Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/VYHs1N-gwzjzDuryf6qw-EEsAyA.roa
File: VYHs1N-gwzjzDuryf6qw-EEsAyA.roa (raw, json)
Hash identifier: 4TjEmWqdbWDa9uhiGSGzGDE9DoviStAZdOsEnI/dqPU=
Subject key identifier: 55:81:EC:D4:DF:A0:C3:38:F3:0E:EA:F2:7F:AA:B0:F8:41:2C:03:20
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01856D81FAAF560D11352020792A84F1011E
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/VYHs1N-gwzjzDuryf6qw-EEsAyA.roa
Signing time: Sun 01 Jan 2023 13:25:12 +0000
ROA not before: Sun 01 Jan 2023 13:25:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 138687
IP address blocks: 45.88.67.0/24 maxlen: 24
185.216.68.0/24 maxlen: 24
79.110.51.0/24 maxlen: 24
45.12.253.0/24 maxlen: 24
193.58.122.0/24 maxlen: 24
193.42.33.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:81:fa:af:56:0d:11:35:20:20:79:2a:84:f1:01:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 1 13:25:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5581ecd4dfa0c338f30eeaf27faab0f8412c0320
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:50:0e:80:d3:32:2d:eb:2c:69:01:72:f4:51:
f5:ee:5a:94:c2:01:25:e4:85:ac:07:df:ec:ed:c7:
8e:7e:98:6c:94:6d:e7:41:78:b6:24:12:ba:ce:88:
6f:5f:99:5e:49:1e:dd:d0:3e:eb:34:b4:25:e6:83:
f7:b9:b6:35:a8:56:7f:6d:a2:c0:f6:43:22:0c:21:
27:f0:b8:dd:ca:d6:75:ec:9c:1c:4e:34:c3:51:e4:
39:88:c6:b6:ba:e9:33:a4:7c:86:42:94:9e:59:3d:
3c:99:8d:87:49:f3:87:48:5a:e4:f4:95:04:78:0b:
0e:a9:aa:f4:a0:56:a2:3d:da:6c:15:e8:aa:b6:3e:
e3:81:d3:f1:67:91:ba:07:80:e3:20:37:84:e7:83:
2d:c4:e1:0c:f5:19:e1:d5:a5:e5:f4:4c:f7:f2:f5:
92:c3:d6:fe:95:d9:46:a4:e9:dd:c9:47:34:89:c8:
c6:ff:46:a8:27:a6:91:94:19:45:d1:cb:3c:6b:bf:
e7:f3:97:6d:b8:32:0b:e1:30:96:4b:af:a7:9b:ee:
42:d7:97:16:f2:65:06:49:10:ad:db:db:0f:e1:bd:
b0:c6:b1:a8:18:78:47:ec:56:6a:68:e2:e3:d1:e4:
81:5f:ad:f2:d1:e9:f5:53:c0:09:fd:36:3a:58:27:
99:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:81:EC:D4:DF:A0:C3:38:F3:0E:EA:F2:7F:AA:B0:F8:41:2C:03:20
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/VYHs1N-gwzjzDuryf6qw-EEsAyA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.253.0/24
45.88.67.0/24
79.110.51.0/24
185.216.68.0/24
193.42.33.0/24
193.58.122.0/24
Signature Algorithm: sha256WithRSAEncryption
30:4a:22:77:08:cb:24:b2:b5:6f:19:7d:5f:fe:6c:20:9e:6a:
bc:70:99:04:0e:89:3e:98:d7:15:44:3d:96:4e:96:90:7b:0f:
67:72:b4:6e:7d:3b:34:d0:62:71:61:4e:1b:80:f4:00:92:ad:
b9:5f:fc:81:97:30:45:21:b5:1f:a3:96:92:5b:4d:46:2e:bc:
74:ee:a7:0f:7e:e4:fd:20:e1:cf:d1:16:53:be:20:63:66:c5:
63:9d:25:48:34:9d:ce:c0:ab:50:f9:0a:16:e7:7b:65:95:2b:
9e:88:86:44:c9:ac:9e:6f:b8:83:ac:8b:1b:78:60:19:cc:64:
c1:36:b2:40:9b:f8:95:32:5d:ae:f6:62:6d:0d:65:32:4d:5b:
8a:67:39:92:36:83:5f:6f:1a:5d:d7:84:de:0b:57:37:e8:88:
8e:32:7b:58:00:f2:d6:8b:21:73:4c:21:3c:73:36:d7:be:03:
e1:eb:11:ec:72:8f:66:bb:00:c4:3d:6a:d2:a8:d5:a5:aa:2f:
66:b1:b7:64:6c:5a:c6:6b:da:5d:7f:0c:7a:0d:c6:83:e9:f3:
12:4b:0a:ca:b7:18:19:0f:ae:b1:e2:5a:93:fa:3d:a2:52:a9:
03:34:4b:40:71:dd:fe:16:c5:00:17:61:13:62:cb:7e:6e:93:
27:34:0e:5d
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVtgfqvVg0RNSAgeSqE8QEeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMTAxMTMyNTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTgxZWNkNGRmYTBjMzM4ZjMwZWVhZjI3ZmFhYjBmODQxMmMwMzIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAylAOgNMyLessaQFy9FH17lqUwgEl
5IWsB9/s7ceOfphslG3nQXi2JBK6zohvX5leSR7d0D7rNLQl5oP3ubY1qFZ/baLA
9kMiDCEn8LjdytZ17JwcTjTDUeQ5iMa2uukzpHyGQpSeWT08mY2HSfOHSFrk9JUE
eAsOqar0oFaiPdpsFeiqtj7jgdPxZ5G6B4DjIDeE54MtxOEM9Rnh1aXl9Ez38vWS
w9b+ldlGpOndyUc0icjG/0aoJ6aRlBlF0cs8a7/n85dtuDIL4TCWS6+nm+5C15cW
8mUGSRCt29sP4b2wxrGoGHhH7FZqaOLj0eSBX63y0en1U8AJ/TY6WCeZZwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFFWB7NTfoMM48w7q8n+qsPhBLAMgMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvVllIczFOLWd3emp6RHVyeWY2cXctRUVzQXlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALQz9AwQA
LVhDAwQAT24zAwQAudhEAwQAwSohAwQAwTp6MA0GCSqGSIb3DQEBCwUAA4IBAQAw
SiJ3CMsksrVvGX1f/mwgnmq8cJkEDok+mNcVRD2WTpaQew9ncrRufTs00GJxYU4b
gPQAkq25X/yBlzBFIbUfo5aSW01GLrx07qcPfuT9IOHP0RZTviBjZsVjnSVINJ3O
wKtQ+QoW53tllSueiIZEyayeb7iDrIsbeGAZzGTBNrJAm/iVMl2u9mJtDWUyTVuK
ZzmSNoNfbxpd14TeC1c36IiOMntYAPLWiyFzTCE8czbXvgPh6xHsco9muwDEPWrS
qNWlqi9msbdkbFrGa9pdfwx6DcaD6fMSSwrKtxgZD66x4lqT+j2iUqkDNEtAcd3+
FsUAF2ETYst+bpMnNA5d
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:37 2023 by rpki-client on console-ams.rpki-client.org