Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/da8cb1-1bfc-43fd-a0d2-d624496ddcc8/1/VrBz46XXzvLgIez_DjU_UKuV2Ro.roa
File: VrBz46XXzvLgIez_DjU_UKuV2Ro.roa (raw, json)
Hash identifier: jSmzPK8Xp7OSiX7C+zT1TcrEf06MjCoBQFPgMdTicuY=
Subject key identifier: 56:B0:73:E3:A5:D7:CE:F2:E0:21:EC:FF:0E:35:3F:50:AB:95:D9:1A
Certificate issuer: /CN=a647893fb5b348e68a66d55a28f278cbf3931df4
Certificate serial: 018C3F07F36CF7F3D4DA64EFDEA6D0FEAB83
Authority key identifier: A6:47:89:3F:B5:B3:48:E6:8A:66:D5:5A:28:F2:78:CB:F3:93:1D:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pkeJP7WzSOaKZtVaKPJ4y_OTHfQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/da8cb1-1bfc-43fd-a0d2-d624496ddcc8/1/VrBz46XXzvLgIez_DjU_UKuV2Ro.roa
Signing time: Wed 06 Dec 2023 12:08:54 +0000
ROA not before: Wed 06 Dec 2023 12:08:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31727
IP address blocks: 185.207.132.0/22 maxlen: 22
185.207.132.0/23 maxlen: 23
185.207.134.0/24 maxlen: 24
185.207.135.0/24 maxlen: 24
185.170.152.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:30:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3f:07:f3:6c:f7:f3:d4:da:64:ef:de:a6:d0:fe:ab:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a647893fb5b348e68a66d55a28f278cbf3931df4
Validity
Not Before: Dec 6 12:08:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=56b073e3a5d7cef2e021ecff0e353f50ab95d91a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:8d:fb:7f:bb:1a:96:9f:dc:8e:51:a8:23:3d:
f8:a9:a3:49:12:e5:8b:0a:6d:a2:b1:ad:ab:98:8c:
06:83:38:94:ef:4b:43:42:4c:9c:e1:2c:ff:9d:25:
ae:97:dd:59:5a:49:ba:fa:7d:3e:92:d0:7a:e8:84:
75:96:3d:2a:0d:5a:36:e9:da:54:be:3f:b1:03:e7:
99:86:6f:a4:cb:94:c3:de:52:c1:ff:42:26:1f:18:
47:27:ed:14:2e:73:5d:93:74:b3:c0:63:7f:d0:ef:
87:68:12:a8:88:f1:42:c4:4b:90:b2:48:f1:a0:82:
52:2d:79:2a:c8:0d:48:b5:1b:60:fe:f5:c8:35:5a:
81:b9:b3:d2:cf:61:1f:f6:f9:f6:1b:c6:21:8d:c9:
10:11:3e:ea:2c:cc:14:94:86:09:94:de:4d:ca:d2:
4e:7c:e7:63:24:7c:19:5e:48:7f:02:ab:19:f2:3a:
eb:c2:54:db:84:44:86:b6:53:ef:83:7b:c7:12:5c:
02:f5:a4:87:a3:48:f6:31:5f:d6:f6:65:4b:82:e0:
ef:c5:ec:4c:ef:9d:67:7e:38:27:18:6a:b2:b9:66:
9c:14:5b:6d:ce:d9:87:59:a5:9d:17:02:2c:12:a2:
e7:33:81:3b:8a:92:40:71:a1:9b:35:92:ed:0e:c8:
90:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:B0:73:E3:A5:D7:CE:F2:E0:21:EC:FF:0E:35:3F:50:AB:95:D9:1A
X509v3 Authority Key Identifier:
keyid:A6:47:89:3F:B5:B3:48:E6:8A:66:D5:5A:28:F2:78:CB:F3:93:1D:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pkeJP7WzSOaKZtVaKPJ4y_OTHfQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/da8cb1-1bfc-43fd-a0d2-d624496ddcc8/1/VrBz46XXzvLgIez_DjU_UKuV2Ro.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/da8cb1-1bfc-43fd-a0d2-d624496ddcc8/1/pkeJP7WzSOaKZtVaKPJ4y_OTHfQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.170.152.0/22
185.207.132.0/22
Signature Algorithm: sha256WithRSAEncryption
09:de:66:5b:27:1a:3a:f3:0e:1e:78:89:c6:72:84:2c:ff:0b:
da:58:ec:15:1d:00:7a:51:02:19:77:21:f7:31:41:27:68:3f:
91:6b:f0:07:8a:6e:2c:ac:c6:19:21:b7:75:36:5e:e8:67:fb:
82:f1:b7:10:48:79:3d:9b:eb:e0:2f:d6:6e:2c:c2:d5:e7:c8:
d6:b2:12:29:60:b6:e8:76:ef:3c:71:e1:c7:6c:10:be:6f:61:
f0:b6:0b:65:f0:66:17:8a:f5:65:0d:6c:79:94:4c:9f:df:d7:
69:41:f0:98:71:5f:36:87:37:af:bb:50:36:7e:29:b3:06:61:
93:cf:61:ac:86:19:4c:60:c5:20:c1:33:19:ec:fc:0a:d1:b8:
76:2b:ba:aa:72:94:e0:4e:ea:84:b4:35:f1:48:26:b1:b7:df:
dd:10:95:81:fc:92:aa:7e:4b:d0:e7:b3:b6:1e:6b:eb:99:bf:
5e:91:48:24:1e:3f:6b:a3:2c:f0:cd:9c:fa:40:d4:d8:a2:a8:
8a:a7:ee:66:23:27:37:30:c1:48:1a:1c:8d:1e:70:71:42:91:
34:e1:9b:7f:f2:3c:8d:4a:1b:96:a2:0a:fd:f4:49:9b:6c:59:
8f:2d:f3:06:95:ca:96:02:34:06:53:51:e4:13:0d:98:1b:81:
55:f4:c5:23
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYw/B/Ns9/PU2mTv3qbQ/quDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2NDc4OTNmYjViMzQ4ZTY4YTY2ZDU1YTI4ZjI3OGNiZjM5
MzFkZjQwHhcNMjMxMjA2MTIwODU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmIwNzNlM2E1ZDdjZWYyZTAyMWVjZmYwZTM1M2Y1MGFiOTVkOTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsY37f7salp/cjlGoIz34qaNJEuWL
Cm2isa2rmIwGgziU70tDQkyc4Sz/nSWul91ZWkm6+n0+ktB66IR1lj0qDVo26dpU
vj+xA+eZhm+ky5TD3lLB/0ImHxhHJ+0ULnNdk3SzwGN/0O+HaBKoiPFCxEuQskjx
oIJSLXkqyA1ItRtg/vXINVqBubPSz2Ef9vn2G8YhjckQET7qLMwUlIYJlN5NytJO
fOdjJHwZXkh/AqsZ8jrrwlTbhESGtlPvg3vHElwC9aSHo0j2MV/W9mVLguDvxexM
751nfjgnGGqyuWacFFttztmHWaWdFwIsEqLnM4E7ipJAcaGbNZLtDsiQjwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFawc+Ol187y4CHs/w41P1CrldkaMB8GA1UdIwQY
MBaAFKZHiT+1s0jmimbVWijyeMvzkx30MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGtlSlA3V3pTT2FLWnRWYUtQSjR5X09USGZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9kYThjYjEtMWJmYy00M2ZkLWEwZDIt
ZDYyNDQ5NmRkY2M4LzEvVnJCejQ2WFh6dkxnSWV6X0RqVV9VS3VWMlJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My9kYThjYjEtMWJmYy00M2ZkLWEwZDItZDYyNDQ5NmRkY2M4
LzEvcGtlSlA3V3pTT2FLWnRWYUtQSjR5X09USGZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuaqYAwQC
uc+EMA0GCSqGSIb3DQEBCwUAA4IBAQAJ3mZbJxo68w4eeInGcoQs/wvaWOwVHQB6
UQIZdyH3MUEnaD+Ra/AHim4srMYZIbd1Nl7oZ/uC8bcQSHk9m+vgL9ZuLMLV58jW
shIpYLbodu88ceHHbBC+b2Hwtgtl8GYXivVlDWx5lEyf39dpQfCYcV82hzevu1A2
fimzBmGTz2GshhlMYMUgwTMZ7PwK0bh2K7qqcpTgTuqEtDXxSCaxt9/dEJWB/JKq
fkvQ57O2Hmvrmb9ekUgkHj9royzwzZz6QNTYoqiKp+5mIyc3MMFIGhyNHnBxQpE0
4Zt/8jyNShuWogr99EmbbFmPLfMGlcqWAjQGU1HkEw2YG4FV9MUj
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:41 2024 by rpki-client on console-ams.rpki-client.org