Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/vhJDg1VemEMAkbeIKIjWFi4vHRo.roa
File: vhJDg1VemEMAkbeIKIjWFi4vHRo.roa (raw, json)
Hash identifier: tXax7TwvKyTPkuXgXKNl8ypAJW8HZ4eqSNGiBQAL5Ao=
Subject key identifier: BE:12:43:83:55:5E:98:43:00:91:B7:88:28:88:D6:16:2E:2F:1D:1A
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 0185718C2F68B60247900E4581EFEE388538
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/vhJDg1VemEMAkbeIKIjWFi4vHRo.roa
Signing time: Mon 02 Jan 2023 08:14:50 +0000
ROA not before: Mon 02 Jan 2023 08:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39650
IP address blocks: 188.240.196.0/24 maxlen: 24
185.3.200.0/24 maxlen: 24
45.94.213.0/24 maxlen: 24
45.94.215.0/24 maxlen: 24
89.46.217.0/24 maxlen: 24
188.212.96.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:8c:2f:68:b6:02:47:90:0e:45:81:ef:ee:38:85:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Jan 2 08:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=be124383555e98430091b7882888d6162e2f1d1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:81:9a:e6:44:35:c2:e7:5c:22:fe:67:b3:87:
45:fd:7d:6b:36:ab:03:19:e6:7d:c5:31:e2:ca:d6:
b8:1d:fd:6d:07:79:d1:54:ce:e0:70:3e:e7:ef:8e:
d6:8f:d8:f7:cf:9f:0e:39:c6:59:d8:fc:b3:db:aa:
73:45:c5:1a:6c:55:8b:09:48:31:db:9d:a8:a3:7a:
9f:ba:74:82:c2:40:73:47:53:a0:04:a9:39:76:51:
e9:c3:e1:84:fe:06:b6:1b:7e:5d:f4:8f:12:68:d2:
13:57:ed:65:d1:fc:d1:9b:b9:ef:20:be:65:31:5f:
56:62:16:16:3b:44:2e:3f:7c:69:80:0c:92:af:ee:
6c:78:69:de:12:bc:6a:53:6b:28:59:c7:65:18:94:
9b:00:cf:69:d3:70:ef:4b:b1:6f:1a:7f:33:98:c2:
80:79:58:a4:74:58:38:e0:89:35:e9:e8:fd:47:fe:
dc:f9:b8:8a:09:0f:be:fb:35:00:e4:82:1f:f0:2f:
5e:e5:72:fa:d0:b1:0b:a3:bb:8f:32:1d:71:73:c8:
bc:82:4a:e5:12:f7:2d:95:7b:1f:62:f0:fd:87:d5:
6d:ee:20:37:37:82:9a:94:f7:c5:45:b4:94:50:8e:
eb:75:67:60:25:0a:59:ba:08:e1:1c:b9:17:8b:05:
e3:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:12:43:83:55:5E:98:43:00:91:B7:88:28:88:D6:16:2E:2F:1D:1A
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/vhJDg1VemEMAkbeIKIjWFi4vHRo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.213.0/24
45.94.215.0/24
89.46.217.0/24
185.3.200.0/24
188.212.96.0/22
188.240.196.0/24
Signature Algorithm: sha256WithRSAEncryption
00:ce:db:97:41:a4:7d:05:8d:0a:c1:aa:f1:e5:d8:3b:0a:1f:
59:3e:36:c2:da:2c:4a:00:37:f0:06:f5:53:0f:ed:0c:ac:33:
52:8c:6a:c2:a9:6d:cb:0c:3e:39:fa:22:ec:8b:5e:57:a1:34:
81:1a:a5:a1:07:92:04:04:2c:b4:2a:0a:10:e0:71:0b:cd:b9:
2c:29:22:04:b6:ab:f6:c5:40:fd:fc:b9:ea:0b:43:d9:ae:39:
8c:a7:de:85:fa:60:54:73:e1:95:59:c7:e9:4e:4e:4b:91:63:
33:92:94:f9:b7:af:b6:a6:75:15:71:29:09:a1:98:0e:af:1c:
53:21:97:f6:fa:27:4d:45:75:86:12:35:13:ba:c4:37:68:8f:
3c:91:fb:b9:95:c4:51:d5:9e:b0:7f:6b:b6:30:ae:91:fa:8b:
4b:b3:37:a8:f3:83:fa:89:09:a0:81:f2:53:7d:14:17:7f:57:
18:a0:20:f0:d5:cb:bf:1e:9d:fa:2b:08:02:33:38:21:fe:5a:
e8:79:a7:c9:02:01:ee:fe:79:1c:07:e1:80:c0:dc:3d:88:df:
c2:87:d3:7a:25:fe:ac:54:aa:ca:21:0f:5f:03:8c:65:d5:0b:
d3:4a:9c:a1:a1:f6:ed:28:9d:1a:3b:c8:62:a3:bb:2b:bc:77:
33:50:ef:d5
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVxjC9otgJHkA5Fge/uOIU4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjMwMTAyMDgxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTEyNDM4MzU1NWU5ODQzMDA5MWI3ODgyODg4ZDYxNjJlMmYxZDFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApoGa5kQ1wudcIv5ns4dF/X1rNqsD
GeZ9xTHiyta4Hf1tB3nRVM7gcD7n747Wj9j3z58OOcZZ2Pyz26pzRcUabFWLCUgx
252oo3qfunSCwkBzR1OgBKk5dlHpw+GE/ga2G35d9I8SaNITV+1l0fzRm7nvIL5l
MV9WYhYWO0QuP3xpgAySr+5seGneErxqU2soWcdlGJSbAM9p03DvS7FvGn8zmMKA
eVikdFg44Ik16ej9R/7c+biKCQ+++zUA5IIf8C9e5XL60LELo7uPMh1xc8i8gkrl
EvctlXsfYvD9h9Vt7iA3N4KalPfFRbSUUI7rdWdgJQpZugjhHLkXiwXjRQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFL4SQ4NVXphDAJG3iCiI1hYuLx0aMB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvdmhKRGcxVmVtRU1Ba2JlSUtJaldGaTR2SFJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALV7VAwQA
LV7XAwQAWS7ZAwQAuQPIAwQCvNRgAwQAvPDEMA0GCSqGSIb3DQEBCwUAA4IBAQAA
ztuXQaR9BY0Kwarx5dg7Ch9ZPjbC2ixKADfwBvVTD+0MrDNSjGrCqW3LDD45+iLs
i15XoTSBGqWhB5IEBCy0KgoQ4HELzbksKSIEtqv2xUD9/LnqC0PZrjmMp96F+mBU
c+GVWcfpTk5LkWMzkpT5t6+2pnUVcSkJoZgOrxxTIZf2+idNRXWGEjUTusQ3aI88
kfu5lcRR1Z6wf2u2MK6R+otLszeo84P6iQmggfJTfRQXf1cYoCDw1cu/Hp36KwgC
Mzgh/lroeafJAgHu/nkcB+GAwNw9iN/Ch9N6Jf6sVKrKIQ9fA4xl1QvTSpyhofbt
KJ0aO8hio7srvHczUO/V
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:26 2023 by rpki-client on console-fra.rpki-client.org