Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/b476f9-d242-465a-8748-5f1dc0a0bfcf/1/vebbC-kYWkbl3DwSqB7MacBA_3c.roa
File: vebbC-kYWkbl3DwSqB7MacBA_3c.roa (raw, json)
Hash identifier: FeNDKmGW2EqV+ye/R9n8tlu4NGlLcO1AduHtcVyZO2g=
Subject key identifier: BD:E6:DB:0B:E9:18:5A:46:E5:DC:3C:12:A8:1E:CC:69:C0:40:FF:77
Certificate issuer: /CN=edafdca6eace4f1293223b02eebc278243869b7b
Certificate serial: 018CC801E734CF6D8E964FAA476BEAB5CBAC
Authority key identifier: ED:AF:DC:A6:EA:CE:4F:12:93:22:3B:02:EE:BC:27:82:43:86:9B:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7a_cpurOTxKTIjsC7rwngkOGm3s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/b476f9-d242-465a-8748-5f1dc0a0bfcf/1/vebbC-kYWkbl3DwSqB7MacBA_3c.roa
Signing time: Tue 02 Jan 2024 02:30:17 +0000
ROA not before: Tue 02 Jan 2024 02:30:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1902
IP address blocks: 185.156.128.0/24 maxlen: 24
185.156.128.0/22 maxlen: 22
185.156.130.0/23 maxlen: 23
185.156.129.0/24 maxlen: 24
2a07:9e40::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:48:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:e7:34:cf:6d:8e:96:4f:aa:47:6b:ea:b5:cb:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=edafdca6eace4f1293223b02eebc278243869b7b
Validity
Not Before: Jan 2 02:30:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bde6db0be9185a46e5dc3c12a81ecc69c040ff77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:29:78:6e:f2:6d:a0:94:89:91:04:ae:9f:60:
7b:48:2b:aa:d3:a0:af:73:bc:73:20:9f:1b:a2:d4:
d1:f8:9b:1e:9d:34:55:80:7b:83:d4:f3:98:6f:b9:
77:99:d7:81:b1:79:1c:a9:ac:98:2c:d2:4b:d7:a4:
12:da:85:92:38:9a:dc:75:49:db:48:bb:e2:50:ac:
e1:29:a1:66:a3:83:72:fa:da:95:f7:cd:63:1c:de:
ff:ed:28:24:5d:46:31:26:17:4b:b5:86:76:90:da:
e4:bb:ee:fc:74:c9:17:94:3c:9e:d9:c9:c5:82:66:
44:88:03:4d:3d:f0:8a:e6:8f:b5:cc:85:7d:bf:e1:
82:5e:d3:15:5d:90:b5:2c:c5:13:0a:54:08:6d:a4:
a3:d9:e9:e9:a1:49:fa:f2:0b:3e:5d:68:d9:b3:bf:
c4:f3:c8:7c:93:e9:f0:52:4a:e5:51:df:7a:1f:1d:
b8:0e:75:06:89:7d:09:17:ac:e2:1d:93:de:86:99:
d7:72:7b:16:73:cf:55:2b:52:78:37:f2:9c:ca:2c:
63:e5:63:1f:25:a7:5a:70:19:e2:6f:a6:56:f9:52:
34:32:02:b8:58:9c:ee:5e:9f:79:69:9e:e6:0a:35:
c9:0c:cd:0e:a0:bb:11:da:a6:5a:0f:3b:02:69:0d:
26:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:E6:DB:0B:E9:18:5A:46:E5:DC:3C:12:A8:1E:CC:69:C0:40:FF:77
X509v3 Authority Key Identifier:
keyid:ED:AF:DC:A6:EA:CE:4F:12:93:22:3B:02:EE:BC:27:82:43:86:9B:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a_cpurOTxKTIjsC7rwngkOGm3s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/b476f9-d242-465a-8748-5f1dc0a0bfcf/1/vebbC-kYWkbl3DwSqB7MacBA_3c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/b476f9-d242-465a-8748-5f1dc0a0bfcf/1/7a_cpurOTxKTIjsC7rwngkOGm3s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.156.128.0/22
IPv6:
2a07:9e40::/29
Signature Algorithm: sha256WithRSAEncryption
58:5f:7e:9a:a9:fa:88:4a:4a:17:70:d8:71:82:43:78:d4:e6:
c6:87:ac:c3:46:40:31:f5:a1:02:bd:7c:9a:50:fe:7b:ca:0a:
b7:03:c9:78:71:85:6d:95:79:6a:2e:61:15:72:a4:2e:ac:ce:
7f:44:d0:5a:f4:95:fb:c0:a5:c6:12:10:9b:c4:ac:d3:26:77:
3d:6a:e7:6a:bb:09:ad:5b:0e:df:50:57:8b:1e:f3:fe:0d:82:
ee:a7:4d:e8:45:d8:27:56:e1:0d:63:3c:a6:41:81:67:b9:52:
46:3e:ec:1d:6a:9c:cb:76:55:22:72:ad:c3:ca:8d:f8:ef:f5:
e1:9e:cb:bc:28:07:ee:b1:0a:9f:cc:bf:3c:e4:b3:85:f9:c2:
90:a9:94:2c:7e:79:3a:13:b9:6a:7a:f3:14:36:96:67:2e:84:
97:05:fe:05:39:bf:f5:cc:df:e2:56:92:1a:f0:63:1b:50:84:
c4:c3:73:71:03:ab:ea:45:e0:03:a2:ce:d2:6c:4a:37:78:df:
a6:ab:d9:8d:66:f9:73:2c:93:17:c9:01:9f:2a:60:9a:df:44:
45:09:4f:55:08:b8:23:99:11:d1:90:b1:d9:cb:43:0e:b5:7c:
ed:bb:b7:8e:fe:ad:ec:5a:6d:cd:7b:66:f1:70:29:11:d3:a6:
cd:4b:5a:56
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIAec0z22Olk+qR2vqtcusMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkYWZkY2E2ZWFjZTRmMTI5MzIyM2IwMmVlYmMyNzgyNDM4
NjliN2IwHhcNMjQwMTAyMDIzMDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGU2ZGIwYmU5MTg1YTQ2ZTVkYzNjMTJhODFlY2M2OWMwNDBmZjc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzCl4bvJtoJSJkQSun2B7SCuq06Cv
c7xzIJ8botTR+JsenTRVgHuD1POYb7l3mdeBsXkcqayYLNJL16QS2oWSOJrcdUnb
SLviUKzhKaFmo4Ny+tqV981jHN7/7SgkXUYxJhdLtYZ2kNrku+78dMkXlDye2cnF
gmZEiANNPfCK5o+1zIV9v+GCXtMVXZC1LMUTClQIbaSj2enpoUn68gs+XWjZs7/E
88h8k+nwUkrlUd96Hx24DnUGiX0JF6ziHZPehpnXcnsWc89VK1J4N/Kcyixj5WMf
JadacBnib6ZW+VI0MgK4WJzuXp95aZ7mCjXJDM0OoLsR2qZaDzsCaQ0mKwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFL3m2wvpGFpG5dw8EqgezGnAQP93MB8GA1UdIwQY
MBaAFO2v3Kbqzk8SkyI7Au68J4JDhpt7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2FfY3B1ck9UeEtUSWpzQzdyd25na09HbTNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy9iNDc2ZjktZDI0Mi00NjVhLTg3NDgt
NWYxZGMwYTBiZmNmLzEvdmViYkMta1lXa2JsM0R3U3FCN01hY0JBXzNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy9iNDc2ZjktZDI0Mi00NjVhLTg3NDgtNWYxZGMwYTBiZmNm
LzEvN2FfY3B1ck9UeEtUSWpzQzdyd25na09HbTNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZyAMA0E
AgACMAcDBQMqB55AMA0GCSqGSIb3DQEBCwUAA4IBAQBYX36aqfqISkoXcNhxgkN4
1ObGh6zDRkAx9aECvXyaUP57ygq3A8l4cYVtlXlqLmEVcqQurM5/RNBa9JX7wKXG
EhCbxKzTJnc9audquwmtWw7fUFeLHvP+DYLup03oRdgnVuENYzymQYFnuVJGPuwd
apzLdlUicq3Dyo347/Xhnsu8KAfusQqfzL885LOF+cKQqZQsfnk6E7lqevMUNpZn
LoSXBf4FOb/1zN/iVpIa8GMbUITEw3NxA6vqReADos7SbEo3eN+mq9mNZvlzLJMX
yQGfKmCa30RFCU9VCLgjmRHRkLHZy0MOtXztu7eO/q3sWm3Ne2bxcCkR06bNS1pW
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:17:35 2025 by rpki-client