Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/VKGnF5m5pZo2iRUKIZo-lFius1Q.roa
File: VKGnF5m5pZo2iRUKIZo-lFius1Q.roa (raw, json)
Hash identifier: vDTcNqkbUI1YQFMTKRpdGJKjjPs6Ga/nDwSH++7gNLY=
Subject key identifier: 54:A1:A7:17:99:B9:A5:9A:36:89:15:0A:21:9A:3E:94:58:AE:B3:54
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 0191B2F47DEB23794D6566E73786AB8E14B9
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/VKGnF5m5pZo2iRUKIZo-lFius1Q.roa
Signing time: Mon 02 Sep 2024 13:37:33 +0000
ROA not before: Mon 02 Sep 2024 13:37:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7489
IP address blocks: 2.56.164.0/22 maxlen: 24
45.81.20.0/22 maxlen: 24
45.90.144.0/22 maxlen: 24
45.140.220.0/22 maxlen: 24
45.154.196.0/22 maxlen: 24
77.83.240.0/22 maxlen: 24
77.83.243.0/24 maxlen: 24
78.108.216.0/22 maxlen: 24
78.108.217.0/24 maxlen: 24
83.143.116.0/22 maxlen: 24
83.143.116.0/24 maxlen: 24
85.202.160.0/22 maxlen: 24
89.190.156.0/22 maxlen: 24
178.218.144.0/22 maxlen: 24
185.185.40.0/22 maxlen: 24
185.186.64.0/22 maxlen: 24
185.227.68.0/22 maxlen: 24
185.227.71.0/24 maxlen: 24
185.234.72.0/22 maxlen: 24
185.242.224.0/22 maxlen: 24
185.242.225.0/24 maxlen: 24
193.31.28.0/22 maxlen: 24
193.31.30.0/24 maxlen: 24
193.34.76.0/22 maxlen: 24
193.34.77.0/24 maxlen: 24
193.105.184.0/24 maxlen: 24
193.105.207.0/24 maxlen: 24
193.221.192.0/22 maxlen: 24
194.31.141.0/24 maxlen: 24
194.50.16.0/22 maxlen: 24
194.56.224.0/22 maxlen: 24
212.107.12.0/22 maxlen: 24
212.107.14.0/24 maxlen: 24
2a0b:b82::/44 maxlen: 44
2a0b:b84::/32 maxlen: 32
2a0b:b85::/32 maxlen: 32
2a0b:b86::/40 maxlen: 48
2a0b:b87:ff12::/48 maxlen: 48
2a0b:b87:ffb4::/48 maxlen: 48
2a0b:b87:ffda::/48 maxlen: 48
2a0b:b87:ffec::/48 maxlen: 48
2a0b:b87:fff0::/44 maxlen: 44
2a0b:7080:10::/44 maxlen: 44
2a0b:7080:10::/45 maxlen: 45
2a0b:7080:10::/48 maxlen: 48
2a0b:7080:20::/44 maxlen: 48
2a0b:7080:20::/48 maxlen: 48
2a0b:7080:30::/44 maxlen: 48
2a0d:77c0::/29 maxlen: 32
Validation: Failed, certificate revoked on Wed 25 Sep 2024 21:12:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b2:f4:7d:eb:23:79:4d:65:66:e7:37:86:ab:8e:14:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Sep 2 13:37:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=54a1a71799b9a59a3689150a219a3e9458aeb354
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:66:12:d2:ff:76:a5:eb:ea:7b:69:b2:da:4d:
00:a4:17:23:c0:81:35:bb:e7:4c:09:18:0a:76:f5:
26:92:dc:b6:04:55:44:8b:b1:aa:a8:3c:e8:32:4d:
92:7e:f2:4e:95:c6:67:53:c0:e9:b6:d3:7d:e2:d8:
17:92:8f:19:e8:e8:d5:92:1e:e8:f4:30:c7:fb:c5:
7d:41:68:9c:02:f8:63:90:71:15:1f:06:2e:1e:f3:
a5:25:15:25:5c:73:23:05:b0:83:a8:d8:26:25:0f:
9a:83:a5:b0:3d:57:a9:5f:53:fc:40:d9:0e:f8:02:
95:d3:4f:be:e0:50:42:56:c4:3d:d4:a3:b9:86:a8:
c3:fc:a2:71:0a:f1:12:cb:16:4f:d5:08:ea:26:0c:
26:cb:53:34:80:08:9f:7d:b0:d0:67:06:67:97:97:
31:72:4f:65:15:7c:39:95:75:53:48:b8:74:45:df:
6d:76:80:e3:84:70:b7:77:5e:e7:93:9b:a3:bf:66:
71:92:f2:56:21:3e:4b:b2:00:67:ec:35:1f:c8:3c:
17:25:d8:64:5c:e2:48:59:e6:39:da:74:d9:78:4b:
68:6a:fc:d8:9b:13:25:e6:ed:95:93:c8:53:ef:d9:
35:fb:3d:b3:05:71:c9:38:9e:6c:1d:b6:ea:80:81:
2f:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:A1:A7:17:99:B9:A5:9A:36:89:15:0A:21:9A:3E:94:58:AE:B3:54
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/VKGnF5m5pZo2iRUKIZo-lFius1Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.164.0/22
45.81.20.0/22
45.90.144.0/22
45.140.220.0/22
45.154.196.0/22
77.83.240.0/22
78.108.216.0/22
83.143.116.0/22
85.202.160.0/22
89.190.156.0/22
178.218.144.0/22
185.185.40.0/22
185.186.64.0/22
185.227.68.0/22
185.234.72.0/22
185.242.224.0/22
193.31.28.0/22
193.34.76.0/22
193.105.184.0/24
193.105.207.0/24
193.221.192.0/22
194.31.141.0/24
194.50.16.0/22
194.56.224.0/22
212.107.12.0/22
IPv6:
2a0b:b82::/44
2a0b:b84::-2a0b:b86:ff:ffff:ffff:ffff:ffff:ffff
2a0b:b87:ff12::/48
2a0b:b87:ffb4::/48
2a0b:b87:ffda::/48
2a0b:b87:ffec::/48
2a0b:b87:fff0::/44
2a0b:7080:10::-2a0b:7080:3f:ffff:ffff:ffff:ffff:ffff
2a0d:77c0::/29
Signature Algorithm: sha256WithRSAEncryption
9f:5f:f6:d9:39:c6:e4:bd:a9:48:8c:26:08:54:5e:2e:6d:ec:
70:42:4b:09:89:9f:85:cc:74:ea:ed:99:01:a2:22:2f:38:02:
66:22:d7:34:9d:36:80:c4:6a:49:7e:13:4c:55:7d:0b:04:1b:
90:76:56:3c:c6:46:60:48:23:dc:88:d3:22:6a:94:b3:a7:94:
99:13:74:15:42:5c:a3:62:fa:14:29:06:52:89:77:4b:3d:04:
cd:f9:da:f5:80:11:4b:f4:d7:db:29:20:14:fa:c4:bd:ec:62:
25:ab:55:39:12:95:a5:27:55:14:32:e4:7a:50:b6:3d:e5:52:
e9:bb:6c:10:4e:21:5c:11:8c:4d:af:f7:2d:50:11:86:43:ef:
fa:7c:5a:9a:7e:f4:0a:c9:5f:c8:18:9d:37:30:5a:cc:6d:e2:
5b:4f:f3:46:48:03:5d:89:96:b4:0d:53:1c:96:14:f3:27:fa:
af:98:0b:a4:41:9a:58:fb:84:ec:86:f4:a9:82:01:04:b6:0d:
22:60:a0:4c:40:3c:30:f7:ea:73:97:f4:b6:f4:66:4d:e1:95:
d1:22:01:4c:dc:6d:50:65:58:35:b3:c5:f2:70:2d:78:7d:81:
c2:27:68:86:38:1d:84:d3:77:0d:05:b8:2a:ca:20:ec:e7:0e:
86:bd:32:36
-----BEGIN CERTIFICATE-----
MIIF/zCCBOegAwIBAgISAZGy9H3rI3lNZWbnN4arjhS5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjQwOTAyMTMzNzMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NGExYTcxNzk5YjlhNTlhMzY4OTE1MGEyMTlhM2U5NDU4YWViMzU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArGYS0v92pevqe2my2k0ApBcjwIE1
u+dMCRgKdvUmkty2BFVEi7GqqDzoMk2SfvJOlcZnU8DpttN94tgXko8Z6OjVkh7o
9DDH+8V9QWicAvhjkHEVHwYuHvOlJRUlXHMjBbCDqNgmJQ+ag6WwPVepX1P8QNkO
+AKV00++4FBCVsQ91KO5hqjD/KJxCvESyxZP1QjqJgwmy1M0gAiffbDQZwZnl5cx
ck9lFXw5lXVTSLh0Rd9tdoDjhHC3d17nk5ujv2ZxkvJWIT5LsgBn7DUfyDwXJdhk
XOJIWeY52nTZeEtoavzYmxMl5u2Vk8hT79k1+z2zBXHJOJ5sHbbqgIEvCwIDAQAB
o4IDCzCCAwcwHQYDVR0OBBYEFFShpxeZuaWaNokVCiGaPpRYrrNUMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvVktHbkY1bTVwWm8yaVJVS0laby1sRml1czFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBHwYIKwYBBQUHAQcBAf8EggEOMIIBCjCBnQQCAAEwgZYD
BAICOKQDBAItURQDBAItWpADBAItjNwDBAItmsQDBAJNU/ADBAJObNgDBAJTj3QD
BAJVyqADBAJZvpwDBAKy2pADBAK5uSgDBAK5ukADBAK540QDBAK56kgDBAK58uAD
BALBHxwDBALBIkwDBADBabgDBADBac8DBALB3cADBADCH40DBALCMhADBALCOOAD
BALUawwwaAQCAAIwYgMHBCoLC4IAADAPAwUCKgsLhAMGACoLC4YAAwcAKgsLh/8S
AwcAKgsLh/+0AwcAKgsLh//aAwcAKgsLh//sAwcEKgsLh//wMBIDBwQqC3CAABAD
BwYqC3CAAAADBQMqDXfAMA0GCSqGSIb3DQEBCwUAA4IBAQCfX/bZOcbkvalIjCYI
VF4ubexwQksJiZ+FzHTq7ZkBoiIvOAJmItc0nTaAxGpJfhNMVX0LBBuQdlY8xkZg
SCPciNMiapSzp5SZE3QVQlyjYvoUKQZSiXdLPQTN+dr1gBFL9NfbKSAU+sS97GIl
q1U5EpWlJ1UUMuR6ULY95VLpu2wQTiFcEYxNr/ctUBGGQ+/6fFqafvQKyV/IGJ03
MFrMbeJbT/NGSANdiZa0DVMclhTzJ/qvmAukQZpY+4TshvSpggEEtg0iYKBMQDww
9+pzl/S29GZN4ZXRIgFM3G1QZVg1s8XycC14fYHCJ2iGOB2E03cNBbgqyiDs5w6G
vTI2
-----END CERTIFICATE-----
Generated at Wed Sep 25 23:30:41 2024 by rpki-client on console-ams.rpki-client.org