Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/d46e2b-de4d-4b6f-8dd7-69629c501943/1/vrycm2-ta1AP6YJaawQPlpgmsfk.roa
File: vrycm2-ta1AP6YJaawQPlpgmsfk.roa (raw, json)
Hash identifier: qQFvWPeaGPCbZSq8McZd/wpDEvprln+HtciR4LOeLp4=
Subject key identifier: BE:BC:9C:9B:6F:AD:6B:50:0F:E9:82:5A:6B:04:0F:96:98:26:B1:F9
Certificate issuer: /CN=d0e31a149c2e6ae9acc729cf7ac1706de3de739b
Certificate serial: 018973900A5F55487DEFAF4E13D7906A8308
Authority key identifier: D0:E3:1A:14:9C:2E:6A:E9:AC:C7:29:CF:7A:C1:70:6D:E3:DE:73:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0OMaFJwuaumsxynPesFwbePec5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/d46e2b-de4d-4b6f-8dd7-69629c501943/1/vrycm2-ta1AP6YJaawQPlpgmsfk.roa
Signing time: Thu 20 Jul 2023 13:49:26 +0000
ROA not before: Thu 20 Jul 2023 13:49:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207330
IP address blocks: 185.144.112.0/24 maxlen: 24
2a12:a3c6::/31 maxlen: 31
2a12:a3c2::/31 maxlen: 31
2a12:a3c0::/31 maxlen: 31
2a12:a3c4::/31 maxlen: 31
2a12:a3c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:73:90:0a:5f:55:48:7d:ef:af:4e:13:d7:90:6a:83:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0e31a149c2e6ae9acc729cf7ac1706de3de739b
Validity
Not Before: Jul 20 13:49:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bebc9c9b6fad6b500fe9825a6b040f969826b1f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:6d:8d:cf:a4:2f:bf:62:8b:d4:fa:79:32:0b:
98:5d:72:e1:22:e1:ad:dd:86:d2:8b:cf:ea:2f:ce:
56:a6:86:58:27:a1:eb:b4:6f:93:b9:45:8f:38:6d:
bb:48:b6:f8:c6:a5:ca:c3:7d:04:9c:8b:a7:06:5e:
52:66:ce:4c:9e:29:52:8b:ab:f2:a3:f5:83:f4:68:
fc:47:99:f6:b7:b7:d4:39:ad:b0:e2:97:ba:99:90:
16:3c:28:e0:3e:d0:ee:6a:9b:4b:32:22:b3:be:a1:
dd:ba:b9:bf:ff:4d:b6:4e:40:28:62:35:e9:d7:0d:
3c:1b:5b:b7:8a:45:51:91:60:83:74:34:17:33:3a:
98:2f:8b:ec:24:a3:26:31:98:c1:e2:3e:8c:b4:61:
9a:1f:ac:4a:f0:1e:9a:97:db:e7:99:61:c3:01:2a:
6e:03:8a:03:16:55:bb:35:4e:95:a0:75:52:3f:5d:
09:1b:79:17:19:59:68:20:d2:06:ee:17:cd:4f:3a:
fb:b6:d5:e8:8a:d3:f7:11:9d:78:a3:dd:3f:fa:b3:
71:c7:f8:40:7b:49:b7:8a:d4:70:38:f5:26:f4:8a:
c9:4b:84:4b:40:74:e9:fa:e7:09:98:c1:c3:af:4d:
cb:a5:73:5e:04:7a:b3:35:a9:13:6a:42:f9:96:87:
64:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:BC:9C:9B:6F:AD:6B:50:0F:E9:82:5A:6B:04:0F:96:98:26:B1:F9
X509v3 Authority Key Identifier:
keyid:D0:E3:1A:14:9C:2E:6A:E9:AC:C7:29:CF:7A:C1:70:6D:E3:DE:73:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0OMaFJwuaumsxynPesFwbePec5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/d46e2b-de4d-4b6f-8dd7-69629c501943/1/vrycm2-ta1AP6YJaawQPlpgmsfk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/d46e2b-de4d-4b6f-8dd7-69629c501943/1/0OMaFJwuaumsxynPesFwbePec5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.144.112.0/24
IPv6:
2a12:a3c0::/29
Signature Algorithm: sha256WithRSAEncryption
06:16:8d:76:c2:94:46:35:1e:a7:7d:3e:3a:a2:b1:5c:42:de:
89:1e:9e:6f:88:bc:5d:57:cc:83:85:1c:27:f0:fb:a4:9d:2b:
89:15:c3:6f:3e:9d:10:73:af:ee:d6:5a:24:0b:1b:1b:b8:08:
f0:84:d5:7e:73:9d:47:93:b0:f5:e9:d7:f8:76:a5:5d:bb:fc:
69:a6:b1:8e:7e:d5:c5:d6:97:79:ba:ea:a6:2f:1f:ef:83:81:
4b:d9:07:db:d8:a8:6c:6a:6f:57:4e:7c:89:57:49:ba:a7:4f:
67:f6:4b:e9:27:7f:7d:4c:11:c7:8e:67:69:f2:19:5d:c7:a7:
4b:d3:f1:79:a4:af:da:d9:da:91:9f:6e:3b:17:1c:cd:cf:9a:
2e:f7:f2:dc:22:52:d9:19:59:2c:02:bc:e3:e0:25:80:0c:f6:
7d:a4:81:fd:17:9e:9f:1a:de:a6:6d:58:3c:22:3d:f4:4b:4e:
1d:31:13:5a:1d:33:e4:07:18:57:bc:9a:e1:b4:80:5a:3d:06:
d0:7d:63:83:81:d3:61:0c:05:13:18:7b:9f:0f:c8:c2:30:b0:
f5:61:88:6e:24:8f:1c:eb:58:70:49:4f:c1:1f:38:ca:49:99:
16:4c:5b:22:23:a0:05:9c:60:21:62:4f:c6:43:bd:3b:45:7f:
17:03:6c:53
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYlzkApfVUh9769OE9eQaoMIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwZTMxYTE0OWMyZTZhZTlhY2M3MjljZjdhYzE3MDZkZTNk
ZTczOWIwHhcNMjMwNzIwMTM0OTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWJjOWM5YjZmYWQ2YjUwMGZlOTgyNWE2YjA0MGY5Njk4MjZiMWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9G2Nz6Qvv2KL1Pp5MguYXXLhIuGt
3YbSi8/qL85WpoZYJ6HrtG+TuUWPOG27SLb4xqXKw30EnIunBl5SZs5MnilSi6vy
o/WD9Gj8R5n2t7fUOa2w4pe6mZAWPCjgPtDuaptLMiKzvqHdurm//022TkAoYjXp
1w08G1u3ikVRkWCDdDQXMzqYL4vsJKMmMZjB4j6MtGGaH6xK8B6al9vnmWHDASpu
A4oDFlW7NU6VoHVSP10JG3kXGVloINIG7hfNTzr7ttXoitP3EZ14o90/+rNxx/hA
e0m3itRwOPUm9IrJS4RLQHTp+ucJmMHDr03LpXNeBHqzNakTakL5lodkqQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFL68nJtvrWtQD+mCWmsED5aYJrH5MB8GA1UdIwQY
MBaAFNDjGhScLmrprMcpz3rBcG3j3nObMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvME9NYUZKd3VhdW1zeHluUGVzRndiZVBlYzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9kNDZlMmItZGU0ZC00YjZmLThkZDct
Njk2MjljNTAxOTQzLzEvdnJ5Y20yLXRhMUFQNllKYWF3UVBscGdtc2ZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC9kNDZlMmItZGU0ZC00YjZmLThkZDctNjk2MjljNTAxOTQz
LzEvME9NYUZKd3VhdW1zeHluUGVzRndiZVBlYzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuZBwMA0E
AgACMAcDBQMqEqPAMA0GCSqGSIb3DQEBCwUAA4IBAQAGFo12wpRGNR6nfT46orFc
Qt6JHp5viLxdV8yDhRwn8PuknSuJFcNvPp0Qc6/u1lokCxsbuAjwhNV+c51Hk7D1
6df4dqVdu/xpprGOftXF1pd5uuqmLx/vg4FL2Qfb2Khsam9XTnyJV0m6p09n9kvp
J399TBHHjmdp8hldx6dL0/F5pK/a2dqRn247FxzNz5ou9/LcIlLZGVksArzj4CWA
DPZ9pIH9F56fGt6mbVg8Ij30S04dMRNaHTPkBxhXvJrhtIBaPQbQfWODgdNhDAUT
GHufD8jCMLD1YYhuJI8c61hwSU/BHzjKSZkWTFsiI6AFnGAhYk/GQ707RX8XA2xT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:08 2024 by rpki-client on console-fra.rpki-client.org