Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/88fdd1-8b7b-4101-ac66-b590957d9415/1/vbzEWiuayiCLr6AtFHpGTBfvx-Y.roa
File: vbzEWiuayiCLr6AtFHpGTBfvx-Y.roa (raw, json)
Hash identifier: 1NTPFh4gzjnNHUD0iDqh/90BTDjnmrH05qipPc54+48=
Subject key identifier: BD:BC:C4:5A:2B:9A:CA:20:8B:AF:A0:2D:14:7A:46:4C:17:EF:C7:E6
Certificate issuer: /CN=5e1bf6a319da2489816aedba1b4fd0cc7ddf3e1e
Certificate serial: 01877A9B797E4A8BC761BC62FF403463C260
Authority key identifier: 5E:1B:F6:A3:19:DA:24:89:81:6A:ED:BA:1B:4F:D0:CC:7D:DF:3E:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xhv2oxnaJImBau26G0_QzH3fPh4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/88fdd1-8b7b-4101-ac66-b590957d9415/1/vbzEWiuayiCLr6AtFHpGTBfvx-Y.roa
Signing time: Thu 13 Apr 2023 12:33:41 +0000
ROA not before: Thu 13 Apr 2023 12:33:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39386
IP address blocks: 84.235.56.0/23 maxlen: 23
178.86.50.0/24 maxlen: 24
84.235.0.0/17 maxlen: 17
84.235.0.0/24 maxlen: 24
84.235.14.0/24 maxlen: 24
37.224.192.0/24 maxlen: 24
84.235.95.0/24 maxlen: 24
84.235.111.0/24 maxlen: 24
84.235.110.0/24 maxlen: 24
84.235.109.0/24 maxlen: 24
84.235.108.0/24 maxlen: 24
84.235.120.0/22 maxlen: 22
2001:16a0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:7a:9b:79:7e:4a:8b:c7:61:bc:62:ff:40:34:63:c2:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e1bf6a319da2489816aedba1b4fd0cc7ddf3e1e
Validity
Not Before: Apr 13 12:33:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bdbcc45a2b9aca208bafa02d147a464c17efc7e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:9e:3f:a3:2c:1e:68:89:9b:58:d4:b2:ef:ae:
1f:c3:7f:c3:e3:2c:d5:3a:49:46:4e:a8:a8:05:8b:
c5:67:e9:5c:ee:56:d6:b3:91:76:ec:a8:aa:49:4d:
bc:ac:54:59:5a:fd:05:20:10:ec:90:8a:f0:e1:58:
b1:86:5e:16:d4:d4:2c:65:f6:0a:1d:95:55:3a:8c:
ab:a8:14:dc:65:bf:02:42:0f:69:e3:d5:43:2b:1b:
c1:02:71:a1:46:7f:b6:5f:d5:9a:57:28:9c:cf:7d:
0c:4b:7c:a3:17:01:86:65:cc:6d:26:29:34:93:17:
4c:58:db:4c:17:46:cb:0f:88:f3:a3:c7:84:4a:eb:
39:25:bc:ee:68:a8:7c:35:31:8a:63:c2:87:2e:32:
d1:f6:c6:86:1a:fa:c9:76:fe:32:1c:56:85:07:65:
ea:db:96:a5:1a:95:ad:0c:ca:e6:2c:09:73:36:f7:
7f:0a:20:0d:cc:7c:9b:3b:bd:25:01:96:ea:fd:0d:
f1:25:79:1a:5b:b7:72:42:d8:11:6f:70:43:84:3e:
89:71:89:10:06:6c:69:b1:4d:61:20:ee:fe:16:cd:
c1:cd:4b:01:41:15:b0:1f:cc:1c:dd:17:53:dd:ce:
ea:25:98:12:0c:7a:92:21:8c:f3:cf:18:dd:fd:dc:
d7:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:BC:C4:5A:2B:9A:CA:20:8B:AF:A0:2D:14:7A:46:4C:17:EF:C7:E6
X509v3 Authority Key Identifier:
keyid:5E:1B:F6:A3:19:DA:24:89:81:6A:ED:BA:1B:4F:D0:CC:7D:DF:3E:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xhv2oxnaJImBau26G0_QzH3fPh4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/88fdd1-8b7b-4101-ac66-b590957d9415/1/vbzEWiuayiCLr6AtFHpGTBfvx-Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/88fdd1-8b7b-4101-ac66-b590957d9415/1/Xhv2oxnaJImBau26G0_QzH3fPh4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.224.192.0/24
84.235.0.0/17
178.86.50.0/24
IPv6:
2001:16a0::/29
Signature Algorithm: sha256WithRSAEncryption
28:dd:8b:6a:84:e4:82:95:52:c5:b2:7c:38:7b:70:e7:b9:81:
18:87:aa:ca:d9:17:64:a4:89:83:0c:31:6d:be:2d:16:73:18:
16:49:a3:07:38:eb:a8:9e:28:e2:72:b9:68:3f:90:cd:01:2d:
fd:7f:06:8b:9b:31:23:d1:56:d2:a5:89:72:05:b8:83:5b:75:
5c:96:c8:e0:26:33:18:4e:9a:a9:97:e1:a1:1a:db:d9:87:12:
1f:a4:a8:a0:4d:5e:5d:e0:3b:33:e8:5e:b4:48:d5:fd:62:84:
2b:bc:b4:47:3b:09:11:ef:1a:13:70:dc:7a:20:17:a5:01:3b:
6a:dd:aa:27:b9:be:d2:fe:45:85:37:e9:b9:ee:52:34:73:fc:
01:72:d5:c4:90:f3:cb:07:88:8e:27:bf:9c:70:31:ff:e6:10:
3c:7b:ef:73:a6:fa:f0:a2:b4:86:ff:62:00:6a:0b:85:11:4f:
a1:c3:f0:7c:af:90:7f:33:97:00:6a:fe:06:af:89:47:c7:dc:
f2:83:db:d0:09:23:37:9d:d9:24:03:80:9d:dc:86:e2:02:16:
e7:35:6c:ff:d7:d9:72:99:db:96:e6:40:47:bb:77:d0:cd:df:
8d:2c:41:cf:6b:24:5d:4c:92:c3:4e:78:32:00:f5:fd:cf:16:
95:28:25:91
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYd6m3l+SovHYbxi/0A0Y8JgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlMWJmNmEzMTlkYTI0ODk4MTZhZWRiYTFiNGZkMGNjN2Rk
ZjNlMWUwHhcNMjMwNDEzMTIzMzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGJjYzQ1YTJiOWFjYTIwOGJhZmEwMmQxNDdhNDY0YzE3ZWZjN2U2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnp4/oyweaImbWNSy764fw3/D4yzV
OklGTqioBYvFZ+lc7lbWs5F27KiqSU28rFRZWv0FIBDskIrw4Vixhl4W1NQsZfYK
HZVVOoyrqBTcZb8CQg9p49VDKxvBAnGhRn+2X9WaVyicz30MS3yjFwGGZcxtJik0
kxdMWNtMF0bLD4jzo8eESus5JbzuaKh8NTGKY8KHLjLR9saGGvrJdv4yHFaFB2Xq
25alGpWtDMrmLAlzNvd/CiANzHybO70lAZbq/Q3xJXkaW7dyQtgRb3BDhD6JcYkQ
BmxpsU1hIO7+Fs3BzUsBQRWwH8wc3RdT3c7qJZgSDHqSIYzzzxjd/dzXIwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFL28xFormsogi6+gLRR6RkwX78fmMB8GA1UdIwQY
MBaAFF4b9qMZ2iSJgWrtuhtP0Mx93z4eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGh2Mm94bmFKSW1CYXUyNkcwX1F6SDNmUGg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi84OGZkZDEtOGI3Yi00MTAxLWFjNjYt
YjU5MDk1N2Q5NDE1LzEvdmJ6RVdpdWF5aUNMcjZBdEZIcEdUQmZ2eC1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi84OGZkZDEtOGI3Yi00MTAxLWFjNjYtYjU5MDk1N2Q5NDE1
LzEvWGh2Mm94bmFKSW1CYXUyNkcwX1F6SDNmUGg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAJeDAAwQH
VOsAAwQAslYyMA0EAgACMAcDBQMgARagMA0GCSqGSIb3DQEBCwUAA4IBAQAo3Ytq
hOSClVLFsnw4e3DnuYEYh6rK2RdkpImDDDFtvi0WcxgWSaMHOOuonijicrloP5DN
AS39fwaLmzEj0VbSpYlyBbiDW3VclsjgJjMYTpqpl+GhGtvZhxIfpKigTV5d4Dsz
6F60SNX9YoQrvLRHOwkR7xoTcNx6IBelATtq3aonub7S/kWFN+m57lI0c/wBctXE
kPPLB4iOJ7+ccDH/5hA8e+9zpvrworSG/2IAaguFEU+hw/B8r5B/M5cAav4Gr4lH
x9zyg9vQCSM3ndkkA4Cd3IbiAhbnNWz/19lymduW5kBHu3fQzd+NLEHPayRdTJLD
TngyAPX9zxaVKCWR
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:23 2023 by rpki-client on console-fra.rpki-client.org