Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/b35be1-6673-4811-a707-ad027e95c5c7/1/VszHO2iOJZvZOzLrVZuH1KOGTiA.roa
File: VszHO2iOJZvZOzLrVZuH1KOGTiA.roa (raw, json)
Hash identifier: fXN0fD6XMYjuqttrkOVYqQ41vms654G3NiKdWM6g0pk=
Subject key identifier: 56:CC:C7:3B:68:8E:25:9B:D9:3B:32:EB:55:9B:87:D4:A3:86:4E:20
Certificate issuer: /CN=f4ef5dba100a92b2444f3e512d01a592c01951c2
Certificate serial: 018EC29B2ACA76012E501E1F34E894224766
Authority key identifier: F4:EF:5D:BA:10:0A:92:B2:44:4F:3E:51:2D:01:A5:92:C0:19:51:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9O9duhAKkrJETz5RLQGlksAZUcI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/b35be1-6673-4811-a707-ad027e95c5c7/1/VszHO2iOJZvZOzLrVZuH1KOGTiA.roa
Signing time: Tue 09 Apr 2024 11:25:32 +0000
ROA not before: Tue 09 Apr 2024 11:25:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57558
IP address blocks: 45.129.248.0/22 maxlen: 22
185.15.168.0/22 maxlen: 22
185.197.8.0/23 maxlen: 23
185.197.11.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 09 Apr 2024 13:56:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c2:9b:2a:ca:76:01:2e:50:1e:1f:34:e8:94:22:47:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4ef5dba100a92b2444f3e512d01a592c01951c2
Validity
Not Before: Apr 9 11:25:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=56ccc73b688e259bd93b32eb559b87d4a3864e20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:31:9a:67:da:d5:f2:c4:9e:05:77:4f:5a:2c:
78:6b:ae:30:7f:78:e4:e3:d3:3d:2f:20:8a:77:42:
2a:c5:2f:f4:18:45:03:11:e7:ad:bc:31:2b:e2:08:
f5:c7:2d:9a:53:ff:ec:53:e2:64:a2:df:b2:cb:5d:
8e:ce:e2:58:c6:a4:09:4e:05:1e:65:58:c5:65:5d:
45:65:15:7d:1e:3c:5e:9b:ee:c3:6e:4c:c8:40:5b:
f4:04:97:b9:e9:74:0f:c4:1d:03:36:aa:2f:b1:23:
16:d9:75:71:ed:88:86:b4:d0:49:d6:91:57:58:58:
8a:78:1c:c6:30:5f:b6:ba:aa:5e:84:8f:05:04:ea:
58:e3:0b:c8:79:97:6b:74:36:be:8b:3d:7e:02:cd:
54:a3:3f:98:50:66:00:b7:1c:46:5b:0e:8b:8d:92:
63:1b:ba:15:cf:0a:11:79:16:32:ae:95:5f:f3:be:
00:43:68:98:95:c2:4b:9d:a4:33:40:e9:41:21:f3:
86:a4:ee:98:58:7f:30:47:83:71:81:06:c0:bd:71:
48:e7:da:f5:59:57:7e:d1:da:56:2a:ee:9a:59:2c:
bc:58:d3:31:54:e1:f7:3a:20:0b:09:66:17:18:52:
2b:fb:52:df:70:05:02:80:2e:ec:60:a6:a6:30:56:
36:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:CC:C7:3B:68:8E:25:9B:D9:3B:32:EB:55:9B:87:D4:A3:86:4E:20
X509v3 Authority Key Identifier:
keyid:F4:EF:5D:BA:10:0A:92:B2:44:4F:3E:51:2D:01:A5:92:C0:19:51:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9O9duhAKkrJETz5RLQGlksAZUcI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/b35be1-6673-4811-a707-ad027e95c5c7/1/VszHO2iOJZvZOzLrVZuH1KOGTiA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/b35be1-6673-4811-a707-ad027e95c5c7/1/9O9duhAKkrJETz5RLQGlksAZUcI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.248.0/22
185.15.168.0/22
185.197.8.0/23
185.197.11.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:76:45:83:97:bb:f7:01:a6:a4:e9:bc:b9:a7:d3:b8:29:d2:
b6:be:b0:0c:f5:ea:a4:14:14:17:94:bf:aa:1a:30:21:25:7e:
53:0a:8f:fa:92:63:c0:a4:6a:3e:45:7f:18:cf:9f:7c:dc:b9:
ce:b6:92:2e:1a:d0:38:33:d6:cb:1d:d8:a3:4f:93:7b:46:b5:
92:ad:22:f4:41:c4:f6:a0:a9:09:37:50:6e:9b:8a:ab:5a:b2:
a3:a6:96:c0:53:6f:75:13:2b:39:9f:d2:71:b9:20:66:5f:f9:
7b:24:e0:fe:35:bd:24:0d:a0:ba:fa:9c:8d:05:c6:e1:f1:02:
1f:47:56:d5:1e:ab:f2:a6:86:51:0c:25:39:6d:c6:3b:e2:ca:
c4:21:3e:29:80:63:ea:45:e3:46:34:72:42:b6:73:91:b3:3f:
10:ec:9e:5d:0b:5a:a1:ec:a8:4e:3d:7f:57:36:0d:ef:95:dc:
d2:5a:cb:87:64:9c:a4:2f:a0:37:ab:89:bf:2b:96:5c:42:cd:
4d:ef:b3:b5:b3:19:ea:af:bf:3b:5e:6e:d3:69:9a:da:d7:ff:
e7:42:c4:c8:2d:da:3b:17:97:80:4e:7d:9f:81:f6:6e:8f:93:
23:f0:8e:cb:e3:ee:42:72:9f:ee:a7:d0:7d:f5:f1:b5:a3:59:
52:25:c2:da
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY7CmyrKdgEuUB4fNOiUIkdmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0ZWY1ZGJhMTAwYTkyYjI0NDRmM2U1MTJkMDFhNTkyYzAx
OTUxYzIwHhcNMjQwNDA5MTEyNTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmNjYzczYjY4OGUyNTliZDkzYjMyZWI1NTliODdkNGEzODY0ZTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAljGaZ9rV8sSeBXdPWix4a64wf3jk
49M9LyCKd0IqxS/0GEUDEeetvDEr4gj1xy2aU//sU+Jkot+yy12OzuJYxqQJTgUe
ZVjFZV1FZRV9Hjxem+7DbkzIQFv0BJe56XQPxB0DNqovsSMW2XVx7YiGtNBJ1pFX
WFiKeBzGMF+2uqpehI8FBOpY4wvIeZdrdDa+iz1+As1Uoz+YUGYAtxxGWw6LjZJj
G7oVzwoReRYyrpVf874AQ2iYlcJLnaQzQOlBIfOGpO6YWH8wR4NxgQbAvXFI59r1
WVd+0dpWKu6aWSy8WNMxVOH3OiALCWYXGFIr+1LfcAUCgC7sYKamMFY2RwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFbMxztojiWb2Tsy61Wbh9Sjhk4gMB8GA1UdIwQY
MBaAFPTvXboQCpKyRE8+US0BpZLAGVHCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOU85ZHVoQUtrckpFVHo1UkxRR2xrc0FaVWNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9iMzViZTEtNjY3My00ODExLWE3MDct
YWQwMjdlOTVjNWM3LzEvVnN6SE8yaU9KWnZaT3pMclZadUgxS09HVGlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9iMzViZTEtNjY3My00ODExLWE3MDctYWQwMjdlOTVjNWM3
LzEvOU85ZHVoQUtrckpFVHo1UkxRR2xrc0FaVWNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCLYH4AwQC
uQ+oAwQBucUIAwQAucULMA0GCSqGSIb3DQEBCwUAA4IBAQCldkWDl7v3Aaak6by5
p9O4KdK2vrAM9eqkFBQXlL+qGjAhJX5TCo/6kmPApGo+RX8Yz5983LnOtpIuGtA4
M9bLHdijT5N7RrWSrSL0QcT2oKkJN1Bum4qrWrKjppbAU291Eys5n9JxuSBmX/l7
JOD+Nb0kDaC6+pyNBcbh8QIfR1bVHqvypoZRDCU5bcY74srEIT4pgGPqReNGNHJC
tnORsz8Q7J5dC1qh7KhOPX9XNg3vldzSWsuHZJykL6A3q4m/K5ZcQs1N77O1sxnq
r787Xm7TaZra1//nQsTILdo7F5eATn2fgfZuj5Mj8I7L4+5Ccp/up9B99fG1o1lS
JcLa
-----END CERTIFICATE-----
Generated at Tue Apr 9 17:28:23 2024 by rpki-client on console-fra.rpki-client.org