Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/ff4794-9e53-4f30-a987-8af7ae0a9ac7/1/VHRBpiqecNHArffCsqM4fyafgyo.roa
File: VHRBpiqecNHArffCsqM4fyafgyo.roa (raw, json)
Hash identifier: oGbtaLQ2j2Z2RQ7qAzsoRUGnhOuaF6kTJFIDlUNMBFA=
Subject key identifier: 54:74:41:A6:2A:9E:70:D1:C0:AD:F7:C2:B2:A3:38:7F:26:9F:83:2A
Certificate issuer: /CN=be43d2710aad7c98c10f4d945dabdeea21c49d31
Certificate serial: 01856EEFCD53BC0C8E11C2AB9DE0BAE28890
Authority key identifier: BE:43:D2:71:0A:AD:7C:98:C1:0F:4D:94:5D:AB:DE:EA:21:C4:9D:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vkPScQqtfJjBD02UXave6iHEnTE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/ff4794-9e53-4f30-a987-8af7ae0a9ac7/1/VHRBpiqecNHArffCsqM4fyafgyo.roa
Signing time: Sun 01 Jan 2023 20:04:47 +0000
ROA not before: Sun 01 Jan 2023 20:04:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198965
IP address blocks: 185.116.120.0/22 maxlen: 22
37.221.224.0/21 maxlen: 21
Validation: Failed, certificate revoked on Mon 25 Sep 2023 08:36:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:ef:cd:53:bc:0c:8e:11:c2:ab:9d:e0:ba:e2:88:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be43d2710aad7c98c10f4d945dabdeea21c49d31
Validity
Not Before: Jan 1 20:04:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=547441a62a9e70d1c0adf7c2b2a3387f269f832a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:70:e9:59:88:d7:cd:89:4c:ae:e4:5c:d2:5f:
96:26:95:03:ec:a8:10:27:14:16:09:02:cf:d7:c6:
3e:52:38:44:b5:ca:13:a2:28:38:9e:21:3e:44:5a:
b7:87:99:55:82:a2:3e:f9:92:fc:35:70:f3:a7:7c:
a4:4d:20:f1:b6:48:c1:67:c3:77:7c:8a:cf:18:be:
ac:e9:96:85:c7:22:42:33:6d:de:92:7f:ae:59:fa:
cf:9d:b8:4c:10:19:ff:25:7b:86:4f:1d:e1:8a:6d:
2a:7c:6b:d0:35:c3:fd:68:ae:e6:9a:3a:2d:c4:1f:
0f:aa:3c:fc:54:e2:c0:93:ed:74:51:3b:69:86:1a:
c1:a9:54:71:65:15:9b:b0:5f:aa:a3:af:c0:60:c5:
21:2a:f3:02:0f:2c:f8:1b:c6:fa:9f:d3:56:66:83:
2e:1c:61:a1:53:d0:e8:8b:9e:3d:09:0d:2b:c2:9c:
af:95:79:b2:fc:cc:58:48:0f:4d:00:72:8c:14:bc:
86:67:0e:ef:f3:db:2f:93:99:ee:55:ab:57:75:28:
bc:31:5a:59:aa:ec:5a:ff:e4:b9:32:85:0e:bd:fd:
00:01:33:4d:a8:79:0f:18:cb:db:cd:37:eb:b9:ab:
af:9d:ee:b2:e2:ee:9c:63:9b:b9:0b:b7:f4:7b:83:
1a:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:74:41:A6:2A:9E:70:D1:C0:AD:F7:C2:B2:A3:38:7F:26:9F:83:2A
X509v3 Authority Key Identifier:
keyid:BE:43:D2:71:0A:AD:7C:98:C1:0F:4D:94:5D:AB:DE:EA:21:C4:9D:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vkPScQqtfJjBD02UXave6iHEnTE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/ff4794-9e53-4f30-a987-8af7ae0a9ac7/1/VHRBpiqecNHArffCsqM4fyafgyo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/ff4794-9e53-4f30-a987-8af7ae0a9ac7/1/vkPScQqtfJjBD02UXave6iHEnTE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.224.0/21
185.116.120.0/22
Signature Algorithm: sha256WithRSAEncryption
40:74:f1:3d:61:29:25:56:59:b1:2e:dd:87:10:cc:44:b2:10:
3a:7e:51:52:89:79:42:b5:b7:88:f9:9e:00:14:9f:65:b6:84:
b5:f0:6a:5f:f5:a4:c7:d1:f9:e6:0c:28:26:b2:fe:b2:1e:b4:
fb:f5:1f:ed:60:14:07:2c:90:d0:ed:1a:8c:94:bd:b9:25:32:
7d:8c:cd:ee:75:ed:33:9c:09:44:74:af:e1:06:25:3f:52:d9:
c8:63:ce:32:19:dd:22:fe:27:d8:15:b6:8b:91:d4:73:3a:9e:
bd:72:16:cc:1b:69:23:d3:a9:8f:3c:b4:d9:14:5a:ba:2d:bb:
19:ab:60:23:d0:a3:9a:1a:e4:92:20:f6:cd:a6:cb:f4:2e:aa:
34:0a:2c:cd:ee:1e:c0:d0:b2:db:8f:1b:6c:65:d1:d7:7c:22:
5e:21:a3:e9:c7:39:ad:02:8b:b8:79:aa:ef:a1:f4:6d:72:a5:
c0:e6:90:fb:53:ba:29:28:50:9d:40:fd:7a:ca:8d:11:c2:67:
1a:b0:74:16:51:39:32:19:3a:64:cb:44:11:a5:97:71:a2:c0:
c2:8f:04:18:c0:97:43:fe:d0:af:5b:2b:a8:08:a0:96:5a:cf:
08:04:ee:2e:3f:82:bc:bf:31:c2:2b:2c:8c:9b:12:71:3d:e2:
ab:92:26:7a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVu781TvAyOEcKrneC64oiQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNDNkMjcxMGFhZDdjOThjMTBmNGQ5NDVkYWJkZWVhMjFj
NDlkMzEwHhcNMjMwMTAxMjAwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDc0NDFhNjJhOWU3MGQxYzBhZGY3YzJiMmEzMzg3ZjI2OWY4MzJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl3DpWYjXzYlMruRc0l+WJpUD7KgQ
JxQWCQLP18Y+UjhEtcoToig4niE+RFq3h5lVgqI++ZL8NXDzp3ykTSDxtkjBZ8N3
fIrPGL6s6ZaFxyJCM23ekn+uWfrPnbhMEBn/JXuGTx3him0qfGvQNcP9aK7mmjot
xB8Pqjz8VOLAk+10UTtphhrBqVRxZRWbsF+qo6/AYMUhKvMCDyz4G8b6n9NWZoMu
HGGhU9Doi549CQ0rwpyvlXmy/MxYSA9NAHKMFLyGZw7v89svk5nuVatXdSi8MVpZ
quxa/+S5MoUOvf0AATNNqHkPGMvbzTfruauvne6y4u6cY5u5C7f0e4MarQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFR0QaYqnnDRwK33wrKjOH8mn4MqMB8GA1UdIwQY
MBaAFL5D0nEKrXyYwQ9NlF2r3uohxJ0xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmtQU2NRcXRmSmpCRDAyVVhhdmU2aUhFblRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9mZjQ3OTQtOWU1My00ZjMwLWE5ODct
OGFmN2FlMGE5YWM3LzEvVkhSQnBpcWVjTkhBcmZmQ3NxTTRmeWFmZ3lvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9mZjQ3OTQtOWU1My00ZjMwLWE5ODctOGFmN2FlMGE5YWM3
LzEvdmtQU2NRcXRmSmpCRDAyVVhhdmU2aUhFblRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDJd3gAwQC
uXR4MA0GCSqGSIb3DQEBCwUAA4IBAQBAdPE9YSklVlmxLt2HEMxEshA6flFSiXlC
tbeI+Z4AFJ9ltoS18Gpf9aTH0fnmDCgmsv6yHrT79R/tYBQHLJDQ7RqMlL25JTJ9
jM3ude0znAlEdK/hBiU/UtnIY84yGd0i/ifYFbaLkdRzOp69chbMG2kj06mPPLTZ
FFq6LbsZq2Aj0KOaGuSSIPbNpsv0Lqo0CizN7h7A0LLbjxtsZdHXfCJeIaPpxzmt
Aou4earvofRtcqXA5pD7U7opKFCdQP16yo0RwmcasHQWUTkyGTpky0QRpZdxosDC
jwQYwJdD/tCvWyuoCKCWWs8IBO4uP4K8vzHCKyyMmxJxPeKrkiZ6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:07 2024 by rpki-client on console-fra.rpki-client.org