Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/cde757-7672-4720-8ce1-6e26b91f6910/1/VhFuKehWFFebebdEUqcBNFU0kJ4.roa
File: VhFuKehWFFebebdEUqcBNFU0kJ4.roa (raw, json)
Hash identifier: pqDh6YtIhO0ieouXDWFBJiqSIvzzZmxmyWw/II4J5F4=
Subject key identifier: 56:11:6E:29:E8:56:14:57:9B:79:B7:44:52:A7:01:34:55:34:90:9E
Certificate issuer: /CN=d94bddafb5df098419020a8fbc7a90b16e341d63
Certificate serial: 018572CCBF09A42FA0A6A9B9CEE8F0FCAA80
Authority key identifier: D9:4B:DD:AF:B5:DF:09:84:19:02:0A:8F:BC:7A:90:B1:6E:34:1D:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Uvdr7XfCYQZAgqPvHqQsW40HWM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/cde757-7672-4720-8ce1-6e26b91f6910/1/VhFuKehWFFebebdEUqcBNFU0kJ4.roa
Signing time: Mon 02 Jan 2023 14:04:58 +0000
ROA not before: Mon 02 Jan 2023 14:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58073
IP address blocks: 45.145.252.0/22 maxlen: 22
193.104.186.0/24 maxlen: 24
45.152.192.0/22 maxlen: 22
37.220.32.0/21 maxlen: 24
45.10.116.0/22 maxlen: 22
45.129.176.0/22 maxlen: 22
185.38.12.0/22 maxlen: 24
2.58.20.0/22 maxlen: 22
45.82.44.0/22 maxlen: 22
45.88.16.0/22 maxlen: 22
45.93.32.0/22 maxlen: 22
46.182.104.0/24 maxlen: 24
46.182.105.0/24 maxlen: 24
46.182.106.0/24 maxlen: 24
46.182.107.0/24 maxlen: 24
46.182.111.0/24 maxlen: 24
46.182.109.0/24 maxlen: 24
46.182.110.0/24 maxlen: 24
2a02:2a38::/32 maxlen: 32
2a02:2a38:37::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:cc:bf:09:a4:2f:a0:a6:a9:b9:ce:e8:f0:fc:aa:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d94bddafb5df098419020a8fbc7a90b16e341d63
Validity
Not Before: Jan 2 14:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=56116e29e85614579b79b74452a701345534909e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:f5:9b:b4:cf:e7:f2:81:55:9a:27:2f:dc:33:
86:c6:54:cb:ea:c7:16:bb:24:53:60:e1:2c:03:76:
17:17:42:ab:5e:ee:fb:03:be:27:69:91:e8:d8:a7:
5e:22:fb:ae:6d:85:bb:17:2a:23:d5:b8:2d:d7:80:
d5:85:99:c4:c8:84:ee:ab:90:f0:e9:a5:c4:26:ce:
61:2e:87:e0:d6:73:12:d6:96:3a:80:31:27:2c:8f:
12:89:d8:60:05:da:31:fb:9c:0b:b6:c9:9d:ba:2f:
0c:7b:91:ca:24:af:ad:31:c8:26:b5:00:62:f3:e7:
9c:98:d0:80:0c:32:ea:d1:8e:ae:02:5b:c8:a7:f2:
15:c5:75:37:b7:98:cf:b5:0d:94:9a:4b:d9:15:b5:
23:9a:2c:7c:bb:1b:8b:2b:2c:40:d2:43:af:26:c5:
2d:53:cb:83:dd:f5:c0:97:bc:d3:80:d5:ba:42:e2:
ef:db:e6:86:0f:be:4f:3c:72:48:0d:0a:0c:38:8d:
59:e9:68:01:7e:c8:7b:d7:79:a0:c2:de:67:a3:1c:
a0:41:ad:e7:56:19:84:51:a4:af:38:f8:3b:b7:e9:
09:4e:e2:b1:04:c6:84:0a:32:f3:c1:84:92:d0:28:
a1:3c:2b:cc:44:03:a5:3d:7a:8d:00:b5:c5:f3:f3:
8d:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:11:6E:29:E8:56:14:57:9B:79:B7:44:52:A7:01:34:55:34:90:9E
X509v3 Authority Key Identifier:
keyid:D9:4B:DD:AF:B5:DF:09:84:19:02:0A:8F:BC:7A:90:B1:6E:34:1D:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Uvdr7XfCYQZAgqPvHqQsW40HWM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/cde757-7672-4720-8ce1-6e26b91f6910/1/VhFuKehWFFebebdEUqcBNFU0kJ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/cde757-7672-4720-8ce1-6e26b91f6910/1/2Uvdr7XfCYQZAgqPvHqQsW40HWM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.20.0/22
37.220.32.0/21
45.10.116.0/22
45.82.44.0/22
45.88.16.0/22
45.93.32.0/22
45.129.176.0/22
45.145.252.0/22
45.152.192.0/22
46.182.104.0/22
46.182.109.0-46.182.111.255
185.38.12.0/22
193.104.186.0/24
IPv6:
2a02:2a38::/32
Signature Algorithm: sha256WithRSAEncryption
b8:76:3d:f1:f5:63:d5:4e:5c:f2:99:2a:e9:3e:09:3d:69:01:
d9:26:27:be:5d:39:e0:c3:2f:5d:c5:1d:a3:be:8f:51:57:b0:
60:ac:9e:e3:3f:86:24:16:c6:c5:c3:18:10:4f:bd:e6:7c:7d:
2a:9e:ab:db:05:9f:ad:08:9f:30:29:79:58:0f:72:48:39:58:
1b:aa:d4:7b:8e:0f:c2:17:24:7d:9e:e7:87:1b:15:96:41:35:
13:15:bb:7e:4c:4b:7f:8a:f5:b7:82:4d:26:8c:1b:d2:db:c8:
e3:78:62:10:69:11:37:0b:f2:27:df:7f:97:cb:7f:8d:a1:51:
34:8d:c3:59:d8:60:c7:21:c4:e7:a6:fe:43:66:6e:19:14:7d:
ca:41:e8:fd:56:98:6c:dd:d7:e2:ee:a4:e9:19:4a:8f:cd:1b:
c1:24:a6:15:d3:a0:24:14:15:4b:83:0b:64:83:e9:a3:8e:8d:
32:a9:ea:53:74:90:f5:de:51:62:55:ef:5a:fc:5f:12:80:ff:
4d:c6:7b:c4:9a:a3:7a:35:1c:7e:4e:ee:e8:d0:31:32:38:b1:
e5:75:70:05:27:3f:0d:87:16:be:9d:9c:61:4e:2b:75:c2:5b:
f2:c8:09:ea:99:04:79:b7:df:39:55:72:48:1e:df:a0:cd:1f:
f6:06:4b:1d
-----BEGIN CERTIFICATE-----
MIIFXDCCBESgAwIBAgISAYVyzL8JpC+gpqm5zujw/KqAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5NGJkZGFmYjVkZjA5ODQxOTAyMGE4ZmJjN2E5MGIxNmUz
NDFkNjMwHhcNMjMwMTAyMTQwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjExNmUyOWU4NTYxNDU3OWI3OWI3NDQ1MmE3MDEzNDU1MzQ5MDllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgvWbtM/n8oFVmicv3DOGxlTL6scW
uyRTYOEsA3YXF0KrXu77A74naZHo2KdeIvuubYW7Fyoj1bgt14DVhZnEyITuq5Dw
6aXEJs5hLofg1nMS1pY6gDEnLI8SidhgBdox+5wLtsmdui8Me5HKJK+tMcgmtQBi
8+ecmNCADDLq0Y6uAlvIp/IVxXU3t5jPtQ2UmkvZFbUjmix8uxuLKyxA0kOvJsUt
U8uD3fXAl7zTgNW6QuLv2+aGD75PPHJIDQoMOI1Z6WgBfsh713mgwt5noxygQa3n
VhmEUaSvOPg7t+kJTuKxBMaECjLzwYSS0CihPCvMRAOlPXqNALXF8/ONDwIDAQAB
o4ICaDCCAmQwHQYDVR0OBBYEFFYRbinoVhRXm3m3RFKnATRVNJCeMB8GA1UdIwQY
MBaAFNlL3a+13wmEGQIKj7x6kLFuNB1jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlV2ZHI3WGZDWVFaQWdxUHZIcVFzVzQwSFdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jZGU3NTctNzY3Mi00NzIwLThjZTEt
NmUyNmI5MWY2OTEwLzEvVmhGdUtlaFdGRmViZWJkRVVxY0JORlUwa0o0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jZGU3NTctNzY3Mi00NzIwLThjZTEtNmUyNmI5MWY2OTEw
LzEvMlV2ZHI3WGZDWVFaQWdxUHZIcVFzVzQwSFdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH4GCCsGAQUFBwEHAQH/BG8wbTBcBAIAATBWAwQCAjoUAwQD
JdwgAwQCLQp0AwQCLVIsAwQCLVgQAwQCLV0gAwQCLYGwAwQCLZH8AwQCLZjAAwQC
LrZoMAwDBAAutm0DBAQutmADBAK5JgwDBADBaLowDQQCAAIwBwMFACoCKjgwDQYJ
KoZIhvcNAQELBQADggEBALh2PfH1Y9VOXPKZKuk+CT1pAdkmJ75dOeDDL13FHaO+
j1FXsGCsnuM/hiQWxsXDGBBPveZ8fSqeq9sFn60InzApeVgPckg5WBuq1HuOD8IX
JH2e54cbFZZBNRMVu35MS3+K9beCTSaMG9LbyON4YhBpETcL8ifff5fLf42hUTSN
w1nYYMchxOem/kNmbhkUfcpB6P1WmGzd1+LupOkZSo/NG8EkphXToCQUFUuDC2SD
6aOOjTKp6lN0kPXeUWJV71r8XxKA/03Ge8Sao3o1HH5O7ujQMTI4seV1cAUnPw2H
Fr6dnGFOK3XCW/LICeqZBHm33zlVckge36DNH/YGSx0=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:20 2023 by rpki-client on console-fra.rpki-client.org