Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/20cb33-e2bf-46aa-abfa-928e7bc69570/1/VenszYvQGWIfiCpqfOpSRWwZn2w.roa
File: VenszYvQGWIfiCpqfOpSRWwZn2w.roa (raw, json)
Hash identifier: cOFHFFquKdAKpSJnE1sUfn6IUu+89K4ww2AdSMbyHQI=
Subject key identifier: 55:E9:EC:CD:8B:D0:19:62:1F:88:2A:6A:7C:EA:52:45:6C:19:9F:6C
Certificate issuer: /CN=de456cdb4d140345c3dcaebfc7634d4e7cdcb913
Certificate serial: 01856F0251FEBDB931D70788293CE56FC76C
Authority key identifier: DE:45:6C:DB:4D:14:03:45:C3:DC:AE:BF:C7:63:4D:4E:7C:DC:B9:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3kVs200UA0XD3K6_x2NNTnzcuRM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/20cb33-e2bf-46aa-abfa-928e7bc69570/1/VenszYvQGWIfiCpqfOpSRWwZn2w.roa
Signing time: Sun 01 Jan 2023 20:25:01 +0000
ROA not before: Sun 01 Jan 2023 20:25:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49964
IP address blocks: 185.99.48.0/24 maxlen: 24
193.105.133.0/24 maxlen: 24
193.138.101.0/24 maxlen: 24
109.69.218.0/24 maxlen: 24
128.127.180.0/24 maxlen: 24
185.192.44.0/24 maxlen: 24
185.192.45.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:51:fe:bd:b9:31:d7:07:88:29:3c:e5:6f:c7:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de456cdb4d140345c3dcaebfc7634d4e7cdcb913
Validity
Not Before: Jan 1 20:25:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=55e9eccd8bd019621f882a6a7cea52456c199f6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:78:d2:0c:2c:7d:f4:dd:31:24:cf:17:73:c2:
75:cb:88:a2:dd:49:e4:d5:11:35:d3:7b:7c:e0:56:
c3:b9:03:45:df:cf:23:e5:99:14:04:f2:33:dd:d7:
a1:58:62:8d:c0:31:ff:72:08:ea:cd:8c:90:69:05:
49:e7:be:e4:1c:3b:bf:04:c4:3b:97:58:ce:0d:11:
96:32:26:a7:28:26:89:e8:2e:27:2b:c0:28:ba:61:
f6:eb:c9:c6:6b:c6:c6:bd:72:c0:e3:d9:d6:3e:c3:
60:51:62:48:55:25:e1:8e:5f:9f:0e:42:06:c3:54:
94:66:21:4c:de:b0:69:75:b0:ce:0b:ad:0c:3a:f5:
eb:9f:89:4f:f6:cd:02:b1:11:92:4f:6d:dd:91:d2:
5a:9a:4e:f8:3c:58:60:73:b4:73:32:b5:2d:50:6b:
9b:d2:dc:9f:4b:1d:53:31:18:46:ba:44:17:a6:8f:
c9:9f:83:ab:2f:be:29:f7:df:9d:5a:08:80:4e:2d:
63:b2:d2:54:bb:a5:6e:ea:e2:f9:86:e3:4d:1c:36:
fa:85:f0:6f:0c:99:39:3b:01:0c:41:21:31:d3:bc:
3e:28:32:eb:95:b7:a1:1a:64:6b:07:c8:a5:52:70:
fa:cd:b4:e5:7c:0e:3f:c8:e3:da:c4:51:52:2c:d9:
87:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:E9:EC:CD:8B:D0:19:62:1F:88:2A:6A:7C:EA:52:45:6C:19:9F:6C
X509v3 Authority Key Identifier:
keyid:DE:45:6C:DB:4D:14:03:45:C3:DC:AE:BF:C7:63:4D:4E:7C:DC:B9:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3kVs200UA0XD3K6_x2NNTnzcuRM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/20cb33-e2bf-46aa-abfa-928e7bc69570/1/VenszYvQGWIfiCpqfOpSRWwZn2w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/20cb33-e2bf-46aa-abfa-928e7bc69570/1/3kVs200UA0XD3K6_x2NNTnzcuRM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.69.218.0/24
128.127.180.0/24
185.99.48.0/24
185.192.44.0/23
193.105.133.0/24
193.138.101.0/24
Signature Algorithm: sha256WithRSAEncryption
83:0b:d4:40:34:1f:61:4b:ef:b2:6f:f0:6b:e0:b2:a5:aa:3d:
33:73:1c:64:5b:ad:0b:54:fd:f3:2b:42:ef:4b:43:11:e3:8b:
74:3f:7c:99:a7:3a:b0:d2:a4:07:23:13:7e:da:78:3c:79:46:
0c:67:22:34:c4:3b:40:1c:4c:72:e1:e2:45:f4:a7:9e:0e:34:
a6:1b:90:9a:2e:60:bb:25:12:dc:42:17:28:e3:f1:f7:f3:c4:
92:af:a0:60:29:4e:8f:04:60:c6:af:fa:51:2e:9c:47:3b:cd:
f1:24:e4:41:6c:4b:49:70:0a:70:70:b4:82:68:f7:a2:d3:cc:
f7:19:18:1d:20:ce:d5:a1:62:4a:ee:5b:bc:31:7d:8e:d9:de:
b2:b7:50:13:7c:2d:ce:bd:76:46:96:18:3d:e6:e5:85:36:11:
3c:e4:d1:e0:88:6d:25:8e:ba:13:57:3b:a6:51:b8:08:3c:ce:
dc:9a:c2:c5:56:c4:b3:79:3b:76:86:48:71:64:c3:3f:50:f0:
85:e7:e9:37:88:2c:ed:68:28:2a:c1:e3:aa:6c:e8:d3:b5:a8:
1d:02:cf:37:ef:85:9d:ee:5b:b1:00:0a:7f:bc:3d:09:9d:b1:
0c:ba:80:8a:46:7e:91:8b:0d:f7:8e:e8:bc:3b:08:89:b4:ee:
d1:f4:a3:72
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVvAlH+vbkx1weIKTzlb8dsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlNDU2Y2RiNGQxNDAzNDVjM2RjYWViZmM3NjM0ZDRlN2Nk
Y2I5MTMwHhcNMjMwMTAxMjAyNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWU5ZWNjZDhiZDAxOTYyMWY4ODJhNmE3Y2VhNTI0NTZjMTk5ZjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0HjSDCx99N0xJM8Xc8J1y4ii3Unk
1RE103t84FbDuQNF388j5ZkUBPIz3dehWGKNwDH/cgjqzYyQaQVJ577kHDu/BMQ7
l1jODRGWMianKCaJ6C4nK8AoumH268nGa8bGvXLA49nWPsNgUWJIVSXhjl+fDkIG
w1SUZiFM3rBpdbDOC60MOvXrn4lP9s0CsRGST23dkdJamk74PFhgc7RzMrUtUGub
0tyfSx1TMRhGukQXpo/Jn4OrL74p99+dWgiATi1jstJUu6Vu6uL5huNNHDb6hfBv
DJk5OwEMQSEx07w+KDLrlbehGmRrB8ilUnD6zbTlfA4/yOPaxFFSLNmH+QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFFXp7M2L0BliH4gqanzqUkVsGZ9sMB8GA1UdIwQY
MBaAFN5FbNtNFANFw9yuv8djTU583LkTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2tWczIwMFVBMFhEM0s2X3gyTk5UbnpjdVJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC8yMGNiMzMtZTJiZi00NmFhLWFiZmEt
OTI4ZTdiYzY5NTcwLzEvVmVuc3pZdlFHV0lmaUNwcWZPcFNSV3dabjJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC8yMGNiMzMtZTJiZi00NmFhLWFiZmEtOTI4ZTdiYzY5NTcw
LzEvM2tWczIwMFVBMFhEM0s2X3gyTk5UbnpjdVJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAbUXaAwQA
gH+0AwQAuWMwAwQBucAsAwQAwWmFAwQAwYplMA0GCSqGSIb3DQEBCwUAA4IBAQCD
C9RANB9hS++yb/Br4LKlqj0zcxxkW60LVP3zK0LvS0MR44t0P3yZpzqw0qQHIxN+
2ng8eUYMZyI0xDtAHExy4eJF9KeeDjSmG5CaLmC7JRLcQhco4/H388SSr6BgKU6P
BGDGr/pRLpxHO83xJORBbEtJcApwcLSCaPei08z3GRgdIM7VoWJK7lu8MX2O2d6y
t1ATfC3OvXZGlhg95uWFNhE85NHgiG0ljroTVzumUbgIPM7cmsLFVsSzeTt2hkhx
ZMM/UPCF5+k3iCztaCgqweOqbOjTtagdAs8374Wd7luxAAp/vD0JnbEMuoCKRn6R
iw33jui8OwiJtO7R9KNy
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:26 2024 by rpki-client on console-ams.rpki-client.org