Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/080361-1bbe-4763-800b-619c26194168/1/ngU4VFAst9D1RGMWy4ifZS5SoSU.roa
File: ngU4VFAst9D1RGMWy4ifZS5SoSU.roa (raw, json)
Hash identifier: bhUQC/46t9vo9TtLPJkeP5LPhL1nLAhOIbkRNoCBJgc=
Subject key identifier: 9E:05:38:54:50:2C:B7:D0:F5:44:63:16:CB:88:9F:65:2E:52:A1:25
Certificate issuer: /CN=54a31ab033cfd2dee6852fa9d8bf5a4a0e352414
Certificate serial: 018C8835868BB70C09D758801E8F0DE8DA57
Authority key identifier: 54:A3:1A:B0:33:CF:D2:DE:E6:85:2F:A9:D8:BF:5A:4A:0E:35:24:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VKMasDPP0t7mhS-p2L9aSg41JBQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/080361-1bbe-4763-800b-619c26194168/1/ngU4VFAst9D1RGMWy4ifZS5SoSU.roa
Signing time: Wed 20 Dec 2023 17:10:58 +0000
ROA not before: Wed 20 Dec 2023 17:10:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 19905
IP address blocks: 193.203.254.0/24 maxlen: 24
87.121.172.0/24 maxlen: 24
87.121.169.0/24 maxlen: 24
87.121.170.0/24 maxlen: 24
87.121.171.0/24 maxlen: 24
87.121.168.0/24 maxlen: 24
185.64.24.0/24 maxlen: 24
185.64.25.0/24 maxlen: 24
185.64.26.0/24 maxlen: 24
185.64.27.0/24 maxlen: 24
87.121.173.0/24 maxlen: 24
87.121.174.0/24 maxlen: 24
87.121.175.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:88:35:86:8b:b7:0c:09:d7:58:80:1e:8f:0d:e8:da:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54a31ab033cfd2dee6852fa9d8bf5a4a0e352414
Validity
Not Before: Dec 20 17:10:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9e053854502cb7d0f5446316cb889f652e52a125
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:22:c4:ac:4d:e0:be:ce:7a:fb:d1:88:e1:52:
b0:24:b5:17:82:c4:9f:e4:5c:71:e0:7f:c4:f1:61:
fa:4e:4e:0c:3c:16:10:ca:6c:83:63:0a:36:a5:6b:
e0:ab:8f:e7:ff:4b:38:03:93:ce:46:8b:3b:66:b1:
85:d7:58:90:69:47:3d:2e:be:cf:3a:8d:60:d1:2c:
dc:62:ce:69:77:c7:43:63:76:d0:22:d9:84:38:38:
87:aa:0a:00:9a:2c:d0:28:cd:1d:d9:e4:3d:47:e0:
e9:c2:d4:55:ca:b0:54:2d:ce:8a:17:51:f7:3f:cb:
4f:cb:bc:d4:d6:a5:af:e0:52:78:22:14:f3:84:89:
cb:6f:6c:a7:67:85:07:ee:7f:3c:9a:c1:1f:05:50:
95:b0:1a:4e:5a:f1:a4:66:6d:6e:4e:92:a8:a6:c5:
13:1c:20:b2:7b:b6:48:62:50:0a:96:9c:af:6b:fb:
ac:9c:fc:df:d8:97:87:2b:46:b8:be:6e:cd:07:a2:
5e:4a:c4:c0:0c:d2:e1:f9:c4:c6:39:a3:43:c6:27:
80:2c:12:85:93:c2:8c:33:07:0f:cb:2c:58:31:01:
9a:6d:09:6c:ba:07:39:d4:15:28:13:b8:c7:63:22:
d0:ee:e7:79:c6:c4:92:b2:9d:3a:4a:05:db:50:c0:
65:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:05:38:54:50:2C:B7:D0:F5:44:63:16:CB:88:9F:65:2E:52:A1:25
X509v3 Authority Key Identifier:
keyid:54:A3:1A:B0:33:CF:D2:DE:E6:85:2F:A9:D8:BF:5A:4A:0E:35:24:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VKMasDPP0t7mhS-p2L9aSg41JBQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/080361-1bbe-4763-800b-619c26194168/1/ngU4VFAst9D1RGMWy4ifZS5SoSU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/080361-1bbe-4763-800b-619c26194168/1/VKMasDPP0t7mhS-p2L9aSg41JBQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.121.168.0/21
185.64.24.0/22
193.203.254.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:e8:4a:18:63:b8:b0:a1:ce:2b:8f:c3:03:88:34:1f:81:6f:
1c:78:e0:1b:5f:d8:80:e5:49:ee:cf:cd:0a:e2:51:ee:ac:8f:
47:cc:d0:6b:2a:6a:eb:f4:18:b2:92:fc:50:82:aa:68:95:50:
19:1e:8e:fc:26:23:65:d3:56:cc:eb:31:79:d1:64:79:d1:f6:
10:c4:1c:f1:96:90:9b:f4:66:b3:16:46:39:83:09:c8:ad:64:
59:30:ea:1e:ef:15:77:39:d2:fd:5f:35:e1:27:7b:df:d4:1a:
7d:94:27:b1:41:0f:e0:95:30:a3:bf:a3:9a:5e:65:12:08:55:
72:56:0f:63:bc:77:b2:47:89:df:1a:c9:eb:88:f5:84:c6:f7:
52:3b:a3:4b:de:6c:86:a0:72:d2:f8:92:10:23:c2:68:cc:16:
cb:db:dd:d6:d3:ca:a0:fe:04:ba:3d:d6:1c:89:38:af:53:63:
08:aa:cf:d2:7a:73:91:72:f3:da:01:de:99:8f:2d:c7:a4:6d:
27:5b:e3:3b:9b:b7:d7:9f:b3:36:b4:09:97:56:18:5f:81:39:
03:f7:87:57:4e:73:d1:69:8b:b5:42:77:0c:f8:af:96:03:57:
ae:22:47:cc:8f:69:99:50:b9:65:13:61:ca:ed:d5:bf:1c:5f:
cb:bb:76:ef
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYyINYaLtwwJ11iAHo8N6NpXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0YTMxYWIwMzNjZmQyZGVlNjg1MmZhOWQ4YmY1YTRhMGUz
NTI0MTQwHhcNMjMxMjIwMTcxMDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTA1Mzg1NDUwMmNiN2QwZjU0NDYzMTZjYjg4OWY2NTJlNTJhMTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkCLErE3gvs56+9GI4VKwJLUXgsSf
5Fxx4H/E8WH6Tk4MPBYQymyDYwo2pWvgq4/n/0s4A5PORos7ZrGF11iQaUc9Lr7P
Oo1g0SzcYs5pd8dDY3bQItmEODiHqgoAmizQKM0d2eQ9R+DpwtRVyrBULc6KF1H3
P8tPy7zU1qWv4FJ4IhTzhInLb2ynZ4UH7n88msEfBVCVsBpOWvGkZm1uTpKopsUT
HCCye7ZIYlAKlpyva/usnPzf2JeHK0a4vm7NB6JeSsTADNLh+cTGOaNDxieALBKF
k8KMMwcPyyxYMQGabQlsugc51BUoE7jHYyLQ7ud5xsSSsp06SgXbUMBlpQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJ4FOFRQLLfQ9URjFsuIn2UuUqElMB8GA1UdIwQY
MBaAFFSjGrAzz9Le5oUvqdi/WkoONSQUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVktNYXNEUFAwdDdtaFMtcDJMOWFTZzQxSkJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8wODAzNjEtMWJiZS00NzYzLTgwMGIt
NjE5YzI2MTk0MTY4LzEvbmdVNFZGQXN0OUQxUkdNV3k0aWZaUzVTb1NVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8wODAzNjEtMWJiZS00NzYzLTgwMGItNjE5YzI2MTk0MTY4
LzEvVktNYXNEUFAwdDdtaFMtcDJMOWFTZzQxSkJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDV3moAwQC
uUAYAwQAwcv+MA0GCSqGSIb3DQEBCwUAA4IBAQCO6EoYY7iwoc4rj8MDiDQfgW8c
eOAbX9iA5Unuz80K4lHurI9HzNBrKmrr9BiykvxQgqpolVAZHo78JiNl01bM6zF5
0WR50fYQxBzxlpCb9GazFkY5gwnIrWRZMOoe7xV3OdL9XzXhJ3vf1Bp9lCexQQ/g
lTCjv6OaXmUSCFVyVg9jvHeyR4nfGsnriPWExvdSO6NL3myGoHLS+JIQI8JozBbL
293W08qg/gS6PdYciTivU2MIqs/SenORcvPaAd6Zjy3HpG0nW+M7m7fXn7M2tAmX
VhhfgTkD94dXTnPRaYu1QncM+K+WA1euIkfMj2mZULllE2HK7dW/HF/Lu3bv
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:00 2024 by rpki-client on console-fra.rpki-client.org