Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/b5939b-daa7-4f47-9873-64a27e977fd9/1/vTC-XOzIz7Yzbph4-AUOoe0MVp4.roa
File: vTC-XOzIz7Yzbph4-AUOoe0MVp4.roa (raw, json)
Hash identifier: t4Gte5yW+aBGXhxisIzk+LX15n48rJBI4WRZbmBcEaQ=
Subject key identifier: BD:30:BE:5C:EC:C8:CF:B6:33:6E:98:78:F8:05:0E:A1:ED:0C:56:9E
Certificate issuer: /CN=0ebd5f54905ee8e4d2830c6cf50f60d264201a93
Certificate serial: 0185737A95F6E6C2CD358E7798D93AA9F615
Authority key identifier: 0E:BD:5F:54:90:5E:E8:E4:D2:83:0C:6C:F5:0F:60:D2:64:20:1A:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Dr1fVJBe6OTSgwxs9Q9g0mQgGpM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/b5939b-daa7-4f47-9873-64a27e977fd9/1/vTC-XOzIz7Yzbph4-AUOoe0MVp4.roa
Signing time: Mon 02 Jan 2023 17:14:51 +0000
ROA not before: Mon 02 Jan 2023 17:14:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48945
IP address blocks: 93.186.144.0/24 maxlen: 24
93.186.145.0/24 maxlen: 24
93.186.147.0/24 maxlen: 24
93.186.152.0/23 maxlen: 23
93.186.148.0/22 maxlen: 22
93.186.146.0/24 maxlen: 24
93.186.154.0/24 maxlen: 24
93.186.156.0/22 maxlen: 22
93.186.155.0/24 maxlen: 24
185.11.36.0/22 maxlen: 22
2a03:7e84::/30 maxlen: 30
2a03:7e80::/30 maxlen: 30
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:7a:95:f6:e6:c2:cd:35:8e:77:98:d9:3a:a9:f6:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ebd5f54905ee8e4d2830c6cf50f60d264201a93
Validity
Not Before: Jan 2 17:14:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bd30be5cecc8cfb6336e9878f8050ea1ed0c569e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:e8:4f:e0:8f:b9:46:16:96:16:fc:d7:54:9f:
65:50:e1:26:c7:53:2f:94:87:a7:2f:7d:dd:09:6b:
5e:fd:72:fe:3e:67:6b:1b:11:32:a2:21:d3:b9:2b:
6b:e5:2c:c1:28:32:fe:02:e3:ad:2a:f9:cc:f1:42:
73:82:09:a2:95:c4:6b:2c:84:d1:64:cd:ba:d1:c5:
71:59:41:4e:60:aa:c1:1b:75:ec:a4:03:ee:d4:e3:
7f:58:b8:cb:f5:3a:f3:ae:79:40:eb:fe:2c:0e:d5:
7c:ec:c1:62:f4:7a:16:2f:28:c8:b4:1b:33:1e:3a:
f6:80:7e:83:db:2a:3e:d8:03:d9:a5:b3:a6:3b:54:
3b:3b:02:6e:a7:86:8d:c8:fe:d5:f0:09:01:be:94:
a6:fe:57:3e:8e:09:cd:cc:23:67:b1:35:26:f6:48:
91:56:c8:aa:b0:05:1b:10:24:75:df:1f:62:96:39:
a1:76:d1:81:af:22:b2:94:73:1c:b6:01:0a:1e:d6:
c7:04:80:71:c7:af:d7:00:d4:23:ce:dc:55:ea:94:
fc:b8:38:e9:df:4e:95:49:41:aa:18:e9:de:64:a6:
47:d8:32:34:35:5e:f1:f4:e9:0f:fe:e3:39:67:99:
0a:da:90:da:13:34:5b:e6:5b:82:63:1f:b8:78:53:
f9:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:30:BE:5C:EC:C8:CF:B6:33:6E:98:78:F8:05:0E:A1:ED:0C:56:9E
X509v3 Authority Key Identifier:
keyid:0E:BD:5F:54:90:5E:E8:E4:D2:83:0C:6C:F5:0F:60:D2:64:20:1A:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dr1fVJBe6OTSgwxs9Q9g0mQgGpM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/b5939b-daa7-4f47-9873-64a27e977fd9/1/vTC-XOzIz7Yzbph4-AUOoe0MVp4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/b5939b-daa7-4f47-9873-64a27e977fd9/1/Dr1fVJBe6OTSgwxs9Q9g0mQgGpM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.186.144.0/20
185.11.36.0/22
IPv6:
2a03:7e80::/29
Signature Algorithm: sha256WithRSAEncryption
50:19:aa:ce:12:24:46:25:d8:fa:38:89:03:e2:bb:80:27:52:
86:3d:04:d6:55:7e:a0:8c:2d:50:4a:c9:69:d8:1b:33:07:3d:
64:26:06:f9:0a:3e:08:28:0b:e2:24:f3:ca:ae:db:a0:03:89:
f8:3c:3a:1b:56:d9:5f:69:be:07:00:cc:9f:d3:ed:f6:43:2f:
bf:9e:7c:a0:35:fd:e8:18:61:e5:85:f3:2a:74:1e:a7:a6:3a:
89:12:6e:e6:5b:1a:16:8d:53:e3:c0:b4:48:15:f1:27:b8:a4:
7e:ea:c9:97:fa:cf:bb:a4:2a:2c:01:c5:2f:79:2d:d0:50:ab:
9b:0a:34:db:f6:b8:34:36:05:b7:52:7f:61:d8:6d:7e:89:d0:
52:bd:0a:b8:89:ce:72:c4:48:f7:6f:a1:67:13:13:0a:a3:1d:
3c:53:6a:a2:4c:c6:26:53:21:be:45:9c:83:2b:7b:fa:f5:d3:
9a:8a:21:71:e4:db:a6:5f:04:ba:e3:6a:72:2a:18:5d:ac:38:
d3:e1:e4:c5:82:7d:1b:7b:76:58:d9:5e:4a:7a:73:20:9f:21:
9a:bc:30:3c:73:a2:84:85:95:3d:3b:b3:fc:80:43:75:88:af:
17:19:ea:79:62:10:8e:18:d6:48:8b:e5:e9:9f:83:10:d3:af:
61:0d:10:ac
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVzepX25sLNNY53mNk6qfYVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlYmQ1ZjU0OTA1ZWU4ZTRkMjgzMGM2Y2Y1MGY2MGQyNjQy
MDFhOTMwHhcNMjMwMTAyMTcxNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDMwYmU1Y2VjYzhjZmI2MzM2ZTk4NzhmODA1MGVhMWVkMGM1NjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlehP4I+5RhaWFvzXVJ9lUOEmx1Mv
lIenL33dCWte/XL+PmdrGxEyoiHTuStr5SzBKDL+AuOtKvnM8UJzggmilcRrLITR
ZM260cVxWUFOYKrBG3XspAPu1ON/WLjL9TrzrnlA6/4sDtV87MFi9HoWLyjItBsz
Hjr2gH6D2yo+2APZpbOmO1Q7OwJup4aNyP7V8AkBvpSm/lc+jgnNzCNnsTUm9kiR
VsiqsAUbECR13x9iljmhdtGBryKylHMctgEKHtbHBIBxx6/XANQjztxV6pT8uDjp
306VSUGqGOneZKZH2DI0NV7x9OkP/uM5Z5kK2pDaEzRb5luCYx+4eFP5MwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFL0wvlzsyM+2M26YePgFDqHtDFaeMB8GA1UdIwQY
MBaAFA69X1SQXujk0oMMbPUPYNJkIBqTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHIxZlZKQmU2T1RTZ3d4czlROWcwbVFnR3BNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9iNTkzOWItZGFhNy00ZjQ3LTk4NzMt
NjRhMjdlOTc3ZmQ5LzEvdlRDLVhPekl6N1l6YnBoNC1BVU9vZTBNVnA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9iNTkzOWItZGFhNy00ZjQ3LTk4NzMtNjRhMjdlOTc3ZmQ5
LzEvRHIxZlZKQmU2T1RTZ3d4czlROWcwbVFnR3BNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEXbqQAwQC
uQskMA0EAgACMAcDBQMqA36AMA0GCSqGSIb3DQEBCwUAA4IBAQBQGarOEiRGJdj6
OIkD4ruAJ1KGPQTWVX6gjC1QSslp2BszBz1kJgb5Cj4IKAviJPPKrtugA4n4PDob
Vtlfab4HAMyf0+32Qy+/nnygNf3oGGHlhfMqdB6npjqJEm7mWxoWjVPjwLRIFfEn
uKR+6smX+s+7pCosAcUveS3QUKubCjTb9rg0NgW3Un9h2G1+idBSvQq4ic5yxEj3
b6FnExMKox08U2qiTMYmUyG+RZyDK3v69dOaiiFx5NumXwS642pyKhhdrDjT4eTF
gn0be3ZY2V5KenMgnyGavDA8c6KEhZU9O7P8gEN1iK8XGep5YhCOGNZIi+Xpn4MQ
069hDRCs
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:34 2024 by rpki-client on console-ams.rpki-client.org