Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/VZstkYNVBvS0Do_noDAx1ucZXns.roa
File: VZstkYNVBvS0Do_noDAx1ucZXns.roa (raw, json)
Hash identifier: uvGpC4rw17ohBhjsBSvrDeR9Y00x1lVYKlePE2F7bFc=
Subject key identifier: 55:9B:2D:91:83:55:06:F4:B4:0E:8F:E7:A0:30:31:D6:E7:19:5E:7B
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018D314F86AFBA95556F20A2C58294C5BCF5
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/VZstkYNVBvS0Do_noDAx1ucZXns.roa
Signing time: Mon 22 Jan 2024 13:15:11 +0000
ROA not before: Mon 22 Jan 2024 13:15:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 37.221.120.0/22 maxlen: 24
178.215.226.0/24 maxlen: 24
185.225.73.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 22 Jan 2024 15:57:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:31:4f:86:af:ba:95:55:6f:20:a2:c5:82:94:c5:bc:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 22 13:15:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=559b2d91835506f4b40e8fe7a03031d6e7195e7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:1d:8c:9a:31:3f:9b:d3:22:49:52:51:40:45:
bc:6c:8e:64:e4:0e:5c:a0:9c:12:9f:04:78:09:41:
0c:9c:9d:a8:51:54:4b:c3:f7:07:59:a8:0e:94:6c:
cb:aa:15:fc:59:f4:5b:1d:2a:7a:25:7e:8c:4b:c5:
fa:fb:3c:21:49:82:c0:1b:5a:24:71:92:10:32:ba:
f5:bd:6e:a3:ad:f9:62:4b:c2:18:8f:11:5a:3b:64:
d3:97:8c:04:b5:8f:50:35:46:0a:76:dc:83:53:02:
c1:22:5d:03:4f:85:b0:c4:cc:aa:26:c6:ad:20:4c:
82:85:b8:99:b3:61:b4:35:22:94:81:d0:4b:e9:53:
9f:ae:c7:38:21:05:51:ca:01:30:a9:d6:4d:31:21:
a8:a8:8f:47:39:3c:da:67:60:c8:a1:80:93:e0:86:
25:50:fd:40:29:bc:30:dd:4c:24:5b:06:f4:fe:f2:
7a:a7:c6:87:5e:f8:8f:f3:b8:16:0f:1b:e3:fb:ca:
ec:8e:68:61:02:e1:67:0c:54:fc:6c:34:cb:05:90:
d9:db:3f:2a:ed:1b:44:f6:5d:ba:15:68:68:ad:17:
78:e2:58:8d:be:15:f7:e5:41:ea:a6:a5:89:1d:ae:
a0:e9:87:63:94:67:a4:1c:ed:1f:a3:c3:d5:3c:aa:
f5:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:9B:2D:91:83:55:06:F4:B4:0E:8F:E7:A0:30:31:D6:E7:19:5E:7B
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/VZstkYNVBvS0Do_noDAx1ucZXns.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.120.0/22
178.215.226.0/24
185.225.73.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:fc:0e:69:c2:ef:a5:c4:2f:ea:62:88:36:17:a8:42:83:84:
f3:59:d6:f3:87:b5:4f:14:56:35:e2:55:d4:58:c2:ec:16:a5:
80:a0:3a:8e:1d:5e:b2:cd:1c:33:38:64:98:b1:15:13:3d:ed:
c5:54:a0:42:e4:c5:26:08:f8:ed:e0:94:98:89:5f:33:01:dc:
df:e7:33:fd:e3:9e:66:e1:24:7c:cc:f0:b8:94:e8:cd:eb:ee:
8c:c2:09:1c:3a:94:aa:f7:e2:7c:01:e1:fd:34:6e:65:72:4e:
b0:85:6e:19:fb:fc:9c:24:4b:d8:1f:ee:ed:89:7a:5b:fc:aa:
99:9a:71:09:ac:57:2f:8e:38:c0:86:12:ce:e1:04:e7:7a:5f:
f0:e0:82:14:e2:8a:0b:ed:30:a9:fe:7c:89:4a:1b:17:03:76:
93:d4:cb:e4:2a:b2:67:5d:e5:25:4f:3a:01:f6:fe:e1:13:b4:
79:f4:1d:bb:18:32:c9:78:bd:b3:71:f4:d8:ec:08:07:d6:cb:
9d:c0:2f:5f:29:02:e1:b9:ee:35:69:79:3d:c6:29:53:85:49:
5a:3b:63:ef:a9:03:82:1b:f5:6c:15:01:e5:ed:4b:6e:d8:d6:
08:aa:bf:c2:26:12:8d:93:82:c6:d5:60:f7:54:dd:da:26:b6:
53:05:7f:2c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY0xT4avupVVbyCixYKUxbz1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTIyMTMxNTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTliMmQ5MTgzNTUwNmY0YjQwZThmZTdhMDMwMzFkNmU3MTk1ZTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmh2MmjE/m9MiSVJRQEW8bI5k5A5c
oJwSnwR4CUEMnJ2oUVRLw/cHWagOlGzLqhX8WfRbHSp6JX6MS8X6+zwhSYLAG1ok
cZIQMrr1vW6jrfliS8IYjxFaO2TTl4wEtY9QNUYKdtyDUwLBIl0DT4WwxMyqJsat
IEyChbiZs2G0NSKUgdBL6VOfrsc4IQVRygEwqdZNMSGoqI9HOTzaZ2DIoYCT4IYl
UP1AKbww3UwkWwb0/vJ6p8aHXviP87gWDxvj+8rsjmhhAuFnDFT8bDTLBZDZ2z8q
7RtE9l26FWhorRd44liNvhX35UHqpqWJHa6g6YdjlGekHO0fo8PVPKr1xQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFWbLZGDVQb0tA6P56AwMdbnGV57MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvVlpzdGtZTlZCdlMwRG9fbm9EQXgxdWNaWG5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCJd14AwQA
stfiAwQAueFJMA0GCSqGSIb3DQEBCwUAA4IBAQCq/A5pwu+lxC/qYog2F6hCg4Tz
Wdbzh7VPFFY14lXUWMLsFqWAoDqOHV6yzRwzOGSYsRUTPe3FVKBC5MUmCPjt4JSY
iV8zAdzf5zP9455m4SR8zPC4lOjN6+6MwgkcOpSq9+J8AeH9NG5lck6whW4Z+/yc
JEvYH+7tiXpb/KqZmnEJrFcvjjjAhhLO4QTnel/w4IIU4ooL7TCp/nyJShsXA3aT
1MvkKrJnXeUlTzoB9v7hE7R59B27GDLJeL2zcfTY7AgH1sudwC9fKQLhue41aXk9
xilThUlaO2PvqQOCG/VsFQHl7Utu2NYIqr/CJhKNk4LG1WD3VN3aJrZTBX8s
-----END CERTIFICATE-----
Generated at Mon Jan 22 19:25:29 2024 by rpki-client on console-ams.rpki-client.org