Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/fd8457-810f-4f7e-9e58-56cc39db6ed6/1/V8wWHR-NEBe2mFEC7peAdL1AJHA.roa
File: V8wWHR-NEBe2mFEC7peAdL1AJHA.roa (raw, json)
Hash identifier: C+0sCskWNP1G8SUFm5ztpQxHs4arIMy5xUrWm3UHusw=
Subject key identifier: 57:CC:16:1D:1F:8D:10:17:B6:98:51:02:EE:97:80:74:BD:40:24:70
Certificate issuer: /CN=c59bd1e8c58f641bd944305f11c54efe5f3a0ce2
Certificate serial: 0185790BE938D3F7F3C56C6F65F7CBC29C04
Authority key identifier: C5:9B:D1:E8:C5:8F:64:1B:D9:44:30:5F:11:C5:4E:FE:5F:3A:0C:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xZvR6MWPZBvZRDBfEcVO_l86DOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/fd8457-810f-4f7e-9e58-56cc39db6ed6/1/V8wWHR-NEBe2mFEC7peAdL1AJHA.roa
Signing time: Tue 03 Jan 2023 19:11:41 +0000
ROA not before: Tue 03 Jan 2023 19:11:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48011
IP address blocks: 45.89.236.0/22 maxlen: 24
185.217.143.0/24 maxlen: 24
193.163.72.0/24 maxlen: 24
213.232.203.0/24 maxlen: 24
185.227.139.0/24 maxlen: 24
185.227.137.0/24 maxlen: 24
185.227.138.0/24 maxlen: 24
185.227.136.0/24 maxlen: 24
2a0c:6600:3::/48 maxlen: 48
2a0c:6600:1::/48 maxlen: 48
2a0c:6600:2::/48 maxlen: 48
2a0c:6600::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 04 Jan 2023 11:01:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:79:0b:e9:38:d3:f7:f3:c5:6c:6f:65:f7:cb:c2:9c:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c59bd1e8c58f641bd944305f11c54efe5f3a0ce2
Validity
Not Before: Jan 3 19:11:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=57cc161d1f8d1017b6985102ee978074bd402470
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:02:62:ea:1f:d0:40:cd:05:ca:d4:90:30:07:
31:f9:7a:db:81:56:fb:8d:14:46:ae:08:b1:47:52:
e3:9f:81:60:c4:24:3e:1c:00:0e:89:da:68:64:f8:
3b:46:98:6b:58:81:20:f5:c3:60:61:45:50:ef:e6:
d9:91:ac:1b:65:b3:cb:94:16:b8:08:fd:19:ff:ed:
5e:3f:f2:e9:75:d9:f2:72:ff:ba:ac:e2:2e:eb:c8:
8e:43:35:e6:e9:57:67:a4:98:9a:1d:be:70:8c:0e:
26:b1:9a:f3:f3:09:73:f5:52:dd:74:fe:5f:83:34:
c7:ca:db:bd:aa:ec:58:06:60:8e:dc:9e:66:ae:fb:
6a:af:ce:e5:c8:6f:17:4c:7e:bd:b6:8d:b0:66:f2:
ee:d6:cd:58:87:f6:5b:e3:b0:50:8f:fb:f5:37:42:
37:aa:21:92:4d:fd:8f:10:d4:7c:d5:bf:64:bd:6d:
86:6b:76:bc:86:68:0c:8f:28:d4:41:b0:3b:59:60:
09:17:89:22:ab:81:86:e9:7d:7b:3b:3b:44:50:1a:
ec:f8:29:e8:89:dc:bd:14:ec:f3:c3:94:7e:51:b4:
39:02:dd:0a:ae:1d:2b:c2:57:06:ca:97:e7:66:fe:
83:6d:82:dd:8b:98:1c:fc:9d:37:f1:43:af:b3:d3:
fa:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:CC:16:1D:1F:8D:10:17:B6:98:51:02:EE:97:80:74:BD:40:24:70
X509v3 Authority Key Identifier:
keyid:C5:9B:D1:E8:C5:8F:64:1B:D9:44:30:5F:11:C5:4E:FE:5F:3A:0C:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xZvR6MWPZBvZRDBfEcVO_l86DOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/fd8457-810f-4f7e-9e58-56cc39db6ed6/1/V8wWHR-NEBe2mFEC7peAdL1AJHA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/fd8457-810f-4f7e-9e58-56cc39db6ed6/1/xZvR6MWPZBvZRDBfEcVO_l86DOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.236.0/22
185.217.143.0/24
185.227.136.0/22
193.163.72.0/24
213.232.203.0/24
IPv6:
2a0c:6600::/46
Signature Algorithm: sha256WithRSAEncryption
33:0d:69:92:03:43:de:5b:f8:70:ce:80:bd:e6:4c:d9:13:25:
3a:91:20:66:63:83:16:55:2f:42:c7:78:07:76:92:e3:3d:26:
ac:13:5b:91:50:be:dc:ee:68:c4:6f:26:6e:cb:4e:a0:ae:1d:
6d:6f:eb:c7:0b:06:3e:88:8e:af:df:9a:af:f3:f8:21:66:11:
ac:31:f3:ba:d5:0b:ae:24:10:81:3a:95:91:19:88:4b:18:43:
64:a2:6c:27:66:c1:1f:f7:9e:37:02:7a:c8:95:74:f2:92:ce:
39:57:ba:9d:b3:41:09:7d:1a:ab:1b:7a:78:81:84:3b:c8:86:
57:cc:1d:63:77:56:64:fc:92:1e:d0:db:39:84:c6:5a:fc:71:
0b:4d:05:89:90:90:96:24:75:ce:99:5c:5d:45:eb:ad:de:3a:
ef:10:5a:0d:ba:61:a8:0f:bb:a3:af:30:91:e7:09:0a:a8:f8:
b3:28:d9:8d:76:0e:c6:ac:11:34:d0:37:fb:e5:fd:eb:a1:b6:
cf:96:1b:61:e5:3b:eb:b1:7d:26:b2:6d:7f:5d:ec:6e:97:58:
ee:8b:92:87:a7:16:0d:68:5e:1f:08:80:58:f9:50:04:fd:42:
88:be:97:62:d9:47:2c:6f:6b:01:48:1f:e2:b6:5f:dd:b6:93:
e4:21:15:40
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYV5C+k40/fzxWxvZffLwpwEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1OWJkMWU4YzU4ZjY0MWJkOTQ0MzA1ZjExYzU0ZWZlNWYz
YTBjZTIwHhcNMjMwMTAzMTkxMTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1N2NjMTYxZDFmOGQxMDE3YjY5ODUxMDJlZTk3ODA3NGJkNDAyNDcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlgJi6h/QQM0FytSQMAcx+XrbgVb7
jRRGrgixR1Ljn4FgxCQ+HAAOidpoZPg7RphrWIEg9cNgYUVQ7+bZkawbZbPLlBa4
CP0Z/+1eP/Lpddnycv+6rOIu68iOQzXm6VdnpJiaHb5wjA4msZrz8wlz9VLddP5f
gzTHytu9quxYBmCO3J5mrvtqr87lyG8XTH69to2wZvLu1s1Yh/Zb47BQj/v1N0I3
qiGSTf2PENR81b9kvW2Ga3a8hmgMjyjUQbA7WWAJF4kiq4GG6X17OztEUBrs+Cno
idy9FOzzw5R+UbQ5At0Krh0rwlcGypfnZv6DbYLdi5gc/J038UOvs9P6pQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFFfMFh0fjRAXtphRAu6XgHS9QCRwMB8GA1UdIwQY
MBaAFMWb0ejFj2Qb2UQwXxHFTv5fOgziMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFp2UjZNV1BaQnZaUkRCZkVjVk9fbDg2RE9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9mZDg0NTctODEwZi00ZjdlLTllNTgt
NTZjYzM5ZGI2ZWQ2LzEvVjh3V0hSLU5FQmUybUZFQzdwZUFkTDFBSkhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9mZDg0NTctODEwZi00ZjdlLTllNTgtNTZjYzM5ZGI2ZWQ2
LzEveFp2UjZNV1BaQnZaUkRCZkVjVk9fbDg2RE9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAkBAIAATAeAwQCLVnsAwQA
udmPAwQCueOIAwQAwaNIAwQA1ejLMA8EAgACMAkDBwIqDGYAAAAwDQYJKoZIhvcN
AQELBQADggEBADMNaZIDQ95b+HDOgL3mTNkTJTqRIGZjgxZVL0LHeAd2kuM9JqwT
W5FQvtzuaMRvJm7LTqCuHW1v68cLBj6Ijq/fmq/z+CFmEawx87rVC64kEIE6lZEZ
iEsYQ2SibCdmwR/3njcCesiVdPKSzjlXup2zQQl9GqsbeniBhDvIhlfMHWN3VmT8
kh7Q2zmExlr8cQtNBYmQkJYkdc6ZXF1F663eOu8QWg26YagPu6OvMJHnCQqo+LMo
2Y12DsasETTQN/vl/euhts+WG2HlO+uxfSaybX9d7G6XWO6LkoenFg1oXh8IgFj5
UAT9Qoi+l2LZRyxvawFIH+K2X922k+QhFUA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:13 2024 by rpki-client on console-ams.rpki-client.org