Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/vQO5fDL-B1ZrK96uQEBNkuGfx-s.roa
File: vQO5fDL-B1ZrK96uQEBNkuGfx-s.roa (raw, json)
Hash identifier: rHh789aCOQ4ql/JRS5gpxQCcQ5VIt/VMn2fH50N/Y+c=
Subject key identifier: BD:03:B9:7C:32:FE:07:56:6B:2B:DE:AE:40:40:4D:92:E1:9F:C7:EB
Certificate issuer: /CN=1f68138d4ec2ea51cacef09ff1058a370a5be190
Certificate serial: 0185F359AE874C70C5461D75B73DA5A1C910
Authority key identifier: 1F:68:13:8D:4E:C2:EA:51:CA:CE:F0:9F:F1:05:8A:37:0A:5B:E1:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/vQO5fDL-B1ZrK96uQEBNkuGfx-s.roa
Signing time: Fri 27 Jan 2023 13:10:18 +0000
ROA not before: Fri 27 Jan 2023 13:10:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3301
IP address blocks: 217.208.0.0/13 maxlen: 13
2.252.0.0/15 maxlen: 15
194.18.0.0/16 maxlen: 16
195.252.32.0/19 maxlen: 19
2.255.128.0/18 maxlen: 18
194.16.0.0/15 maxlen: 15
195.198.0.0/16 maxlen: 16
62.20.0.0/16 maxlen: 16
195.67.0.0/16 maxlen: 16
2.254.0.0/16 maxlen: 16
2.255.191.0/24 maxlen: 24
192.16.152.0/23 maxlen: 23
2.255.190.0/24 maxlen: 24
192.16.153.0/24 maxlen: 24
193.44.0.0/15 maxlen: 15
194.236.0.0/15 maxlen: 15
192.150.58.0/23 maxlen: 23
192.150.64.0/22 maxlen: 22
192.150.60.0/22 maxlen: 22
192.150.68.0/23 maxlen: 23
192.150.78.0/23 maxlen: 23
213.64.0.0/14 maxlen: 14
212.28.192.0/19 maxlen: 19
194.22.0.0/15 maxlen: 15
81.228.4.0/24 maxlen: 24
81.228.4.0/23 maxlen: 23
81.228.5.0/24 maxlen: 24
2.255.0.0/17 maxlen: 17
194.218.0.0/16 maxlen: 16
212.181.0.0/16 maxlen: 16
78.64.0.0/12 maxlen: 12
95.192.0.0/12 maxlen: 12
90.224.0.0/12 maxlen: 12
81.224.0.0/12 maxlen: 12
192.150.80.0/23 maxlen: 23
2.248.0.0/14 maxlen: 14
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:f3:59:ae:87:4c:70:c5:46:1d:75:b7:3d:a5:a1:c9:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f68138d4ec2ea51cacef09ff1058a370a5be190
Validity
Not Before: Jan 27 13:10:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bd03b97c32fe07566b2bdeae40404d92e19fc7eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:b7:57:78:68:66:c5:9d:a6:4b:96:b8:cb:14:
81:00:7c:72:59:78:8c:0a:13:fd:6e:c3:e0:a2:5c:
d7:a2:ef:62:d1:2f:e6:86:16:5c:a8:a5:46:04:86:
64:a3:b9:29:53:56:10:ab:56:7f:0b:dc:f5:4a:83:
89:ca:24:66:68:e2:5b:8d:06:b6:35:79:6c:af:56:
22:bb:e0:4c:e1:1b:ce:79:60:b5:d1:b9:a3:7a:06:
5f:1a:1b:e0:99:ad:08:52:a3:15:63:9a:88:02:2e:
2f:87:a6:fb:45:ec:d2:e3:ff:c0:d1:e6:50:84:d4:
44:a5:3b:5f:0e:c7:9c:d7:3f:cc:20:27:12:d3:03:
d1:30:52:7d:12:97:d0:33:24:6b:0f:f4:37:ef:70:
db:0d:f1:cc:37:14:a7:c5:50:e8:3b:d7:49:ce:48:
b7:d8:8c:73:69:5c:33:b1:02:6d:6a:fb:2b:33:00:
31:52:c1:d8:e2:61:31:46:c5:c2:be:26:5c:b1:bd:
be:ea:d6:ad:ff:3b:ae:5e:b1:65:43:f4:41:55:d6:
0f:5f:49:ae:92:fb:bf:48:a7:19:d1:eb:19:e9:3c:
4b:c6:70:06:00:b7:be:63:ce:42:81:29:8f:37:39:
da:dc:69:cd:f1:d1:c5:3b:97:32:8f:b5:56:80:52:
58:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:03:B9:7C:32:FE:07:56:6B:2B:DE:AE:40:40:4D:92:E1:9F:C7:EB
X509v3 Authority Key Identifier:
keyid:1F:68:13:8D:4E:C2:EA:51:CA:CE:F0:9F:F1:05:8A:37:0A:5B:E1:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/vQO5fDL-B1ZrK96uQEBNkuGfx-s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.248.0.0-2.255.191.255
62.20.0.0/16
78.64.0.0/12
81.224.0.0/12
90.224.0.0/12
95.192.0.0/12
192.16.152.0/23
192.150.58.0-192.150.69.255
192.150.78.0-192.150.81.255
193.44.0.0/15
194.16.0.0-194.18.255.255
194.22.0.0/15
194.218.0.0/16
194.236.0.0/15
195.67.0.0/16
195.198.0.0/16
195.252.32.0/19
212.28.192.0/19
212.181.0.0/16
213.64.0.0/14
217.208.0.0/13
Signature Algorithm: sha256WithRSAEncryption
d3:0e:70:03:64:4e:4d:1f:42:3f:dc:86:d4:6b:2f:5f:4b:97:
07:d6:80:0a:62:e6:1b:96:c8:b9:01:96:11:cf:92:05:b3:fa:
98:6e:4b:64:50:b0:c2:e6:3e:b3:f2:e7:28:9e:ef:57:84:d7:
c0:e4:f2:15:6b:78:d0:81:a6:4a:e9:0c:3d:20:3f:a3:1e:01:
88:3f:28:9a:c1:2d:54:6d:14:87:f9:86:96:fc:90:ae:d3:76:
18:45:ef:86:0b:01:3c:b8:3b:97:32:ef:62:22:a1:a8:ef:de:
42:73:58:62:60:67:b2:e7:3c:35:f3:98:ce:a4:08:f1:b4:6a:
b9:06:69:4a:73:6f:65:ed:fc:55:d2:1d:59:65:2d:f1:2b:6d:
8b:a3:eb:e6:1b:f0:73:67:92:34:21:e5:8d:56:5b:cf:15:95:
5d:32:6c:d1:83:22:a1:5c:fe:54:d9:30:6c:6e:1f:d0:7f:c1:
b6:1e:c8:a9:49:d6:de:95:6c:0f:ba:88:b9:fc:7e:b2:61:45:
40:52:96:74:94:9c:d0:1c:c6:80:9d:f9:56:68:8f:e7:1a:26:
be:1f:c0:9c:89:2b:88:8d:ba:14:d3:b2:f8:b9:e7:b3:ea:b9:
78:5b:e0:6e:25:24:8b:35:43:97:01:bb:9f:91:7f:f9:64:61:
7f:4e:79:12
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgISAYXzWa6HTHDFRh11tz2lockQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNjgxMzhkNGVjMmVhNTFjYWNlZjA5ZmYxMDU4YTM3MGE1
YmUxOTAwHhcNMjMwMTI3MTMxMDE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDAzYjk3YzMyZmUwNzU2NmIyYmRlYWU0MDQwNGQ5MmUxOWZjN2ViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk7dXeGhmxZ2mS5a4yxSBAHxyWXiM
ChP9bsPgolzXou9i0S/mhhZcqKVGBIZko7kpU1YQq1Z/C9z1SoOJyiRmaOJbjQa2
NXlsr1Yiu+BM4RvOeWC10bmjegZfGhvgma0IUqMVY5qIAi4vh6b7RezS4//A0eZQ
hNREpTtfDsec1z/MICcS0wPRMFJ9EpfQMyRrD/Q373DbDfHMNxSnxVDoO9dJzki3
2IxzaVwzsQJtavsrMwAxUsHY4mExRsXCviZcsb2+6tat/zuuXrFlQ/RBVdYPX0mu
kvu/SKcZ0esZ6TxLxnAGALe+Y85CgSmPNzna3GnN8dHFO5cyj7VWgFJYYQIDAQAB
o4IClTCCApEwHQYDVR0OBBYEFL0DuXwy/gdWayverkBATZLhn8frMB8GA1UdIwQY
MBaAFB9oE41OwupRys7wn/EFijcKW+GQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDJnVGpVN0M2bEhLenZDZjhRV0tOd3BiNFpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9iOWFkZjQtZjkxMC00MzU1LWJmYzgt
NjA4NTY0ODM5ZmQwLzEvdlFPNWZETC1CMVpySzk2dVFFQk5rdUdmeC1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy9iOWFkZjQtZjkxMC00MzU1LWJmYzgtNjA4NTY0ODM5ZmQw
LzEvSDJnVGpVN0M2bEhLenZDZjhRV0tOd3BiNFpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGqBggrBgEFBQcBBwEB/wSBmjCBlzCBlAQCAAEwgY0wCwMD
AwL4AwQGAv+AAwMAPhQDAwROQAMDBFHgAwMEWuADAwRfwAMEAcAQmDAMAwQBwJY6
AwQBwJZEMAwDBAHAlk4DBAHAllADAwHBLDAKAwMEwhADAwDCEgMDAcIWAwMAwtoD
AwHC7AMDAMNDAwMAw8YDBAXD/CADBAXUHMADAwDUtQMDAtVAAwMD2dAwDQYJKoZI
hvcNAQELBQADggEBANMOcANkTk0fQj/chtRrL19LlwfWgApi5huWyLkBlhHPkgWz
+phuS2RQsMLmPrPy5yie71eE18Dk8hVreNCBpkrpDD0gP6MeAYg/KJrBLVRtFIf5
hpb8kK7TdhhF74YLATy4O5cy72Iioajv3kJzWGJgZ7LnPDXzmM6kCPG0arkGaUpz
b2Xt/FXSHVllLfErbYuj6+Yb8HNnkjQh5Y1WW88VlV0ybNGDIqFc/lTZMGxuH9B/
wbYeyKlJ1t6VbA+6iLn8frJhRUBSlnSUnNAcxoCd+VZoj+caJr4fwJyJK4iNuhTT
svi557PquXhb4G4lJIs1Q5cBu5+Rf/lkYX9OeRI=
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:28:02 2024 by rpki-client on console-fra.rpki-client.org