Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/vxbIaWlAJ1qm5JvK-fvZ14PecIU.roa
File: vxbIaWlAJ1qm5JvK-fvZ14PecIU.roa (raw, json)
Hash identifier: +uFUuJ1uhJ/sO7Pr68bv8LNAEQQIVtXwBzaothdUm6Q=
Subject key identifier: BF:16:C8:69:69:40:27:5A:A6:E4:9B:CA:F9:FB:D9:D7:83:DE:70:85
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 018A41EB752DE489FDFFA5503791F6E8D347
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/vxbIaWlAJ1qm5JvK-fvZ14PecIU.roa
Signing time: Tue 29 Aug 2023 15:31:04 +0000
ROA not before: Tue 29 Aug 2023 15:31:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212238
IP address blocks: 91.228.119.0/24 maxlen: 24
91.236.237.0/24 maxlen: 24
46.151.32.0/24 maxlen: 24
46.151.34.0/24 maxlen: 24
46.151.35.0/24 maxlen: 24
46.151.33.0/24 maxlen: 24
77.36.57.0/24 maxlen: 24
77.36.60.0/24 maxlen: 24
77.36.65.0/24 maxlen: 24
93.120.120.0/22 maxlen: 22
77.36.68.0/22 maxlen: 22
91.229.6.0/24 maxlen: 24
188.191.252.0/22 maxlen: 22
178.159.147.0/24 maxlen: 24
91.223.158.0/24 maxlen: 24
91.237.48.0/24 maxlen: 24
176.96.93.0/24 maxlen: 24
176.96.48.0/22 maxlen: 22
77.36.2.0/23 maxlen: 24
77.36.4.0/22 maxlen: 22
91.239.222.0/23 maxlen: 23
93.120.12.0/22 maxlen: 22
91.236.77.0/24 maxlen: 24
93.120.38.0/24 maxlen: 24
93.120.36.0/24 maxlen: 24
93.120.37.0/24 maxlen: 24
91.232.254.0/24 maxlen: 24
93.120.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 21 Sep 2023 12:08:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:41:eb:75:2d:e4:89:fd:ff:a5:50:37:91:f6:e8:d3:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Aug 29 15:31:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bf16c8696940275aa6e49bcaf9fbd9d783de7085
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:54:d6:a2:25:ea:a4:ad:d6:7e:6e:28:76:31:
6c:80:d4:65:a4:e5:40:2e:e4:1d:5a:3f:44:9b:0f:
d8:8a:9a:cc:a0:6a:22:60:d8:5f:ca:de:cd:11:9e:
45:e2:e6:bd:b0:49:c6:8a:ae:f7:f4:d1:4e:92:f0:
dc:6a:46:6c:36:05:fa:9b:de:1a:06:a5:b6:b2:88:
48:23:5b:68:d3:8e:c0:95:64:5d:6f:93:71:3f:c3:
c6:3f:87:f3:4f:15:3b:3d:f1:76:a9:de:91:ec:83:
77:2c:39:0c:74:a5:db:0d:4a:e4:ca:74:03:f9:f5:
b6:ff:a9:af:82:b5:61:34:ec:78:62:25:6a:1a:13:
97:7c:9d:49:c9:4e:5b:5b:43:1b:9b:e3:97:aa:b8:
0e:ce:73:b6:41:bd:e5:18:f6:66:38:d2:ec:76:9a:
20:a4:3f:e2:b9:15:1e:af:e8:30:d8:7f:11:14:cb:
58:7f:a8:e6:05:85:b9:dd:ed:e9:b8:65:95:f3:0d:
01:d9:cb:5a:e0:9e:6b:5b:2b:9c:23:bc:53:46:8b:
49:b3:f2:58:8b:b9:ae:17:35:74:a3:ec:b0:35:18:
ac:ec:97:8b:23:83:6e:49:f0:74:f6:5e:a0:49:56:
f7:d7:78:89:01:75:e0:5d:10:4c:01:e0:06:91:ca:
e8:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:16:C8:69:69:40:27:5A:A6:E4:9B:CA:F9:FB:D9:D7:83:DE:70:85
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/vxbIaWlAJ1qm5JvK-fvZ14PecIU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.151.32.0/22
77.36.2.0-77.36.7.255
77.36.57.0/24
77.36.60.0/24
77.36.65.0/24
77.36.68.0/22
91.223.158.0/24
91.228.119.0/24
91.229.6.0/24
91.232.254.0/24
91.236.77.0/24
91.236.237.0/24
91.237.48.0/24
91.239.222.0/23
93.120.12.0/22
93.120.36.0-93.120.38.255
93.120.46.0/24
93.120.120.0/22
176.96.48.0/22
176.96.93.0/24
178.159.147.0/24
188.191.252.0/22
Signature Algorithm: sha256WithRSAEncryption
61:41:5c:c0:44:47:f4:f1:f1:5e:58:44:8c:a3:b3:1c:34:a7:
e5:f1:7e:43:73:73:13:8f:84:ba:f0:91:19:60:f2:9c:13:00:
ee:d3:65:91:59:b5:4d:7c:35:54:08:74:6e:0f:f2:39:e8:2d:
be:12:c9:de:36:fd:1b:3f:0e:19:d4:a1:b3:15:b9:32:a3:67:
1c:d4:97:22:69:89:38:99:6e:15:6a:b7:5e:54:a9:86:65:99:
ed:34:ee:5d:24:2e:d7:66:25:9b:c4:0f:36:aa:d5:9f:7a:71:
bc:07:dd:c9:f0:6f:6d:10:1b:42:af:5a:b3:d2:67:de:49:b3:
a0:1e:32:67:6d:6f:21:ea:cc:f7:e8:0f:72:d4:49:43:58:41:
3d:ee:8b:58:33:1c:69:dd:f7:d1:98:30:9e:4f:59:d8:3a:e1:
14:e0:cb:04:1b:eb:35:ca:56:b0:c2:80:8a:69:0c:25:e6:27:
3f:99:78:74:c2:78:79:e1:a2:9e:f2:02:9d:32:c6:53:2a:30:
9a:ad:d9:df:e5:93:58:0b:03:bb:0e:be:fc:3d:9b:8a:13:7e:
84:7b:c0:89:25:79:c5:9e:dd:ec:f5:27:c6:c4:56:4b:c1:0f:
bf:68:c0:88:4a:7f:d8:d5:68:56:2e:9b:40:f1:3e:66:5b:04:
55:6b:0d:f7
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgISAYpB63Ut5In9/6VQN5H26NNHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjMwODI5MTUzMTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjE2Yzg2OTY5NDAyNzVhYTZlNDliY2FmOWZiZDlkNzgzZGU3MDg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArlTWoiXqpK3Wfm4odjFsgNRlpOVA
LuQdWj9Emw/YiprMoGoiYNhfyt7NEZ5F4ua9sEnGiq739NFOkvDcakZsNgX6m94a
BqW2sohII1to047AlWRdb5NxP8PGP4fzTxU7PfF2qd6R7IN3LDkMdKXbDUrkynQD
+fW2/6mvgrVhNOx4YiVqGhOXfJ1JyU5bW0Mbm+OXqrgOznO2Qb3lGPZmONLsdpog
pD/iuRUer+gw2H8RFMtYf6jmBYW53e3puGWV8w0B2cta4J5rWyucI7xTRotJs/JY
i7muFzV0o+ywNRis7JeLI4NuSfB09l6gSVb313iJAXXgXRBMAeAGkcro5wIDAQAB
o4ICnDCCApgwHQYDVR0OBBYEFL8WyGlpQCdapuSbyvn72deD3nCFMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvdnhiSWFXbEFKMXFtNUp2Sy1mdloxNFBlY0lVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGxBggrBgEFBQcBBwEB/wSBoTCBnjCBmwQCAAEwgZQDBAIu
lyAwDAMEAU0kAgMEA00kAAMEAE0kOQMEAE0kPAMEAE0kQQMEAk0kRAMEAFvfngME
AFvkdwMEAFvlBgMEAFvo/gMEAFvsTQMEAFvs7QMEAFvtMAMEAVvv3gMEAl14DDAM
AwQCXXgkAwQAXXgmAwQAXXguAwQCXXh4AwQCsGAwAwQAsGBdAwQAsp+TAwQCvL/8
MA0GCSqGSIb3DQEBCwUAA4IBAQBhQVzAREf08fFeWESMo7McNKfl8X5Dc3MTj4S6
8JEZYPKcEwDu02WRWbVNfDVUCHRuD/I56C2+EsneNv0bPw4Z1KGzFbkyo2cc1Jci
aYk4mW4VardeVKmGZZntNO5dJC7XZiWbxA82qtWfenG8B93J8G9tEBtCr1qz0mfe
SbOgHjJnbW8h6sz36A9y1ElDWEE97otYMxxp3ffRmDCeT1nYOuEU4MsEG+s1ylaw
woCKaQwl5ic/mXh0wnh54aKe8gKdMsZTKjCardnf5ZNYCwO7Dr78PZuKE36Ee8CJ
JXnFnt3s9SfGxFZLwQ+/aMCISn/Y1WhWLptA8T5mWwRVaw33
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:57 2024 by rpki-client on console-fra.rpki-client.org