Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/6670f9-418e-4275-8000-a29eb139e79d/1/1VYw9bf9UBcNY5jbR2gO5dWkNrw.roa
File: 1VYw9bf9UBcNY5jbR2gO5dWkNrw.roa (raw, json)
Hash identifier: lxQ+St6s0LOcYIqihW13BBwPy9GU8C1HID0vY0+6Dg4=
Subject key identifier: D5:56:30:F5:B7:FD:50:17:0D:63:98:DB:47:68:0E:E5:D5:A4:36:BC
Certificate issuer: /CN=24cacceee35ff87cd678ef6a92262cefce8492df
Certificate serial: 01856C4A575131CD26BE39F78D04C00B5498
Authority key identifier: 24:CA:CC:EE:E3:5F:F8:7C:D6:78:EF:6A:92:26:2C:EF:CE:84:92:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JMrM7uNf-HzWeO9qkiYs786Ekt8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/6670f9-418e-4275-8000-a29eb139e79d/1/1VYw9bf9UBcNY5jbR2gO5dWkNrw.roa
Signing time: Sun 01 Jan 2023 07:44:49 +0000
ROA not before: Sun 01 Jan 2023 07:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48944
IP address blocks: 109.72.192.0/21 maxlen: 21
109.72.192.0/20 maxlen: 20
109.238.176.0/20 maxlen: 20
109.72.200.0/21 maxlen: 21
109.238.184.0/24 maxlen: 24
185.246.4.0/22 maxlen: 22
5.23.112.0/21 maxlen: 21
176.67.64.0/20 maxlen: 20
185.11.176.0/22 maxlen: 22
95.130.58.0/24 maxlen: 24
95.130.57.0/24 maxlen: 24
95.130.56.0/24 maxlen: 24
95.130.56.0/21 maxlen: 21
95.130.59.0/24 maxlen: 24
95.130.63.0/24 maxlen: 24
95.130.62.0/24 maxlen: 24
95.130.61.0/24 maxlen: 24
95.130.60.0/24 maxlen: 24
2a02:d2c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:31:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:4a:57:51:31:cd:26:be:39:f7:8d:04:c0:0b:54:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24cacceee35ff87cd678ef6a92262cefce8492df
Validity
Not Before: Jan 1 07:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d55630f5b7fd50170d6398db47680ee5d5a436bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:db:65:fa:da:c1:56:56:d3:7f:d1:c7:65:c3:
3f:df:53:28:05:6b:59:ae:8a:d3:3e:64:0a:45:0a:
6a:ac:4d:7b:f4:11:2a:04:e7:31:19:cf:50:98:93:
f6:63:9e:ef:c8:c7:20:70:07:1c:6e:08:ad:11:c2:
1e:f2:2e:23:58:0b:da:23:90:75:ff:6c:5d:cc:27:
e2:2a:99:e7:98:76:cd:fb:f6:68:a6:06:e8:c0:9d:
bd:b3:a9:09:bb:c2:b4:2a:a3:b0:59:b1:04:5d:69:
5a:e9:3c:85:d3:c9:1e:95:60:49:bc:c5:ae:92:56:
9b:01:ea:a3:f5:2f:1c:e3:6f:9e:5d:8f:81:09:88:
b1:a4:d2:41:21:a1:88:c6:ae:52:89:58:49:fb:1b:
8c:a5:d1:9c:30:fa:96:25:aa:f1:b9:8d:bd:f5:96:
08:21:2d:f2:06:9a:bd:2b:ae:13:60:33:3a:86:97:
6e:16:cd:ab:56:71:c1:fb:71:4e:3d:5c:20:5c:5e:
e8:94:9c:25:1f:56:da:f2:01:a2:52:44:75:9b:49:
14:d3:bf:e7:52:06:d1:c3:1b:48:b1:f5:61:38:ea:
b0:43:b6:d8:11:8a:2e:f5:97:e3:9f:a9:ae:9d:56:
ec:9d:d5:3a:dd:2e:8e:31:a1:05:f6:9b:96:34:d1:
9c:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:56:30:F5:B7:FD:50:17:0D:63:98:DB:47:68:0E:E5:D5:A4:36:BC
X509v3 Authority Key Identifier:
keyid:24:CA:CC:EE:E3:5F:F8:7C:D6:78:EF:6A:92:26:2C:EF:CE:84:92:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JMrM7uNf-HzWeO9qkiYs786Ekt8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/6670f9-418e-4275-8000-a29eb139e79d/1/1VYw9bf9UBcNY5jbR2gO5dWkNrw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/6670f9-418e-4275-8000-a29eb139e79d/1/JMrM7uNf-HzWeO9qkiYs786Ekt8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.23.112.0/21
95.130.56.0/21
109.72.192.0/20
109.238.176.0/20
176.67.64.0/20
185.11.176.0/22
185.246.4.0/22
IPv6:
2a02:d2c0::/29
Signature Algorithm: sha256WithRSAEncryption
42:67:c4:e6:4e:8d:c9:32:f2:ec:52:92:ec:32:ac:69:ab:f3:
a1:fe:55:06:98:8d:aa:cd:e3:fc:6f:6e:5d:e8:82:e3:8c:30:
8e:df:d6:a9:80:b5:26:5f:07:f6:53:73:c9:bb:a8:fb:90:a0:
45:5e:b2:dd:dc:07:e1:c3:cb:33:34:a1:b8:0a:6f:8b:d0:70:
bc:d7:13:fe:c7:27:66:86:2c:ad:5b:ca:4e:90:ad:fa:ce:7c:
07:0d:0a:c2:df:20:2d:58:61:9d:e3:59:fc:ae:ca:58:b3:3c:
5f:ec:8f:c8:42:52:82:8f:ea:58:b5:1a:44:94:ca:40:fb:8a:
f8:55:07:3c:21:39:a0:94:aa:bd:e2:49:d7:4e:f4:21:e3:67:
59:25:e4:ad:38:3a:a4:07:77:30:1e:8a:c3:e1:44:23:08:b8:
e7:b3:91:80:36:cc:1a:ad:2d:62:ab:62:84:be:5a:17:6f:c5:
66:e7:5f:20:4d:4d:a9:bf:1b:b4:0c:e7:70:4f:a7:66:cd:83:
59:f1:6b:d1:ef:27:29:3d:19:8b:8c:ee:39:dd:36:d8:5a:85:
b8:75:44:00:a0:91:2b:5d:64:c6:ec:84:b4:43:2a:0f:22:a7:
28:dd:3c:a8:b6:06:44:7e:15:6d:b5:5d:7e:42:0a:19:e6:f2:
ab:17:e8:3b
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYVsSldRMc0mvjn3jQTAC1SYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0Y2FjY2VlZTM1ZmY4N2NkNjc4ZWY2YTkyMjYyY2VmY2U4
NDkyZGYwHhcNMjMwMTAxMDc0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTU2MzBmNWI3ZmQ1MDE3MGQ2Mzk4ZGI0NzY4MGVlNWQ1YTQzNmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg9tl+trBVlbTf9HHZcM/31MoBWtZ
rorTPmQKRQpqrE179BEqBOcxGc9QmJP2Y57vyMcgcAccbgitEcIe8i4jWAvaI5B1
/2xdzCfiKpnnmHbN+/ZopgbowJ29s6kJu8K0KqOwWbEEXWla6TyF08kelWBJvMWu
klabAeqj9S8c42+eXY+BCYixpNJBIaGIxq5SiVhJ+xuMpdGcMPqWJarxuY299ZYI
IS3yBpq9K64TYDM6hpduFs2rVnHB+3FOPVwgXF7olJwlH1ba8gGiUkR1m0kU07/n
UgbRwxtIsfVhOOqwQ7bYEYou9Zfjn6munVbsndU63S6OMaEF9puWNNGc4QIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFNVWMPW3/VAXDWOY20doDuXVpDa8MB8GA1UdIwQY
MBaAFCTKzO7jX/h81njvapImLO/OhJLfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSk1yTTd1TmYtSHpXZU85cWtpWXM3ODZFa3Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy82NjcwZjktNDE4ZS00Mjc1LTgwMDAt
YTI5ZWIxMzllNzlkLzEvMVZZdzliZjlVQmNOWTVqYlIyZ081ZFdrTnJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy82NjcwZjktNDE4ZS00Mjc1LTgwMDAtYTI5ZWIxMzllNzlk
LzEvSk1yTTd1TmYtSHpXZU85cWtpWXM3ODZFa3Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQDBRdwAwQD
X4I4AwQEbUjAAwQEbe6wAwQEsENAAwQCuQuwAwQCufYEMA0EAgACMAcDBQMqAtLA
MA0GCSqGSIb3DQEBCwUAA4IBAQBCZ8TmTo3JMvLsUpLsMqxpq/Oh/lUGmI2qzeP8
b25d6ILjjDCO39apgLUmXwf2U3PJu6j7kKBFXrLd3Afhw8szNKG4Cm+L0HC81xP+
xydmhiytW8pOkK36znwHDQrC3yAtWGGd41n8rspYszxf7I/IQlKCj+pYtRpElMpA
+4r4VQc8ITmglKq94knXTvQh42dZJeStODqkB3cwHorD4UQjCLjns5GANswarS1i
q2KEvloXb8Vm518gTU2pvxu0DOdwT6dmzYNZ8WvR7ycpPRmLjO453TbYWoW4dUQA
oJErXWTG7IS0QyoPIqco3TyotgZEfhVttV1+QgoZ5vKrF+g7
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:00 2024 by rpki-client on console-ams.rpki-client.org