Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/vlDzySCMRifJCqfof6GBzPA-yqs.roa
File: vlDzySCMRifJCqfof6GBzPA-yqs.roa (raw, json)
Hash identifier: 4IsL2sLsJts/AqbY4ThIhg3QzjKDg1lAOFapOS5su/k=
Subject key identifier: BE:50:F3:C9:20:8C:46:27:C9:0A:A7:E8:7F:A1:81:CC:F0:3E:CA:AB
Certificate issuer: /CN=38ca3f38d8e5a301eaf6924b924fe8f57aac690d
Certificate serial: 01861DA2BB0C36A67549C4134C87E22DDC34
Authority key identifier: 38:CA:3F:38:D8:E5:A3:01:EA:F6:92:4B:92:4F:E8:F5:7A:AC:69:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OMo_ONjlowHq9pJLkk_o9XqsaQ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/vlDzySCMRifJCqfof6GBzPA-yqs.roa
Signing time: Sat 04 Feb 2023 18:14:09 +0000
ROA not before: Sat 04 Feb 2023 18:14:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60268
IP address blocks: 185.97.132.0/24 maxlen: 24
185.97.133.0/24 maxlen: 24
193.19.72.0/24 maxlen: 24
193.19.73.0/24 maxlen: 24
185.33.168.0/24 maxlen: 24
185.33.171.0/24 maxlen: 24
2a00:cee2::/32 maxlen: 32
2a00:cee1::/32 maxlen: 32
2a00:cee4::/32 maxlen: 32
2a00:cee3::/32 maxlen: 32
2a00:cee0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 12 Jun 2023 14:51:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:1d:a2:bb:0c:36:a6:75:49:c4:13:4c:87:e2:2d:dc:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38ca3f38d8e5a301eaf6924b924fe8f57aac690d
Validity
Not Before: Feb 4 18:14:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=be50f3c9208c4627c90aa7e87fa181ccf03ecaab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:a6:48:0b:3a:55:1f:96:7f:66:c5:3c:5a:8e:
e8:32:3a:bc:a5:37:cc:c8:da:f9:32:e6:9a:dd:f5:
11:5b:05:05:95:8c:74:91:bc:44:1b:ed:8b:e2:2b:
cd:97:34:43:11:2a:7d:7d:af:ef:22:ac:bb:da:30:
29:4e:f3:cf:95:cb:34:56:4b:1d:25:a1:55:cf:a7:
f6:47:bc:a5:f5:2b:f5:9a:6f:f0:28:88:96:56:f9:
7e:4d:57:c9:14:05:df:bf:40:65:5d:24:84:92:a4:
ba:57:71:9e:16:7c:5d:12:e4:17:0d:20:13:d6:ad:
c9:a3:58:37:ca:ce:eb:eb:e0:fa:fe:76:d3:4d:c9:
6c:66:e5:05:5c:0b:4f:71:9c:98:81:30:8a:bf:0a:
1d:9b:96:3c:c3:58:1a:63:f1:e5:6f:59:04:e1:0e:
43:6c:28:e0:ee:68:a2:c7:9d:a4:b0:28:49:85:55:
fd:f6:1d:fb:63:a9:18:fe:79:81:6d:b9:6a:c9:c0:
fc:35:60:a9:29:1b:8d:0f:d3:46:d3:43:5e:32:90:
04:1f:f3:22:74:a2:c0:3e:44:69:d7:97:8d:6d:91:
96:d9:dc:9c:a0:f1:6f:3d:90:90:d2:4a:bd:29:24:
8a:03:64:8c:ae:43:53:62:0b:a5:00:bf:55:3c:1d:
99:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:50:F3:C9:20:8C:46:27:C9:0A:A7:E8:7F:A1:81:CC:F0:3E:CA:AB
X509v3 Authority Key Identifier:
keyid:38:CA:3F:38:D8:E5:A3:01:EA:F6:92:4B:92:4F:E8:F5:7A:AC:69:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OMo_ONjlowHq9pJLkk_o9XqsaQ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/vlDzySCMRifJCqfof6GBzPA-yqs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/OMo_ONjlowHq9pJLkk_o9XqsaQ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.33.168.0/24
185.33.171.0/24
185.97.132.0/23
193.19.72.0/23
IPv6:
2a00:cee0::-2a00:cee4:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
86:2b:9e:47:6d:67:3d:1c:62:16:9e:06:b9:26:d4:77:12:fa:
ea:ef:28:42:38:c2:31:03:a4:94:05:a2:ff:ca:34:6a:15:e3:
9c:a4:6d:1a:75:f0:55:9c:86:bf:ee:7d:4f:6d:8b:55:9d:11:
51:65:66:9b:33:05:e3:f9:2d:df:c9:87:34:94:df:69:8f:04:
57:03:ed:72:78:3c:d7:47:2f:d0:6c:e2:1f:58:36:2d:80:3b:
fc:b4:cd:48:d9:85:d3:65:4f:b1:1a:79:d9:54:3f:93:18:f2:
c8:37:af:56:26:c6:44:2e:20:82:85:53:0f:35:0a:5f:62:99:
ef:5b:f8:e6:06:e8:42:7d:2f:7f:6e:06:c3:46:97:5a:a5:62:
8c:94:92:a5:a4:e2:59:87:52:25:8c:a0:f7:1a:be:85:a7:85:
4f:54:37:5f:4e:e5:dc:bf:a9:8e:61:26:48:07:4d:52:d3:e2:
ef:0d:c2:b2:b5:8e:28:8b:41:a2:8c:52:fc:ce:4a:6a:9e:84:
c3:91:b1:c5:3e:3d:cb:2d:49:ab:28:34:81:8d:58:86:82:25:
f3:83:08:7e:f2:ba:da:ed:b1:3d:60:4c:e2:2c:44:95:37:87:
8e:e2:d2:ba:98:15:4b:94:22:15:80:8f:01:f3:55:52:fe:19:
d9:6e:21:54
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYYdorsMNqZ1ScQTTIfiLdw0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4Y2EzZjM4ZDhlNWEzMDFlYWY2OTI0YjkyNGZlOGY1N2Fh
YzY5MGQwHhcNMjMwMjA0MTgxNDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTUwZjNjOTIwOGM0NjI3YzkwYWE3ZTg3ZmExODFjY2YwM2VjYWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm6ZICzpVH5Z/ZsU8Wo7oMjq8pTfM
yNr5Muaa3fURWwUFlYx0kbxEG+2L4ivNlzRDESp9fa/vIqy72jApTvPPlcs0Vksd
JaFVz6f2R7yl9Sv1mm/wKIiWVvl+TVfJFAXfv0BlXSSEkqS6V3GeFnxdEuQXDSAT
1q3Jo1g3ys7r6+D6/nbTTclsZuUFXAtPcZyYgTCKvwodm5Y8w1gaY/Hlb1kE4Q5D
bCjg7miix52ksChJhVX99h37Y6kY/nmBbblqycD8NWCpKRuND9NG00NeMpAEH/Mi
dKLAPkRp15eNbZGW2dycoPFvPZCQ0kq9KSSKA2SMrkNTYgulAL9VPB2ZvQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFL5Q88kgjEYnyQqn6H+hgczwPsqrMB8GA1UdIwQY
MBaAFDjKPzjY5aMB6vaSS5JP6PV6rGkNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT01vX09Oamxvd0hxOXBKTGtrX285WHFzYVEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9iYTY3NTUtNDI3My00OGUxLTg1ODIt
NzEyZmE2NWEyNWJhLzEvdmxEenlTQ01SaWZKQ3Fmb2Y2R0J6UEEteXFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9iYTY3NTUtNDI3My00OGUxLTg1ODItNzEyZmE2NWEyNWJh
LzEvT01vX09Oamxvd0hxOXBKTGtrX285WHFzYVEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODAeBAIAATAYAwQAuSGoAwQA
uSGrAwQBuWGEAwQBwRNIMBYEAgACMBAwDgMFBSoAzuADBQAqAM7kMA0GCSqGSIb3
DQEBCwUAA4IBAQCGK55HbWc9HGIWnga5JtR3Evrq7yhCOMIxA6SUBaL/yjRqFeOc
pG0adfBVnIa/7n1PbYtVnRFRZWabMwXj+S3fyYc0lN9pjwRXA+1yeDzXRy/QbOIf
WDYtgDv8tM1I2YXTZU+xGnnZVD+TGPLIN69WJsZELiCChVMPNQpfYpnvW/jmBuhC
fS9/bgbDRpdapWKMlJKlpOJZh1IljKD3Gr6Fp4VPVDdfTuXcv6mOYSZIB01S0+Lv
DcKytY4oi0GijFL8zkpqnoTDkbHFPj3LLUmrKDSBjViGgiXzgwh+8rra7bE9YEzi
LESVN4eO4tK6mBVLlCIVgI8B81VS/hnZbiFU
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:37 2024 by rpki-client on console-ams.rpki-client.org