Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/vKJOhMT-UuTcxrk6HKxJot4sMLw.roa
File: vKJOhMT-UuTcxrk6HKxJot4sMLw.roa (raw, json)
Hash identifier: xRZpkSNkNWL6fXEm72xrFQINGnnounkPvR5uGaXnD24=
Subject key identifier: BC:A2:4E:84:C4:FE:52:E4:DC:C6:B9:3A:1C:AC:49:A2:DE:2C:30:BC
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 018CC802D98695683628B5DEA1935FF52723
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/vKJOhMT-UuTcxrk6HKxJot4sMLw.roa
Signing time: Tue 02 Jan 2024 02:31:19 +0000
ROA not before: Tue 02 Jan 2024 02:31:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3301
IP address blocks: 193.181.74.0/24 maxlen: 24
193.181.72.0/24 maxlen: 24
193.181.73.0/24 maxlen: 24
194.14.155.0/24 maxlen: 24
194.68.127.0/24 maxlen: 24
194.14.156.0/24 maxlen: 24
194.14.154.0/24 maxlen: 24
193.183.22.0/24 maxlen: 24
194.103.240.0/21 maxlen: 21
194.103.240.0/20 maxlen: 20
194.103.252.0/22 maxlen: 22
194.103.249.0/24 maxlen: 24
194.103.250.0/23 maxlen: 23
192.165.229.0/24 maxlen: 24
193.182.190.0/24 maxlen: 24
194.68.72.0/22 maxlen: 22
194.68.76.0/23 maxlen: 23
194.68.79.0/24 maxlen: 24
192.176.33.0/24 maxlen: 24
194.132.95.0/24 maxlen: 24
192.36.96.0/24 maxlen: 24
194.14.245.0/24 maxlen: 24
193.180.7.0/24 maxlen: 24
192.121.40.0/24 maxlen: 24
192.121.50.0/23 maxlen: 23
192.121.52.0/24 maxlen: 24
192.176.124.0/24 maxlen: 24
194.132.188.0/23 maxlen: 23
194.132.190.0/23 maxlen: 23
193.183.230.0/23 maxlen: 23
193.183.228.0/23 maxlen: 23
192.165.95.0/24 maxlen: 24
193.183.236.0/23 maxlen: 23
192.165.12.0/24 maxlen: 24
192.165.31.0/24 maxlen: 24
192.121.115.0/24 maxlen: 24
192.165.173.0/24 maxlen: 24
192.121.229.0/24 maxlen: 24
192.165.180.0/24 maxlen: 24
193.182.152.0/23 maxlen: 23
193.182.152.0/24 maxlen: 24
193.182.153.0/24 maxlen: 24
193.180.176.0/24 maxlen: 24
193.180.175.0/24 maxlen: 24
193.182.107.0/24 maxlen: 24
193.182.126.0/24 maxlen: 24
193.234.185.0/24 maxlen: 24
193.234.184.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 19 Feb 2024 13:09:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:d9:86:95:68:36:28:b5:de:a1:93:5f:f5:27:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 2 02:31:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bca24e84c4fe52e4dcc6b93a1cac49a2de2c30bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:4f:75:44:ac:06:31:df:94:ba:6a:c9:00:07:
4e:1e:bf:c5:f0:f8:82:97:48:11:77:7e:0d:85:dd:
93:43:58:e0:c3:90:c7:f3:91:82:c7:bf:b6:e2:ee:
78:ad:9d:75:e2:43:63:5a:91:59:28:c8:b8:fa:50:
6c:3f:81:71:1a:96:95:80:29:b0:2d:41:1e:8f:c2:
e8:1c:6d:55:b3:6e:41:a7:d3:d4:e4:ca:a1:2a:dc:
46:83:62:13:69:26:c4:0f:ce:34:ac:b9:15:f1:e3:
da:a6:cb:da:a0:2d:e9:2e:72:9d:dc:7c:2e:ed:59:
78:80:01:1d:16:fc:b0:dd:af:c1:68:f4:a7:6e:5d:
6a:61:b6:33:02:b8:82:eb:64:69:17:0c:fe:1e:c2:
73:15:7b:12:ea:1c:75:3a:ad:3d:5c:fa:5a:d4:d0:
87:ce:69:12:f7:7b:66:aa:ca:3c:1a:a8:09:af:0a:
03:45:1a:a0:43:93:67:db:4e:69:42:67:3a:2a:67:
eb:20:eb:af:01:ca:72:13:cc:51:2a:f6:b6:f9:a4:
d1:4d:a9:80:58:a7:24:f8:6d:31:e1:63:34:38:5b:
13:0c:fc:0f:4c:6a:d3:d4:db:3a:51:75:59:6c:02:
22:01:14:78:f4:16:f2:1b:5e:be:6c:99:51:e2:1d:
94:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:A2:4E:84:C4:FE:52:E4:DC:C6:B9:3A:1C:AC:49:A2:DE:2C:30:BC
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/vKJOhMT-UuTcxrk6HKxJot4sMLw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.96.0/24
192.121.40.0/24
192.121.50.0-192.121.52.255
192.121.115.0/24
192.121.229.0/24
192.165.12.0/24
192.165.31.0/24
192.165.95.0/24
192.165.173.0/24
192.165.180.0/24
192.165.229.0/24
192.176.33.0/24
192.176.124.0/24
193.180.7.0/24
193.180.175.0-193.180.176.255
193.181.72.0-193.181.74.255
193.182.107.0/24
193.182.126.0/24
193.182.152.0/23
193.182.190.0/24
193.183.22.0/24
193.183.228.0/22
193.183.236.0/23
193.234.184.0/23
194.14.154.0-194.14.156.255
194.14.245.0/24
194.68.72.0-194.68.77.255
194.68.79.0/24
194.68.127.0/24
194.103.240.0/20
194.132.95.0/24
194.132.188.0/22
Signature Algorithm: sha256WithRSAEncryption
73:03:8e:b5:81:f8:dd:7f:c6:af:a9:87:85:e3:c4:b2:db:32:
6a:0e:ff:ea:22:9a:72:3b:2f:71:3a:80:ce:7a:ed:ac:cd:43:
3a:57:2b:a1:60:49:52:24:5e:f2:02:56:88:75:de:9f:c0:3a:
e5:fb:ff:48:e9:f1:6b:8d:c6:4b:c7:98:5b:21:d6:6e:b4:c3:
0f:59:ab:e7:a2:4a:b1:58:58:55:ed:66:60:4d:15:8b:3b:00:
ff:70:92:07:55:13:3c:75:dc:ed:06:39:50:53:31:a9:30:6a:
4f:27:18:36:d4:e2:c9:d2:0e:3a:6f:6f:2f:a1:b8:96:e7:bc:
ec:6d:75:70:ed:ee:0e:f4:9f:a6:56:e8:d3:46:85:ae:87:0c:
e6:a0:d1:5e:20:ba:45:3e:36:3f:b6:de:b4:ae:f8:3c:d3:4f:
ac:09:7a:3c:95:9c:c4:42:da:c9:45:89:78:0e:7e:9a:a8:fd:
b7:ff:ab:59:7c:fc:f9:16:19:d0:24:fa:5c:85:c8:7e:89:a3:
48:fa:66:f7:0a:59:8f:bf:60:65:ff:f5:f6:e0:e3:7e:ed:93:
55:41:00:0e:8e:dd:15:c0:48:71:c6:7d:af:ba:7e:d4:0c:84:
e8:53:2a:4a:90:89:49:f4:ff:32:c9:30:1b:9c:56:56:62:2c:
50:2a:42:30
-----BEGIN CERTIFICATE-----
MIIF5TCCBM2gAwIBAgISAYzIAtmGlWg2KLXeoZNf9ScjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjQwMTAyMDIzMTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2EyNGU4NGM0ZmU1MmU0ZGNjNmI5M2ExY2FjNDlhMmRlMmMzMGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm091RKwGMd+UumrJAAdOHr/F8PiC
l0gRd34Nhd2TQ1jgw5DH85GCx7+24u54rZ114kNjWpFZKMi4+lBsP4FxGpaVgCmw
LUEej8LoHG1Vs25Bp9PU5MqhKtxGg2ITaSbED840rLkV8ePapsvaoC3pLnKd3Hwu
7Vl4gAEdFvyw3a/BaPSnbl1qYbYzAriC62RpFwz+HsJzFXsS6hx1Oq09XPpa1NCH
zmkS93tmqso8GqgJrwoDRRqgQ5Nn205pQmc6KmfrIOuvAcpyE8xRKva2+aTRTamA
WKck+G0x4WM0OFsTDPwPTGrT1Ns6UXVZbAIiARR49BbyG16+bJlR4h2U1QIDAQAB
o4IC8TCCAu0wHQYDVR0OBBYEFLyiToTE/lLk3Ma5OhysSaLeLDC8MB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvdktKT2hNVC1VdVRjeHJrNkhLeEpvdDRzTUx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBBQYIKwYBBQUHAQcBAf8EgfUwgfIwge8EAgABMIHoAwQA
wCRgAwQAwHkoMAwDBAHAeTIDBADAeTQDBADAeXMDBADAeeUDBADApQwDBADApR8D
BADApV8DBADApa0DBADApbQDBADApeUDBADAsCEDBADAsHwDBADBtAcwDAMEAMG0
rwMEAMG0sDAMAwQDwbVIAwQAwbVKAwQAwbZrAwQAwbZ+AwQBwbaYAwQAwba+AwQA
wbcWAwQCwbfkAwQBwbfsAwQBweq4MAwDBAHCDpoDBADCDpwDBADCDvUwDAMEA8JE
SAMEAcJETAMEAMJETwMEAMJEfwMEBMJn8AMEAMKEXwMEAsKEvDANBgkqhkiG9w0B
AQsFAAOCAQEAcwOOtYH43X/Gr6mHhePEstsyag7/6iKacjsvcTqAznrtrM1DOlcr
oWBJUiRe8gJWiHXen8A65fv/SOnxa43GS8eYWyHWbrTDD1mr56JKsVhYVe1mYE0V
izsA/3CSB1UTPHXc7QY5UFMxqTBqTycYNtTiydIOOm9vL6G4lue87G11cO3uDvSf
plbo00aFrocM5qDRXiC6RT42P7betK74PNNPrAl6PJWcxELayUWJeA5+mqj9t/+r
WXz8+RYZ0CT6XIXIfomjSPpm9wpZj79gZf/19uDjfu2TVUEADo7dFcBIccZ9r7p+
1AyE6FMqSpCJSfT/MskwG5xWVmIsUCpCMA==
-----END CERTIFICATE-----
Generated at Mon Feb 19 18:02:54 2024 by rpki-client on console-ams.rpki-client.org