Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/b8d2a8-53a9-42c0-b7c9-dd862774a092/1/rmRZrXlRRT-WtnMFNzf3VvwNBbw.roa
File: rmRZrXlRRT-WtnMFNzf3VvwNBbw.roa (raw, json)
Hash identifier: wZG/U8K6Ep/Nuf6+YqULCuCKue75uMO9j+Qp41+47Dc=
Subject key identifier: AE:64:59:AD:79:51:45:3F:96:B6:73:05:37:37:F7:56:FC:0D:05:BC
Certificate issuer: /CN=571cb51cba68eb7ef9867a75d17ab28018196aa1
Certificate serial: 01856E81F482458345FBE4ABD4C281F04755
Authority key identifier: 57:1C:B5:1C:BA:68:EB:7E:F9:86:7A:75:D1:7A:B2:80:18:19:6A:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Vxy1HLpo6375hnp10XqygBgZaqE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/b8d2a8-53a9-42c0-b7c9-dd862774a092/1/rmRZrXlRRT-WtnMFNzf3VvwNBbw.roa
Signing time: Sun 01 Jan 2023 18:04:48 +0000
ROA not before: Sun 01 Jan 2023 18:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60721
IP address blocks: 193.33.237.0/24 maxlen: 24
193.33.236.0/24 maxlen: 24
193.33.236.0/23 maxlen: 24
195.211.118.0/24 maxlen: 24
195.211.116.0/24 maxlen: 24
195.211.116.0/22 maxlen: 24
195.211.117.0/24 maxlen: 24
195.211.119.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:32:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:81:f4:82:45:83:45:fb:e4:ab:d4:c2:81:f0:47:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=571cb51cba68eb7ef9867a75d17ab28018196aa1
Validity
Not Before: Jan 1 18:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ae6459ad7951453f96b673053737f756fc0d05bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:97:9e:cb:b6:3d:c7:e5:3a:3a:b9:e7:7a:96:
23:fd:0d:78:64:e3:f2:c9:30:0d:38:2f:23:5d:b1:
68:68:de:89:82:2f:f8:b5:ce:69:cd:74:7b:a2:bf:
5a:39:d7:6e:db:be:a8:34:14:0c:36:9f:51:d9:34:
65:22:a6:40:03:2b:49:47:bc:dc:8f:de:a6:5b:2e:
87:95:ac:9c:98:b5:85:4c:87:d2:dd:85:b0:bb:37:
66:72:86:0d:c7:da:2a:33:8d:80:e6:47:0f:0f:eb:
ef:00:0a:39:c5:28:db:02:44:5f:99:fb:63:9e:45:
52:bd:70:c9:e4:0c:bb:02:82:44:a0:42:ab:44:d1:
ca:2f:aa:3e:4f:04:61:cf:93:9f:60:f7:98:9d:cf:
c6:d4:d5:34:f4:39:80:d5:25:d4:1a:8f:48:63:fc:
1e:0d:32:17:ab:88:b9:cb:bb:71:f0:af:57:ce:fe:
25:74:0e:42:8d:bf:91:31:ab:55:3b:27:10:a5:4f:
3c:d8:d4:76:a5:08:d9:1e:29:de:49:94:dd:f6:09:
a6:96:55:2f:51:f0:82:83:39:09:4a:88:67:58:be:
0f:b5:08:84:fb:93:51:18:47:7e:50:9e:87:8f:0d:
ee:58:8c:5b:62:f9:01:0e:bc:43:2f:93:46:6d:a5:
81:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:64:59:AD:79:51:45:3F:96:B6:73:05:37:37:F7:56:FC:0D:05:BC
X509v3 Authority Key Identifier:
keyid:57:1C:B5:1C:BA:68:EB:7E:F9:86:7A:75:D1:7A:B2:80:18:19:6A:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vxy1HLpo6375hnp10XqygBgZaqE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/b8d2a8-53a9-42c0-b7c9-dd862774a092/1/rmRZrXlRRT-WtnMFNzf3VvwNBbw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/b8d2a8-53a9-42c0-b7c9-dd862774a092/1/Vxy1HLpo6375hnp10XqygBgZaqE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.33.236.0/23
195.211.116.0/22
Signature Algorithm: sha256WithRSAEncryption
b7:37:32:59:fa:df:bd:25:52:54:a0:cb:9d:a6:3d:39:6e:49:
94:00:72:54:d7:7f:b5:4d:7e:c0:03:46:e2:ce:e2:12:f0:ae:
ab:53:d2:e6:a4:97:6d:c4:87:d2:92:e6:7a:1b:b9:c6:b6:ba:
07:38:09:31:4c:66:61:55:22:43:7e:d0:8d:1f:d9:dc:d9:6d:
b5:5b:57:c3:b1:35:36:7b:23:44:94:f3:51:ac:b1:34:94:4e:
f4:c9:6d:eb:5f:89:b8:4c:4c:71:db:cc:8a:08:32:07:93:63:
9c:e1:d8:2a:95:b0:b1:51:19:df:dc:13:b7:b6:6a:fe:0c:08:
3e:cf:96:cc:5d:63:0b:ff:01:23:b5:94:61:98:fa:6c:e3:63:
16:f4:2b:6d:3d:1d:74:c4:13:9e:bb:ad:6c:3d:e0:72:75:0e:
ec:7d:67:ee:55:2c:2c:58:d7:7f:be:62:4e:87:30:41:26:81:
e3:b1:98:52:b2:a3:e8:30:48:85:0b:c1:1e:34:cf:d9:a2:20:
34:89:d4:c8:16:2f:73:17:79:46:20:b1:e3:30:e2:7b:d9:29:
47:ab:23:59:cb:d9:43:f1:6a:d8:84:20:7d:6e:e4:e9:cf:db:
69:fd:4f:1b:9b:bc:32:af:34:11:af:0c:09:ac:99:88:28:d1:
01:18:7c:79
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVugfSCRYNF++Sr1MKB8EdVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3MWNiNTFjYmE2OGViN2VmOTg2N2E3NWQxN2FiMjgwMTgx
OTZhYTEwHhcNMjMwMTAxMTgwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTY0NTlhZDc5NTE0NTNmOTZiNjczMDUzNzM3Zjc1NmZjMGQwNWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJeey7Y9x+U6OrnnepYj/Q14ZOPy
yTANOC8jXbFoaN6Jgi/4tc5pzXR7or9aOddu276oNBQMNp9R2TRlIqZAAytJR7zc
j96mWy6HlaycmLWFTIfS3YWwuzdmcoYNx9oqM42A5kcPD+vvAAo5xSjbAkRfmftj
nkVSvXDJ5Ay7AoJEoEKrRNHKL6o+TwRhz5OfYPeYnc/G1NU09DmA1SXUGo9IY/we
DTIXq4i5y7tx8K9Xzv4ldA5Cjb+RMatVOycQpU882NR2pQjZHineSZTd9gmmllUv
UfCCgzkJSohnWL4PtQiE+5NRGEd+UJ6Hjw3uWIxbYvkBDrxDL5NGbaWBbQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFK5kWa15UUU/lrZzBTc391b8DQW8MB8GA1UdIwQY
MBaAFFcctRy6aOt++YZ6ddF6soAYGWqhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnh5MUhMcG82Mzc1aG5wMTBYcXlnQmdaYXFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9iOGQyYTgtNTNhOS00MmMwLWI3Yzkt
ZGQ4NjI3NzRhMDkyLzEvcm1SWnJYbFJSVC1XdG5NRk56ZjNWdndOQmJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9iOGQyYTgtNTNhOS00MmMwLWI3YzktZGQ4NjI3NzRhMDky
LzEvVnh5MUhMcG82Mzc1aG5wMTBYcXlnQmdaYXFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwSHsAwQC
w9N0MA0GCSqGSIb3DQEBCwUAA4IBAQC3NzJZ+t+9JVJUoMudpj05bkmUAHJU13+1
TX7AA0bizuIS8K6rU9LmpJdtxIfSkuZ6G7nGtroHOAkxTGZhVSJDftCNH9nc2W21
W1fDsTU2eyNElPNRrLE0lE70yW3rX4m4TExx28yKCDIHk2Oc4dgqlbCxURnf3BO3
tmr+DAg+z5bMXWML/wEjtZRhmPps42MW9CttPR10xBOeu61sPeBydQ7sfWfuVSws
WNd/vmJOhzBBJoHjsZhSsqPoMEiFC8EeNM/ZoiA0idTIFi9zF3lGILHjMOJ72SlH
qyNZy9lD8WrYhCB9buTpz9tp/U8bm7wyrzQRrwwJrJmIKNEBGHx5
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:27 2024 by rpki-client on console-ams.rpki-client.org