Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/VvqeRwTiCAh5S5bpaH7JILTaH1o.roa
File: VvqeRwTiCAh5S5bpaH7JILTaH1o.roa (raw, json)
Hash identifier: X0PMzCUApqbTC6dhmgxOvZHlqdNNU9tPMVB2kngwnhs=
Subject key identifier: 56:FA:9E:47:04:E2:08:08:79:4B:96:E9:68:7E:C9:20:B4:DA:1F:5A
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 018D7A93140DC4F0E500B70239AE1272C4D9
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/VvqeRwTiCAh5S5bpaH7JILTaH1o.roa
Signing time: Mon 05 Feb 2024 18:41:15 +0000
ROA not before: Mon 05 Feb 2024 18:41:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34665
IP address blocks: 5.183.129.0/24 maxlen: 24
45.14.222.0/24 maxlen: 24
45.84.178.0/24 maxlen: 24
45.129.1.0/24 maxlen: 24
88.218.72.0/22 maxlen: 22
91.188.212.0/22 maxlen: 22
94.158.189.0/24 maxlen: 24
194.32.238.0/24 maxlen: 24
194.32.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 07 Feb 2024 18:11:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7a:93:14:0d:c4:f0:e5:00:b7:02:39:ae:12:72:c4:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Feb 5 18:41:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=56fa9e4704e20808794b96e9687ec920b4da1f5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:84:a2:7c:f1:09:ca:d7:6e:52:e5:42:1f:c0:
29:86:34:d0:3a:86:af:78:8e:88:e5:12:1e:46:e9:
ac:c5:65:c5:d8:c0:8b:34:c9:57:64:bd:7f:74:42:
b2:14:2a:ee:c8:89:1a:a3:aa:70:96:da:9d:9f:69:
f3:28:71:60:98:1b:cb:ba:b9:c1:13:1c:5b:3d:19:
63:0c:50:5e:e7:5b:36:c3:9f:16:4d:9b:cf:46:a7:
66:8b:4e:aa:c0:d8:8f:92:0f:5f:39:5f:2f:03:de:
23:92:5d:5c:96:9a:17:b8:dd:76:40:96:d8:a8:7d:
20:13:aa:80:4c:5e:b2:a9:b8:e7:a5:58:21:7a:c3:
c6:d4:a5:ac:5c:2c:c5:a1:9a:0f:5b:7c:10:3c:69:
12:68:fe:e1:a9:37:b3:64:53:d8:a9:0a:a2:73:56:
a5:69:d0:d8:80:46:fa:08:ad:51:91:07:bd:c4:d3:
54:8c:d3:79:77:90:17:46:74:bb:85:77:d5:72:04:
26:c1:83:22:68:61:0a:7e:f6:e4:0b:59:3b:eb:19:
94:f2:61:80:db:15:98:14:12:84:4d:78:7d:30:45:
87:75:4b:a0:57:aa:6b:22:1c:f9:92:ae:01:50:c6:
dc:50:af:bf:db:41:89:39:7a:31:d7:b8:77:04:c2:
7d:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:FA:9E:47:04:E2:08:08:79:4B:96:E9:68:7E:C9:20:B4:DA:1F:5A
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/VvqeRwTiCAh5S5bpaH7JILTaH1o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.183.129.0/24
45.14.222.0/24
45.84.178.0/24
45.129.1.0/24
88.218.72.0/22
91.188.212.0/22
94.158.189.0/24
194.32.238.0/23
Signature Algorithm: sha256WithRSAEncryption
9a:cf:e3:3d:06:95:b9:6f:cd:23:b6:be:53:1d:6f:07:47:ef:
4b:45:0f:02:4f:dd:82:5e:5f:7a:49:be:a1:30:09:37:41:c0:
a1:86:ac:b5:05:ee:93:e8:95:2e:f1:11:38:01:32:8a:cb:60:
29:a2:85:26:25:eb:41:8a:2b:a3:a3:e1:fd:ef:9e:3c:83:33:
c2:4a:b1:57:ef:2d:4c:f9:0f:56:c3:03:c6:c2:e4:da:95:3f:
85:40:e7:12:e8:1f:5b:90:63:11:b3:70:7b:d1:bc:22:84:f6:
6c:9e:59:a0:a4:f5:3f:dc:c6:19:59:b9:a0:08:79:e3:39:5f:
ab:f5:46:02:0e:ea:28:c4:28:0f:b1:34:28:31:f8:09:f7:ce:
ea:92:6d:0a:0e:27:e2:6e:cf:4c:e3:5d:1a:e7:a4:8e:5b:3a:
f8:ca:d7:23:59:44:80:c6:a7:32:bf:d2:93:c7:0b:ac:75:03:
0b:b0:55:e3:70:09:77:a3:ad:90:07:87:25:7c:b2:bd:b1:97:
10:be:c2:bb:0f:fd:19:88:f6:4a:b2:22:5a:16:72:0a:a3:d8:
64:5b:44:70:92:72:9b:7e:f8:ff:16:7e:7e:33:94:fb:45:8d:
77:b7:fa:21:6b:55:33:99:5a:98:58:b7:e7:61:09:94:7d:2f:
fe:e4:19:c3
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAY16kxQNxPDlALcCOa4ScsTZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwMjA1MTg0MTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmZhOWU0NzA0ZTIwODA4Nzk0Yjk2ZTk2ODdlYzkyMGI0ZGExZjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu4SifPEJytduUuVCH8AphjTQOoav
eI6I5RIeRumsxWXF2MCLNMlXZL1/dEKyFCruyIkao6pwltqdn2nzKHFgmBvLurnB
ExxbPRljDFBe51s2w58WTZvPRqdmi06qwNiPkg9fOV8vA94jkl1clpoXuN12QJbY
qH0gE6qATF6yqbjnpVghesPG1KWsXCzFoZoPW3wQPGkSaP7hqTezZFPYqQqic1al
adDYgEb6CK1RkQe9xNNUjNN5d5AXRnS7hXfVcgQmwYMiaGEKfvbkC1k76xmU8mGA
2xWYFBKETXh9MEWHdUugV6prIhz5kq4BUMbcUK+/20GJOXox17h3BMJ9bQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFFb6nkcE4ggIeUuW6Wh+ySC02h9aMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvVnZxZVJ3VGlDQWg1UzVicGFIN0pJTFRhSDFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQABbeBAwQA
LQ7eAwQALVSyAwQALYEBAwQCWNpIAwQCW7zUAwQAXp69AwQBwiDuMA0GCSqGSIb3
DQEBCwUAA4IBAQCaz+M9BpW5b80jtr5THW8HR+9LRQ8CT92CXl96Sb6hMAk3QcCh
hqy1Be6T6JUu8RE4ATKKy2ApooUmJetBiiujo+H97548gzPCSrFX7y1M+Q9WwwPG
wuTalT+FQOcS6B9bkGMRs3B70bwihPZsnlmgpPU/3MYZWbmgCHnjOV+r9UYCDuoo
xCgPsTQoMfgJ987qkm0KDifibs9M410a56SOWzr4ytcjWUSAxqcyv9KTxwusdQML
sFXjcAl3o62QB4clfLK9sZcQvsK7D/0ZiPZKsiJaFnIKo9hkW0RwknKbfvj/Fn5+
M5T7RY13t/oha1UzmVqYWLfnYQmUfS/+5BnD
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:23 2024 by rpki-client on console-fra.rpki-client.org