Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/490e12-1a45-4b00-a46c-af1e6d077e0c/1/VnNe0nO9a0QhaEZuPv0fQ4D1DPg.roa
File: VnNe0nO9a0QhaEZuPv0fQ4D1DPg.roa (raw, json)
Hash identifier: bQ16S0J+aV5GGZZcnKk15fzpRa0ORqRB87tuy6DSKlo=
Subject key identifier: 56:73:5E:D2:73:BD:6B:44:21:68:46:6E:3E:FD:1F:43:80:F5:0C:F8
Certificate issuer: /CN=b62dd60548b67cc41e67b6a616a12ec53bf42978
Certificate serial: 018B8AF22530E9A5AE8C752C7B5C123280FA
Authority key identifier: B6:2D:D6:05:48:B6:7C:C4:1E:67:B6:A6:16:A1:2E:C5:3B:F4:29:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ti3WBUi2fMQeZ7amFqEuxTv0KXg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/490e12-1a45-4b00-a46c-af1e6d077e0c/1/VnNe0nO9a0QhaEZuPv0fQ4D1DPg.roa
Signing time: Wed 01 Nov 2023 12:53:26 +0000
ROA not before: Wed 01 Nov 2023 12:53:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201401
IP address blocks: 45.157.76.0/22 maxlen: 22
31.14.32.0/24 maxlen: 24
31.14.44.0/24 maxlen: 24
31.14.48.0/24 maxlen: 24
185.76.168.0/22 maxlen: 22
89.31.56.0/21 maxlen: 21
185.76.88.0/22 maxlen: 22
31.14.11.0/24 maxlen: 24
2a05:52a0::/30 maxlen: 30
2a10:c240::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8a:f2:25:30:e9:a5:ae:8c:75:2c:7b:5c:12:32:80:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b62dd60548b67cc41e67b6a616a12ec53bf42978
Validity
Not Before: Nov 1 12:53:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=56735ed273bd6b442168466e3efd1f4380f50cf8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:f6:e9:1f:8a:94:8d:02:cf:59:79:67:1b:77:
6c:a8:44:12:fd:e2:32:86:7c:7a:3f:c1:d7:9a:8a:
bd:08:21:8b:f8:cd:52:90:b6:51:67:b4:a2:9c:24:
65:f0:ac:48:8c:51:ae:fc:4c:81:a8:96:0b:49:e0:
d8:5d:c1:c1:73:fe:ae:af:cd:be:0d:41:df:86:86:
6a:da:13:77:c3:9c:cb:5c:41:48:8d:4d:bf:65:01:
91:0d:f0:8e:22:2a:8b:64:d9:42:bd:30:bd:bc:c5:
24:69:38:2b:7d:d2:48:55:59:43:d3:44:fa:c1:0e:
51:a7:5d:f0:21:f7:f3:f7:8a:67:c9:98:1d:bc:11:
a1:87:da:45:7c:4c:b2:34:54:bb:9c:6a:0b:11:7a:
22:35:49:79:dd:84:40:32:d5:2a:17:42:48:23:37:
7d:76:b5:ad:3a:83:b5:16:c5:c4:3c:82:ae:65:06:
6a:f1:d0:57:d3:57:d1:33:de:46:91:b5:17:d5:df:
eb:c0:10:f7:97:9c:30:0a:e7:c2:db:9d:ce:27:a4:
6f:23:73:e3:f1:75:dc:7d:19:c7:4e:d0:2a:74:82:
6c:33:58:10:a8:46:a2:4a:42:73:f3:7a:af:85:a5:
bd:7e:3a:a0:45:40:40:7a:f3:74:75:e9:7d:b3:5a:
ac:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:73:5E:D2:73:BD:6B:44:21:68:46:6E:3E:FD:1F:43:80:F5:0C:F8
X509v3 Authority Key Identifier:
keyid:B6:2D:D6:05:48:B6:7C:C4:1E:67:B6:A6:16:A1:2E:C5:3B:F4:29:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ti3WBUi2fMQeZ7amFqEuxTv0KXg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/490e12-1a45-4b00-a46c-af1e6d077e0c/1/VnNe0nO9a0QhaEZuPv0fQ4D1DPg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/490e12-1a45-4b00-a46c-af1e6d077e0c/1/ti3WBUi2fMQeZ7amFqEuxTv0KXg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.11.0/24
31.14.32.0/24
31.14.44.0/24
31.14.48.0/24
45.157.76.0/22
89.31.56.0/21
185.76.88.0/22
185.76.168.0/22
IPv6:
2a05:52a0::/30
2a10:c240::/32
Signature Algorithm: sha256WithRSAEncryption
97:7a:7e:23:67:bd:33:6a:cd:67:b4:5e:92:a7:35:1c:c4:54:
b8:75:be:ea:19:3a:91:44:cf:10:fa:15:81:94:65:57:b3:27:
fb:ca:4d:35:66:1b:70:07:55:3c:91:5b:9c:e3:fa:d6:b6:bf:
0c:b6:8a:9c:36:80:c5:be:12:ee:30:92:2e:0f:00:68:d6:95:
8f:c8:04:84:5a:30:a5:81:2a:d0:3f:81:f1:3f:48:de:22:48:
e9:7a:e5:b1:66:3e:9b:da:cb:2c:f9:5d:f2:5e:c8:b3:e0:94:
ba:78:7c:a3:6f:5a:2a:74:e7:c4:5c:f3:c3:bd:c0:37:cf:99:
37:d6:55:75:88:37:4d:97:b3:fe:9f:6d:ad:d6:f5:ba:42:dd:
e0:60:14:6d:00:3e:e7:ee:fe:5c:42:1c:cd:fc:fe:29:2d:da:
42:03:e9:02:c1:80:e8:65:23:23:9a:3b:82:d0:03:e2:ed:fe:
27:b5:63:65:cd:f3:dd:0e:bb:2c:e4:e3:fe:b8:60:66:74:69:
40:b7:88:05:a8:ac:d6:ee:c4:e3:70:07:b7:03:9f:26:90:2a:
5e:29:7a:d4:74:65:e4:6a:c7:53:12:45:c0:6f:ce:75:d4:c2:
fc:2d:dc:42:8c:0e:25:87:11:ba:64:9d:56:50:d8:90:4f:6c:
5c:3d:e9:5a
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAYuK8iUw6aWujHUse1wSMoD6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2MmRkNjA1NDhiNjdjYzQxZTY3YjZhNjE2YTEyZWM1M2Jm
NDI5NzgwHhcNMjMxMTAxMTI1MzI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjczNWVkMjczYmQ2YjQ0MjE2ODQ2NmUzZWZkMWY0MzgwZjUwY2Y4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAofbpH4qUjQLPWXlnG3dsqEQS/eIy
hnx6P8HXmoq9CCGL+M1SkLZRZ7SinCRl8KxIjFGu/EyBqJYLSeDYXcHBc/6ur82+
DUHfhoZq2hN3w5zLXEFIjU2/ZQGRDfCOIiqLZNlCvTC9vMUkaTgrfdJIVVlD00T6
wQ5Rp13wIffz94pnyZgdvBGhh9pFfEyyNFS7nGoLEXoiNUl53YRAMtUqF0JIIzd9
drWtOoO1FsXEPIKuZQZq8dBX01fRM95GkbUX1d/rwBD3l5wwCufC253OJ6RvI3Pj
8XXcfRnHTtAqdIJsM1gQqEaiSkJz83qvhaW9fjqgRUBAevN0del9s1qslwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFFZzXtJzvWtEIWhGbj79H0OA9Qz4MB8GA1UdIwQY
MBaAFLYt1gVItnzEHme2phahLsU79Cl4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGkzV0JVaTJmTVFlWjdhbUZxRXV4VHYwS1hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC80OTBlMTItMWE0NS00YjAwLWE0NmMt
YWYxZTZkMDc3ZTBjLzEvVm5OZTBuTzlhMFFoYUVadVB2MGZRNEQxRFBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC80OTBlMTItMWE0NS00YjAwLWE0NmMtYWYxZTZkMDc3ZTBj
LzEvdGkzV0JVaTJmTVFlWjdhbUZxRXV4VHYwS1hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjA2BAIAATAwAwQAHw4LAwQA
Hw4gAwQAHw4sAwQAHw4wAwQCLZ1MAwQDWR84AwQCuUxYAwQCuUyoMBQEAgACMA4D
BQIqBVKgAwUAKhDCQDANBgkqhkiG9w0BAQsFAAOCAQEAl3p+I2e9M2rNZ7Rekqc1
HMRUuHW+6hk6kUTPEPoVgZRlV7Mn+8pNNWYbcAdVPJFbnOP61ra/DLaKnDaAxb4S
7jCSLg8AaNaVj8gEhFowpYEq0D+B8T9I3iJI6XrlsWY+m9rLLPld8l7Is+CUunh8
o29aKnTnxFzzw73AN8+ZN9ZVdYg3TZez/p9trdb1ukLd4GAUbQA+5+7+XEIczfz+
KS3aQgPpAsGA6GUjI5o7gtAD4u3+J7VjZc3z3Q67LOTj/rhgZnRpQLeIBais1u7E
43AHtwOfJpAqXil61HRl5GrHUxJFwG/OddTC/C3cQowOJYcRumSdVlDYkE9sXD3p
Wg==
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:13:37 2024 by rpki-client on console-ams.rpki-client.org