Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/VCW8ZrX6b8X-wbM6XGGlz_vh0iA.roa
File: VCW8ZrX6b8X-wbM6XGGlz_vh0iA.roa (raw, json)
Hash identifier: oM8qoeyoaH4u9IfEs0QH/Ka5Ja1MQJbAhkPFcNkp970=
Subject key identifier: 54:25:BC:66:B5:FA:6F:C5:FE:C1:B3:3A:5C:61:A5:CF:FB:E1:D2:20
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01926B5BE60C0505FC8F3A1C71BE09464519
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/VCW8ZrX6b8X-wbM6XGGlz_vh0iA.roa
Signing time: Tue 08 Oct 2024 09:00:37 +0000
ROA not before: Tue 08 Oct 2024 09:00:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43548
IP address blocks: 85.217.164.0/22 maxlen: 22
85.217.176.0/21 maxlen: 32
87.120.99.0/24 maxlen: 24
87.120.246.0/24 maxlen: 24
87.121.108.0/23 maxlen: 23
91.92.168.0/22 maxlen: 22
93.123.65.0/24 maxlen: 24
94.156.4.0/23 maxlen: 23
94.156.80.0/21 maxlen: 21
94.156.97.0/24 maxlen: 24
2a00:1728:2d::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 22 Oct 2024 14:31:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:6b:5b:e6:0c:05:05:fc:8f:3a:1c:71:be:09:46:45:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Oct 8 09:00:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5425bc66b5fa6fc5fec1b33a5c61a5cffbe1d220
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:e1:ae:56:dc:20:d6:68:9e:be:4e:f7:9b:39:
ef:3d:37:79:ce:ca:ca:4f:a3:54:15:36:ab:ba:c8:
41:f9:7e:72:bb:ed:f1:3a:47:c0:c2:c3:05:c9:74:
c8:13:bf:be:39:2f:da:f3:f5:d5:21:20:f6:a8:b2:
b9:db:c2:6e:a3:00:df:bf:13:49:38:a9:91:60:d3:
51:62:ff:35:61:6f:27:38:4d:c5:f6:43:85:fe:ca:
ea:22:f2:12:10:e7:db:8d:e6:21:52:23:e9:fa:40:
71:aa:f3:8a:a5:e4:5e:4c:40:96:c7:6b:28:8b:bf:
7d:42:a0:e4:3b:0d:52:9d:a4:9e:d9:c7:ff:89:f1:
b8:8e:ca:24:d9:c4:47:cc:6f:29:7d:75:19:06:03:
c8:e9:9a:55:82:32:19:dd:99:09:5f:66:60:44:d0:
a9:2d:d4:e4:89:4c:fa:72:98:5d:e6:c8:8c:15:f5:
be:bc:62:39:75:16:77:b3:b5:8e:f9:f3:bb:55:ec:
bf:92:b6:1b:26:fd:60:63:df:c8:40:2c:90:92:3f:
67:40:4e:ec:30:85:c1:98:85:fb:26:c5:76:4e:b5:
42:ee:20:4a:0d:91:5a:4d:d5:0a:76:17:f6:aa:95:
f7:ec:98:95:53:3a:5a:3c:19:8b:6a:af:a8:64:ff:
88:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:25:BC:66:B5:FA:6F:C5:FE:C1:B3:3A:5C:61:A5:CF:FB:E1:D2:20
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/VCW8ZrX6b8X-wbM6XGGlz_vh0iA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.217.164.0/22
85.217.176.0/21
87.120.99.0/24
87.120.246.0/24
87.121.108.0/23
91.92.168.0/22
93.123.65.0/24
94.156.4.0/23
94.156.80.0/21
94.156.97.0/24
IPv6:
2a00:1728:2d::/48
Signature Algorithm: sha256WithRSAEncryption
6e:c2:8b:e1:59:89:c3:6a:62:80:30:b3:2b:32:41:be:bc:de:
b6:73:45:97:e6:21:10:7d:95:60:50:19:bd:e8:f4:2f:cc:a9:
07:0b:e7:42:d9:6c:56:fd:73:92:d9:ac:eb:48:1d:8c:b0:da:
ad:77:62:34:e6:d2:d8:7d:02:a4:1a:b7:94:4b:d1:d5:e8:09:
64:b9:ed:1b:0b:29:3d:22:e1:63:15:88:bd:6a:c6:2e:3a:48:
b8:9f:b3:91:6b:ac:d2:40:05:54:94:69:31:5c:29:fe:d1:35:
96:c4:6e:e0:c1:fa:99:c3:53:d9:96:5a:27:51:1d:27:82:70:
6b:df:e7:84:0c:a3:6d:4c:0a:1b:3e:8a:cf:b4:db:99:73:b5:
38:d5:7b:21:8e:11:ba:ad:1f:f3:66:70:42:ad:08:81:b1:87:
b6:30:dc:52:94:6c:97:6c:54:ea:23:ab:28:68:8f:fe:6a:90:
a6:76:1a:3f:59:6e:2f:66:68:e5:71:da:59:93:cf:87:3a:03:
96:98:81:1c:3a:40:22:99:ce:22:ed:72:6d:3a:8c:76:f7:c6:
a8:a4:2b:48:25:69:78:de:20:f6:ab:07:f4:4d:ac:43:7c:f3:
0b:2c:20:aa:c1:44:02:cd:89:6d:b9:18:db:65:41:66:bb:b0:
b1:73:33:49
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAZJrW+YMBQX8jzoccb4JRkUZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQxMDA4MDkwMDM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDI1YmM2NmI1ZmE2ZmM1ZmVjMWIzM2E1YzYxYTVjZmZiZTFkMjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2OGuVtwg1mievk73mznvPTd5zsrK
T6NUFTarushB+X5yu+3xOkfAwsMFyXTIE7++OS/a8/XVISD2qLK528JuowDfvxNJ
OKmRYNNRYv81YW8nOE3F9kOF/srqIvISEOfbjeYhUiPp+kBxqvOKpeReTECWx2so
i799QqDkOw1SnaSe2cf/ifG4jsok2cRHzG8pfXUZBgPI6ZpVgjIZ3ZkJX2ZgRNCp
LdTkiUz6cphd5siMFfW+vGI5dRZ3s7WO+fO7Vey/krYbJv1gY9/IQCyQkj9nQE7s
MIXBmIX7JsV2TrVC7iBKDZFaTdUKdhf2qpX37JiVUzpaPBmLaq+oZP+I7wIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFFQlvGa1+m/F/sGzOlxhpc/74dIgMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvVkNXOFpyWDZiOFgtd2JNNlhHR2x6X3ZoMGlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTBCBAIAATA8AwQCVdmkAwQD
VdmwAwQAV3hjAwQAV3j2AwQBV3lsAwQCW1yoAwQAXXtBAwQBXpwEAwQDXpxQAwQA
XpxhMA8EAgACMAkDBwAqABcoAC0wDQYJKoZIhvcNAQELBQADggEBAG7Ci+FZicNq
YoAwsysyQb683rZzRZfmIRB9lWBQGb3o9C/MqQcL50LZbFb9c5LZrOtIHYyw2q13
YjTm0th9AqQat5RL0dXoCWS57RsLKT0i4WMViL1qxi46SLifs5FrrNJABVSUaTFc
Kf7RNZbEbuDB+pnDU9mWWidRHSeCcGvf54QMo21MChs+is+025lztTjVeyGOEbqt
H/NmcEKtCIGxh7Yw3FKUbJdsVOojqyhoj/5qkKZ2Gj9Zbi9maOVx2lmTz4c6A5aY
gRw6QCKZziLtcm06jHb3xqikK0glaXjeIParB/RNrEN88wssIKrBRALNiW25GNtl
QWa7sLFzM0k=
-----END CERTIFICATE-----
Generated at Tue Oct 22 17:30:59 2024 by rpki-client on console-fra.rpki-client.org