Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/229650-8a01-4370-991e-b504c9ae9bbc/1/VGkqDMMGlmMda3oNdp_IKCgoxAc.roa
File: VGkqDMMGlmMda3oNdp_IKCgoxAc.roa (raw, json)
Hash identifier: Hmqxjafe2z/Ep9CAT/qN5TH4XekCalLPFE2nB7WCfhc=
Subject key identifier: 54:69:2A:0C:C3:06:96:63:1D:6B:7A:0D:76:9F:C8:28:28:28:C4:07
Certificate issuer: /CN=123c3de61011de07101e14dc0727395171cb03ab
Certificate serial: 018C2A7CA710F414E61E67FAAE21124E0626
Authority key identifier: 12:3C:3D:E6:10:11:DE:07:10:1E:14:DC:07:27:39:51:71:CB:03:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ejw95hAR3gcQHhTcByc5UXHLA6s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/229650-8a01-4370-991e-b504c9ae9bbc/1/VGkqDMMGlmMda3oNdp_IKCgoxAc.roa
Signing time: Sat 02 Dec 2023 12:24:21 +0000
ROA not before: Sat 02 Dec 2023 12:24:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203459
IP address blocks: 185.133.225.0/24 maxlen: 24
185.133.226.0/24 maxlen: 24
185.133.227.0/24 maxlen: 24
2a06:7fc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 02 Dec 2023 20:46:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:2a:7c:a7:10:f4:14:e6:1e:67:fa:ae:21:12:4e:06:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=123c3de61011de07101e14dc0727395171cb03ab
Validity
Not Before: Dec 2 12:24:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=54692a0cc30696631d6b7a0d769fc8282828c407
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:f5:b9:b8:97:0f:9e:30:44:dc:68:7e:84:21:
e7:ef:27:ac:01:f2:9a:a3:23:b0:86:9d:b4:b8:fc:
bd:91:19:2b:df:f9:b9:e6:65:0a:a6:d6:bc:5d:d2:
7c:df:20:51:31:7a:27:23:97:ed:1f:a7:52:1a:14:
26:d4:d0:e8:85:dc:68:54:3f:2f:48:5d:96:c4:0c:
ef:c8:86:b9:96:65:91:ec:75:af:ed:dc:f7:0a:b3:
ec:b1:80:74:66:16:b7:eb:3c:66:9d:b4:f6:17:1c:
a5:00:55:ad:68:d8:11:33:1a:f7:41:da:1b:70:8f:
29:47:e8:34:de:96:e8:83:ca:bf:37:99:0c:b6:0f:
c6:52:3b:b8:64:19:c0:a9:59:89:d5:c3:7b:a1:9d:
18:69:0b:79:b0:38:2d:db:0e:01:e9:ed:13:e0:4f:
43:dc:68:ad:5d:be:fe:66:3f:6d:84:00:f8:8f:57:
d9:d5:73:a5:46:fe:a3:f0:f5:de:7b:c5:27:7e:9a:
b1:53:24:94:60:e5:34:20:8c:a3:5b:77:92:71:24:
9c:b4:b9:43:5c:3c:e1:db:5a:13:7f:4b:5a:91:77:
85:cc:49:ed:09:ae:4b:ab:23:b3:0d:73:d3:3c:a8:
bc:77:79:9b:8c:7e:51:bf:59:77:bf:f2:e7:63:76:
71:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:69:2A:0C:C3:06:96:63:1D:6B:7A:0D:76:9F:C8:28:28:28:C4:07
X509v3 Authority Key Identifier:
keyid:12:3C:3D:E6:10:11:DE:07:10:1E:14:DC:07:27:39:51:71:CB:03:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ejw95hAR3gcQHhTcByc5UXHLA6s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/229650-8a01-4370-991e-b504c9ae9bbc/1/VGkqDMMGlmMda3oNdp_IKCgoxAc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/229650-8a01-4370-991e-b504c9ae9bbc/1/Ejw95hAR3gcQHhTcByc5UXHLA6s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.133.225.0-185.133.227.255
IPv6:
2a06:7fc0::/29
Signature Algorithm: sha256WithRSAEncryption
43:b2:be:16:ca:06:81:92:46:0a:8f:93:94:8e:fc:12:e5:29:
da:16:86:8a:3a:cd:1a:3a:73:e4:af:40:f5:0b:9d:44:bf:60:
cf:7e:ab:4b:8e:f5:02:3d:60:02:82:f1:c0:d1:cd:b6:2f:76:
ad:1b:dd:50:38:82:6b:cf:96:03:a2:7b:35:31:a4:5c:ac:ac:
d7:7b:af:25:dd:c5:f3:b0:c5:61:07:c9:2f:bd:6e:3c:b6:04:
66:11:f7:0c:18:35:c3:49:81:60:c3:51:15:a2:5b:ca:0f:00:
b3:77:94:d4:52:44:93:33:60:15:0c:9a:2d:ad:e6:e4:fd:c1:
22:7e:36:35:84:44:9a:24:b4:9c:61:25:11:29:c3:db:53:72:
95:19:67:9e:0d:b3:99:5f:8a:bd:9f:12:b1:09:14:22:ef:8d:
c0:24:35:85:9d:62:5b:65:52:53:8a:ce:08:41:19:11:5a:e0:
b2:3a:e6:b9:24:45:b3:8f:60:b7:54:c5:67:2f:b3:40:a0:aa:
ce:c3:1f:72:20:1b:ec:80:5c:dc:75:8c:97:05:c2:9a:87:a9:
53:61:63:32:8f:4e:b7:e9:4b:c0:e0:24:10:55:fc:ba:1d:b4:
e0:36:76:bd:32:dd:42:51:e7:da:0a:b7:37:00:56:67:85:f8:
11:5d:d4:89
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYwqfKcQ9BTmHmf6riESTgYmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyM2MzZGU2MTAxMWRlMDcxMDFlMTRkYzA3MjczOTUxNzFj
YjAzYWIwHhcNMjMxMjAyMTIyNDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDY5MmEwY2MzMDY5NjYzMWQ2YjdhMGQ3NjlmYzgyODI4MjhjNDA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkfW5uJcPnjBE3Gh+hCHn7yesAfKa
oyOwhp20uPy9kRkr3/m55mUKpta8XdJ83yBRMXonI5ftH6dSGhQm1NDohdxoVD8v
SF2WxAzvyIa5lmWR7HWv7dz3CrPssYB0Zha36zxmnbT2FxylAFWtaNgRMxr3Qdob
cI8pR+g03pbog8q/N5kMtg/GUju4ZBnAqVmJ1cN7oZ0YaQt5sDgt2w4B6e0T4E9D
3GitXb7+Zj9thAD4j1fZ1XOlRv6j8PXee8UnfpqxUySUYOU0IIyjW3eScSSctLlD
XDzh21oTf0takXeFzEntCa5LqyOzDXPTPKi8d3mbjH5Rv1l3v/LnY3ZxQQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFFRpKgzDBpZjHWt6DXafyCgoKMQHMB8GA1UdIwQY
MBaAFBI8PeYQEd4HEB4U3AcnOVFxywOrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWp3OTVoQVIzZ2NRSGhUY0J5YzVVWEhMQTZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi8yMjk2NTAtOGEwMS00MzcwLTk5MWUt
YjUwNGM5YWU5YmJjLzEvVkdrcURNTUdsbU1kYTNvTmRwX0lLQ2dveEFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi8yMjk2NTAtOGEwMS00MzcwLTk5MWUtYjUwNGM5YWU5YmJj
LzEvRWp3OTVoQVIzZ2NRSGhUY0J5YzVVWEhMQTZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAC5heED
BAK5heAwDQQCAAIwBwMFAyoGf8AwDQYJKoZIhvcNAQELBQADggEBAEOyvhbKBoGS
RgqPk5SO/BLlKdoWhoo6zRo6c+SvQPULnUS/YM9+q0uO9QI9YAKC8cDRzbYvdq0b
3VA4gmvPlgOiezUxpFysrNd7ryXdxfOwxWEHyS+9bjy2BGYR9wwYNcNJgWDDURWi
W8oPALN3lNRSRJMzYBUMmi2t5uT9wSJ+NjWERJoktJxhJREpw9tTcpUZZ54Ns5lf
ir2fErEJFCLvjcAkNYWdYltlUlOKzghBGRFa4LI65rkkRbOPYLdUxWcvs0Cgqs7D
H3IgG+yAXNx1jJcFwpqHqVNhYzKPTrfpS8DgJBBV/LodtOA2dr0y3UJR59oKtzcA
VmeF+BFd1Ik=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:22 2024 by rpki-client on console-ams.rpki-client.org