Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/vCkKzByO1g0ZZM3DYEeZslKpHI8.roa
File: vCkKzByO1g0ZZM3DYEeZslKpHI8.roa (raw, json)
Hash identifier: SsRA6MWJZXgdlYQyBaAKCVxRAlrelqO7YevhR1dKeog=
Subject key identifier: BC:29:0A:CC:1C:8E:D6:0D:19:64:CD:C3:60:47:99:B2:52:A9:1C:8F
Certificate issuer: /CN=464952bc165441ec6e2e2010c933dc830f361731
Certificate serial: 018CC3491B25506EF8CCC49ED3B84B4D6C30
Authority key identifier: 46:49:52:BC:16:54:41:EC:6E:2E:20:10:C9:33:DC:83:0F:36:17:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RklSvBZUQexuLiAQyTPcgw82FzE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/vCkKzByO1g0ZZM3DYEeZslKpHI8.roa
Signing time: Mon 01 Jan 2024 04:29:57 +0000
ROA not before: Mon 01 Jan 2024 04:29:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58074
IP address blocks: 188.214.150.0/24 maxlen: 24
188.213.213.0/24 maxlen: 24
89.37.139.0/24 maxlen: 24
188.213.50.0/24 maxlen: 24
188.214.227.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 31 Jan 2024 05:43:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:1b:25:50:6e:f8:cc:c4:9e:d3:b8:4b:4d:6c:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=464952bc165441ec6e2e2010c933dc830f361731
Validity
Not Before: Jan 1 04:29:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bc290acc1c8ed60d1964cdc3604799b252a91c8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:f1:18:e7:2d:bf:c8:26:9e:f5:fc:28:c7:cc:
2a:7c:03:33:14:3e:17:18:82:05:45:11:6f:bc:58:
60:a5:c1:43:90:6d:32:58:8e:e9:fd:85:f7:69:9e:
61:96:33:83:c8:61:25:ba:f9:4a:80:1f:fa:94:51:
7a:58:69:e6:77:2a:f6:31:66:73:3f:94:3a:45:3b:
e6:b1:6c:c3:67:2a:6c:7c:c6:85:88:ac:10:04:f0:
84:2a:d3:7a:a5:b3:cd:ec:11:bb:98:7c:85:ab:59:
06:4c:c2:73:0a:53:e9:ca:f7:ce:2e:5c:62:02:17:
ac:67:f6:54:c6:c7:a4:bb:93:6a:8a:c8:80:a0:92:
4c:e0:79:4d:18:a9:b5:e2:16:e1:36:c6:05:9e:e7:
7e:91:02:66:f3:34:5a:8a:aa:8a:b0:b5:64:02:50:
05:bb:6c:9b:22:f7:70:6b:5f:23:b7:c8:c5:f4:b6:
61:00:1c:b5:79:bf:dc:34:ce:43:98:70:59:33:84:
50:73:18:93:8f:26:b2:ec:d8:2c:5c:1c:cb:b4:9b:
f7:6f:97:21:b8:f2:13:e1:03:8d:d3:c6:bf:46:c2:
53:a2:11:2d:99:87:01:c1:84:04:db:18:9f:e6:db:
82:b2:a4:50:5e:6e:a3:dc:c1:6a:63:b2:08:29:2d:
f8:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:29:0A:CC:1C:8E:D6:0D:19:64:CD:C3:60:47:99:B2:52:A9:1C:8F
X509v3 Authority Key Identifier:
keyid:46:49:52:BC:16:54:41:EC:6E:2E:20:10:C9:33:DC:83:0F:36:17:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RklSvBZUQexuLiAQyTPcgw82FzE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/vCkKzByO1g0ZZM3DYEeZslKpHI8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/RklSvBZUQexuLiAQyTPcgw82FzE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.37.139.0/24
188.213.50.0/24
188.213.213.0/24
188.214.150.0/24
188.214.227.0/24
Signature Algorithm: sha256WithRSAEncryption
32:f6:7c:12:50:08:84:11:cc:a8:92:84:49:f9:c7:a5:ac:20:
25:fc:89:4b:52:9d:e3:0a:ac:64:4f:16:d0:9e:30:64:99:ea:
ad:b3:ec:ca:95:ea:31:50:0f:ab:5a:cb:8f:c9:53:26:87:f9:
2d:5a:89:12:b0:5c:96:19:d5:67:2a:55:38:08:62:61:1a:f6:
97:13:ab:d2:1b:84:6c:a8:d8:85:3d:1d:fe:c3:87:98:ad:8b:
93:1e:ed:a8:cc:b4:f0:71:0a:91:95:37:9a:7d:6c:bf:c3:a1:
a7:05:8f:e7:c5:b6:5c:09:c1:16:e3:79:d2:5a:c3:25:20:20:
be:a0:fd:ae:2a:3e:bd:84:79:dd:51:9f:d0:62:18:9e:84:49:
31:a6:2d:ee:21:d9:0a:b0:c6:c0:3e:4b:ad:99:ba:ad:79:55:
c6:d3:cb:5b:ca:25:8a:52:b0:bd:8a:1d:be:11:99:0d:f2:97:
b8:94:2d:9e:c7:6e:f7:d0:23:c4:f2:3d:84:85:fb:29:0c:12:
1c:98:cf:36:68:87:ce:6e:54:39:09:59:27:12:d0:9a:c9:07:
97:e5:79:f4:49:2f:f9:06:67:58:51:c7:0c:ad:71:4e:6f:6c:
13:9e:21:7c:00:1e:89:3e:09:87:35:69:ff:80:fd:a9:03:ea:
01:d3:67:80
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzDSRslUG74zMSe07hLTWwwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2NDk1MmJjMTY1NDQxZWM2ZTJlMjAxMGM5MzNkYzgzMGYz
NjE3MzEwHhcNMjQwMTAxMDQyOTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzI5MGFjYzFjOGVkNjBkMTk2NGNkYzM2MDQ3OTliMjUyYTkxYzhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5PEY5y2/yCae9fwox8wqfAMzFD4X
GIIFRRFvvFhgpcFDkG0yWI7p/YX3aZ5hljODyGEluvlKgB/6lFF6WGnmdyr2MWZz
P5Q6RTvmsWzDZypsfMaFiKwQBPCEKtN6pbPN7BG7mHyFq1kGTMJzClPpyvfOLlxi
AhesZ/ZUxseku5NqisiAoJJM4HlNGKm14hbhNsYFnud+kQJm8zRaiqqKsLVkAlAF
u2ybIvdwa18jt8jF9LZhABy1eb/cNM5DmHBZM4RQcxiTjyay7NgsXBzLtJv3b5ch
uPIT4QON08a/RsJTohEtmYcBwYQE2xif5tuCsqRQXm6j3MFqY7IIKS347QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFLwpCswcjtYNGWTNw2BHmbJSqRyPMB8GA1UdIwQY
MBaAFEZJUrwWVEHsbi4gEMkz3IMPNhcxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmtsU3ZCWlVRZXh1TGlBUXlUUGNndzgyRnpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8wMTA1OGEtNGE4Mi00ODE4LTk3MmQt
ODQyODU4MTIyYmJjLzEvdkNrS3pCeU8xZzBaWk0zRFlFZVpzbEtwSEk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8wMTA1OGEtNGE4Mi00ODE4LTk3MmQtODQyODU4MTIyYmJj
LzEvUmtsU3ZCWlVRZXh1TGlBUXlUUGNndzgyRnpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAWSWLAwQA
vNUyAwQAvNXVAwQAvNaWAwQAvNbjMA0GCSqGSIb3DQEBCwUAA4IBAQAy9nwSUAiE
EcyokoRJ+celrCAl/IlLUp3jCqxkTxbQnjBkmeqts+zKleoxUA+rWsuPyVMmh/kt
WokSsFyWGdVnKlU4CGJhGvaXE6vSG4RsqNiFPR3+w4eYrYuTHu2ozLTwcQqRlTea
fWy/w6GnBY/nxbZcCcEW43nSWsMlICC+oP2uKj69hHndUZ/QYhiehEkxpi3uIdkK
sMbAPkutmbqteVXG08tbyiWKUrC9ih2+EZkN8pe4lC2ex2730CPE8j2EhfspDBIc
mM82aIfOblQ5CVknEtCayQeX5Xn0SS/5BmdYUccMrXFOb2wTniF8AB6JPgmHNWn/
gP2pA+oB02eA
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:11 2024 by rpki-client on console-ams.rpki-client.org