Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/8809dd-667a-4047-8104-de58698b6470/1/VSJa3vxxoYNZf5oWNAja0PLJvn8.roa
File: VSJa3vxxoYNZf5oWNAja0PLJvn8.roa (raw, json)
Hash identifier: i0M7bpIyaoONQdFrH3kZhZXXZEpdqMI0o0Yh4/JQ1v0=
Subject key identifier: 55:22:5A:DE:FC:71:A1:83:59:7F:9A:16:34:08:DA:D0:F2:C9:BE:7F
Certificate issuer: /CN=56a4987bf8c6b4cdd657bbc2d0a5e13e9b626cb9
Certificate serial: 0185724C931286BC415CED81A851577948AA
Authority key identifier: 56:A4:98:7B:F8:C6:B4:CD:D6:57:BB:C2:D0:A5:E1:3E:9B:62:6C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VqSYe_jGtM3WV7vC0KXhPptibLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/8809dd-667a-4047-8104-de58698b6470/1/VSJa3vxxoYNZf5oWNAja0PLJvn8.roa
Signing time: Mon 02 Jan 2023 11:44:59 +0000
ROA not before: Mon 02 Jan 2023 11:44:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25133
IP address blocks: 193.106.80.0/22 maxlen: 22
103.35.160.0/22 maxlen: 22
91.217.144.0/24 maxlen: 24
89.200.232.0/21 maxlen: 21
103.237.44.0/22 maxlen: 22
45.153.208.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 12 Jun 2023 06:52:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:4c:93:12:86:bc:41:5c:ed:81:a8:51:57:79:48:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56a4987bf8c6b4cdd657bbc2d0a5e13e9b626cb9
Validity
Not Before: Jan 2 11:44:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=55225adefc71a183597f9a163408dad0f2c9be7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:22:59:03:83:b5:c8:66:e1:05:1a:61:3e:98:
49:3a:b0:07:ee:dd:36:45:f0:65:c1:00:3c:d1:44:
a3:96:8a:2b:be:ee:bb:59:e1:d8:57:91:74:aa:49:
fa:c2:18:7f:70:6b:1b:e1:7c:e9:74:48:64:0a:d4:
b9:e9:79:d2:92:6b:7e:1c:d3:ad:f3:39:73:0c:93:
3e:20:3c:17:7d:bd:92:e5:07:d9:4b:3a:f1:a9:18:
8b:47:47:f5:ca:e0:ce:53:59:57:9d:87:dc:77:16:
db:ae:5a:f1:bc:18:5e:49:98:c5:84:7f:95:f5:59:
75:82:dd:0f:97:15:9b:af:62:f7:6a:52:26:18:49:
6c:d2:7c:85:75:1a:b1:de:78:b9:4c:c3:19:f6:05:
49:a1:84:47:d7:76:11:2d:43:95:dc:65:6e:32:ec:
f8:8f:d7:b1:92:0a:81:0a:4a:91:87:33:f1:50:de:
56:43:b7:b6:10:de:c9:d8:d3:2d:13:0f:cf:97:0d:
ff:2d:d1:be:98:1e:1e:41:9c:e7:b2:dc:56:40:fd:
79:47:f9:6e:bd:65:b6:5e:9f:a7:79:02:3c:e6:a3:
98:38:71:98:0c:88:54:ab:e4:0f:2e:0f:8f:1c:14:
db:91:87:78:5d:57:a2:48:8d:11:4b:be:0f:33:f5:
77:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:22:5A:DE:FC:71:A1:83:59:7F:9A:16:34:08:DA:D0:F2:C9:BE:7F
X509v3 Authority Key Identifier:
keyid:56:A4:98:7B:F8:C6:B4:CD:D6:57:BB:C2:D0:A5:E1:3E:9B:62:6C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VqSYe_jGtM3WV7vC0KXhPptibLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/8809dd-667a-4047-8104-de58698b6470/1/VSJa3vxxoYNZf5oWNAja0PLJvn8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/8809dd-667a-4047-8104-de58698b6470/1/VqSYe_jGtM3WV7vC0KXhPptibLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.208.0/22
89.200.232.0/21
91.217.144.0/24
103.35.160.0/22
103.237.44.0/22
193.106.80.0/22
Signature Algorithm: sha256WithRSAEncryption
aa:c0:e1:f2:e6:e5:71:6b:4d:4d:be:6b:62:75:07:00:1a:2d:
1a:25:b1:a3:d2:be:60:60:59:fb:3a:a2:18:06:6c:15:76:d0:
ed:02:4b:2e:51:33:96:f7:f1:b6:5b:11:dd:37:2d:5c:66:e8:
e5:a6:54:a0:cd:58:b2:a1:d9:7a:60:c3:5e:21:7e:bd:89:8b:
ee:6f:5e:bd:c0:65:1c:c1:d1:f9:c5:b0:4e:f8:37:a2:92:ff:
2e:93:f5:5a:59:15:b6:21:b7:1a:f3:89:c9:d2:83:ee:88:3f:
59:1c:d3:b6:d7:bf:b8:39:47:a1:e7:a1:80:c9:b4:74:03:ac:
27:b2:d5:53:9e:a1:bc:c1:3c:e3:dd:62:0d:5f:c8:78:6e:fb:
d3:52:66:60:66:e0:03:63:9e:db:0f:f9:75:9d:6b:20:db:02:
b7:78:e2:e1:e1:ce:1d:41:5b:3a:cf:e5:c6:d9:c3:56:2f:10:
54:63:c1:b6:1f:3f:89:ed:84:e5:03:ff:5d:3f:70:db:97:03:
fa:1e:44:95:59:d7:3e:cb:11:e2:ff:5b:31:8b:a1:4f:93:0c:
3a:b8:c2:26:6b:06:2d:68:27:b7:96:03:7c:c5:ce:e3:36:9f:
54:bc:db:c2:0a:b1:41:7a:02:d3:b6:a9:8e:63:1a:ca:7b:22:
ff:b1:a6:de
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVyTJMShrxBXO2BqFFXeUiqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2YTQ5ODdiZjhjNmI0Y2RkNjU3YmJjMmQwYTVlMTNlOWI2
MjZjYjkwHhcNMjMwMTAyMTE0NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTIyNWFkZWZjNzFhMTgzNTk3ZjlhMTYzNDA4ZGFkMGYyYzliZTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxCJZA4O1yGbhBRphPphJOrAH7t02
RfBlwQA80USjloorvu67WeHYV5F0qkn6whh/cGsb4XzpdEhkCtS56XnSkmt+HNOt
8zlzDJM+IDwXfb2S5QfZSzrxqRiLR0f1yuDOU1lXnYfcdxbbrlrxvBheSZjFhH+V
9Vl1gt0PlxWbr2L3alImGEls0nyFdRqx3ni5TMMZ9gVJoYRH13YRLUOV3GVuMuz4
j9exkgqBCkqRhzPxUN5WQ7e2EN7J2NMtEw/Plw3/LdG+mB4eQZznstxWQP15R/lu
vWW2Xp+neQI85qOYOHGYDIhUq+QPLg+PHBTbkYd4XVeiSI0RS74PM/V3fwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFFUiWt78caGDWX+aFjQI2tDyyb5/MB8GA1UdIwQY
MBaAFFakmHv4xrTN1le7wtCl4T6bYmy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnFTWWVfakd0TTNXVjd2QzBLWGhQcHRpYkxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi84ODA5ZGQtNjY3YS00MDQ3LTgxMDQt
ZGU1ODY5OGI2NDcwLzEvVlNKYTN2eHhvWU5aZjVvV05BamEwUExKdm44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi84ODA5ZGQtNjY3YS00MDQ3LTgxMDQtZGU1ODY5OGI2NDcw
LzEvVnFTWWVfakd0TTNXVjd2QzBLWGhQcHRpYkxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCLZnQAwQD
WcjoAwQAW9mQAwQCZyOgAwQCZ+0sAwQCwWpQMA0GCSqGSIb3DQEBCwUAA4IBAQCq
wOHy5uVxa01NvmtidQcAGi0aJbGj0r5gYFn7OqIYBmwVdtDtAksuUTOW9/G2WxHd
Ny1cZujlplSgzViyodl6YMNeIX69iYvub169wGUcwdH5xbBO+Deikv8uk/VaWRW2
Ibca84nJ0oPuiD9ZHNO217+4OUeh56GAybR0A6wnstVTnqG8wTzj3WINX8h4bvvT
UmZgZuADY57bD/l1nWsg2wK3eOLh4c4dQVs6z+XG2cNWLxBUY8G2Hz+J7YTlA/9d
P3DblwP6HkSVWdc+yxHi/1sxi6FPkww6uMImawYtaCe3lgN8xc7jNp9UvNvCCrFB
egLTtqmOYxrKeyL/sabe
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:32 2024 by rpki-client on console-fra.rpki-client.org