Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/vJHYdv7gVh82YMCMCJkpYRNJmDc.roa
File: vJHYdv7gVh82YMCMCJkpYRNJmDc.roa (raw, json)
Hash identifier: 8Ss9S7vzcVuOPoReGckpmPDWjGPB8tFPqR9NOQAx/4c=
Subject key identifier: BC:91:D8:76:FE:E0:56:1F:36:60:C0:8C:08:99:29:61:13:49:98:37
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 018CC56EFD80CAC79C9CDABCBB458CCDF9BB
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/vJHYdv7gVh82YMCMCJkpYRNJmDc.roa
Signing time: Mon 01 Jan 2024 14:30:34 +0000
ROA not before: Mon 01 Jan 2024 14:30:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16589
IP address blocks: 213.159.10.0/23 maxlen: 24
213.159.12.0/23 maxlen: 24
195.133.208.0/23 maxlen: 24
194.135.26.0/23 maxlen: 24
89.37.216.0/23 maxlen: 24
85.204.148.0/22 maxlen: 24
93.113.184.0/21 maxlen: 21
62.112.12.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:fd:80:ca:c7:9c:9c:da:bc:bb:45:8c:cd:f9:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Jan 1 14:30:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bc91d876fee0561f3660c08c0899296113499837
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:3d:2b:48:59:aa:3b:0b:df:51:64:72:d0:78:
40:6d:7b:9c:de:cb:84:1b:03:41:5b:1b:d5:c6:ab:
60:10:5b:4d:a6:89:20:22:f0:ce:ed:91:be:1d:e6:
5f:64:a4:ff:61:33:d7:15:ab:1f:7e:62:16:70:63:
bb:98:ca:63:1d:ab:49:df:b8:1e:c6:61:31:c4:92:
35:e9:58:75:bc:e4:74:6f:1a:ff:a4:00:92:d7:c4:
e6:fa:31:e4:e5:20:df:8f:c4:ed:4e:24:46:32:1e:
31:cb:2f:d7:df:f5:44:b4:7d:9c:36:5f:d1:67:8d:
3c:1d:fc:df:85:1e:88:57:fb:ba:fc:74:64:ed:99:
5a:77:8d:70:eb:a2:12:51:83:37:9b:a1:11:4b:0f:
cd:de:d6:9a:10:e5:94:6d:1e:6d:49:83:e3:ef:bb:
be:cf:54:b9:dc:dc:13:95:b3:20:42:9a:fc:33:25:
f1:b8:2d:58:14:a4:9d:89:af:fd:e5:c1:17:8d:fb:
76:8c:b4:50:34:43:b0:67:ea:dc:50:62:d5:ff:ff:
a9:26:32:c5:5b:df:75:3d:ee:71:5d:97:8d:83:81:
34:02:6b:d4:32:1a:2a:99:37:dd:c2:6c:74:49:ac:
98:05:7c:96:3d:43:51:ed:59:0d:47:52:d9:78:46:
54:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:91:D8:76:FE:E0:56:1F:36:60:C0:8C:08:99:29:61:13:49:98:37
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/vJHYdv7gVh82YMCMCJkpYRNJmDc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.112.12.0/23
85.204.148.0/22
89.37.216.0/23
93.113.184.0/21
194.135.26.0/23
195.133.208.0/23
213.159.10.0-213.159.13.255
Signature Algorithm: sha256WithRSAEncryption
91:51:86:76:9d:c3:22:21:50:d2:d0:0f:59:a7:d1:8f:1b:76:
b3:52:b3:4c:c2:61:0c:5d:20:96:1c:48:24:7f:48:80:1c:fe:
87:07:47:76:a1:01:0a:2e:91:34:f9:f8:b5:2f:56:38:25:b9:
55:6c:bb:f1:88:a6:bd:1b:fd:4a:10:9f:96:99:d1:fa:a8:4b:
d8:36:1c:1f:58:76:52:e2:b5:fd:aa:4b:cd:df:16:e3:2d:e0:
f7:58:f5:ac:37:9f:e3:3b:6a:bb:ef:8f:76:4a:7b:a1:cf:b0:
24:fc:d4:9c:c1:71:d6:d0:cc:34:93:92:10:10:b4:e6:48:0c:
d6:43:98:c3:af:9b:84:fb:a1:de:1c:b4:a6:1f:1b:e4:51:0b:
9f:5d:61:b2:9a:bf:f8:1f:57:23:02:f7:c1:33:af:a6:bb:6f:
1d:c7:96:01:9d:44:93:77:3e:ea:92:00:8d:c2:52:20:ca:b5:
b8:db:39:d9:1f:2b:e4:ce:f6:49:67:76:9d:9c:e8:81:6b:fc:
7c:0a:2b:a9:2c:85:76:08:9b:5e:2a:22:91:ba:cf:87:ae:cf:
8d:79:6c:30:fc:ae:96:6b:ae:2d:2e:61:ed:36:38:4d:45:bb:
bf:2a:9d:66:63:c0:3f:a3:9d:98:d8:3a:f5:69:0f:3c:2f:22:
7b:7c:93:7d
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYzFbv2AysecnNq8u0WMzfm7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjQwMTAxMTQzMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzkxZDg3NmZlZTA1NjFmMzY2MGMwOGMwODk5Mjk2MTEzNDk5ODM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlD0rSFmqOwvfUWRy0HhAbXuc3suE
GwNBWxvVxqtgEFtNpokgIvDO7ZG+HeZfZKT/YTPXFasffmIWcGO7mMpjHatJ37ge
xmExxJI16Vh1vOR0bxr/pACS18Tm+jHk5SDfj8TtTiRGMh4xyy/X3/VEtH2cNl/R
Z408HfzfhR6IV/u6/HRk7Zlad41w66ISUYM3m6ERSw/N3taaEOWUbR5tSYPj77u+
z1S53NwTlbMgQpr8MyXxuC1YFKSdia/95cEXjft2jLRQNEOwZ+rcUGLV//+pJjLF
W991Pe5xXZeNg4E0AmvUMhoqmTfdwmx0SayYBXyWPUNR7VkNR1LZeEZUIwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFLyR2Hb+4FYfNmDAjAiZKWETSZg3MB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvdkpIWWR2N2dWaDgyWU1DTUNKa3BZUk5KbURjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQBPnAMAwQC
VcyUAwQBWSXYAwQDXXG4AwQBwocaAwQBw4XQMAwDBAHVnwoDBAHVnwwwDQYJKoZI
hvcNAQELBQADggEBAJFRhnadwyIhUNLQD1mn0Y8bdrNSs0zCYQxdIJYcSCR/SIAc
/ocHR3ahAQoukTT5+LUvVjgluVVsu/GIpr0b/UoQn5aZ0fqoS9g2HB9YdlLitf2q
S83fFuMt4PdY9aw3n+M7arvvj3ZKe6HPsCT81JzBcdbQzDSTkhAQtOZIDNZDmMOv
m4T7od4ctKYfG+RRC59dYbKav/gfVyMC98Ezr6a7bx3HlgGdRJN3PuqSAI3CUiDK
tbjbOdkfK+TO9klndp2c6IFr/HwKK6kshXYIm14qIpG6z4euz415bDD8rpZrri0u
Ye02OE1Fu78qnWZjwD+jnZjYOvVpDzwvInt8k30=
-----END CERTIFICATE-----
Generated at Fri Jan 5 03:10:52 2024 by rpki-client on console-ams.rpki-client.org