Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/3a39e9-3d40-46f8-bb0f-5ba43b118f75/1/vZU6TaVb87b7vV7JxxPzJooehtI.roa
File: vZU6TaVb87b7vV7JxxPzJooehtI.roa (raw, json)
Hash identifier: 66SgojqMomkrCRrMPb2VQwjPYKZ3Pnh1ue+QfVBnlY4=
Subject key identifier: BD:95:3A:4D:A5:5B:F3:B6:FB:BD:5E:C9:C7:13:F3:26:8A:1E:86:D2
Certificate issuer: /CN=0a2a157f00515f95b6df5dc0d52eb1b5d43fde5c
Certificate serial: 01856BD371BAD6F4BC33DB4AA827E7F0C6EE
Authority key identifier: 0A:2A:15:7F:00:51:5F:95:B6:DF:5D:C0:D5:2E:B1:B5:D4:3F:DE:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CioVfwBRX5W2313A1S6xtdQ_3lw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/3a39e9-3d40-46f8-bb0f-5ba43b118f75/1/vZU6TaVb87b7vV7JxxPzJooehtI.roa
Signing time: Sun 01 Jan 2023 05:34:57 +0000
ROA not before: Sun 01 Jan 2023 05:34:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47406
IP address blocks: 185.154.88.0/22 maxlen: 24
185.176.200.0/22 maxlen: 24
185.118.72.0/22 maxlen: 24
160.202.28.0/22 maxlen: 24
185.211.15.0/24 maxlen: 24
185.123.36.0/22 maxlen: 24
2a06:9240::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:d3:71:ba:d6:f4:bc:33:db:4a:a8:27:e7:f0:c6:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a2a157f00515f95b6df5dc0d52eb1b5d43fde5c
Validity
Not Before: Jan 1 05:34:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bd953a4da55bf3b6fbbd5ec9c713f3268a1e86d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:10:97:cf:8e:d1:9a:bf:ab:f5:a2:16:fd:a5:
14:9b:7a:31:4e:14:80:9f:bf:ce:17:d0:99:3a:ea:
90:d4:e2:d3:7f:7c:70:ba:13:d5:81:42:bb:d8:9d:
00:c2:3b:37:62:73:88:72:5c:50:d3:00:a6:f8:81:
34:44:0f:83:f8:1d:0f:4f:73:09:44:77:a4:79:aa:
15:f9:f3:a2:32:e0:8b:bc:ef:7c:0e:cb:b7:9e:34:
a2:6b:c3:10:00:1b:1e:32:df:54:43:dd:a8:2f:c6:
91:2a:72:c0:c8:a6:00:7a:94:ce:33:8f:6a:6f:5e:
e9:1d:5b:7f:21:fd:b6:36:3f:3b:b1:8b:dc:b4:3e:
b4:75:c6:0b:31:0e:23:32:9b:a6:30:e1:fa:76:cf:
dd:da:82:76:91:cc:fd:91:35:eb:22:27:f7:24:e4:
a4:6b:15:e9:48:fb:8e:b7:b9:f9:fd:fd:36:fa:08:
de:f2:65:ff:63:27:57:4d:d4:38:26:95:99:a6:65:
4e:27:cd:7d:33:d5:af:9f:39:fa:9a:0d:e1:e1:14:
7b:1c:2d:b3:ce:42:12:fe:3d:61:0a:2b:e4:8b:a2:
9a:5c:f9:47:4d:19:ed:52:a2:a1:a0:57:a7:bf:54:
6d:11:d6:c3:04:a9:e9:ac:73:82:34:ff:9f:d5:e4:
cf:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:95:3A:4D:A5:5B:F3:B6:FB:BD:5E:C9:C7:13:F3:26:8A:1E:86:D2
X509v3 Authority Key Identifier:
keyid:0A:2A:15:7F:00:51:5F:95:B6:DF:5D:C0:D5:2E:B1:B5:D4:3F:DE:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CioVfwBRX5W2313A1S6xtdQ_3lw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/3a39e9-3d40-46f8-bb0f-5ba43b118f75/1/vZU6TaVb87b7vV7JxxPzJooehtI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/3a39e9-3d40-46f8-bb0f-5ba43b118f75/1/CioVfwBRX5W2313A1S6xtdQ_3lw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
160.202.28.0/22
185.118.72.0/22
185.123.36.0/22
185.154.88.0/22
185.176.200.0/22
185.211.15.0/24
IPv6:
2a06:9240::/29
Signature Algorithm: sha256WithRSAEncryption
11:ec:72:e7:d9:14:43:e1:2d:dd:9f:a3:dd:1e:35:3c:dd:00:
21:71:6a:c1:52:98:7b:02:65:ba:21:dd:ed:09:79:dd:01:ef:
ad:b0:8a:90:b4:2b:71:90:82:f6:57:fc:44:71:cc:e2:55:69:
20:d0:ff:b8:d2:b9:b2:20:5f:f4:0c:4f:f4:42:d8:25:90:c0:
4d:d0:8a:22:10:c3:8d:e6:b6:f6:f8:f6:e3:2c:36:cd:87:db:
4a:c1:80:fd:34:d5:fa:71:29:77:79:77:fa:98:a3:db:89:eb:
2e:b4:f3:21:ed:4a:0f:15:20:a8:e1:2a:fe:5a:9c:f9:55:23:
95:ab:79:7c:54:6c:d4:54:8e:d9:ea:a0:ac:87:82:b8:4d:c8:
fa:d2:3b:f5:da:ee:ff:fe:be:24:b8:80:9f:ce:9b:7f:b9:aa:
18:dc:be:f2:9b:67:39:f8:39:d7:ed:3c:71:6c:1f:ab:20:f8:
2f:b6:23:7c:c6:2b:b9:1d:d5:a0:fb:f9:5d:a7:ae:e0:08:de:
64:27:0d:5a:f7:66:8a:5c:a0:08:fb:99:dd:a8:8a:00:6d:c8:
e1:f6:0e:09:85:b5:14:e4:df:99:1c:ec:3f:50:dd:5e:7e:e9:
11:36:1c:bc:1f:4b:ea:50:71:08:95:15:d4:ab:9b:5c:38:e4:
7a:af:51:67
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYVr03G61vS8M9tKqCfn8MbuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhMmExNTdmMDA1MTVmOTViNmRmNWRjMGQ1MmViMWI1ZDQz
ZmRlNWMwHhcNMjMwMTAxMDUzNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDk1M2E0ZGE1NWJmM2I2ZmJiZDVlYzljNzEzZjMyNjhhMWU4NmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAixCXz47Rmr+r9aIW/aUUm3oxThSA
n7/OF9CZOuqQ1OLTf3xwuhPVgUK72J0Awjs3YnOIclxQ0wCm+IE0RA+D+B0PT3MJ
RHekeaoV+fOiMuCLvO98Dsu3njSia8MQABseMt9UQ92oL8aRKnLAyKYAepTOM49q
b17pHVt/If22Nj87sYvctD60dcYLMQ4jMpumMOH6ds/d2oJ2kcz9kTXrIif3JOSk
axXpSPuOt7n5/f02+gje8mX/YydXTdQ4JpWZpmVOJ819M9Wvnzn6mg3h4RR7HC2z
zkIS/j1hCivki6KaXPlHTRntUqKhoFenv1RtEdbDBKnprHOCNP+f1eTPkwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFL2VOk2lW/O2+71eyccT8yaKHobSMB8GA1UdIwQY
MBaAFAoqFX8AUV+Vtt9dwNUusbXUP95cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2lvVmZ3QlJYNVcyMzEzQTFTNnh0ZFFfM2x3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS8zYTM5ZTktM2Q0MC00NmY4LWJiMGYt
NWJhNDNiMTE4Zjc1LzEvdlpVNlRhVmI4N2I3dlY3Snh4UHpKb29laHRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS8zYTM5ZTktM2Q0MC00NmY4LWJiMGYtNWJhNDNiMTE4Zjc1
LzEvQ2lvVmZ3QlJYNVcyMzEzQTFTNnh0ZFFfM2x3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQCoMocAwQC
uXZIAwQCuXskAwQCuZpYAwQCubDIAwQAudMPMA0EAgACMAcDBQMqBpJAMA0GCSqG
SIb3DQEBCwUAA4IBAQAR7HLn2RRD4S3dn6PdHjU83QAhcWrBUph7AmW6Id3tCXnd
Ae+tsIqQtCtxkIL2V/xEccziVWkg0P+40rmyIF/0DE/0QtglkMBN0IoiEMON5rb2
+PbjLDbNh9tKwYD9NNX6cSl3eXf6mKPbiesutPMh7UoPFSCo4Sr+Wpz5VSOVq3l8
VGzUVI7Z6qCsh4K4Tcj60jv12u7//r4kuICfzpt/uaoY3L7ym2c5+DnX7TxxbB+r
IPgvtiN8xiu5HdWg+/ldp67gCN5kJw1a92aKXKAI+5ndqIoAbcjh9g4JhbUU5N+Z
HOw/UN1efukRNhy8H0vqUHEIlRXUq5tcOOR6r1Fn
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:29 2024 by rpki-client on console-ams.rpki-client.org