Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/vxIFh0boluTLhyBBy28zzsYAaXU.roa
File: vxIFh0boluTLhyBBy28zzsYAaXU.roa (raw, json)
Hash identifier: iC4pZZ+jWyU2ez0f6AeA7cZeEIgbM8PZXAZPG/UgIKA=
Subject key identifier: BF:12:05:87:46:E8:96:E4:CB:87:20:41:CB:6F:33:CE:C6:00:69:75
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 01856CCACACD84D3FDD6C1FCE685F17AB68F
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/vxIFh0boluTLhyBBy28zzsYAaXU.roa
Signing time: Sun 01 Jan 2023 10:05:07 +0000
ROA not before: Sun 01 Jan 2023 10:05:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2119
IP address blocks: 194.132.108.0/23 maxlen: 23
193.183.3.0/24 maxlen: 24
194.68.126.0/24 maxlen: 24
194.71.248.0/21 maxlen: 21
194.68.56.0/23 maxlen: 23
192.71.158.0/24 maxlen: 24
194.68.99.0/24 maxlen: 24
194.14.129.0/24 maxlen: 24
193.183.92.0/24 maxlen: 24
192.176.161.0/24 maxlen: 24
193.183.93.0/24 maxlen: 24
193.183.104.0/24 maxlen: 24
193.181.187.0/24 maxlen: 24
193.183.118.0/24 maxlen: 24
193.183.68.0/23 maxlen: 23
193.183.79.0/24 maxlen: 24
192.165.65.0/24 maxlen: 24
192.71.5.0/24 maxlen: 24
192.165.86.0/24 maxlen: 24
192.121.172.0/24 maxlen: 24
192.121.101.0/24 maxlen: 24
193.234.68.0/23 maxlen: 23
192.71.97.0/24 maxlen: 24
192.36.37.0/24 maxlen: 24
193.234.220.0/23 maxlen: 23
193.181.0.0/24 maxlen: 24
193.234.237.0/24 maxlen: 24
194.71.140.0/23 maxlen: 23
192.71.41.0/24 maxlen: 24
192.71.40.0/24 maxlen: 24
194.103.50.0/24 maxlen: 24
192.121.192.0/24 maxlen: 24
194.71.83.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ca:ca:cd:84:d3:fd:d6:c1:fc:e6:85:f1:7a:b6:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 1 10:05:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bf12058746e896e4cb872041cb6f33cec6006975
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:a4:93:1c:25:63:da:61:b9:1a:92:2b:87:50:
9e:2c:02:56:c2:db:f0:e7:42:07:e3:c1:08:aa:c3:
31:8d:b1:5e:8f:b5:d7:a0:a5:02:77:af:71:16:12:
0b:f1:3d:b3:ec:f3:97:e6:ff:32:4c:b6:c9:52:c3:
74:14:0f:7e:f5:55:b9:ea:a5:ed:06:38:b0:b0:cc:
63:a2:05:c5:96:0e:af:a0:41:15:af:72:fd:a0:29:
e0:81:e7:09:31:43:8f:41:51:90:51:1e:b3:91:ac:
6a:ce:9e:49:53:c2:46:4f:98:c0:e4:96:3a:44:2e:
0a:c9:34:42:c2:b4:6c:95:29:92:da:38:16:d2:fa:
b2:17:c6:8c:ec:ea:cf:e5:ea:bf:3c:dd:9c:40:2e:
3d:63:71:cc:db:4c:2a:01:e0:59:80:97:0d:62:f2:
b9:c1:a9:5b:0a:57:f1:8e:98:23:52:0f:6e:78:a7:
6b:b9:af:3f:94:54:95:34:3f:28:cc:6c:08:9d:b6:
de:84:95:1f:c8:7a:7b:db:be:f5:19:5d:09:e8:d0:
9a:50:28:d1:c6:04:cd:c1:73:0a:8c:33:5b:50:51:
ed:4c:56:d0:9d:6a:da:ae:fb:98:fa:12:f9:d1:22:
00:06:8e:35:ea:28:0c:65:50:c7:6a:e0:44:27:44:
a7:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:12:05:87:46:E8:96:E4:CB:87:20:41:CB:6F:33:CE:C6:00:69:75
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/vxIFh0boluTLhyBBy28zzsYAaXU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.37.0/24
192.71.5.0/24
192.71.40.0/23
192.71.97.0/24
192.71.158.0/24
192.121.101.0/24
192.121.172.0/24
192.121.192.0/24
192.165.65.0/24
192.165.86.0/24
192.176.161.0/24
193.181.0.0/24
193.181.187.0/24
193.183.3.0/24
193.183.68.0/23
193.183.79.0/24
193.183.92.0/23
193.183.104.0/24
193.183.118.0/24
193.234.68.0/23
193.234.220.0/23
193.234.237.0/24
194.14.129.0/24
194.68.56.0/23
194.68.99.0/24
194.68.126.0/24
194.71.83.0/24
194.71.140.0/23
194.71.248.0/21
194.103.50.0/24
194.132.108.0/23
Signature Algorithm: sha256WithRSAEncryption
11:cf:dd:7c:39:c7:f9:bb:e5:60:e4:e8:24:f3:f7:13:f0:fe:
aa:ea:18:7c:f2:d4:8e:43:bb:b9:4a:4c:06:5a:62:ca:29:6c:
cf:05:0d:39:2d:21:c8:4b:8e:24:d4:53:39:55:70:58:11:50:
fe:1a:7d:0e:5d:0e:52:96:94:60:a2:97:b6:70:ff:9e:23:2d:
19:42:17:0b:06:84:eb:c8:ef:a8:98:40:9e:39:fc:90:a6:99:
bb:42:7e:18:09:2c:a8:0e:1c:c5:e0:93:2a:f4:2a:f0:1c:cd:
2f:21:63:89:40:b4:13:52:8d:f6:e2:85:56:33:85:1d:bf:3a:
35:3c:9c:bd:fc:42:6b:3c:2b:12:d3:c0:7d:6e:03:28:cd:06:
bd:22:1e:76:85:58:f7:d4:82:4c:00:a3:68:5c:ae:1a:ef:1c:
91:5c:9d:b5:24:0d:65:31:05:77:f0:fe:3a:d9:ff:cb:53:f2:
76:f6:29:c9:26:9f:b8:6d:a1:e1:4f:90:b2:5c:4b:c9:02:08:
66:65:72:8d:5a:aa:f9:44:92:64:66:38:bd:2e:a9:c7:f0:d2:
7d:8e:9a:87:78:14:3c:81:7e:83:63:95:37:c3:0d:6c:e8:40:
2f:1c:6c:0e:63:38:52:f6:15:1f:6a:e4:08:85:6a:d2:3f:6c:
08:52:b8:05
-----BEGIN CERTIFICATE-----
MIIFtjCCBJ6gAwIBAgISAYVsysrNhNP91sH85oXxeraPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjMwMTAxMTAwNTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjEyMDU4NzQ2ZTg5NmU0Y2I4NzIwNDFjYjZmMzNjZWM2MDA2OTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA06STHCVj2mG5GpIrh1CeLAJWwtvw
50IH48EIqsMxjbFej7XXoKUCd69xFhIL8T2z7POX5v8yTLbJUsN0FA9+9VW56qXt
BjiwsMxjogXFlg6voEEVr3L9oCnggecJMUOPQVGQUR6zkaxqzp5JU8JGT5jA5JY6
RC4KyTRCwrRslSmS2jgW0vqyF8aM7OrP5eq/PN2cQC49Y3HM20wqAeBZgJcNYvK5
walbClfxjpgjUg9ueKdrua8/lFSVND8ozGwInbbehJUfyHp72771GV0J6NCaUCjR
xgTNwXMKjDNbUFHtTFbQnWrarvuY+hL50SIABo416igMZVDHauBEJ0SncwIDAQAB
o4ICwjCCAr4wHQYDVR0OBBYEFL8SBYdG6Jbky4cgQctvM87GAGl1MB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvdnhJRmgwYm9sdVRMaHlCQnkyOHp6c1lBYVhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHXBggrBgEFBQcBBwEB/wSBxzCBxDCBwQQCAAEwgboDBADA
JCUDBADARwUDBAHARygDBADAR2EDBADAR54DBADAeWUDBADAeawDBADAecADBADA
pUEDBADApVYDBADAsKEDBADBtQADBADBtbsDBADBtwMDBAHBt0QDBADBt08DBAHB
t1wDBADBt2gDBADBt3YDBAHB6kQDBAHB6twDBADB6u0DBADCDoEDBAHCRDgDBADC
RGMDBADCRH4DBADCR1MDBAHCR4wDBAPCR/gDBADCZzIDBAHChGwwDQYJKoZIhvcN
AQELBQADggEBABHP3Xw5x/m75WDk6CTz9xPw/qrqGHzy1I5Du7lKTAZaYsopbM8F
DTktIchLjiTUUzlVcFgRUP4afQ5dDlKWlGCil7Zw/54jLRlCFwsGhOvI76iYQJ45
/JCmmbtCfhgJLKgOHMXgkyr0KvAczS8hY4lAtBNSjfbihVYzhR2/OjU8nL38Qms8
KxLTwH1uAyjNBr0iHnaFWPfUgkwAo2hcrhrvHJFcnbUkDWUxBXfw/jrZ/8tT8nb2
Kckmn7htoeFPkLJcS8kCCGZlco1aqvlEkmRmOL0uqcfw0n2Omod4FDyBfoNjlTfD
DWzoQC8cbA5jOFL2FR9q5AiFatI/bAhSuAU=
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:33:20 2024 by rpki-client on console-ams.rpki-client.org