Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/vTOe79PWyF2yKAAuwTJGKmzqdyk.roa
File: vTOe79PWyF2yKAAuwTJGKmzqdyk.roa (raw, json)
Hash identifier: AFcV0R8ysE2hA+qw4J3SAxwAZ1tjWQxkHXSQ5MTav4Y=
Subject key identifier: BD:33:9E:EF:D3:D6:C8:5D:B2:28:00:2E:C1:32:46:2A:6C:EA:77:29
Certificate issuer: /CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Certificate serial: 018AFF8ED07409D7D7341306775A32ED2C0C
Authority key identifier: A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/vTOe79PWyF2yKAAuwTJGKmzqdyk.roa
Signing time: Thu 05 Oct 2023 11:17:44 +0000
ROA not before: Thu 05 Oct 2023 11:17:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197540
IP address blocks: 185.232.68.0/22 maxlen: 22
188.172.228.0/23 maxlen: 24
194.36.144.0/22 maxlen: 22
94.16.104.0/22 maxlen: 24
94.16.108.0/22 maxlen: 24
94.16.112.0/21 maxlen: 24
94.16.120.0/22 maxlen: 24
193.26.156.0/22 maxlen: 22
94.16.30.0/23 maxlen: 23
2a00:11c0:60::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 14 Nov 2023 15:13:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ff:8e:d0:74:09:d7:d7:34:13:06:77:5a:32:ed:2c:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Validity
Not Before: Oct 5 11:17:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bd339eefd3d6c85db228002ec132462a6cea7729
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:63:c9:5b:d4:dd:9a:7d:a2:ed:34:43:83:10:
b1:72:84:35:fd:7e:1b:84:7c:12:73:cd:f7:03:34:
fc:33:18:7f:8b:da:d2:89:57:9f:d2:8e:8d:c1:f2:
ef:06:fd:70:41:d6:da:c3:20:c6:2b:d4:9f:03:eb:
9b:76:bf:6d:00:68:04:0c:b4:2b:9f:c2:43:b0:49:
e5:77:f6:8a:26:2f:e6:8b:0c:a0:f3:fb:3d:4d:7a:
27:15:2b:10:7b:85:08:f8:a2:47:4e:77:05:79:c0:
c0:cd:60:8b:b3:50:14:37:19:b8:46:ec:04:88:0d:
62:2b:95:03:77:cb:8e:ae:0d:8f:72:df:7f:e1:1a:
c0:e0:12:91:29:34:7d:ac:52:7d:04:4a:48:1f:84:
9a:01:e7:86:95:42:ad:36:5f:d4:ae:1d:3e:c1:65:
46:33:fd:57:09:64:f2:69:84:a8:66:14:96:c0:9f:
77:52:ea:72:ba:5d:b8:6c:ff:00:6e:c8:d3:ad:c2:
18:24:b7:a1:bf:27:c7:49:08:5a:07:74:00:c0:39:
99:6a:08:36:9d:0b:a8:8c:b6:26:23:79:1b:8c:c2:
a5:31:16:8d:f4:06:b3:13:49:71:58:a3:d7:86:1e:
c6:4f:57:48:e7:38:b2:c3:da:db:3a:e1:fb:df:e8:
1c:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:33:9E:EF:D3:D6:C8:5D:B2:28:00:2E:C1:32:46:2A:6C:EA:77:29
X509v3 Authority Key Identifier:
keyid:A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/vTOe79PWyF2yKAAuwTJGKmzqdyk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.16.30.0/23
94.16.104.0-94.16.123.255
185.232.68.0/22
188.172.228.0/23
193.26.156.0/22
194.36.144.0/22
IPv6:
2a00:11c0:60::/48
Signature Algorithm: sha256WithRSAEncryption
66:f0:7a:f5:0d:7d:5f:8c:b9:7d:06:c3:11:3a:06:f4:7f:71:
96:57:e0:89:4e:81:2f:ec:57:90:48:b1:11:5f:05:58:5f:2c:
13:30:55:ba:6a:22:ea:83:e9:09:b0:33:09:19:89:6f:1c:9e:
60:4d:9a:fc:1a:1c:44:ac:3d:84:b5:8a:e8:e0:ff:8a:32:a4:
08:8b:a6:d8:58:83:a3:5a:85:15:c7:45:66:84:fe:5f:fb:15:
6a:e7:1a:4f:eb:d3:e1:4b:1e:04:be:96:64:31:e5:41:21:2e:
de:8a:ae:f4:fc:9f:bf:ce:4e:a8:4a:54:19:36:31:d9:65:35:
09:c6:63:5b:42:db:af:ae:fa:b0:c2:d9:94:4d:87:c0:da:f5:
3d:e8:79:06:b3:c7:c1:46:54:a9:37:31:e6:7e:e3:8e:6e:9f:
9d:8e:b7:f7:d7:ae:a6:8d:4d:a7:8c:7d:08:78:54:3a:54:54:
ba:d7:eb:4f:3c:2c:64:83:fa:79:d2:ec:ff:1b:9b:e9:66:d6:
3d:9d:41:e6:d3:cb:3e:68:0c:d1:b4:57:c0:2e:43:69:32:c5:
c8:27:f9:c5:87:c0:a1:c4:02:e0:cb:8a:5d:c1:99:12:e4:eb:
41:64:16:35:5a:96:23:a5:f2:b8:76:56:b9:09:7a:10:63:a9:
73:20:7b:e6
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgISAYr/jtB0CdfXNBMGd1oy7SwMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1MzlhZmViYWNlODk5YThlZTBiYjRmOGJiNDQ3NWZlMjQ3
YTE1MjgwHhcNMjMxMDA1MTExNzQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDMzOWVlZmQzZDZjODVkYjIyODAwMmVjMTMyNDYyYTZjZWE3NzI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGPJW9Tdmn2i7TRDgxCxcoQ1/X4b
hHwSc833AzT8Mxh/i9rSiVef0o6NwfLvBv1wQdbawyDGK9SfA+ubdr9tAGgEDLQr
n8JDsEnld/aKJi/miwyg8/s9TXonFSsQe4UI+KJHTncFecDAzWCLs1AUNxm4RuwE
iA1iK5UDd8uOrg2Pct9/4RrA4BKRKTR9rFJ9BEpIH4SaAeeGlUKtNl/Urh0+wWVG
M/1XCWTyaYSoZhSWwJ93Uupyul24bP8AbsjTrcIYJLehvyfHSQhaB3QAwDmZagg2
nQuojLYmI3kbjMKlMRaN9AazE0lxWKPXhh7GT1dI5ziyw9rbOuH73+gc2wIDAQAB
o4ICQDCCAjwwHQYDVR0OBBYEFL0znu/T1shdsigALsEyRips6ncpMB8GA1UdIwQY
MBaAFKU5r+us6Jmo7gu0+LtEdf4kehUoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYt
NzQxMzk1OTEzMTJlLzEvdlRPZTc5UFd5RjJ5S0FBdXdUSkdLbXpxZHlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYtNzQxMzk1OTEzMTJl
LzEvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFYGCCsGAQUFBwEHAQH/BEcwRTAyBAIAATAsAwQBXhAeMAwD
BANeEGgDBAJeEHgDBAK56EQDBAG8rOQDBALBGpwDBALCJJAwDwQCAAIwCQMHACoA
EcAAYDANBgkqhkiG9w0BAQsFAAOCAQEAZvB69Q19X4y5fQbDEToG9H9xllfgiU6B
L+xXkEixEV8FWF8sEzBVumoi6oPpCbAzCRmJbxyeYE2a/BocRKw9hLWK6OD/ijKk
CIum2FiDo1qFFcdFZoT+X/sVaucaT+vT4UseBL6WZDHlQSEu3oqu9Pyfv85OqEpU
GTYx2WU1CcZjW0Lbr676sMLZlE2HwNr1Peh5BrPHwUZUqTcx5n7jjm6fnY6399eu
po1Np4x9CHhUOlRUutfrTzwsZIP6edLs/xub6WbWPZ1B5tPLPmgM0bRXwC5DaTLF
yCf5xYfAocQC4MuKXcGZEuTrQWQWNVqWI6XyuHZWuQl6EGOpcyB75g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:51 2024 by rpki-client on console-ams.rpki-client.org