Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/487c15-6f6f-407f-949f-a8e4e71bee51/1/wvlK7dffMX6ZXZfZ7YFdAB37hA4.roa
File: wvlK7dffMX6ZXZfZ7YFdAB37hA4.roa (raw, json)
Hash identifier: orc+eYHKNZCWW5hCkjh4rzCKw78K9LI40mO+aS92pvA=
Subject key identifier: C2:F9:4A:ED:D7:DF:31:7E:99:5D:97:D9:ED:81:5D:00:1D:FB:84:0E
Certificate issuer: /CN=42c4c90ed16aa20e49178420bfc84a883c12ac68
Certificate serial: 0187999797A09DF9C8295B76CC299B0265B3
Authority key identifier: 42:C4:C9:0E:D1:6A:A2:0E:49:17:84:20:BF:C8:4A:88:3C:12:AC:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QsTJDtFqog5JF4Qgv8hKiDwSrGg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/487c15-6f6f-407f-949f-a8e4e71bee51/1/wvlK7dffMX6ZXZfZ7YFdAB37hA4.roa
Signing time: Wed 19 Apr 2023 12:57:41 +0000
ROA not before: Wed 19 Apr 2023 12:57:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202254
IP address blocks: 194.146.159.0/24 maxlen: 24
194.146.158.0/24 maxlen: 24
194.146.157.0/24 maxlen: 24
194.146.156.0/24 maxlen: 24
212.108.132.0/24 maxlen: 24
212.108.131.0/24 maxlen: 24
212.108.130.0/24 maxlen: 24
212.108.128.0/19 maxlen: 24
212.108.129.0/24 maxlen: 24
212.108.128.0/24 maxlen: 24
212.108.139.0/24 maxlen: 24
212.108.138.0/24 maxlen: 24
212.108.137.0/24 maxlen: 24
212.108.136.0/24 maxlen: 24
212.108.135.0/24 maxlen: 24
212.108.134.0/24 maxlen: 24
212.108.133.0/24 maxlen: 24
212.108.140.0/24 maxlen: 24
212.108.145.0/24 maxlen: 24
212.108.144.0/24 maxlen: 24
212.108.143.0/24 maxlen: 24
212.108.142.0/24 maxlen: 24
212.108.141.0/24 maxlen: 24
185.206.71.0/24 maxlen: 24
212.108.152.0/24 maxlen: 24
212.108.151.0/24 maxlen: 24
212.108.150.0/24 maxlen: 24
212.108.149.0/24 maxlen: 24
212.108.148.0/24 maxlen: 24
212.108.147.0/24 maxlen: 24
212.108.146.0/24 maxlen: 24
212.108.154.0/24 maxlen: 24
212.108.153.0/24 maxlen: 24
212.108.159.0/24 maxlen: 24
212.108.158.0/24 maxlen: 24
212.108.157.0/24 maxlen: 24
212.108.156.0/24 maxlen: 24
212.108.155.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:30:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:99:97:97:a0:9d:f9:c8:29:5b:76:cc:29:9b:02:65:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42c4c90ed16aa20e49178420bfc84a883c12ac68
Validity
Not Before: Apr 19 12:57:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c2f94aedd7df317e995d97d9ed815d001dfb840e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:da:af:5c:b7:90:07:2b:f0:1e:0e:54:8e:cc:
0e:90:1d:40:55:19:71:da:9f:e6:82:c7:d1:59:c1:
f5:1e:73:32:61:c9:be:fc:cb:f2:b8:97:c8:3c:4c:
a2:87:8a:fb:6b:54:a7:62:9c:69:b2:60:20:f3:6b:
68:aa:ad:27:a3:bc:02:d2:2a:c8:ea:ec:0f:a4:d9:
08:eb:19:53:79:46:3d:82:0f:44:5a:3d:33:30:ee:
51:f5:f2:f7:ae:1e:4c:84:d9:09:92:36:ae:de:87:
ec:89:b8:b5:36:7d:53:fb:b6:25:8d:d8:97:e6:20:
4e:1c:c1:53:0c:a1:02:00:d5:43:a6:0b:83:65:95:
59:ee:94:1d:bc:c8:76:71:d3:eb:20:68:de:0a:b6:
06:7b:72:24:7a:a8:50:0d:a2:08:26:09:8d:a2:48:
cd:32:c4:7e:d3:9a:e4:02:c0:38:4d:b8:e8:b6:a6:
c8:11:03:87:77:ef:2a:5c:54:6e:ad:65:dd:ef:37:
8f:8f:1f:01:b7:a3:63:ea:2a:d2:f0:6b:1b:eb:cf:
5b:31:e6:1d:19:4b:f9:7f:f5:20:58:19:2d:22:e0:
f7:a6:69:fd:b4:ff:86:85:b7:84:24:08:ed:cd:a3:
4d:91:f3:33:11:0e:a3:06:57:70:a1:16:56:48:39:
cb:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:F9:4A:ED:D7:DF:31:7E:99:5D:97:D9:ED:81:5D:00:1D:FB:84:0E
X509v3 Authority Key Identifier:
keyid:42:C4:C9:0E:D1:6A:A2:0E:49:17:84:20:BF:C8:4A:88:3C:12:AC:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QsTJDtFqog5JF4Qgv8hKiDwSrGg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/487c15-6f6f-407f-949f-a8e4e71bee51/1/wvlK7dffMX6ZXZfZ7YFdAB37hA4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/487c15-6f6f-407f-949f-a8e4e71bee51/1/QsTJDtFqog5JF4Qgv8hKiDwSrGg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.206.71.0/24
194.146.156.0/22
212.108.128.0/19
Signature Algorithm: sha256WithRSAEncryption
2f:6d:81:28:0b:60:43:5b:18:53:fe:e1:fa:61:57:07:67:0e:
e6:ed:3a:68:58:39:41:8e:66:94:98:d9:ea:9c:89:5e:5a:3c:
58:40:2a:7c:5c:0b:a0:2a:09:2f:3d:6d:6a:e7:75:8f:d6:10:
17:6f:01:a5:70:91:29:cd:67:86:f1:81:6d:d9:25:58:53:f1:
e5:19:ad:97:d4:9c:5f:41:8a:f6:df:95:20:95:6e:43:30:9d:
a6:ed:47:97:b9:b2:bd:4f:4c:1f:b2:80:70:05:85:90:a0:0c:
d3:5f:29:90:f0:22:58:51:67:d2:5a:59:88:f5:f1:af:8d:fe:
49:b5:f1:10:e9:05:ef:19:28:dc:7b:fd:07:5f:26:f4:3f:cb:
77:48:ac:f2:58:60:d1:64:33:9b:d9:6f:58:92:98:70:1f:2a:
35:a2:c9:35:07:f5:f8:18:7a:9a:5b:da:0a:5f:c9:3b:c6:57:
44:d0:9d:9f:44:9a:94:9b:18:eb:cd:d2:0c:ea:57:17:5d:06:
d4:15:08:44:6f:cc:b2:2d:e8:a8:cb:8e:2a:a8:20:fb:da:d4:
3e:9c:a2:c6:5a:90:15:74:25:45:59:d2:8a:96:ec:65:7b:cc:
b8:27:1c:74:11:43:5d:a5:dc:49:ca:04:59:02:cc:e9:d0:50:
22:7b:0c:68
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYeZl5egnfnIKVt2zCmbAmWzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyYzRjOTBlZDE2YWEyMGU0OTE3ODQyMGJmYzg0YTg4M2Mx
MmFjNjgwHhcNMjMwNDE5MTI1NzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmY5NGFlZGQ3ZGYzMTdlOTk1ZDk3ZDllZDgxNWQwMDFkZmI4NDBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy9qvXLeQByvwHg5UjswOkB1AVRlx
2p/mgsfRWcH1HnMyYcm+/MvyuJfIPEyih4r7a1SnYpxpsmAg82toqq0no7wC0irI
6uwPpNkI6xlTeUY9gg9EWj0zMO5R9fL3rh5MhNkJkjau3ofsibi1Nn1T+7YljdiX
5iBOHMFTDKECANVDpguDZZVZ7pQdvMh2cdPrIGjeCrYGe3IkeqhQDaIIJgmNokjN
MsR+05rkAsA4TbjotqbIEQOHd+8qXFRurWXd7zePjx8Bt6Nj6irS8Gsb689bMeYd
GUv5f/UgWBktIuD3pmn9tP+GhbeEJAjtzaNNkfMzEQ6jBldwoRZWSDnL1QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFML5Su3X3zF+mV2X2e2BXQAd+4QOMB8GA1UdIwQY
MBaAFELEyQ7RaqIOSReEIL/ISog8EqxoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXNUSkR0RnFvZzVKRjRRZ3Y4aEtpRHdTckdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS80ODdjMTUtNmY2Zi00MDdmLTk0OWYt
YThlNGU3MWJlZTUxLzEvd3ZsSzdkZmZNWDZaWFpmWjdZRmRBQjM3aEE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS80ODdjMTUtNmY2Zi00MDdmLTk0OWYtYThlNGU3MWJlZTUx
LzEvUXNUSkR0RnFvZzVKRjRRZ3Y4aEtpRHdTckdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAuc5HAwQC
wpKcAwQF1GyAMA0GCSqGSIb3DQEBCwUAA4IBAQAvbYEoC2BDWxhT/uH6YVcHZw7m
7TpoWDlBjmaUmNnqnIleWjxYQCp8XAugKgkvPW1q53WP1hAXbwGlcJEpzWeG8YFt
2SVYU/HlGa2X1JxfQYr235UglW5DMJ2m7UeXubK9T0wfsoBwBYWQoAzTXymQ8CJY
UWfSWlmI9fGvjf5JtfEQ6QXvGSjce/0HXyb0P8t3SKzyWGDRZDOb2W9YkphwHyo1
osk1B/X4GHqaW9oKX8k7xldE0J2fRJqUmxjrzdIM6lcXXQbUFQhEb8yyLeioy44q
qCD72tQ+nKLGWpAVdCVFWdKKluxle8y4Jxx0EUNdpdxJygRZAszp0FAiewxo
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:58 2024 by rpki-client on console-ams.rpki-client.org