Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/8cdd49-c094-4c6a-918c-0aa463cdfca0/1/VE2y6ofRdfh0hZewLVbtQYTZUwQ.roa
File: VE2y6ofRdfh0hZewLVbtQYTZUwQ.roa (raw, json)
Hash identifier: HHOIySJCRWjG0U5V94pSVmrMRB+6XmJofJ7moL52uok=
Subject key identifier: 54:4D:B2:EA:87:D1:75:F8:74:85:97:B0:2D:56:ED:41:84:D9:53:04
Certificate issuer: /CN=e7c07db9880133c5cdce005bca111b552cd14c53
Certificate serial: 0185712765DAC18CA79795116D20D9FF96C4
Authority key identifier: E7:C0:7D:B9:88:01:33:C5:CD:CE:00:5B:CA:11:1B:55:2C:D1:4C:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/58B9uYgBM8XNzgBbyhEbVSzRTFM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/8cdd49-c094-4c6a-918c-0aa463cdfca0/1/VE2y6ofRdfh0hZewLVbtQYTZUwQ.roa
Signing time: Mon 02 Jan 2023 06:24:45 +0000
ROA not before: Mon 02 Jan 2023 06:24:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208183
IP address blocks: 45.152.229.0/24 maxlen: 24
45.152.228.0/22 maxlen: 22
45.152.228.0/24 maxlen: 24
2a0f:6500:3000::/36 maxlen: 36
2a0f:6500:2000::/36 maxlen: 36
2a0f:6500:1000::/36 maxlen: 36
2a0f:6500::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:27:65:da:c1:8c:a7:97:95:11:6d:20:d9:ff:96:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7c07db9880133c5cdce005bca111b552cd14c53
Validity
Not Before: Jan 2 06:24:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=544db2ea87d175f8748597b02d56ed4184d95304
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:84:48:97:2a:f6:15:3b:11:b3:4a:7e:af:bf:
c4:ec:3d:c1:af:16:d7:49:2d:f4:c0:11:19:cd:b4:
4d:0c:26:d1:16:51:3d:a4:b2:4f:9f:3f:0e:f4:13:
12:7c:07:2d:8a:6b:79:75:8f:ec:88:62:05:e9:ed:
0f:bb:ca:74:f1:07:2c:7f:8f:56:de:06:7d:6e:26:
41:c0:ef:7c:c9:60:12:ef:b7:06:ca:0d:e6:33:8c:
f7:73:b4:d2:44:a2:d3:1d:fe:c1:f9:e7:9b:6b:ad:
a7:1d:9f:b3:49:95:3f:49:82:4e:2e:c5:24:ce:d3:
87:a3:9f:c0:e9:57:92:32:91:89:ff:09:8a:4a:f8:
8e:0e:18:f1:e3:2c:2b:50:0f:7c:fe:fe:6e:d6:94:
c5:d6:f2:e8:03:6b:05:31:79:a9:f1:97:cd:d2:ec:
00:a7:a0:69:8d:93:3d:15:3f:6c:eb:7a:b6:2e:c0:
a6:26:2a:2f:a2:40:e9:cd:a1:b5:96:70:1e:23:f3:
54:0a:55:0c:5d:67:ab:3c:f6:32:18:b8:bc:6e:c8:
e0:b5:a2:51:da:af:97:46:51:75:26:a3:7b:4a:b7:
f3:12:62:4d:58:6d:62:87:bd:8a:9a:ab:c0:ee:3c:
82:36:7e:59:50:32:71:0b:2b:85:00:e5:11:b7:62:
97:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:4D:B2:EA:87:D1:75:F8:74:85:97:B0:2D:56:ED:41:84:D9:53:04
X509v3 Authority Key Identifier:
keyid:E7:C0:7D:B9:88:01:33:C5:CD:CE:00:5B:CA:11:1B:55:2C:D1:4C:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/58B9uYgBM8XNzgBbyhEbVSzRTFM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/8cdd49-c094-4c6a-918c-0aa463cdfca0/1/VE2y6ofRdfh0hZewLVbtQYTZUwQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/8cdd49-c094-4c6a-918c-0aa463cdfca0/1/58B9uYgBM8XNzgBbyhEbVSzRTFM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.228.0/22
IPv6:
2a0f:6500::/32
Signature Algorithm: sha256WithRSAEncryption
05:b8:c9:92:27:95:ab:32:c1:ff:16:67:49:c7:34:87:1c:ef:
18:85:e9:88:0b:8f:36:90:91:b5:f4:2a:22:d2:f8:a4:dd:04:
aa:b2:a2:5b:50:66:51:90:c1:d1:9e:5e:31:f0:02:ea:6f:a1:
81:9a:a3:46:c1:97:e5:3e:73:38:01:52:ab:52:db:a0:53:d2:
cb:2d:1c:94:d7:46:e0:24:9f:33:f0:31:03:54:cc:3c:64:e3:
86:8a:1d:62:fd:ef:99:a8:ca:12:08:26:cf:51:cc:0d:ad:57:
19:0b:7d:29:51:e3:26:b0:eb:37:0d:71:62:96:1c:41:97:5d:
64:be:fd:0c:33:33:00:93:ee:81:b0:81:d8:41:51:88:cc:71:
81:b3:f7:39:07:1d:59:e4:b3:24:e3:46:e7:d3:a5:20:cf:57:
04:00:31:a9:26:bf:21:92:5d:d5:c3:b0:d5:a3:86:f8:27:2b:
7d:2c:6c:ea:1d:02:cd:e4:c7:cc:56:53:8a:0b:63:6c:a0:de:
4d:88:7f:06:74:3a:de:7d:f5:b0:b5:df:a9:94:6d:57:f7:c7:
96:b5:52:95:81:cc:d3:73:83:1d:34:7a:ea:87:5b:e3:ab:cf:
56:83:f1:ef:10:e8:0d:25:70:ed:43:ce:5a:11:c1:19:aa:c5:
81:5f:00:18
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxJ2XawYynl5URbSDZ/5bEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3YzA3ZGI5ODgwMTMzYzVjZGNlMDA1YmNhMTExYjU1MmNk
MTRjNTMwHhcNMjMwMTAyMDYyNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDRkYjJlYTg3ZDE3NWY4NzQ4NTk3YjAyZDU2ZWQ0MTg0ZDk1MzA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvYRIlyr2FTsRs0p+r7/E7D3BrxbX
SS30wBEZzbRNDCbRFlE9pLJPnz8O9BMSfActimt5dY/siGIF6e0Pu8p08Qcsf49W
3gZ9biZBwO98yWAS77cGyg3mM4z3c7TSRKLTHf7B+eeba62nHZ+zSZU/SYJOLsUk
ztOHo5/A6VeSMpGJ/wmKSviODhjx4ywrUA98/v5u1pTF1vLoA2sFMXmp8ZfN0uwA
p6BpjZM9FT9s63q2LsCmJiovokDpzaG1lnAeI/NUClUMXWerPPYyGLi8bsjgtaJR
2q+XRlF1JqN7SrfzEmJNWG1ih72KmqvA7jyCNn5ZUDJxCyuFAOURt2KXEwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFRNsuqH0XX4dIWXsC1W7UGE2VMEMB8GA1UdIwQY
MBaAFOfAfbmIATPFzc4AW8oRG1Us0UxTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNThCOXVZZ0JNOFhOemdCYnloRWJWU3pSVEZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi84Y2RkNDktYzA5NC00YzZhLTkxOGMt
MGFhNDYzY2RmY2EwLzEvVkUyeTZvZlJkZmgwaFpld0xWYnRRWVRaVXdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi84Y2RkNDktYzA5NC00YzZhLTkxOGMtMGFhNDYzY2RmY2Ew
LzEvNThCOXVZZ0JNOFhOemdCYnloRWJWU3pSVEZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZjkMA0E
AgACMAcDBQAqD2UAMA0GCSqGSIb3DQEBCwUAA4IBAQAFuMmSJ5WrMsH/FmdJxzSH
HO8YhemIC482kJG19Coi0vik3QSqsqJbUGZRkMHRnl4x8ALqb6GBmqNGwZflPnM4
AVKrUtugU9LLLRyU10bgJJ8z8DEDVMw8ZOOGih1i/e+ZqMoSCCbPUcwNrVcZC30p
UeMmsOs3DXFilhxBl11kvv0MMzMAk+6BsIHYQVGIzHGBs/c5Bx1Z5LMk40bn06Ug
z1cEADGpJr8hkl3Vw7DVo4b4Jyt9LGzqHQLN5MfMVlOKC2NsoN5NiH8GdDreffWw
td+plG1X98eWtVKVgczTc4MdNHrqh1vjq89Wg/HvEOgNJXDtQ85aEcEZqsWBXwAY
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:03 2024 by rpki-client on console-ams.rpki-client.org