Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/VRgOUN627JzKtF054fZ0NwuMiOM.roa
File: VRgOUN627JzKtF054fZ0NwuMiOM.roa (raw, json)
Hash identifier: xzueswnj9BdQoaBVkhRKlHFqH2A2FFsnNSbf7kp4yt4=
Subject key identifier: 55:18:0E:50:DE:B6:EC:9C:CA:B4:5D:39:E1:F6:74:37:0B:8C:88:E3
Certificate issuer: /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Certificate serial: 0187C21278423357696CA124346C5D2530BE
Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/VRgOUN627JzKtF054fZ0NwuMiOM.roa
Signing time: Thu 27 Apr 2023 09:36:42 +0000
ROA not before: Thu 27 Apr 2023 09:36:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 32787
IP address blocks: 95.100.157.0/24 maxlen: 24
2.17.192.0/24 maxlen: 24
2.17.192.0/22 maxlen: 22
2.17.193.0/24 maxlen: 24
2.17.195.0/24 maxlen: 24
2.17.194.0/24 maxlen: 24
2.21.175.0/24 maxlen: 24
95.100.215.0/24 maxlen: 24
95.100.214.0/24 maxlen: 24
92.122.207.0/24 maxlen: 24
95.100.253.0/24 maxlen: 24
93.191.172.0/24 maxlen: 24
93.191.168.0/24 maxlen: 24
93.191.169.0/24 maxlen: 24
95.100.180.0/24 maxlen: 24
93.191.170.0/24 maxlen: 24
92.122.185.0/24 maxlen: 24
95.100.213.0/24 maxlen: 24
92.122.184.0/24 maxlen: 24
95.100.212.0/24 maxlen: 24
95.101.118.0/24 maxlen: 24
95.101.117.0/24 maxlen: 24
95.101.204.0/22 maxlen: 22
2.19.4.0/22 maxlen: 22
2.17.108.0/22 maxlen: 22
2a02:2370:2::/48 maxlen: 48
2a02:2370:102::/48 maxlen: 48
2a02:2370:202::/48 maxlen: 48
2a02:2370:6::/48 maxlen: 48
2a02:2370:106::/48 maxlen: 48
2a02:2370:206::/48 maxlen: 48
2a02:2370:1::/48 maxlen: 48
2a02:2370:101::/48 maxlen: 48
2a02:2370:201::/48 maxlen: 48
2a02:2370:204::/48 maxlen: 48
2a02:2370:4::/48 maxlen: 48
2a02:2370:104::/48 maxlen: 48
2a02:2370:103::/48 maxlen: 48
2a02:2370:203::/48 maxlen: 48
2a02:2370:3::/48 maxlen: 48
2a02:2370:200::/48 maxlen: 48
2a02:2370:5::/48 maxlen: 48
2a02:2370:105::/48 maxlen: 48
2a02:2370:205::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:c2:12:78:42:33:57:69:6c:a1:24:34:6c:5d:25:30:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Validity
Not Before: Apr 27 09:36:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=55180e50deb6ec9ccab45d39e1f674370b8c88e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:a8:7a:ab:e1:25:21:d6:0d:0b:a5:4d:75:35:
55:2f:c5:9b:e3:f8:24:2e:90:4b:a9:d4:f6:a4:d8:
0e:58:2e:d6:d6:5d:e1:78:e4:28:0e:3a:cc:44:7f:
2e:a3:77:8b:33:76:99:d8:c0:b3:78:d7:ac:68:92:
c4:31:13:d2:25:a2:c0:28:fe:9d:7e:72:99:3f:a1:
4a:8e:33:a2:e6:52:45:4e:66:81:9f:1a:c9:b4:c2:
11:b1:d3:c2:4a:a5:f2:96:b3:04:a0:2b:06:d1:4a:
a7:38:ba:6a:7a:74:c0:32:81:7e:d8:a6:fd:ab:f0:
8f:ab:2a:5d:27:d7:41:d3:82:bc:d4:a7:cc:39:7f:
2e:1c:1a:36:33:93:f5:ee:de:60:59:0c:a3:ae:b6:
db:5c:fe:36:f9:05:c9:a6:13:85:ec:54:83:dc:c3:
26:50:b6:86:30:b2:0c:6c:68:9b:f8:78:16:74:1f:
6b:f2:2b:15:a2:cd:1b:04:b3:3f:37:2c:be:91:62:
40:c6:17:1f:db:f2:9f:60:74:ad:a4:0d:cb:99:d5:
77:f2:23:31:53:0b:f5:cd:b6:19:6d:0d:fa:89:00:
52:75:2f:18:51:b5:b9:d8:79:e0:13:45:ec:35:9d:
d0:a2:8d:29:d0:f0:1e:d5:01:b4:63:cf:95:55:c1:
6e:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:18:0E:50:DE:B6:EC:9C:CA:B4:5D:39:E1:F6:74:37:0B:8C:88:E3
X509v3 Authority Key Identifier:
keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/VRgOUN627JzKtF054fZ0NwuMiOM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.17.108.0/22
2.17.192.0/22
2.19.4.0/22
2.21.175.0/24
92.122.184.0/23
92.122.207.0/24
93.191.168.0-93.191.170.255
93.191.172.0/24
95.100.157.0/24
95.100.180.0/24
95.100.212.0/22
95.100.253.0/24
95.101.117.0-95.101.118.255
95.101.204.0/22
IPv6:
2a02:2370:1::-2a02:2370:6:ffff:ffff:ffff:ffff:ffff
2a02:2370:101::-2a02:2370:106:ffff:ffff:ffff:ffff:ffff
2a02:2370:200::-2a02:2370:206:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
1b:87:3b:6d:c4:08:41:f3:e5:53:23:ce:7d:0e:dd:7b:f4:73:
2f:b8:96:4f:5a:10:e5:7e:4b:c5:f6:80:c0:1f:c1:53:73:a8:
b8:89:20:37:ad:c9:cd:f3:cf:37:e5:b1:d7:bf:b7:f5:c4:61:
25:51:d9:ca:df:3a:5b:4c:b8:b6:38:bd:5b:7f:e7:ab:bd:ef:
7f:35:11:e1:24:e6:a1:f1:14:62:b1:c7:a5:31:97:9f:76:fb:
e0:e3:82:a4:18:80:79:6f:be:02:d0:92:59:de:81:23:ca:20:
b2:84:03:b3:1e:2d:a9:9d:6c:9f:f2:4a:0b:a3:a7:df:23:81:
0f:a1:2d:9b:78:19:5b:a5:ab:ef:88:8d:7f:9c:c8:20:d9:ae:
35:de:ff:05:cc:58:27:6c:6c:8b:27:e1:92:ee:32:c9:12:57:
58:dc:80:7c:85:40:df:cf:d3:79:3e:5e:10:d3:52:e9:09:2c:
99:ab:98:54:31:ec:b6:68:2d:d8:51:8f:9a:87:fe:4c:e0:0f:
ff:86:9e:fb:ed:9e:d6:2b:49:b1:7f:2b:f5:14:54:c1:35:11:
8c:4a:40:3a:fd:6d:0a:f8:b5:79:e8:b0:1f:bf:c3:29:46:6b:
f8:68:f6:88:98:1d:f2:a9:5f:b0:9b:61:95:e9:3e:a7:87:8f:
a6:32:95:e5
-----BEGIN CERTIFICATE-----
MIIFoTCCBImgAwIBAgISAYfCEnhCM1dpbKEkNGxdJTC+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5
YmQ2YWEwHhcNMjMwNDI3MDkzNjQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTE4MGU1MGRlYjZlYzljY2FiNDVkMzllMWY2NzQzNzBiOGM4OGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjKh6q+ElIdYNC6VNdTVVL8Wb4/gk
LpBLqdT2pNgOWC7W1l3heOQoDjrMRH8uo3eLM3aZ2MCzeNesaJLEMRPSJaLAKP6d
fnKZP6FKjjOi5lJFTmaBnxrJtMIRsdPCSqXylrMEoCsG0UqnOLpqenTAMoF+2Kb9
q/CPqypdJ9dB04K81KfMOX8uHBo2M5P17t5gWQyjrrbbXP42+QXJphOF7FSD3MMm
ULaGMLIMbGib+HgWdB9r8isVos0bBLM/Nyy+kWJAxhcf2/KfYHStpA3LmdV38iMx
Uwv1zbYZbQ36iQBSdS8YUbW52HngE0XsNZ3Qoo0p0PAe1QG0Y8+VVcFuewIDAQAB
o4ICrTCCAqkwHQYDVR0OBBYEFFUYDlDetuycyrRdOeH2dDcLjIjjMB8GA1UdIwQY
MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt
ODhkMWNhYzllNGYxLzEvVlJnT1VONjI3SnpLdEYwNTRmWjBOd3VNaU9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx
LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHCBggrBgEFBQcBBwEB/wSBsjCBrzBqBAIAATBkAwQCAhFs
AwQCAhHAAwQCAhMEAwQAAhWvAwQBXHq4AwQAXHrPMAwDBANdv6gDBABdv6oDBABd
v6wDBABfZJ0DBABfZLQDBAJfZNQDBABfZP0wDAMEAF9ldQMEAF9ldgMEAl9lzDBB
BAIAAjA7MBIDBwAqAiNwAAEDBwAqAiNwAAYwEgMHACoCI3ABAQMHACoCI3ABBjAR
AwYBKgIjcAIDBwAqAiNwAgYwDQYJKoZIhvcNAQELBQADggEBABuHO23ECEHz5VMj
zn0O3Xv0cy+4lk9aEOV+S8X2gMAfwVNzqLiJIDetyc3zzzflsde/t/XEYSVR2crf
OltMuLY4vVt/56u97381EeEk5qHxFGKxx6Uxl592++DjgqQYgHlvvgLQklnegSPK
ILKEA7MeLamdbJ/ySgujp98jgQ+hLZt4GVulq++IjX+cyCDZrjXe/wXMWCdsbIsn
4ZLuMskSV1jcgHyFQN/P03k+XhDTUukJLJmrmFQx7LZoLdhRj5qH/kzgD/+Gnvvt
ntYrSbF/K/UUVME1EYxKQDr9bQr4tXnosB+/wylGa/ho9oiYHfKpX7CbYZXpPqeH
j6YyleU=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:23 2023 by rpki-client on console-ams.rpki-client.org