Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/051fa2-c580-4a02-a186-e69f7a5d2d90/1/VwZLNzDvW0n87K00ckMTcOZQqYs.roa
File: VwZLNzDvW0n87K00ckMTcOZQqYs.roa (raw, json)
Hash identifier: 5MGmeUaRvVUzsVeeQS1zjqLgfV+jNJQFe8d6wKHUh2w=
Subject key identifier: 57:06:4B:37:30:EF:5B:49:FC:EC:AD:34:72:43:13:70:E6:50:A9:8B
Certificate issuer: /CN=f0ff2c6229af763a99f5349a32510df4a4526143
Certificate serial: 01874C96A8AAC04738ADBE9B91CD8268B488
Authority key identifier: F0:FF:2C:62:29:AF:76:3A:99:F5:34:9A:32:51:0D:F4:A4:52:61:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8P8sYimvdjqZ9TSaMlEN9KRSYUM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/051fa2-c580-4a02-a186-e69f7a5d2d90/1/VwZLNzDvW0n87K00ckMTcOZQqYs.roa
Signing time: Tue 04 Apr 2023 14:05:54 +0000
ROA not before: Tue 04 Apr 2023 14:05:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29286
IP address blocks: 193.92.8.0/24 maxlen: 24
193.92.8.0/22 maxlen: 22
193.92.10.0/24 maxlen: 24
193.92.9.0/24 maxlen: 24
193.92.11.0/24 maxlen: 24
213.16.192.0/20 maxlen: 20
194.219.218.0/23 maxlen: 24
185.4.88.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:4c:96:a8:aa:c0:47:38:ad:be:9b:91:cd:82:68:b4:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0ff2c6229af763a99f5349a32510df4a4526143
Validity
Not Before: Apr 4 14:05:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=57064b3730ef5b49fcecad3472431370e650a98b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:81:57:1a:82:7c:09:ec:0b:06:1d:60:ed:0f:
f2:17:87:19:b6:55:e8:20:8f:13:d0:a8:da:b9:27:
97:18:4f:62:9e:82:a5:84:21:30:3a:e9:b0:71:d4:
d5:80:d4:67:3e:5e:33:c9:85:d1:27:ea:86:26:ea:
b6:43:f5:fe:72:1e:77:5c:dd:b3:1a:a2:51:14:e9:
5c:a7:81:78:ca:e0:ad:92:cb:1b:10:15:fc:9b:7e:
de:13:2d:ea:a6:a6:65:77:98:75:8d:74:14:bb:b5:
3f:53:a4:16:5d:6f:e3:46:a1:f8:f5:03:ae:ec:11:
09:e6:76:9b:e1:63:cc:e9:e4:6c:c8:2e:6b:c3:77:
3e:a4:13:af:87:7a:97:2e:04:06:9c:da:cf:3e:f3:
53:48:74:61:c6:83:2f:4e:40:91:70:18:49:e2:95:
19:8d:84:c2:4a:68:ca:3a:9a:cd:e9:91:19:57:05:
d3:46:b6:06:1e:98:81:5b:17:74:15:7d:83:4f:7e:
6e:32:41:f4:fc:b2:65:8b:65:e0:ec:6e:9a:dc:61:
72:20:48:d3:c6:fd:5c:51:83:c7:91:b4:24:71:0c:
63:d0:5a:6a:d7:df:3b:43:70:a2:02:84:2f:86:1f:
62:e0:85:13:cc:99:f3:f9:27:92:70:79:96:37:87:
cc:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:06:4B:37:30:EF:5B:49:FC:EC:AD:34:72:43:13:70:E6:50:A9:8B
X509v3 Authority Key Identifier:
keyid:F0:FF:2C:62:29:AF:76:3A:99:F5:34:9A:32:51:0D:F4:A4:52:61:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8P8sYimvdjqZ9TSaMlEN9KRSYUM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/051fa2-c580-4a02-a186-e69f7a5d2d90/1/VwZLNzDvW0n87K00ckMTcOZQqYs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/051fa2-c580-4a02-a186-e69f7a5d2d90/1/8P8sYimvdjqZ9TSaMlEN9KRSYUM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.4.88.0/22
193.92.8.0/22
194.219.218.0/23
213.16.192.0/20
Signature Algorithm: sha256WithRSAEncryption
4a:00:51:fb:a1:c2:95:b1:58:6b:a9:e2:15:26:22:a1:a3:15:
3e:46:42:08:1f:81:1c:68:d5:57:27:43:19:4a:76:7c:f0:98:
01:13:3a:cd:29:fd:92:ba:3a:d9:84:d5:c6:88:1b:c8:32:e7:
ec:3e:05:ac:1f:c1:4d:5e:c1:46:9f:5f:7c:3f:2d:dd:8d:e0:
02:9b:5d:be:06:5f:74:a7:09:68:f7:08:ed:f7:d5:50:ff:4e:
96:f4:d2:6d:68:c0:1f:87:c7:e6:df:da:51:5d:c8:5a:de:5c:
9b:6c:74:7c:83:23:72:58:08:79:33:30:4c:d9:a7:27:e8:57:
8c:93:2a:84:d2:79:4b:aa:66:51:65:55:7b:e9:47:3f:93:01:
18:3e:7f:ae:23:99:ab:89:a2:2d:67:8a:3b:58:4a:6e:15:06:
6c:95:ab:a4:75:be:cd:3c:fc:7e:bf:ce:66:d8:aa:3b:d2:d7:
b4:53:29:55:6d:2e:91:e8:69:0b:fc:98:e4:06:ff:bc:9c:dd:
17:c1:61:c4:04:61:50:4c:ba:15:ab:0b:9e:1c:d7:c8:24:21:
80:13:50:b2:a4:ad:77:0b:c1:f1:b4:e2:10:bc:93:cb:0d:85:
01:bd:e1:8a:d9:98:c2:de:95:65:be:2c:4f:d4:62:46:6d:2e:
af:f6:d7:ba
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYdMlqiqwEc4rb6bkc2CaLSIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwZmYyYzYyMjlhZjc2M2E5OWY1MzQ5YTMyNTEwZGY0YTQ1
MjYxNDMwHhcNMjMwNDA0MTQwNTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzA2NGIzNzMwZWY1YjQ5ZmNlY2FkMzQ3MjQzMTM3MGU2NTBhOThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn4FXGoJ8CewLBh1g7Q/yF4cZtlXo
II8T0KjauSeXGE9inoKlhCEwOumwcdTVgNRnPl4zyYXRJ+qGJuq2Q/X+ch53XN2z
GqJRFOlcp4F4yuCtkssbEBX8m37eEy3qpqZld5h1jXQUu7U/U6QWXW/jRqH49QOu
7BEJ5nab4WPM6eRsyC5rw3c+pBOvh3qXLgQGnNrPPvNTSHRhxoMvTkCRcBhJ4pUZ
jYTCSmjKOprN6ZEZVwXTRrYGHpiBWxd0FX2DT35uMkH0/LJli2Xg7G6a3GFyIEjT
xv1cUYPHkbQkcQxj0Fpq1987Q3CiAoQvhh9i4IUTzJnz+SeScHmWN4fMJwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFcGSzcw71tJ/OytNHJDE3DmUKmLMB8GA1UdIwQY
MBaAFPD/LGIpr3Y6mfU0mjJRDfSkUmFDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFA4c1lpbXZkanFaOVRTYU1sRU45S1JTWVVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy8wNTFmYTItYzU4MC00YTAyLWExODYt
ZTY5ZjdhNWQyZDkwLzEvVndaTE56RHZXMG44N0swMGNrTVRjT1pRcVlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy8wNTFmYTItYzU4MC00YTAyLWExODYtZTY5ZjdhNWQyZDkw
LzEvOFA4c1lpbXZkanFaOVRTYU1sRU45S1JTWVVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCuQRYAwQC
wVwIAwQBwtvaAwQE1RDAMA0GCSqGSIb3DQEBCwUAA4IBAQBKAFH7ocKVsVhrqeIV
JiKhoxU+RkIIH4EcaNVXJ0MZSnZ88JgBEzrNKf2SujrZhNXGiBvIMufsPgWsH8FN
XsFGn198Py3djeACm12+Bl90pwlo9wjt99VQ/06W9NJtaMAfh8fm39pRXcha3lyb
bHR8gyNyWAh5MzBM2acn6FeMkyqE0nlLqmZRZVV76Uc/kwEYPn+uI5mriaItZ4o7
WEpuFQZslaukdb7NPPx+v85m2Ko70te0UylVbS6R6GkL/JjkBv+8nN0XwWHEBGFQ
TLoVqwueHNfIJCGAE1CypK13C8HxtOIQvJPLDYUBveGK2ZjC3pVlvixP1GJGbS6v
9te6
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:35:52 2024 by rpki-client on console-ams.rpki-client.org