Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/64119f-9684-4284-b232-af27d7ca1bf6/1/VTEaVLQQMLgQV28puxObAGW6qCw.roa
File: VTEaVLQQMLgQV28puxObAGW6qCw.roa (raw, json)
Hash identifier: rcBMIZEHX5dr6bra6nvTtK7OEO9xGnKgIGTg5mnz/54=
Subject key identifier: 55:31:1A:54:B4:10:30:B8:10:57:6F:29:BB:13:9B:00:65:BA:A8:2C
Certificate issuer: /CN=d9d1e220b601b67fe30cbb7b7c1bf22fbe22fb4f
Certificate serial: 018CC5DC70A1247C66F2E895C1A26B145CDD
Authority key identifier: D9:D1:E2:20:B6:01:B6:7F:E3:0C:BB:7B:7C:1B:F2:2F:BE:22:FB:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2dHiILYBtn_jDLt7fBvyL74i-08.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/64119f-9684-4284-b232-af27d7ca1bf6/1/VTEaVLQQMLgQV28puxObAGW6qCw.roa
Signing time: Mon 01 Jan 2024 16:30:07 +0000
ROA not before: Mon 01 Jan 2024 16:30:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62104
IP address blocks: 185.47.213.0/24 maxlen: 24
185.47.212.0/22 maxlen: 22
185.47.212.0/24 maxlen: 24
185.47.215.0/24 maxlen: 24
185.47.214.0/24 maxlen: 24
185.67.76.0/24 maxlen: 24
185.67.76.0/22 maxlen: 22
185.67.78.0/24 maxlen: 24
185.67.77.0/24 maxlen: 24
185.67.79.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 26 Jan 2024 08:50:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:70:a1:24:7c:66:f2:e8:95:c1:a2:6b:14:5c:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9d1e220b601b67fe30cbb7b7c1bf22fbe22fb4f
Validity
Not Before: Jan 1 16:30:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=55311a54b41030b810576f29bb139b0065baa82c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:75:5b:11:fe:e9:fb:8a:e2:b6:8d:93:e6:3a:
32:6f:84:b6:26:e5:28:84:7c:ad:87:4d:ac:12:be:
84:7d:20:7b:c3:3d:20:18:93:d4:9d:f4:2a:02:cc:
d0:d9:55:a5:88:6d:cc:c3:2e:da:92:f9:ae:6a:9c:
2d:d1:b7:8f:80:0c:84:2d:e7:1d:54:65:61:5f:d0:
1c:a8:55:59:67:59:d4:f8:c4:b1:03:95:e8:62:22:
af:6f:cd:95:70:99:a8:2e:2b:80:61:1b:fa:fe:04:
c9:ce:5f:09:d2:00:35:bb:8d:43:da:ac:04:ff:40:
6c:a0:e7:a3:87:ff:41:e7:c5:8b:2b:18:b6:05:8d:
03:c2:80:0d:38:8a:15:46:2b:c6:61:fa:1a:87:fa:
6a:d1:9c:13:17:6d:c4:3d:27:63:20:58:bc:80:da:
78:90:37:48:92:b8:2c:c0:3c:ee:b2:a6:04:3c:97:
13:18:4e:54:a5:f6:51:fd:68:9d:2f:c9:be:b4:25:
5a:d1:bd:c4:11:f8:48:cd:d6:1f:56:1d:a8:f9:77:
bb:d5:3e:7c:e7:62:c3:3e:13:11:9e:54:d5:eb:7f:
b2:b6:99:f2:be:76:19:b2:67:8a:65:c6:9d:3c:0f:
1a:84:97:00:f7:f9:55:50:52:f8:fe:a3:ea:b6:a6:
0f:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:31:1A:54:B4:10:30:B8:10:57:6F:29:BB:13:9B:00:65:BA:A8:2C
X509v3 Authority Key Identifier:
keyid:D9:D1:E2:20:B6:01:B6:7F:E3:0C:BB:7B:7C:1B:F2:2F:BE:22:FB:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2dHiILYBtn_jDLt7fBvyL74i-08.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/64119f-9684-4284-b232-af27d7ca1bf6/1/VTEaVLQQMLgQV28puxObAGW6qCw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/64119f-9684-4284-b232-af27d7ca1bf6/1/2dHiILYBtn_jDLt7fBvyL74i-08.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.47.212.0/22
185.67.76.0/22
Signature Algorithm: sha256WithRSAEncryption
4d:55:a9:42:7b:fd:57:e1:62:64:8b:8b:74:ab:19:fd:a0:a9:
83:61:7b:c9:37:fd:43:9f:6b:3f:7c:5e:22:b0:07:b5:a4:15:
21:a5:d0:df:2f:02:03:e8:69:17:37:a4:14:11:19:28:19:c3:
fb:f9:e7:98:eb:b3:a9:9c:a1:0a:2e:77:51:b8:a1:03:03:73:
42:b4:11:3a:e2:1f:b9:60:38:34:85:0a:ed:31:90:23:9c:45:
02:ec:6e:02:41:95:70:d0:e9:ee:2c:f6:61:a7:81:6d:16:a3:
60:d4:18:b8:ac:9c:61:77:8b:f5:5e:0d:51:c3:46:ac:93:c4:
8d:7c:da:ce:cb:5e:b7:8f:14:f1:89:15:af:b3:c1:e9:bc:ff:
3d:90:30:62:45:5c:c0:1b:96:f1:30:ca:a2:0c:12:22:e7:b6:
a9:db:e9:96:4e:5e:ae:43:24:0d:f7:6c:71:3c:d3:6a:74:be:
b0:e9:fe:e4:4d:72:f2:6a:44:d9:5e:5c:3d:9a:ef:a1:26:5d:
49:51:79:9a:9d:88:87:d0:e8:b9:f3:40:f1:92:81:ac:cd:03:
fc:66:8b:40:a4:96:cc:ce:1a:97:fd:26:6f:ff:9a:6e:6f:93:
c2:af:97:59:69:62:1a:80:f1:ca:56:a9:04:9a:a0:b4:0b:73:
c8:81:4e:0e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzF3HChJHxm8uiVwaJrFFzdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZDFlMjIwYjYwMWI2N2ZlMzBjYmI3YjdjMWJmMjJmYmUy
MmZiNGYwHhcNMjQwMTAxMTYzMDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTMxMWE1NGI0MTAzMGI4MTA1NzZmMjliYjEzOWIwMDY1YmFhODJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqnVbEf7p+4rito2T5joyb4S2JuUo
hHyth02sEr6EfSB7wz0gGJPUnfQqAszQ2VWliG3Mwy7akvmuapwt0bePgAyELecd
VGVhX9AcqFVZZ1nU+MSxA5XoYiKvb82VcJmoLiuAYRv6/gTJzl8J0gA1u41D2qwE
/0BsoOejh/9B58WLKxi2BY0DwoANOIoVRivGYfoah/pq0ZwTF23EPSdjIFi8gNp4
kDdIkrgswDzusqYEPJcTGE5UpfZR/WidL8m+tCVa0b3EEfhIzdYfVh2o+Xe71T58
52LDPhMRnlTV63+ytpnyvnYZsmeKZcadPA8ahJcA9/lVUFL4/qPqtqYPxQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFUxGlS0EDC4EFdvKbsTmwBluqgsMB8GA1UdIwQY
MBaAFNnR4iC2AbZ/4wy7e3wb8i++IvtPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmRIaUlMWUJ0bl9qREx0N2ZCdnlMNzRpLTA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC82NDExOWYtOTY4NC00Mjg0LWIyMzIt
YWYyN2Q3Y2ExYmY2LzEvVlRFYVZMUVFNTGdRVjI4cHV4T2JBR1c2cUN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC82NDExOWYtOTY4NC00Mjg0LWIyMzItYWYyN2Q3Y2ExYmY2
LzEvMmRIaUlMWUJ0bl9qREx0N2ZCdnlMNzRpLTA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuS/UAwQC
uUNMMA0GCSqGSIb3DQEBCwUAA4IBAQBNValCe/1X4WJki4t0qxn9oKmDYXvJN/1D
n2s/fF4isAe1pBUhpdDfLwID6GkXN6QUERkoGcP7+eeY67OpnKEKLndRuKEDA3NC
tBE64h+5YDg0hQrtMZAjnEUC7G4CQZVw0OnuLPZhp4FtFqNg1Bi4rJxhd4v1Xg1R
w0ask8SNfNrOy163jxTxiRWvs8HpvP89kDBiRVzAG5bxMMqiDBIi57ap2+mWTl6u
QyQN92xxPNNqdL6w6f7kTXLyakTZXlw9mu+hJl1JUXmanYiH0Oi580DxkoGszQP8
ZotApJbMzhqX/SZv/5pub5PCr5dZaWIagPHKVqkEmqC0C3PIgU4O
-----END CERTIFICATE-----
Generated at Fri Jan 26 13:09:39 2024 by rpki-client on console-ams.rpki-client.org