Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/c861c8-c89a-4043-a02d-664f04d2a68d/1/vzYcx9ccW0gHWTtRg-6C4cm5K3w.roa
File: vzYcx9ccW0gHWTtRg-6C4cm5K3w.roa (raw, json)
Hash identifier: wd0ca8LxFO544RflqrcjGWhYzmSOpEVMP91/tJ6C3mQ=
Subject key identifier: BF:36:1C:C7:D7:1C:5B:48:07:59:3B:51:83:EE:82:E1:C9:B9:2B:7C
Certificate issuer: /CN=dc02b18f588a50b9274fe3469ff8bd4a1649d74d
Certificate serial: 018B8ED26951ABE8E3539130CEC4C76F1D0E
Authority key identifier: DC:02:B1:8F:58:8A:50:B9:27:4F:E3:46:9F:F8:BD:4A:16:49:D7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3AKxj1iKULknT-NGn_i9ShZJ100.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/c861c8-c89a-4043-a02d-664f04d2a68d/1/vzYcx9ccW0gHWTtRg-6C4cm5K3w.roa
Signing time: Thu 02 Nov 2023 06:57:16 +0000
ROA not before: Thu 02 Nov 2023 06:57:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212573
IP address blocks: 185.52.117.0/24 maxlen: 24
185.52.116.0/22 maxlen: 22
93.187.32.0/21 maxlen: 21
2a00:dd00:7::/48 maxlen: 48
2a00:dd00::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8e:d2:69:51:ab:e8:e3:53:91:30:ce:c4:c7:6f:1d:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc02b18f588a50b9274fe3469ff8bd4a1649d74d
Validity
Not Before: Nov 2 06:57:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bf361cc7d71c5b4807593b5183ee82e1c9b92b7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:2c:e4:af:97:02:bf:9d:f1:fa:d6:b0:2b:33:
29:f1:2b:8c:6e:e3:60:1d:44:98:af:ec:ea:12:6e:
f8:1a:d6:3e:4e:39:1f:db:b4:f7:26:69:43:c6:2b:
2b:e0:ce:84:a9:0a:b3:6e:36:1c:da:b5:c6:22:a2:
a4:da:6f:d4:5f:c4:cc:36:82:00:fb:44:e4:1c:31:
76:e7:79:c2:fc:a6:5b:ef:50:99:b8:13:df:1e:73:
6b:81:58:da:6f:27:7d:32:6d:08:71:17:6f:26:e9:
68:ce:88:be:47:c2:41:fa:8e:37:50:e2:2e:4c:79:
87:4a:b6:3f:87:3c:9c:cc:73:64:7f:2f:3c:1d:59:
da:e8:2a:df:2e:35:04:79:9d:38:0e:93:18:c0:2f:
2f:b0:cb:3d:9d:9f:c4:86:26:c1:d7:0b:b6:70:fe:
63:34:59:5d:df:7b:41:92:5e:0f:f4:cb:14:5d:43:
52:92:6d:d3:56:1a:62:96:99:da:aa:12:d6:ba:bf:
d8:7c:a5:ba:89:95:37:73:25:64:3c:70:70:04:17:
ce:5d:d4:8a:d4:d6:9e:c2:ed:09:97:84:30:b1:f8:
ef:83:99:64:89:a8:bf:90:1c:40:0a:33:99:b1:ee:
e5:ab:01:6b:4c:de:85:49:77:0d:9b:bd:3f:21:55:
eb:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:36:1C:C7:D7:1C:5B:48:07:59:3B:51:83:EE:82:E1:C9:B9:2B:7C
X509v3 Authority Key Identifier:
keyid:DC:02:B1:8F:58:8A:50:B9:27:4F:E3:46:9F:F8:BD:4A:16:49:D7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3AKxj1iKULknT-NGn_i9ShZJ100.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/c861c8-c89a-4043-a02d-664f04d2a68d/1/vzYcx9ccW0gHWTtRg-6C4cm5K3w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/c861c8-c89a-4043-a02d-664f04d2a68d/1/3AKxj1iKULknT-NGn_i9ShZJ100.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.187.32.0/21
185.52.116.0/22
IPv6:
2a00:dd00::/32
Signature Algorithm: sha256WithRSAEncryption
3e:2e:73:ad:4d:ea:12:48:6d:6c:84:ea:7c:10:1e:ce:bd:8e:
73:20:75:ac:ca:4d:8a:14:39:5d:9e:61:ef:bc:48:ec:8b:c1:
14:21:c8:53:9d:5b:8f:23:75:7c:3d:62:dc:f7:49:a0:d2:7a:
67:b5:b7:30:b9:4e:d1:57:fc:05:e6:bf:22:6c:b4:b1:4a:b7:
49:2f:ef:38:6a:ef:77:a2:8f:b5:b5:7c:ab:83:b8:d3:6e:34:
9c:6a:10:b8:1d:a8:ae:61:34:e0:4e:19:a2:b0:fa:72:cf:40:
a2:d8:2b:c4:c9:e0:ed:fb:9a:5a:c6:6a:57:56:cd:27:06:59:
f3:48:05:08:bf:fb:38:47:46:40:00:2d:d3:30:8b:c5:9c:30:
00:92:62:81:42:05:7b:58:55:73:4e:91:5d:b0:5e:78:c9:c6:
63:3b:b6:08:bf:5e:e0:f0:39:52:36:85:df:64:8f:07:1a:80:
3b:54:0e:92:06:a3:89:77:86:91:0e:08:4b:f0:f4:19:ce:af:
27:03:77:ad:50:8e:5b:a3:40:ed:82:02:ab:0c:f7:5b:65:69:
df:93:2d:9d:39:fd:4e:fc:00:67:aa:02:2b:e8:ef:20:3a:87:
49:c3:26:f7:3f:5a:45:c7:75:79:65:88:f7:a4:bc:80:ca:3a:
a6:80:10:cb
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYuO0mlRq+jjU5EwzsTHbx0OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMDJiMThmNTg4YTUwYjkyNzRmZTM0NjlmZjhiZDRhMTY0
OWQ3NGQwHhcNMjMxMTAyMDY1NzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjM2MWNjN2Q3MWM1YjQ4MDc1OTNiNTE4M2VlODJlMWM5YjkyYjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmizkr5cCv53x+tawKzMp8SuMbuNg
HUSYr+zqEm74GtY+Tjkf27T3JmlDxisr4M6EqQqzbjYc2rXGIqKk2m/UX8TMNoIA
+0TkHDF253nC/KZb71CZuBPfHnNrgVjabyd9Mm0IcRdvJulozoi+R8JB+o43UOIu
THmHSrY/hzyczHNkfy88HVna6CrfLjUEeZ04DpMYwC8vsMs9nZ/EhibB1wu2cP5j
NFld33tBkl4P9MsUXUNSkm3TVhpilpnaqhLWur/YfKW6iZU3cyVkPHBwBBfOXdSK
1Naewu0Jl4Qwsfjvg5lkiai/kBxACjOZse7lqwFrTN6FSXcNm70/IVXr7QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFL82HMfXHFtIB1k7UYPuguHJuSt8MB8GA1UdIwQY
MBaAFNwCsY9YilC5J0/jRp/4vUoWSddNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0FLeGoxaUtVTGtuVC1OR25faTlTaFpKMTAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9jODYxYzgtYzg5YS00MDQzLWEwMmQt
NjY0ZjA0ZDJhNjhkLzEvdnpZY3g5Y2NXMGdIV1R0UmctNkM0Y201SzN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9jODYxYzgtYzg5YS00MDQzLWEwMmQtNjY0ZjA0ZDJhNjhk
LzEvM0FLeGoxaUtVTGtuVC1OR25faTlTaFpKMTAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDXbsgAwQC
uTR0MA0EAgACMAcDBQAqAN0AMA0GCSqGSIb3DQEBCwUAA4IBAQA+LnOtTeoSSG1s
hOp8EB7OvY5zIHWsyk2KFDldnmHvvEjsi8EUIchTnVuPI3V8PWLc90mg0npntbcw
uU7RV/wF5r8ibLSxSrdJL+84au93oo+1tXyrg7jTbjScahC4HaiuYTTgThmisPpy
z0Ci2CvEyeDt+5paxmpXVs0nBlnzSAUIv/s4R0ZAAC3TMIvFnDAAkmKBQgV7WFVz
TpFdsF54ycZjO7YIv17g8DlSNoXfZI8HGoA7VA6SBqOJd4aRDghL8PQZzq8nA3et
UI5bo0DtggKrDPdbZWnfky2dOf1O/ABnqgIr6O8gOodJwyb3P1pFx3V5ZYj3pLyA
yjqmgBDL
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:42 2024 by rpki-client on console-ams.rpki-client.org