Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/e2f9ff-c460-40a2-a357-77ef87a73e13/1/IVKJSAh9dt8nt5oMUp9UzU1kLPI.roa
File: IVKJSAh9dt8nt5oMUp9UzU1kLPI.roa (raw, json)
Hash identifier: z+J49dgMnqASnR4IsBIH8BdD70OuDtNvv3BI8ZZBgsQ=
Subject key identifier: 21:52:89:48:08:7D:76:DF:27:B7:9A:0C:52:9F:54:CD:4D:64:2C:F2
Certificate issuer: /CN=b7f646de414072fc1ab76b1b2c9e08b9bd21a843
Certificate serial: 01856F0B6462F0925384B9C88BBD38781DBC
Authority key identifier: B7:F6:46:DE:41:40:72:FC:1A:B7:6B:1B:2C:9E:08:B9:BD:21:A8:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t_ZG3kFAcvwat2sbLJ4Iub0hqEM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/e2f9ff-c460-40a2-a357-77ef87a73e13/1/IVKJSAh9dt8nt5oMUp9UzU1kLPI.roa
Signing time: Sun 01 Jan 2023 20:34:55 +0000
ROA not before: Sun 01 Jan 2023 20:34:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56485
IP address blocks: 194.113.32.0/24 maxlen: 24
185.252.24.0/22 maxlen: 22
176.114.0.0/22 maxlen: 22
176.114.4.0/22 maxlen: 22
45.154.116.0/22 maxlen: 22
176.114.8.0/22 maxlen: 22
176.114.12.0/22 maxlen: 22
194.113.58.0/24 maxlen: 24
91.234.32.0/22 maxlen: 22
185.166.216.0/22 maxlen: 22
88.218.188.0/22 maxlen: 22
194.110.248.0/24 maxlen: 24
194.110.254.0/24 maxlen: 24
185.230.88.0/22 maxlen: 22
91.223.180.0/24 maxlen: 24
2a0f:c100::/29 maxlen: 29
2a0c:f00::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 22 Dec 2023 11:14:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:0b:64:62:f0:92:53:84:b9:c8:8b:bd:38:78:1d:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b7f646de414072fc1ab76b1b2c9e08b9bd21a843
Validity
Not Before: Jan 1 20:34:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=21528948087d76df27b79a0c529f54cd4d642cf2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:f7:36:20:76:bc:ce:98:d2:4b:6b:34:ad:95:
dd:47:aa:bf:56:ad:2d:51:60:2b:d1:11:b1:a9:8d:
0c:92:dd:c4:e5:46:33:2b:98:f3:c0:06:a3:9f:12:
cd:9b:ea:cf:73:a2:66:b9:41:ea:be:a4:85:98:9b:
1c:81:3e:6c:2a:df:fa:ea:aa:8c:9c:e7:47:c0:92:
e9:7b:6a:57:39:b0:34:4a:ee:08:67:19:0b:34:d2:
de:94:e3:af:ea:50:f5:b7:68:5f:b0:1b:46:02:c3:
92:74:ac:c7:9d:77:09:43:8d:e1:cc:57:81:7e:cd:
03:14:dd:00:08:2e:7a:8c:ec:33:4b:44:d3:cf:be:
e2:3f:0e:36:f0:18:b2:2e:1b:27:c3:56:69:b0:c4:
c9:ea:b5:fd:f0:af:3d:0c:48:96:d5:49:03:fc:f7:
81:49:69:ff:72:bc:45:5b:ca:09:21:e3:fa:82:c5:
f8:94:9e:88:e5:e6:4e:04:8b:a4:0d:58:9b:60:28:
4b:14:2d:17:51:86:6f:b6:ae:96:46:91:3c:c2:80:
71:3e:6c:40:63:44:17:cd:6e:6c:d1:47:8c:71:44:
e9:d5:f9:7d:6d:30:df:aa:42:d5:db:46:af:e8:9a:
b7:3f:87:dc:d3:8a:2a:d8:4f:50:57:40:31:a5:70:
48:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:52:89:48:08:7D:76:DF:27:B7:9A:0C:52:9F:54:CD:4D:64:2C:F2
X509v3 Authority Key Identifier:
keyid:B7:F6:46:DE:41:40:72:FC:1A:B7:6B:1B:2C:9E:08:B9:BD:21:A8:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t_ZG3kFAcvwat2sbLJ4Iub0hqEM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/e2f9ff-c460-40a2-a357-77ef87a73e13/1/IVKJSAh9dt8nt5oMUp9UzU1kLPI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/e2f9ff-c460-40a2-a357-77ef87a73e13/1/t_ZG3kFAcvwat2sbLJ4Iub0hqEM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.116.0/22
88.218.188.0/22
91.223.180.0/24
91.234.32.0/22
176.114.0.0/20
185.166.216.0/22
185.230.88.0/22
185.252.24.0/22
194.110.248.0/24
194.110.254.0/24
194.113.32.0/24
194.113.58.0/24
IPv6:
2a0c:f00::/29
2a0f:c100::/29
Signature Algorithm: sha256WithRSAEncryption
09:26:86:c0:a6:8b:47:1b:01:41:5b:45:eb:2b:a7:4d:6b:65:
9c:4e:8b:ed:99:34:27:34:67:1d:fd:f9:3f:89:d9:1b:9e:8e:
de:d8:5c:d1:0d:56:81:a0:c8:d0:f7:8c:cd:25:78:f7:fa:f7:
bc:c9:01:bd:dc:26:86:9e:65:85:2d:9f:b8:65:55:d0:41:f5:
00:ab:55:bb:be:ff:16:b7:83:a6:f5:52:19:45:c8:5f:f1:93:
5d:d6:2d:d6:c3:29:65:bd:63:64:cb:80:86:96:06:c7:f5:27:
0f:da:dc:eb:e8:5e:4f:bf:89:8e:c2:9c:20:b0:77:c0:76:8c:
05:e3:8d:dd:91:60:e3:fb:9b:64:cb:a3:96:ee:e3:1c:fb:9b:
56:07:45:56:9d:e0:ea:1c:ea:a4:7f:b2:de:f4:77:30:dc:06:
d2:0a:e7:c2:9e:9e:85:e9:d9:b5:3b:84:9c:43:7a:1f:dd:13:
da:e0:ba:77:85:7f:02:11:24:31:ab:17:17:1a:ec:98:f8:bc:
a4:48:82:c3:9c:e9:b8:9e:62:ea:2d:77:81:41:cc:08:b0:1b:
8b:a7:b4:29:4a:3a:54:46:e1:f5:28:c4:dc:fc:14:9c:4e:f4:
bb:81:4e:79:f9:b2:2d:20:43:34:36:24:22:b4:a8:64:06:88:
80:c5:0c:ac
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAYVvC2Ri8JJThLnIi704eB28MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3ZjY0NmRlNDE0MDcyZmMxYWI3NmIxYjJjOWUwOGI5YmQy
MWE4NDMwHhcNMjMwMTAxMjAzNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTUyODk0ODA4N2Q3NmRmMjdiNzlhMGM1MjlmNTRjZDRkNjQyY2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmPc2IHa8zpjSS2s0rZXdR6q/Vq0t
UWAr0RGxqY0Mkt3E5UYzK5jzwAajnxLNm+rPc6JmuUHqvqSFmJscgT5sKt/66qqM
nOdHwJLpe2pXObA0Su4IZxkLNNLelOOv6lD1t2hfsBtGAsOSdKzHnXcJQ43hzFeB
fs0DFN0ACC56jOwzS0TTz77iPw428BiyLhsnw1ZpsMTJ6rX98K89DEiW1UkD/PeB
SWn/crxFW8oJIeP6gsX4lJ6I5eZOBIukDVibYChLFC0XUYZvtq6WRpE8woBxPmxA
Y0QXzW5s0UeMcUTp1fl9bTDfqkLV20av6Jq3P4fc04oq2E9QV0AxpXBI4QIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFCFSiUgIfXbfJ7eaDFKfVM1NZCzyMB8GA1UdIwQY
MBaAFLf2Rt5BQHL8GrdrGyyeCLm9IahDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdF9aRzNrRkFjdndhdDJzYkxKNEl1YjBocUVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9lMmY5ZmYtYzQ2MC00MGEyLWEzNTct
NzdlZjg3YTczZTEzLzEvSVZLSlNBaDlkdDhudDVvTVVwOVV6VTFrTFBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9lMmY5ZmYtYzQ2MC00MGEyLWEzNTctNzdlZjg3YTczZTEz
LzEvdF9aRzNrRkFjdndhdDJzYkxKNEl1YjBocUVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBOBAIAATBIAwQCLZp0AwQC
WNq8AwQAW9+0AwQCW+ogAwQEsHIAAwQCuabYAwQCueZYAwQCufwYAwQAwm74AwQA
wm7+AwQAwnEgAwQAwnE6MBQEAgACMA4DBQMqDA8AAwUDKg/BADANBgkqhkiG9w0B
AQsFAAOCAQEACSaGwKaLRxsBQVtF6yunTWtlnE6L7Zk0JzRnHf35P4nZG56O3thc
0Q1WgaDI0PeMzSV49/r3vMkBvdwmhp5lhS2fuGVV0EH1AKtVu77/FreDpvVSGUXI
X/GTXdYt1sMpZb1jZMuAhpYGx/UnD9rc6+heT7+JjsKcILB3wHaMBeON3ZFg4/ub
ZMujlu7jHPubVgdFVp3g6hzqpH+y3vR3MNwG0grnwp6ehenZtTuEnEN6H90T2uC6
d4V/AhEkMasXFxrsmPi8pEiCw5zpuJ5i6i13gUHMCLAbi6e0KUo6VEbh9SjE3PwU
nE70u4FOefmyLSBDNDYkIrSoZAaIgMUMrA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:47 2024 by rpki-client on console-ams.rpki-client.org