Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/vzUsoj4YkGLoFs0YCBAL2RUwbLM.roa
File: vzUsoj4YkGLoFs0YCBAL2RUwbLM.roa (raw, json)
Hash identifier: xV0Vq2SJ/I090785SGyxcylMuT6CF2JsqjS04HKma+8=
Subject key identifier: BF:35:2C:A2:3E:18:90:62:E8:16:CD:18:08:10:0B:D9:15:30:6C:B3
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 018CC56DE4CDCC099205E47BD320D81D533F
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/vzUsoj4YkGLoFs0YCBAL2RUwbLM.roa
Signing time: Mon 01 Jan 2024 14:29:22 +0000
ROA not before: Mon 01 Jan 2024 14:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31224
IP address blocks: 178.176.104.0/21 maxlen: 21
83.149.32.0/22 maxlen: 22
83.149.36.0/22 maxlen: 22
83.149.34.0/24 maxlen: 24
83.149.37.0/24 maxlen: 24
83.149.39.0/24 maxlen: 24
85.26.192.0/22 maxlen: 22
178.178.88.0/22 maxlen: 22
178.178.92.0/22 maxlen: 22
31.173.96.0/24 maxlen: 24
31.173.97.0/24 maxlen: 24
31.173.103.0/24 maxlen: 24
31.173.101.0/24 maxlen: 24
31.173.102.0/24 maxlen: 24
31.173.99.0/24 maxlen: 24
31.173.100.0/24 maxlen: 24
31.173.100.0/23 maxlen: 23
178.176.112.0/24 maxlen: 24
178.176.113.0/24 maxlen: 24
83.169.216.0/24 maxlen: 24
31.173.122.0/24 maxlen: 24
31.173.125.0/24 maxlen: 24
31.173.120.0/24 maxlen: 24
31.173.123.0/24 maxlen: 24
31.173.121.0/24 maxlen: 24
31.173.124.0/24 maxlen: 24
31.173.127.0/24 maxlen: 24
31.173.126.0/24 maxlen: 24
78.25.88.0/22 maxlen: 22
46.229.132.0/22 maxlen: 22
128.204.68.0/24 maxlen: 24
128.204.69.0/24 maxlen: 24
37.29.44.0/22 maxlen: 22
2a03:d000:5000::/40 maxlen: 40
2a03:d000:5100::/40 maxlen: 40
2a03:d000:5302::/48 maxlen: 48
2a03:d000:5301::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 29 Feb 2024 08:50:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:e4:cd:cc:09:92:05:e4:7b:d3:20:d8:1d:53:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Jan 1 14:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bf352ca23e189062e816cd1808100bd915306cb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:a6:92:2c:cd:a8:04:f2:fb:ba:87:c0:30:a7:
f6:f5:c4:29:2b:8f:80:dd:84:27:43:c1:fb:2a:e6:
45:ae:0f:83:66:cf:5b:e4:b8:e0:35:27:be:de:a8:
d8:6d:dc:a3:0b:e2:01:44:80:34:d7:c4:70:13:6a:
6c:2b:6f:c6:f6:1b:69:68:c5:61:3c:0b:eb:75:42:
e8:a9:34:07:ad:01:b1:5a:20:13:e0:69:d4:69:5c:
13:fc:04:27:b7:bb:ad:87:a8:8e:b5:df:58:97:51:
97:7b:95:3d:10:0a:2e:6e:06:d8:29:b3:6c:1b:b5:
1e:50:5d:4f:1a:0f:d7:7b:da:73:63:32:3f:03:0e:
41:47:27:83:62:32:38:1d:d1:5d:b3:3e:9e:d5:4f:
56:30:ee:dc:96:15:27:39:1b:7b:79:a0:0c:ee:fd:
a7:e3:d0:c8:d7:7e:06:7c:f8:45:ee:92:dc:b7:75:
bb:cf:45:e0:3e:8f:b9:9e:6a:ed:7b:e6:2f:17:d5:
23:41:d6:74:44:10:cf:72:06:2c:50:5b:f0:a6:9f:
71:f8:18:7c:2b:d3:c5:a6:e8:32:a8:65:1d:57:25:
fb:b5:09:00:4e:da:10:71:2e:c1:ac:ea:96:4b:68:
11:d6:21:60:3f:78:33:43:f2:16:b2:8c:68:94:ce:
86:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:35:2C:A2:3E:18:90:62:E8:16:CD:18:08:10:0B:D9:15:30:6C:B3
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/vzUsoj4YkGLoFs0YCBAL2RUwbLM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.173.96.0/23
31.173.99.0-31.173.103.255
31.173.120.0/21
37.29.44.0/22
46.229.132.0/22
78.25.88.0/22
83.149.32.0/21
83.169.216.0/24
85.26.192.0/22
128.204.68.0/23
178.176.104.0-178.176.113.255
178.178.88.0/21
IPv6:
2a03:d000:5000::/39
2a03:d000:5301::-2a03:d000:5302:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
45:80:b8:2b:ab:1d:40:62:bd:cf:19:1a:52:cd:dd:ac:85:08:
8a:25:5f:c3:c2:ef:b2:af:1e:e1:c9:9b:f8:f6:fb:87:2c:7e:
58:a7:25:af:c6:1b:90:c1:54:f5:7c:12:f7:25:c1:8c:55:ed:
a2:76:ed:97:66:7c:ed:00:17:52:e3:ff:5b:5d:72:ce:8c:48:
b3:16:d5:3d:13:86:f5:9b:6a:b4:0c:b2:a8:08:0a:69:a0:07:
62:78:ca:30:4f:d9:6f:fe:5d:89:46:e8:ab:4c:ad:97:8a:1e:
69:f0:30:31:cd:2f:34:64:2f:7b:53:74:cd:4a:cf:60:4d:11:
4d:d1:ea:ff:ab:e3:f3:cd:68:ce:74:4a:6b:73:43:a5:40:73:
55:c4:ca:d9:b2:bc:f8:2a:77:4a:42:16:a2:43:d7:ac:27:31:
ff:bc:9e:9a:6f:b4:79:7b:69:a1:d8:5d:f8:c3:e2:40:fb:ff:
60:ca:55:be:a6:3a:27:25:44:94:0f:0f:57:be:5e:5a:eb:b1:
e0:bd:20:46:7c:5f:db:2e:4c:70:90:fa:42:b3:a8:45:dc:d6:
fe:33:53:21:a5:c6:69:af:39:ef:7b:93:65:76:70:e6:2c:8b:
fc:a7:94:7f:08:03:53:cd:aa:d7:c6:95:70:a6:82:36:b5:bb:
20:c4:28:23
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgISAYzFbeTNzAmSBeR70yDYHVM/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjQwMTAxMTQyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjM1MmNhMjNlMTg5MDYyZTgxNmNkMTgwODEwMGJkOTE1MzA2Y2IzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApaaSLM2oBPL7uofAMKf29cQpK4+A
3YQnQ8H7KuZFrg+DZs9b5LjgNSe+3qjYbdyjC+IBRIA018RwE2psK2/G9htpaMVh
PAvrdULoqTQHrQGxWiAT4GnUaVwT/AQnt7uth6iOtd9Yl1GXe5U9EAoubgbYKbNs
G7UeUF1PGg/Xe9pzYzI/Aw5BRyeDYjI4HdFdsz6e1U9WMO7clhUnORt7eaAM7v2n
49DI134GfPhF7pLct3W7z0XgPo+5nmrte+YvF9UjQdZ0RBDPcgYsUFvwpp9x+Bh8
K9PFpugyqGUdVyX7tQkATtoQcS7BrOqWS2gR1iFgP3gzQ/IWsoxolM6GvQIDAQAB
o4ICgjCCAn4wHQYDVR0OBBYEFL81LKI+GJBi6BbNGAgQC9kVMGyzMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvdnpVc29qNFlrR0xvRnMwWUNCQUwyUlV3YkxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGXBggrBgEFBQcBBwEB/wSBhzCBhDBeBAIAATBYAwQBH61g
MAwDBAAfrWMDBAMfrWADBAMfrXgDBAIlHSwDBAIu5YQDBAJOGVgDBANTlSADBABT
qdgDBAJVGsADBAGAzEQwDAMEA7KwaAMEAbKwcAMEA7KyWDAiBAIAAjAcAwYBKgPQ
AFAwEgMHACoD0ABTAQMHACoD0ABTAjANBgkqhkiG9w0BAQsFAAOCAQEARYC4K6sd
QGK9zxkaUs3drIUIiiVfw8Lvsq8e4cmb+Pb7hyx+WKclr8YbkMFU9XwS9yXBjFXt
onbtl2Z87QAXUuP/W11yzoxIsxbVPROG9ZtqtAyyqAgKaaAHYnjKME/Zb/5diUbo
q0ytl4oeafAwMc0vNGQve1N0zUrPYE0RTdHq/6vj881oznRKa3NDpUBzVcTK2bK8
+Cp3SkIWokPXrCcx/7yemm+0eXtpodhd+MPiQPv/YMpVvqY6JyVElA8PV75eWuux
4L0gRnxf2y5McJD6QrOoRdzW/jNTIaXGaa8573uTZXZw5iyL/KeUfwgDU82q18aV
cKaCNrW7IMQoIw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:26 2024 by rpki-client on console-fra.rpki-client.org