Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/b476f9-d242-465a-8748-5f1dc0a0bfcf/1/VClHASHWZ9s5_GpatIU34nqtcu8.roa
File: VClHASHWZ9s5_GpatIU34nqtcu8.roa (raw, json)
Hash identifier: lsWoPo3fe2TsgvedLIIf42zLt9+WspiDCNX/svmsr8A=
Subject key identifier: 54:29:47:01:21:D6:67:DB:39:FC:6A:5A:B4:85:37:E2:7A:AD:72:EF
Certificate issuer: /CN=edafdca6eace4f1293223b02eebc278243869b7b
Certificate serial: 01857246FF356D815F773133376C142AF54D
Authority key identifier: ED:AF:DC:A6:EA:CE:4F:12:93:22:3B:02:EE:BC:27:82:43:86:9B:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7a_cpurOTxKTIjsC7rwngkOGm3s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/b476f9-d242-465a-8748-5f1dc0a0bfcf/1/VClHASHWZ9s5_GpatIU34nqtcu8.roa
Signing time: Mon 02 Jan 2023 11:38:53 +0000
ROA not before: Mon 02 Jan 2023 11:38:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1902
IP address blocks: 185.156.128.0/24 maxlen: 24
185.156.130.0/23 maxlen: 23
185.156.129.0/24 maxlen: 24
2a07:9e40::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 21 Sep 2023 18:41:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:ff:35:6d:81:5f:77:31:33:37:6c:14:2a:f5:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=edafdca6eace4f1293223b02eebc278243869b7b
Validity
Not Before: Jan 2 11:38:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5429470121d667db39fc6a5ab48537e27aad72ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:d0:01:51:17:08:85:30:b5:c8:c8:24:03:98:
d7:d4:bf:4f:b6:93:85:2c:06:70:82:1d:50:0a:c1:
d5:14:de:92:b0:6d:ff:7e:8c:8f:5f:9a:55:4e:5a:
7e:b1:cb:d8:60:52:32:4b:8d:d6:74:7d:d4:72:19:
f2:e8:0e:ef:08:b2:0c:b3:3f:a1:35:44:e5:3b:b4:
04:33:90:a7:a2:5f:ea:39:9c:c2:02:87:08:d4:c1:
c3:85:24:22:2f:29:bd:f4:4a:5e:b4:7d:67:16:e0:
73:d7:18:59:53:f4:c7:6b:c0:2e:f3:3f:a8:40:23:
6f:d7:b3:15:b9:0c:16:23:d4:61:a0:98:93:dc:c3:
e6:25:d7:93:d8:7f:65:14:60:c1:40:be:24:0d:0b:
d3:36:8a:84:0d:9a:bd:67:85:c4:8f:22:2b:4a:6e:
fc:55:75:46:f3:89:79:54:51:6d:72:31:9b:ef:e7:
2b:fe:95:33:3c:bb:d5:92:34:f0:9d:f4:5f:a3:39:
74:3f:48:6f:f5:1d:5f:6f:99:ae:03:67:a9:5f:a4:
b4:bf:50:02:e0:7b:eb:74:38:ab:e7:1d:bf:0c:ec:
d1:d0:9f:00:3b:6e:f2:89:7d:fd:11:5a:21:bc:0c:
d3:21:95:67:75:0b:82:15:fd:74:2d:c6:b9:29:66:
40:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:29:47:01:21:D6:67:DB:39:FC:6A:5A:B4:85:37:E2:7A:AD:72:EF
X509v3 Authority Key Identifier:
keyid:ED:AF:DC:A6:EA:CE:4F:12:93:22:3B:02:EE:BC:27:82:43:86:9B:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a_cpurOTxKTIjsC7rwngkOGm3s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/b476f9-d242-465a-8748-5f1dc0a0bfcf/1/VClHASHWZ9s5_GpatIU34nqtcu8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/b476f9-d242-465a-8748-5f1dc0a0bfcf/1/7a_cpurOTxKTIjsC7rwngkOGm3s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.156.128.0/22
IPv6:
2a07:9e40::/29
Signature Algorithm: sha256WithRSAEncryption
1e:82:b0:6a:fc:d2:56:29:9e:c9:86:f6:e5:b4:51:8a:be:1d:
23:6d:51:61:b8:df:28:1c:cb:65:ac:46:d7:5d:e0:c9:d8:e3:
f6:f3:98:6f:e8:58:03:d1:a8:aa:7d:dd:40:28:db:e0:e2:5e:
0e:45:f9:0d:15:bc:2b:01:d4:77:31:35:42:7d:19:0a:2a:10:
ce:98:9d:17:06:9b:28:d6:26:f8:d3:9d:4d:e1:19:65:93:fd:
ca:6f:03:2b:11:e6:43:99:11:ef:c9:81:bb:f8:b9:7a:f5:61:
e5:73:67:04:f3:47:6b:d6:ea:a3:e4:ff:c1:36:9f:1a:75:6f:
89:1c:ba:23:4c:21:2d:fa:e0:4e:3b:13:7a:69:41:ef:82:1d:
35:f9:0e:ed:25:3b:66:ee:72:87:fa:e8:34:ef:33:5c:03:db:
4c:4f:bd:26:0c:98:7e:57:09:9a:ed:f7:ed:16:fd:29:d1:21:
99:e2:0f:a7:a8:b4:6d:bc:5a:54:03:1b:06:b9:86:20:4d:f1:
3b:72:40:7d:23:94:66:43:21:7f:e9:e9:ab:20:8d:af:e5:e6:
80:69:fb:8a:14:75:52:02:77:29:f4:5d:17:ed:a7:fa:51:0c:
46:6b:41:94:2b:4f:08:54:bc:98:0b:59:ba:56:d3:37:04:28:
cc:dc:28:26
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVyRv81bYFfdzEzN2wUKvVNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkYWZkY2E2ZWFjZTRmMTI5MzIyM2IwMmVlYmMyNzgyNDM4
NjliN2IwHhcNMjMwMTAyMTEzODUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDI5NDcwMTIxZDY2N2RiMzlmYzZhNWFiNDg1MzdlMjdhYWQ3MmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhdABURcIhTC1yMgkA5jX1L9PtpOF
LAZwgh1QCsHVFN6SsG3/foyPX5pVTlp+scvYYFIyS43WdH3Uchny6A7vCLIMsz+h
NUTlO7QEM5Cnol/qOZzCAocI1MHDhSQiLym99EpetH1nFuBz1xhZU/THa8Au8z+o
QCNv17MVuQwWI9RhoJiT3MPmJdeT2H9lFGDBQL4kDQvTNoqEDZq9Z4XEjyIrSm78
VXVG84l5VFFtcjGb7+cr/pUzPLvVkjTwnfRfozl0P0hv9R1fb5muA2epX6S0v1AC
4HvrdDir5x2/DOzR0J8AO27yiX39EVohvAzTIZVndQuCFf10Lca5KWZAPwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFQpRwEh1mfbOfxqWrSFN+J6rXLvMB8GA1UdIwQY
MBaAFO2v3Kbqzk8SkyI7Au68J4JDhpt7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2FfY3B1ck9UeEtUSWpzQzdyd25na09HbTNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy9iNDc2ZjktZDI0Mi00NjVhLTg3NDgt
NWYxZGMwYTBiZmNmLzEvVkNsSEFTSFdaOXM1X0dwYXRJVTM0bnF0Y3U4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy9iNDc2ZjktZDI0Mi00NjVhLTg3NDgtNWYxZGMwYTBiZmNm
LzEvN2FfY3B1ck9UeEtUSWpzQzdyd25na09HbTNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZyAMA0E
AgACMAcDBQMqB55AMA0GCSqGSIb3DQEBCwUAA4IBAQAegrBq/NJWKZ7JhvbltFGK
vh0jbVFhuN8oHMtlrEbXXeDJ2OP285hv6FgD0aiqfd1AKNvg4l4ORfkNFbwrAdR3
MTVCfRkKKhDOmJ0XBpso1ib4051N4Rllk/3KbwMrEeZDmRHvyYG7+Ll69WHlc2cE
80dr1uqj5P/BNp8adW+JHLojTCEt+uBOOxN6aUHvgh01+Q7tJTtm7nKH+ug07zNc
A9tMT70mDJh+Vwma7fftFv0p0SGZ4g+nqLRtvFpUAxsGuYYgTfE7ckB9I5RmQyF/
6emrII2v5eaAafuKFHVSAncp9F0X7af6UQxGa0GUK08IVLyYC1m6VtM3BCjM3Cgm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:01 2024 by rpki-client on console-fra.rpki-client.org