Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/e2f9ff-c460-40a2-a357-77ef87a73e13/1/RVKazHOpCSVwS1nIbsBu-PvbZsE.roa
File: RVKazHOpCSVwS1nIbsBu-PvbZsE.roa (raw, json)
Hash identifier: OtP7au5PnRN0Y2zaIBAHJWxIN84iOicTLeJZ6RBcqc0=
Subject key identifier: 45:52:9A:CC:73:A9:09:25:70:4B:59:C8:6E:C0:6E:F8:FB:DB:66:C1
Certificate issuer: /CN=b7f646de414072fc1ab76b1b2c9e08b9bd21a843
Certificate serial: 018C913D3A797B49EFD8B8775760EB849384
Authority key identifier: B7:F6:46:DE:41:40:72:FC:1A:B7:6B:1B:2C:9E:08:B9:BD:21:A8:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t_ZG3kFAcvwat2sbLJ4Iub0hqEM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/e2f9ff-c460-40a2-a357-77ef87a73e13/1/RVKazHOpCSVwS1nIbsBu-PvbZsE.roa
Signing time: Fri 22 Dec 2023 11:15:58 +0000
ROA not before: Fri 22 Dec 2023 11:15:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56485
IP address blocks: 194.113.32.0/24 maxlen: 24
185.252.24.0/22 maxlen: 22
88.151.12.0/24 maxlen: 24
176.114.0.0/22 maxlen: 22
176.114.4.0/22 maxlen: 22
45.154.116.0/22 maxlen: 22
176.114.8.0/22 maxlen: 22
176.114.12.0/22 maxlen: 22
194.113.58.0/24 maxlen: 24
91.234.32.0/22 maxlen: 22
37.72.129.0/24 maxlen: 24
185.166.216.0/22 maxlen: 22
91.247.189.0/24 maxlen: 24
88.218.188.0/22 maxlen: 22
194.110.248.0/24 maxlen: 24
194.110.254.0/24 maxlen: 24
77.87.127.0/24 maxlen: 24
188.93.118.0/24 maxlen: 24
185.230.88.0/22 maxlen: 22
91.223.180.0/24 maxlen: 24
2a0f:c100::/29 maxlen: 48
2a11:1280::/29 maxlen: 48
2a0c:f00::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:91:3d:3a:79:7b:49:ef:d8:b8:77:57:60:eb:84:93:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b7f646de414072fc1ab76b1b2c9e08b9bd21a843
Validity
Not Before: Dec 22 11:15:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=45529acc73a90925704b59c86ec06ef8fbdb66c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:16:44:1d:ae:b4:e9:5e:24:12:72:3c:e8:51:
2f:5a:99:73:e5:70:ba:88:69:99:1b:13:91:87:ba:
35:42:2f:eb:c7:8e:0c:8e:30:12:ee:e7:89:eb:88:
0a:be:91:70:08:3f:3c:bd:85:4c:ae:ac:dc:81:df:
23:95:d5:ad:82:c4:6e:89:b9:75:8e:05:8d:5e:7c:
a8:58:29:df:1f:6e:0b:71:86:71:19:c7:60:41:fd:
e8:01:e2:21:7b:3d:23:ce:59:72:9c:55:1f:f8:e0:
6a:c5:f3:72:2c:e5:a3:a1:ff:28:ae:3f:23:65:d2:
d0:77:92:3e:de:2d:cc:aa:46:fd:ee:3e:59:b9:4a:
ac:6c:fc:11:2e:f3:4b:1b:72:2e:0b:46:e1:f8:78:
15:01:72:37:5f:73:a8:de:20:f5:ee:03:0d:f9:3e:
d6:06:a0:f8:42:f4:a9:25:45:22:a1:e6:c7:8c:4e:
81:96:ed:6f:ca:4d:e0:f5:04:0e:6b:fc:50:04:dd:
58:a4:6f:2a:aa:c8:8a:8b:03:6f:5e:3d:68:82:9c:
47:c5:56:f4:56:6d:ac:27:55:fc:83:2c:1d:98:39:
08:0e:b9:f5:ef:92:be:1d:c7:dd:eb:c1:c5:94:9b:
4d:3b:68:e1:ed:d4:2b:61:c4:5d:56:b3:07:96:7a:
44:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:52:9A:CC:73:A9:09:25:70:4B:59:C8:6E:C0:6E:F8:FB:DB:66:C1
X509v3 Authority Key Identifier:
keyid:B7:F6:46:DE:41:40:72:FC:1A:B7:6B:1B:2C:9E:08:B9:BD:21:A8:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t_ZG3kFAcvwat2sbLJ4Iub0hqEM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/e2f9ff-c460-40a2-a357-77ef87a73e13/1/RVKazHOpCSVwS1nIbsBu-PvbZsE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/e2f9ff-c460-40a2-a357-77ef87a73e13/1/t_ZG3kFAcvwat2sbLJ4Iub0hqEM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.72.129.0/24
45.154.116.0/22
77.87.127.0/24
88.151.12.0/24
88.218.188.0/22
91.223.180.0/24
91.234.32.0/22
91.247.189.0/24
176.114.0.0/20
185.166.216.0/22
185.230.88.0/22
185.252.24.0/22
188.93.118.0/24
194.110.248.0/24
194.110.254.0/24
194.113.32.0/24
194.113.58.0/24
IPv6:
2a0c:f00::/29
2a0f:c100::/29
2a11:1280::/29
Signature Algorithm: sha256WithRSAEncryption
91:46:4f:bb:ed:6b:f7:b1:4f:ac:07:88:eb:41:ab:8a:31:a7:
9b:e5:4a:21:a4:69:55:5e:2b:ed:80:59:5f:01:f9:dd:3d:9d:
c5:bd:dd:d8:30:5a:ce:f1:ea:f8:38:d0:53:84:d1:74:ef:f8:
40:47:08:28:0d:cd:57:be:b2:02:c5:0e:27:8d:80:6d:47:c4:
bd:3f:c1:ed:27:cb:d4:79:a6:b4:31:72:9c:78:bf:ac:74:6e:
69:77:16:2d:92:88:14:b3:0b:f7:fc:a1:23:03:f6:64:a0:79:
38:af:76:1d:c2:6d:fa:a7:23:29:6b:14:bc:ee:f5:d1:00:7d:
23:3b:a8:f5:8b:0e:0b:3e:9a:fe:88:8e:31:28:4c:e2:83:f4:
cd:50:bb:ae:c9:fe:71:41:86:ba:39:61:04:29:7f:b9:1c:a3:
93:61:ef:42:8e:17:7a:05:5c:fc:bb:65:d3:ba:76:89:cc:3f:
4d:d1:b1:7a:9a:f9:80:d8:72:c3:9f:8e:2f:ed:7f:9b:2d:30:
fc:1d:13:23:02:54:8a:83:65:8a:28:7e:e4:ba:99:5d:4c:2b:
52:70:3f:1a:74:6b:db:69:01:61:6e:7f:48:c8:87:17:18:0a:
6e:1b:0e:35:bc:f3:72:22:98:75:fd:28:d2:60:2e:da:80:b6:
81:ff:c1:28
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgISAYyRPTp5e0nv2Lh3V2DrhJOEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3ZjY0NmRlNDE0MDcyZmMxYWI3NmIxYjJjOWUwOGI5YmQy
MWE4NDMwHhcNMjMxMjIyMTExNTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTUyOWFjYzczYTkwOTI1NzA0YjU5Yzg2ZWMwNmVmOGZiZGI2NmMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoBZEHa606V4kEnI86FEvWplz5XC6
iGmZGxORh7o1Qi/rx44MjjAS7ueJ64gKvpFwCD88vYVMrqzcgd8jldWtgsRuibl1
jgWNXnyoWCnfH24LcYZxGcdgQf3oAeIhez0jzllynFUf+OBqxfNyLOWjof8orj8j
ZdLQd5I+3i3Mqkb97j5ZuUqsbPwRLvNLG3IuC0bh+HgVAXI3X3Oo3iD17gMN+T7W
BqD4QvSpJUUioebHjE6Blu1vyk3g9QQOa/xQBN1YpG8qqsiKiwNvXj1ogpxHxVb0
Vm2sJ1X8gywdmDkIDrn175K+Hcfd68HFlJtNO2jh7dQrYcRdVrMHlnpEPQIDAQAB
o4ICiTCCAoUwHQYDVR0OBBYEFEVSmsxzqQklcEtZyG7Abvj722bBMB8GA1UdIwQY
MBaAFLf2Rt5BQHL8GrdrGyyeCLm9IahDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdF9aRzNrRkFjdndhdDJzYkxKNEl1YjBocUVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9lMmY5ZmYtYzQ2MC00MGEyLWEzNTct
NzdlZjg3YTczZTEzLzEvUlZLYXpIT3BDU1Z3UzFuSWJzQnUtUHZiWnNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9lMmY5ZmYtYzQ2MC00MGEyLWEzNTctNzdlZjg3YTczZTEz
LzEvdF9aRzNrRkFjdndhdDJzYkxKNEl1YjBocUVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGeBggrBgEFBQcBBwEB/wSBjjCBizBsBAIAATBmAwQAJUiB
AwQCLZp0AwQATVd/AwQAWJcMAwQCWNq8AwQAW9+0AwQCW+ogAwQAW/e9AwQEsHIA
AwQCuabYAwQCueZYAwQCufwYAwQAvF12AwQAwm74AwQAwm7+AwQAwnEgAwQAwnE6
MBsEAgACMBUDBQMqDA8AAwUDKg/BAAMFAyoREoAwDQYJKoZIhvcNAQELBQADggEB
AJFGT7vta/exT6wHiOtBq4oxp5vlSiGkaVVeK+2AWV8B+d09ncW93dgwWs7x6vg4
0FOE0XTv+EBHCCgNzVe+sgLFDieNgG1HxL0/we0ny9R5prQxcpx4v6x0bml3Fi2S
iBSzC/f8oSMD9mSgeTivdh3CbfqnIylrFLzu9dEAfSM7qPWLDgs+mv6IjjEoTOKD
9M1Qu67J/nFBhro5YQQpf7kco5Nh70KOF3oFXPy7ZdO6donMP03RsXqa+YDYcsOf
ji/tf5stMPwdEyMCVIqDZYoofuS6mV1MK1JwPxp0a9tpAWFuf0jIhxcYCm4bDjW8
83IimHX9KNJgLtqAtoH/wSg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:47 2024 by rpki-client on console-ams.rpki-client.org