Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/vOh2DkEcKqBu7V4d6kVcdCOYWKE.roa
File: vOh2DkEcKqBu7V4d6kVcdCOYWKE.roa (raw, json)
Hash identifier: FuACQ0sDQp0s4ueSUnSXDx5d6eIKJlRpvgpyvMA8kSE=
Subject key identifier: BC:E8:76:0E:41:1C:2A:A0:6E:ED:5E:1D:EA:45:5C:74:23:98:58:A1
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0187ECD9702E6CF1B61E05B5C43CD4DFA375
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/vOh2DkEcKqBu7V4d6kVcdCOYWKE.roa
Signing time: Fri 05 May 2023 16:58:05 +0000
ROA not before: Fri 05 May 2023 16:58:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58057
IP address blocks: 194.50.94.0/24 maxlen: 24
194.50.92.0/24 maxlen: 24
139.28.96.0/22 maxlen: 24
45.131.184.0/22 maxlen: 24
77.81.50.0/23 maxlen: 24
185.232.117.0/24 maxlen: 24
45.136.136.0/22 maxlen: 24
94.177.122.0/24 maxlen: 24
85.202.203.0/24 maxlen: 24
45.12.68.0/22 maxlen: 24
31.42.183.0/24 maxlen: 24
2a0e:97c0:260::/44 maxlen: 44
2a0e:97c3:110::/44 maxlen: 48
2a0c:3b80::/32 maxlen: 48
2a0c:3b86::/32 maxlen: 48
2a0e:97c0:170::/48 maxlen: 48
2a0c:3b85::/32 maxlen: 48
2a0c:3b82::/32 maxlen: 48
2a0e:b107:21c0::/45 maxlen: 48
2a09:4c0::/29 maxlen: 64
2a10:cc45:130::/44 maxlen: 44
2a0c:3b83::/32 maxlen: 48
2a0e:97c0:1d0::/44 maxlen: 44
2a0e:b107:1165::/48 maxlen: 48
2a10:2f00:18d::/48 maxlen: 48
2a0e:97c1:200::/40 maxlen: 48
2a10:2f00:18f::/48 maxlen: 48
2a0e:b107:9f2::/48 maxlen: 48
2a0c:3b81::/32 maxlen: 48
2a10:cc40:250::/44 maxlen: 48
2a0f:e404:102::/48 maxlen: 48
2a0c:3b84::/32 maxlen: 48
2a0e:b107:1786::/48 maxlen: 48
2a0e:97c4:120::/44 maxlen: 48
2a0e:97c4:100::/44 maxlen: 48
Validation: Failed, certificate revoked on Mon 08 May 2023 12:42:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:ec:d9:70:2e:6c:f1:b6:1e:05:b5:c4:3c:d4:df:a3:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: May 5 16:58:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bce8760e411c2aa06eed5e1dea455c74239858a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:b4:86:c5:ed:09:e7:f2:65:d6:c0:56:d7:aa:
de:3f:f3:b3:91:5e:06:d5:38:04:b3:c6:5d:3f:f9:
6d:73:e2:47:4d:4a:51:9d:8d:f3:8e:a1:ec:78:38:
5a:58:a3:a7:05:61:cd:db:d9:fa:e2:d4:18:f8:af:
f0:52:a5:f1:9b:c3:56:a1:58:47:25:0d:2b:7f:19:
43:e8:33:6b:f5:cd:dd:53:dc:32:25:91:4b:3b:1f:
79:99:00:10:4e:9a:3d:20:96:96:77:ee:37:76:1c:
06:96:a1:6a:17:2e:ac:62:b2:73:ac:20:43:02:f7:
91:46:b7:61:70:51:b3:25:17:19:2a:5b:ff:c1:91:
0e:db:cc:31:b7:ed:3b:b7:cf:51:4d:40:eb:2b:d4:
d5:22:ed:16:26:c5:fa:3c:89:1c:d6:b0:c2:3e:02:
c6:b9:0b:2e:39:b2:81:53:55:8a:f5:d6:62:4a:b6:
b8:eb:5b:f0:93:ad:3d:fe:df:1f:4c:4b:aa:e7:78:
17:30:bc:6e:62:3d:58:52:df:11:e8:6e:3c:e1:6c:
88:15:04:40:bb:c2:18:54:ec:71:c9:a3:72:c0:7e:
98:48:a1:41:5b:44:08:18:1f:27:24:68:2d:62:f4:
4f:c9:ef:ee:98:a6:c3:f6:f1:41:19:77:c3:22:8a:
bc:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:E8:76:0E:41:1C:2A:A0:6E:ED:5E:1D:EA:45:5C:74:23:98:58:A1
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/vOh2DkEcKqBu7V4d6kVcdCOYWKE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.183.0/24
45.12.68.0/22
45.131.184.0/22
45.136.136.0/22
77.81.50.0/23
85.202.203.0/24
94.177.122.0/24
139.28.96.0/22
185.232.117.0/24
194.50.92.0/24
194.50.94.0/24
IPv6:
2a09:4c0::/29
2a0c:3b80::-2a0c:3b86:ffff:ffff:ffff:ffff:ffff:ffff
2a0e:97c0:170::/48
2a0e:97c0:1d0::/44
2a0e:97c0:260::/44
2a0e:97c1:200::/40
2a0e:97c3:110::/44
2a0e:97c4:100::/44
2a0e:97c4:120::/44
2a0e:b107:9f2::/48
2a0e:b107:1165::/48
2a0e:b107:1786::/48
2a0e:b107:21c0::/45
2a0f:e404:102::/48
2a10:2f00:18d::/48
2a10:2f00:18f::/48
2a10:cc40:250::/44
2a10:cc45:130::/44
Signature Algorithm: sha256WithRSAEncryption
37:66:63:85:18:a6:c6:f2:28:ce:53:e9:83:e4:34:1f:36:36:
e1:f9:2a:6f:41:1b:38:1e:55:87:68:3c:fa:6f:d0:a3:8c:f9:
d6:a3:6e:58:94:cd:3b:2f:f7:28:aa:a4:56:1b:b8:24:13:0c:
52:77:85:d0:61:16:c2:97:c2:6f:c9:2c:5e:47:2d:d8:59:d3:
6c:89:60:de:ae:a6:31:11:0f:3c:d8:2b:f3:34:cb:3f:f4:07:
65:1b:6b:db:d9:1c:03:44:2a:09:de:38:1e:19:e2:9e:53:0e:
88:3b:50:69:c3:51:0a:79:31:66:5d:36:8a:16:0f:fc:63:82:
80:ea:9d:16:c8:f8:bd:7d:e9:50:33:de:5b:ad:8a:7e:1a:9b:
ba:8b:bb:80:b2:4c:71:83:1a:ee:98:f4:07:7c:1d:30:89:12:
30:fb:15:2a:3b:48:4c:3c:7d:88:37:6b:44:a0:09:e1:0a:67:
58:80:80:10:c7:d1:c7:86:c9:f2:d7:64:d1:5a:01:76:39:99:
4c:67:9c:8f:ac:a0:ba:b6:0c:2c:79:24:c6:a2:0d:69:6f:38:
0f:04:31:ff:9e:25:e7:2e:1e:12:d5:96:28:ea:e4:cd:56:8d:
e2:69:59:3e:cd:a8:89:23:a6:61:e3:fe:d7:72:3c:6c:c1:42:
ad:5b:00:fe
-----BEGIN CERTIFICATE-----
MIIF7TCCBNWgAwIBAgISAYfs2XAubPG2HgW1xDzU36N1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNTA1MTY1ODA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2U4NzYwZTQxMWMyYWEwNmVlZDVlMWRlYTQ1NWM3NDIzOTg1OGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh7SGxe0J5/Jl1sBW16reP/OzkV4G
1TgEs8ZdP/ltc+JHTUpRnY3zjqHseDhaWKOnBWHN29n64tQY+K/wUqXxm8NWoVhH
JQ0rfxlD6DNr9c3dU9wyJZFLOx95mQAQTpo9IJaWd+43dhwGlqFqFy6sYrJzrCBD
AveRRrdhcFGzJRcZKlv/wZEO28wxt+07t89RTUDrK9TVIu0WJsX6PIkc1rDCPgLG
uQsuObKBU1WK9dZiSra461vwk609/t8fTEuq53gXMLxuYj1YUt8R6G484WyIFQRA
u8IYVOxxyaNywH6YSKFBW0QIGB8nJGgtYvRPye/umKbD9vFBGXfDIoq8owIDAQAB
o4IC+TCCAvUwHQYDVR0OBBYEFLzodg5BHCqgbu1eHepFXHQjmFihMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvdk9oMkRrRWNLcUJ1N1Y0ZDZrVmNkQ09ZV0tFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBDQYIKwYBBQUHAQcBAf8Egf0wgfowSAQCAAEwQgMEAB8q
twMEAi0MRAMEAi2DuAMEAi2IiAMEAU1RMgMEAFXKywMEAF6xegMEAoscYAMEALno
dQMEAMIyXAMEAMIyXjCBrQQCAAIwgaYDBQMqCQTAMA4DBQcqDDuAAwUAKgw7hgMH
ACoOl8ABcAMHBCoOl8AB0AMHBCoOl8ACYAMGACoOl8ECAwcEKg6XwwEQAwcEKg6X
xAEAAwcEKg6XxAEgAwcAKg6xBwnyAwcAKg6xBxFlAwcAKg6xBxeGAwcDKg6xByHA
AwcAKg/kBAECAwcAKhAvAAGNAwcAKhAvAAGPAwcEKhDMQAJQAwcEKhDMRQEwMA0G
CSqGSIb3DQEBCwUAA4IBAQA3ZmOFGKbG8ijOU+mD5DQfNjbh+SpvQRs4HlWHaDz6
b9CjjPnWo25YlM07L/coqqRWG7gkEwxSd4XQYRbCl8JvySxeRy3YWdNsiWDerqYx
EQ882CvzNMs/9AdlG2vb2RwDRCoJ3jgeGeKeUw6IO1Bpw1EKeTFmXTaKFg/8Y4KA
6p0WyPi9felQM95brYp+Gpu6i7uAskxxgxrumPQHfB0wiRIw+xUqO0hMPH2IN2tE
oAnhCmdYgIAQx9HHhsny12TRWgF2OZlMZ5yPrKC6tgwseSTGog1pbzgPBDH/niXn
Lh4S1ZYo6uTNVo3iaVk+zaiJI6Zh4/7XcjxswUKtWwD+
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:34 2024 by rpki-client on console-ams.rpki-client.org