Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/0e5aa2-8409-47a0-b479-f48aa2e754e5/1/VaErMLQr-dIxr7js_eS-Lw7Ld0k.roa
File: VaErMLQr-dIxr7js_eS-Lw7Ld0k.roa (raw, json)
Hash identifier: +KmwG6oUkeDpfYENsXX8OWAXqG0wJJiswkBvQDmnWNY=
Subject key identifier: 55:A1:2B:30:B4:2B:F9:D2:31:AF:B8:EC:FD:E4:BE:2F:0E:CB:77:49
Certificate issuer: /CN=b5160326be7e5cdc35b5c036441163cd25a4974d
Certificate serial: 01856D53C42C2681120DD148A4D02B3222BA
Authority key identifier: B5:16:03:26:BE:7E:5C:DC:35:B5:C0:36:44:11:63:CD:25:A4:97:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tRYDJr5-XNw1tcA2RBFjzSWkl00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/0e5aa2-8409-47a0-b479-f48aa2e754e5/1/VaErMLQr-dIxr7js_eS-Lw7Ld0k.roa
Signing time: Sun 01 Jan 2023 12:34:44 +0000
ROA not before: Sun 01 Jan 2023 12:34:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206374
IP address blocks: 185.188.132.0/24 maxlen: 24
185.188.133.0/24 maxlen: 24
2a0b:c480::/32 maxlen: 38
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:53:c4:2c:26:81:12:0d:d1:48:a4:d0:2b:32:22:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5160326be7e5cdc35b5c036441163cd25a4974d
Validity
Not Before: Jan 1 12:34:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=55a12b30b42bf9d231afb8ecfde4be2f0ecb7749
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:18:df:02:cc:20:8d:8f:66:15:ac:60:0b:57:
3b:cf:74:60:0b:53:bb:71:fc:3a:56:7d:4c:31:aa:
a0:41:cd:b9:e8:73:79:75:a2:86:66:a2:51:08:da:
3e:ad:b6:2b:3d:8f:f6:0e:4b:3b:83:d1:7c:f5:49:
e4:76:4b:c3:e6:92:f0:26:cc:49:d2:a4:04:43:9b:
8d:51:53:83:31:ad:db:80:c0:e7:b9:93:cc:08:6c:
c9:59:fd:a0:52:6a:4c:d4:ae:eb:77:2e:33:0d:dd:
ef:7a:29:41:ab:09:59:1d:e3:3f:ab:a5:6b:15:46:
bc:91:51:0b:75:d4:37:3d:2f:7c:4d:98:b9:3e:d1:
5c:79:6b:b0:79:f9:82:44:37:f6:e9:2a:97:0f:7a:
59:73:f9:fe:6a:f6:d8:e0:cc:77:9c:be:fa:e9:28:
a2:f0:81:06:d8:4d:48:17:98:5a:f7:5d:ad:25:f3:
86:7a:02:aa:ba:24:13:1b:3e:96:40:ad:21:42:8c:
79:5f:48:fd:ae:a8:8b:c9:d0:4b:b3:9d:91:1f:f5:
ca:75:18:d4:5e:bf:3e:58:90:5a:83:83:44:19:d5:
e7:00:c3:bf:48:f6:b7:c8:00:b9:44:d8:29:73:e4:
ad:91:86:3e:e2:4a:2d:c4:16:73:48:85:b8:f9:90:
f1:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:A1:2B:30:B4:2B:F9:D2:31:AF:B8:EC:FD:E4:BE:2F:0E:CB:77:49
X509v3 Authority Key Identifier:
keyid:B5:16:03:26:BE:7E:5C:DC:35:B5:C0:36:44:11:63:CD:25:A4:97:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tRYDJr5-XNw1tcA2RBFjzSWkl00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/0e5aa2-8409-47a0-b479-f48aa2e754e5/1/VaErMLQr-dIxr7js_eS-Lw7Ld0k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/0e5aa2-8409-47a0-b479-f48aa2e754e5/1/tRYDJr5-XNw1tcA2RBFjzSWkl00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.188.132.0/23
IPv6:
2a0b:c480::/32
Signature Algorithm: sha256WithRSAEncryption
34:83:83:92:c6:3c:ce:59:97:cb:5f:95:15:49:76:78:86:c5:
78:70:71:a5:e6:03:3f:e2:cc:0e:ee:ca:34:4a:72:32:2b:f3:
21:41:59:3a:b6:46:d7:bb:bd:57:22:f7:67:e0:9b:ed:7b:e0:
8f:b6:f6:c4:46:32:0b:cc:39:04:cd:fe:ad:d6:ea:ac:61:0c:
94:cd:8c:c3:c2:6c:3f:4a:5a:3b:41:50:ff:7b:2b:1b:74:8b:
45:c6:e9:82:d2:31:19:f0:ae:8d:7b:65:51:3f:62:29:78:8f:
9d:a4:54:73:78:ae:db:a2:6b:21:7d:cf:63:5d:59:d1:db:99:
b0:18:b8:ae:7a:cf:ee:67:b4:cc:78:84:5c:cc:f8:3d:d9:e4:
6e:b8:6c:cd:73:23:3b:2d:d4:44:7c:57:aa:68:3b:5e:ab:60:
85:14:de:bd:d2:32:6a:ee:70:74:69:2e:53:27:73:0e:12:64:
c6:cc:7d:1c:29:a7:d3:45:63:de:c1:54:1e:3d:b3:9f:96:14:
dc:de:01:f7:b3:d4:88:05:a8:7b:ae:d8:01:f3:80:b4:e5:36:
23:48:7e:dc:a1:f9:ad:c0:8c:c6:fe:4b:16:6c:b0:4f:12:0f:
d6:24:df:c4:68:08:6d:50:18:7d:3c:f8:3f:a3:a1:4b:b1:84:
8a:18:35:b3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtU8QsJoESDdFIpNArMiK6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1MTYwMzI2YmU3ZTVjZGMzNWI1YzAzNjQ0MTE2M2NkMjVh
NDk3NGQwHhcNMjMwMTAxMTIzNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWExMmIzMGI0MmJmOWQyMzFhZmI4ZWNmZGU0YmUyZjBlY2I3NzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmBjfAswgjY9mFaxgC1c7z3RgC1O7
cfw6Vn1MMaqgQc256HN5daKGZqJRCNo+rbYrPY/2Dks7g9F89UnkdkvD5pLwJsxJ
0qQEQ5uNUVODMa3bgMDnuZPMCGzJWf2gUmpM1K7rdy4zDd3veilBqwlZHeM/q6Vr
FUa8kVELddQ3PS98TZi5PtFceWuwefmCRDf26SqXD3pZc/n+avbY4Mx3nL766Sii
8IEG2E1IF5ha912tJfOGegKquiQTGz6WQK0hQox5X0j9rqiLydBLs52RH/XKdRjU
Xr8+WJBag4NEGdXnAMO/SPa3yAC5RNgpc+StkYY+4kotxBZzSIW4+ZDxvQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFWhKzC0K/nSMa+47P3kvi8Oy3dJMB8GA1UdIwQY
MBaAFLUWAya+flzcNbXANkQRY80lpJdNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFJZREpyNS1YTncxdGNBMlJCRmp6U1drbDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8wZTVhYTItODQwOS00N2EwLWI0Nzkt
ZjQ4YWEyZTc1NGU1LzEvVmFFck1MUXItZEl4cjdqc19lUy1MdzdMZDBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8wZTVhYTItODQwOS00N2EwLWI0NzktZjQ4YWEyZTc1NGU1
LzEvdFJZREpyNS1YTncxdGNBMlJCRmp6U1drbDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBubyEMA0E
AgACMAcDBQAqC8SAMA0GCSqGSIb3DQEBCwUAA4IBAQA0g4OSxjzOWZfLX5UVSXZ4
hsV4cHGl5gM/4swO7so0SnIyK/MhQVk6tkbXu71XIvdn4Jvte+CPtvbERjILzDkE
zf6t1uqsYQyUzYzDwmw/Slo7QVD/eysbdItFxumC0jEZ8K6Ne2VRP2IpeI+dpFRz
eK7bomshfc9jXVnR25mwGLiues/uZ7TMeIRczPg92eRuuGzNcyM7LdREfFeqaDte
q2CFFN690jJq7nB0aS5TJ3MOEmTGzH0cKafTRWPewVQePbOflhTc3gH3s9SIBah7
rtgB84C05TYjSH7cofmtwIzG/ksWbLBPEg/WJN/EaAhtUBh9PPg/o6FLsYSKGDWz
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:49:35 2024 by rpki-client on console-fra.rpki-client.org