOCf/03Irg/WrkilZ89WvGJHdEnxOdVkfIpD
XBC5vbwOhDy3vYFnPGl7wrWKga+Ta7j/RWajhKKYlST3FZ6J3ACDNLPgsqlEUL63
hIc7EMm4OC0OAc78PZzSVLusbgtALJ0VLM8NB70H3lovO0+2LsxDORRHJguN
-----END CERTIFICATE-----
Generated at Thu Jan 25 12:58:21 2024 by rpki-client on console-ams.rpki-client.org