Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/VmPS2-4ryqKYESwYoGvn2aY1JrU.roa
File: VmPS2-4ryqKYESwYoGvn2aY1JrU.roa (raw, json)
Hash identifier: 5Y+celkRzBaKR4uvTq+Xqpc3/EAWY9fKIwK6G4SGo7E=
Subject key identifier: 56:63:D2:DB:EE:2B:CA:A2:98:11:2C:18:A0:6B:E7:D9:A6:35:26:B5
Certificate issuer: /CN=e76d0dab347a38e2b87b5a22a2f7c9e21c18c9bc
Certificate serial: 018CC56DED0588C9155E0FD681FD53DCFF3E
Authority key identifier: E7:6D:0D:AB:34:7A:38:E2:B8:7B:5A:22:A2:F7:C9:E2:1C:18:C9:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/520NqzR6OOK4e1oiovfJ4hwYybw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/VmPS2-4ryqKYESwYoGvn2aY1JrU.roa
Signing time: Mon 01 Jan 2024 14:29:24 +0000
ROA not before: Mon 01 Jan 2024 14:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1239
IP address blocks: 88.218.105.0/24 maxlen: 24
88.218.104.0/24 maxlen: 24
45.135.139.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 06 Mar 2024 22:03:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:ed:05:88:c9:15:5e:0f:d6:81:fd:53:dc:ff:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e76d0dab347a38e2b87b5a22a2f7c9e21c18c9bc
Validity
Not Before: Jan 1 14:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5663d2dbee2bcaa298112c18a06be7d9a63526b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:96:30:1c:e5:57:b8:d9:13:24:42:10:bf:6f:
ce:f5:03:dc:82:f5:54:c6:04:4c:33:5e:c3:a5:a9:
66:8e:7b:b6:67:3d:fa:23:c9:1d:f3:61:6a:85:94:
6a:24:c3:8d:2a:64:7f:b9:1b:e0:70:7b:ee:fb:e4:
c8:e8:b6:e7:75:11:d9:4b:32:68:07:82:77:d8:f1:
cd:07:71:31:63:70:0d:21:2c:72:0d:b1:58:ca:38:
bb:20:32:31:61:b2:61:e5:71:f4:53:bf:d2:53:d6:
e9:99:5d:3b:c3:0d:59:9b:f3:f0:e3:c9:69:03:5c:
0a:52:ef:32:01:86:b3:98:11:b8:aa:5e:87:6d:00:
14:7e:2a:b2:19:30:3a:d8:36:82:f3:9a:86:40:9d:
2d:91:3d:62:83:69:2c:b0:d6:b7:7a:d9:ea:8c:3e:
9d:d8:80:4e:a9:99:b2:17:f9:f9:93:43:c4:5d:3b:
77:8b:10:0a:59:4d:69:b8:c4:72:c9:ff:0c:7f:4e:
ee:32:bf:19:62:97:30:48:b0:54:51:6e:97:61:11:
a3:f3:47:91:11:66:72:28:03:7f:ba:a4:e6:a3:68:
41:df:b6:ce:14:57:79:3a:5e:a1:83:32:d1:31:0f:
e2:67:7f:02:ca:83:4c:23:bd:9e:95:f9:ab:f0:30:
c1:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:63:D2:DB:EE:2B:CA:A2:98:11:2C:18:A0:6B:E7:D9:A6:35:26:B5
X509v3 Authority Key Identifier:
keyid:E7:6D:0D:AB:34:7A:38:E2:B8:7B:5A:22:A2:F7:C9:E2:1C:18:C9:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/520NqzR6OOK4e1oiovfJ4hwYybw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/VmPS2-4ryqKYESwYoGvn2aY1JrU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.139.0/24
88.218.104.0/23
Signature Algorithm: sha256WithRSAEncryption
75:b6:cd:40:10:d7:0a:31:21:dd:af:88:79:c5:24:69:ac:52:
de:e2:07:74:a8:5b:38:d4:4a:2a:56:af:46:43:1a:11:4b:c8:
e2:0e:65:ff:8c:0b:c2:64:b5:05:28:49:c4:77:06:16:d5:63:
2b:c9:9a:51:3a:32:ed:99:cf:89:67:e6:d5:a0:ba:8b:2b:a1:
b5:50:fb:46:ae:25:fd:17:9d:46:f4:c6:67:8e:39:7f:42:e7:
b9:82:8c:5d:40:14:15:dd:16:5b:d1:ed:0d:4e:a4:36:e8:f6:
c9:66:5b:82:e4:6f:c2:09:9c:20:79:39:e8:60:2f:95:21:bc:
98:f1:bf:9c:11:a9:7e:23:1d:04:d1:3e:12:69:4b:85:9e:14:
67:f4:f1:ac:81:dc:2f:d7:f4:3f:d2:a9:6d:71:c7:31:ce:d4:
e4:f7:58:5a:6c:3b:c1:88:d6:77:f2:a9:eb:7f:67:59:e0:4e:
fa:c2:b2:98:b7:35:5e:8d:92:92:14:d6:5e:57:48:45:ad:d2:
1b:4c:c7:0c:b1:64:a8:fa:7c:4d:d8:82:5a:8c:88:81:f0:b8:
d4:2e:e1:0c:9f:7d:77:ee:1c:43:35:e5:82:9f:eb:7b:cd:fd:
0a:69:fd:6e:57:eb:fe:de:c8:f1:16:be:a1:46:33:d1:28:0f:
d5:fc:9a:02
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzFbe0FiMkVXg/Wgf1T3P8+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NmQwZGFiMzQ3YTM4ZTJiODdiNWEyMmEyZjdjOWUyMWMx
OGM5YmMwHhcNMjQwMTAxMTQyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjYzZDJkYmVlMmJjYWEyOTgxMTJjMThhMDZiZTdkOWE2MzUyNmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlZYwHOVXuNkTJEIQv2/O9QPcgvVU
xgRMM17Dpalmjnu2Zz36I8kd82FqhZRqJMONKmR/uRvgcHvu++TI6LbndRHZSzJo
B4J32PHNB3ExY3ANISxyDbFYyji7IDIxYbJh5XH0U7/SU9bpmV07ww1Zm/Pw48lp
A1wKUu8yAYazmBG4ql6HbQAUfiqyGTA62DaC85qGQJ0tkT1ig2kssNa3etnqjD6d
2IBOqZmyF/n5k0PEXTt3ixAKWU1puMRyyf8Mf07uMr8ZYpcwSLBUUW6XYRGj80eR
EWZyKAN/uqTmo2hB37bOFFd5Ol6hgzLRMQ/iZ38CyoNMI72elfmr8DDBnQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFZj0tvuK8qimBEsGKBr59mmNSa1MB8GA1UdIwQY
MBaAFOdtDas0ejjiuHtaIqL3yeIcGMm8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTIwTnF6UjZPT0s0ZTFvaW92Zko0aHdZeWJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8zZGJiM2QtZjMyOC00YjI3LTk1ZDkt
YmQzYmZjOTliZGE5LzEvVm1QUzItNHJ5cUtZRVN3WW9Hdm4yYVkxSnJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8zZGJiM2QtZjMyOC00YjI3LTk1ZDktYmQzYmZjOTliZGE5
LzEvNTIwTnF6UjZPT0s0ZTFvaW92Zko0aHdZeWJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALYeLAwQB
WNpoMA0GCSqGSIb3DQEBCwUAA4IBAQB1ts1AENcKMSHdr4h5xSRprFLe4gd0qFs4
1EoqVq9GQxoRS8jiDmX/jAvCZLUFKEnEdwYW1WMryZpROjLtmc+JZ+bVoLqLK6G1
UPtGriX9F51G9MZnjjl/Que5goxdQBQV3RZb0e0NTqQ26PbJZluC5G/CCZwgeTno
YC+VIbyY8b+cEal+Ix0E0T4SaUuFnhRn9PGsgdwv1/Q/0qltcccxztTk91habDvB
iNZ38qnrf2dZ4E76wrKYtzVejZKSFNZeV0hFrdIbTMcMsWSo+nxN2IJajIiB8LjU
LuEMn3137hxDNeWCn+t7zf0Kaf1uV+v+3sjxFr6hRjPRKA/V/JoC
-----END CERTIFICATE-----
Generated at Thu Mar 7 00:44:17 2024 by rpki-client on console-fra.rpki-client.org