Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/9200ca-a680-44d9-92f9-8d64df01c0c4/1/vvxMWfZadewu030VwMZydkpTmQ8.roa
File: vvxMWfZadewu030VwMZydkpTmQ8.roa (raw, json)
Hash identifier: OaFwqOEfQvF9/W+Hp6ereOrj8lQIxtjY2G5fkl9gHsY=
Subject key identifier: BE:FC:4C:59:F6:5A:75:EC:2E:D3:7D:15:C0:C6:72:76:4A:53:99:0F
Certificate issuer: /CN=059fa6a6b1ec7ae6ea8b44934cf7c3d4fa508ef2
Certificate serial: 01857142F481F0F080DFBD832CDAAA10A780
Authority key identifier: 05:9F:A6:A6:B1:EC:7A:E6:EA:8B:44:93:4C:F7:C3:D4:FA:50:8E:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZ-mprHseubqi0STTPfD1PpQjvI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/9200ca-a680-44d9-92f9-8d64df01c0c4/1/vvxMWfZadewu030VwMZydkpTmQ8.roa
Signing time: Mon 02 Jan 2023 06:54:51 +0000
ROA not before: Mon 02 Jan 2023 06:54:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1741
IP address blocks: 195.148.0.0/16 maxlen: 16
86.50.0.0/16 maxlen: 16
185.229.128.0/22 maxlen: 22
193.166.4.0/24 maxlen: 24
128.214.0.0/16 maxlen: 16
193.166.0.0/15 maxlen: 15
2001:708::/32 maxlen: 32
2001:708:10::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:32:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:42:f4:81:f0:f0:80:df:bd:83:2c:da:aa:10:a7:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=059fa6a6b1ec7ae6ea8b44934cf7c3d4fa508ef2
Validity
Not Before: Jan 2 06:54:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=befc4c59f65a75ec2ed37d15c0c672764a53990f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:f2:67:33:dc:4a:1c:99:ac:b5:a0:50:ec:f2:
ba:ef:4a:c2:83:12:4e:e9:a3:e7:ca:d4:d3:9e:91:
94:82:e2:b2:67:a0:75:73:56:ec:01:d3:21:fb:36:
7b:d7:2e:e9:42:f7:a6:7f:5c:67:a1:b4:3a:16:c8:
b6:95:4c:e2:51:a4:a3:9f:9e:bd:65:7c:09:fb:d1:
4d:c5:e5:2e:28:e4:20:fb:e5:e5:7b:31:ed:73:e9:
43:6d:d4:92:af:a6:34:ce:4b:95:81:37:03:e8:e9:
4a:61:69:80:cc:80:b6:e8:eb:96:3d:1b:4c:55:cd:
1b:4c:80:d7:7e:bf:53:f1:b9:59:a3:a7:6c:29:df:
55:a4:22:0d:b1:cf:19:14:85:76:5d:af:15:00:15:
dc:da:ba:a4:12:49:71:bb:40:7d:23:bf:32:ea:21:
60:e7:68:84:f4:88:df:fe:37:b4:a6:21:95:20:79:
2f:09:bc:ca:51:56:80:8b:12:03:bd:62:df:4a:35:
64:4f:09:1c:e6:0e:16:7a:a7:6f:8b:2f:8f:27:f9:
97:e2:92:f6:8a:c6:e1:ef:3b:f0:d6:c3:f0:a5:6e:
dc:1e:83:34:e1:ee:c2:68:65:6f:bb:6d:0d:e5:de:
0f:4c:52:73:ea:39:81:37:5b:34:b1:2c:5c:0b:6a:
27:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:FC:4C:59:F6:5A:75:EC:2E:D3:7D:15:C0:C6:72:76:4A:53:99:0F
X509v3 Authority Key Identifier:
keyid:05:9F:A6:A6:B1:EC:7A:E6:EA:8B:44:93:4C:F7:C3:D4:FA:50:8E:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZ-mprHseubqi0STTPfD1PpQjvI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/9200ca-a680-44d9-92f9-8d64df01c0c4/1/vvxMWfZadewu030VwMZydkpTmQ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/9200ca-a680-44d9-92f9-8d64df01c0c4/1/BZ-mprHseubqi0STTPfD1PpQjvI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.50.0.0/16
128.214.0.0/16
185.229.128.0/22
193.166.0.0/15
195.148.0.0/16
IPv6:
2001:708::/32
Signature Algorithm: sha256WithRSAEncryption
0d:2b:b1:ee:3b:27:28:75:52:d3:8c:6e:a6:cd:c3:dd:a7:2a:
fe:29:b6:73:92:1b:b1:e8:ac:04:e8:76:6d:ff:26:55:56:77:
a6:d6:48:35:e4:18:d5:ac:fc:e5:e4:ad:4e:0c:14:a6:d4:87:
ba:7e:6b:66:09:51:fe:87:97:3a:55:72:1f:09:e1:22:96:53:
5a:2c:f4:b8:9e:2a:87:20:e4:89:bf:02:1a:04:fc:6e:bd:5b:
46:09:a0:79:7a:f6:9b:b2:e9:c1:01:fc:66:c5:55:d6:73:62:
45:42:37:65:8b:7b:9b:24:77:fa:bd:57:f7:4e:65:5d:ea:12:
b5:5c:8d:d3:a0:5d:8a:6b:cd:9c:a9:2c:c6:db:ac:50:42:c2:
c3:43:68:12:e2:ea:d6:c1:9e:61:d5:5b:4f:c8:07:24:e8:d5:
89:52:c6:40:8e:19:44:2e:06:ce:70:5f:91:6a:2b:3f:b9:23:
85:dc:08:5a:98:4d:d1:49:d4:f1:1e:4d:47:b8:78:a8:df:79:
7c:44:3d:e3:aa:7e:87:d4:16:ee:44:85:10:6e:51:57:04:01:
7e:aa:30:5f:65:a5:2c:24:83:32:8e:71:df:3a:0b:5f:e2:f0:
9f:6b:f4:ba:8d:71:c5:bf:fa:c9:97:54:99:66:b7:81:e0:55:
36:c4:38:df
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYVxQvSB8PCA372DLNqqEKeAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OWZhNmE2YjFlYzdhZTZlYThiNDQ5MzRjZjdjM2Q0ZmE1
MDhlZjIwHhcNMjMwMTAyMDY1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWZjNGM1OWY2NWE3NWVjMmVkMzdkMTVjMGM2NzI3NjRhNTM5OTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi/JnM9xKHJmstaBQ7PK670rCgxJO
6aPnytTTnpGUguKyZ6B1c1bsAdMh+zZ71y7pQvemf1xnobQ6Fsi2lUziUaSjn569
ZXwJ+9FNxeUuKOQg++XlezHtc+lDbdSSr6Y0zkuVgTcD6OlKYWmAzIC26OuWPRtM
Vc0bTIDXfr9T8blZo6dsKd9VpCINsc8ZFIV2Xa8VABXc2rqkEklxu0B9I78y6iFg
52iE9Ijf/je0piGVIHkvCbzKUVaAixIDvWLfSjVkTwkc5g4Weqdviy+PJ/mX4pL2
isbh7zvw1sPwpW7cHoM04e7CaGVvu20N5d4PTFJz6jmBN1s0sSxcC2onLwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFL78TFn2WnXsLtN9FcDGcnZKU5kPMB8GA1UdIwQY
MBaAFAWfpqax7Hrm6otEk0z3w9T6UI7yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlotbXBySHNldWJxaTBTVFRQZkQxUHBRanZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy85MjAwY2EtYTY4MC00NGQ5LTkyZjkt
OGQ2NGRmMDFjMGM0LzEvdnZ4TVdmWmFkZXd1MDMwVndNWnlka3BUbVE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy85MjAwY2EtYTY4MC00NGQ5LTkyZjktOGQ2NGRmMDFjMGM0
LzEvQlotbXBySHNldWJxaTBTVFRQZkQxUHBRanZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwMAVjIDAwCA
1gMEArnlgAMDAcGmAwMAw5QwDQQCAAIwBwMFACABBwgwDQYJKoZIhvcNAQELBQAD
ggEBAA0rse47Jyh1UtOMbqbNw92nKv4ptnOSG7HorATodm3/JlVWd6bWSDXkGNWs
/OXkrU4MFKbUh7p+a2YJUf6HlzpVch8J4SKWU1os9LieKocg5Im/AhoE/G69W0YJ
oHl69puy6cEB/GbFVdZzYkVCN2WLe5skd/q9V/dOZV3qErVcjdOgXYprzZypLMbb
rFBCwsNDaBLi6tbBnmHVW0/IByTo1YlSxkCOGUQuBs5wX5FqKz+5I4XcCFqYTdFJ
1PEeTUe4eKjfeXxEPeOqfofUFu5EhRBuUVcEAX6qMF9lpSwkgzKOcd86C1/i8J9r
9LqNccW/+smXVJlmt4HgVTbEON8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:52 2024 by rpki-client on console-fra.rpki-client.org