Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/VEhxFwyd1ZMVUgj9Cbce3qo7OdY.roa
File: VEhxFwyd1ZMVUgj9Cbce3qo7OdY.roa (raw, json)
Hash identifier: +QDwGm1ToDmkRL4zuTwbwQ34zzBlfC4xhMhqugfIN0A=
Subject key identifier: 54:48:71:17:0C:9D:D5:93:15:52:08:FD:09:B7:1E:DE:AA:3B:39:D6
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 018C7CA7941380B2C64AE92142677425312E
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/VEhxFwyd1ZMVUgj9Cbce3qo7OdY.roa
Signing time: Mon 18 Dec 2023 11:20:06 +0000
ROA not before: Mon 18 Dec 2023 11:20:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 185.55.4.0/22 maxlen: 23
185.55.140.0/22 maxlen: 22
185.55.140.0/23 maxlen: 23
185.55.142.0/23 maxlen: 23
64.43.112.0/22 maxlen: 22
64.43.124.0/22 maxlen: 22
193.36.204.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 18 Dec 2023 11:30:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:7c:a7:94:13:80:b2:c6:4a:e9:21:42:67:74:25:31:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Dec 18 11:20:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=544871170c9dd593155208fd09b71edeaa3b39d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:0c:ce:e1:14:77:bf:72:6b:91:93:b4:a7:fe:
8d:af:97:80:1c:62:2c:52:d6:07:09:e4:55:af:37:
20:9a:ff:be:96:31:25:88:1d:ff:93:82:67:54:64:
8e:08:94:8c:1e:07:0a:a8:be:4d:29:0b:96:ba:8a:
83:b8:c9:26:dc:72:92:8d:cf:20:58:36:99:dc:b1:
40:f7:25:14:dc:ec:98:ab:28:c2:8c:89:48:94:88:
97:1c:82:43:65:09:c9:22:2a:92:44:4c:35:bd:d9:
bf:a7:04:64:61:c0:56:05:da:cb:d0:f9:bb:bb:21:
4f:64:05:25:4c:ed:b8:d8:20:a2:25:7e:12:21:30:
3f:7e:7d:a8:d6:d7:14:24:09:06:7d:3a:ff:05:ba:
29:12:78:88:09:f2:bb:c2:96:13:d3:08:67:ea:a3:
5c:01:c6:83:18:17:58:63:07:ca:09:a6:c3:90:79:
f5:a7:c4:bb:b1:4c:ec:51:58:f7:9b:a1:35:7d:56:
61:21:ff:e3:0a:7b:c1:52:38:df:80:7a:9b:bf:f0:
b7:98:49:59:1e:0e:e2:34:64:51:9a:60:5f:db:ae:
6c:b2:a1:0f:e1:49:2d:43:2a:11:c9:b6:79:bd:61:
f4:74:93:3b:49:bc:9a:ba:08:b7:76:0f:e5:50:c5:
e1:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:48:71:17:0C:9D:D5:93:15:52:08:FD:09:B7:1E:DE:AA:3B:39:D6
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/VEhxFwyd1ZMVUgj9Cbce3qo7OdY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.43.112.0/22
64.43.124.0/22
185.55.4.0/22
185.55.140.0/22
193.36.204.0/22
Signature Algorithm: sha256WithRSAEncryption
4a:65:5b:64:e9:24:da:d7:d6:03:ce:93:90:90:c7:63:61:eb:
00:34:b1:af:56:15:2e:99:e3:56:0c:0a:12:da:c1:11:2e:aa:
0b:bd:73:f2:20:ef:58:d3:2f:8e:01:4b:0c:dc:ea:18:94:f9:
b2:81:b8:71:61:34:07:3f:c4:d1:aa:91:ae:c2:2d:17:e6:ff:
43:78:da:0f:0a:4a:cb:00:3b:6f:08:3c:2a:19:a6:93:e6:2d:
4b:97:8a:0a:7c:d3:e6:06:c7:d0:2e:47:77:80:ca:c3:a5:e6:
f6:df:0c:b9:e5:91:23:bb:77:b9:8c:b3:a7:56:c7:b8:93:58:
54:89:df:e8:b8:ba:c9:5b:e0:1d:03:06:c0:ef:d3:6a:f0:69:
1b:f2:b5:1a:29:86:78:7e:29:cc:2d:72:5d:4e:ec:3c:b0:2d:
bc:86:e2:4d:db:40:13:00:06:8f:68:94:95:3f:36:5d:a9:ba:
4c:cc:34:70:8d:29:ec:79:68:d6:3d:48:cc:ce:32:eb:6d:c0:
94:b7:b9:2d:0e:90:5f:2c:d7:a4:85:d9:d6:c1:26:9d:11:a9:
f8:e2:06:41:6a:01:32:11:23:f2:08:88:7a:f7:74:9e:db:b2:
6e:e9:ca:a9:3d:4a:a8:06:18:fd:db:c2:35:0d:12:d2:19:7c:
80:a5:fb:78
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYx8p5QTgLLGSukhQmd0JTEuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjMxMjE4MTEyMDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDQ4NzExNzBjOWRkNTkzMTU1MjA4ZmQwOWI3MWVkZWFhM2IzOWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArAzO4RR3v3JrkZO0p/6Nr5eAHGIs
UtYHCeRVrzcgmv++ljEliB3/k4JnVGSOCJSMHgcKqL5NKQuWuoqDuMkm3HKSjc8g
WDaZ3LFA9yUU3OyYqyjCjIlIlIiXHIJDZQnJIiqSREw1vdm/pwRkYcBWBdrL0Pm7
uyFPZAUlTO242CCiJX4SITA/fn2o1tcUJAkGfTr/BbopEniICfK7wpYT0whn6qNc
AcaDGBdYYwfKCabDkHn1p8S7sUzsUVj3m6E1fVZhIf/jCnvBUjjfgHqbv/C3mElZ
Hg7iNGRRmmBf265ssqEP4UktQyoRybZ5vWH0dJM7Sbyaugi3dg/lUMXhrwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFFRIcRcMndWTFVII/Qm3Ht6qOznWMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvVkVoeEZ3eWQxWk1WVWdqOUNiY2UzcW83T2RZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCQCtwAwQC
QCt8AwQCuTcEAwQCuTeMAwQCwSTMMA0GCSqGSIb3DQEBCwUAA4IBAQBKZVtk6STa
19YDzpOQkMdjYesANLGvVhUumeNWDAoS2sERLqoLvXPyIO9Y0y+OAUsM3OoYlPmy
gbhxYTQHP8TRqpGuwi0X5v9DeNoPCkrLADtvCDwqGaaT5i1Ll4oKfNPmBsfQLkd3
gMrDpeb23wy55ZEju3e5jLOnVse4k1hUid/ouLrJW+AdAwbA79Nq8Gkb8rUaKYZ4
finMLXJdTuw8sC28huJN20ATAAaPaJSVPzZdqbpMzDRwjSnseWjWPUjMzjLrbcCU
t7ktDpBfLNekhdnWwSadEan44gZBagEyESPyCIh693Se27Ju6cqpPUqoBhj928I1
DRLSGXyApft4
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:48 2024 by rpki-client on console-ams.rpki-client.org