Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/e112fc-05ef-4f1f-85be-7c9e684ccce2/1/VtkJizS8p7cds7RKgAcryl6mKKU.roa
File: VtkJizS8p7cds7RKgAcryl6mKKU.roa (raw, json)
Hash identifier: blQVK2uS2XRHIc4e9/OcJ7MD9l3AXS6ft/Uu9vXzKr0=
Subject key identifier: 56:D9:09:8B:34:BC:A7:B7:1D:B3:B4:4A:80:07:2B:CA:5E:A6:28:A5
Certificate issuer: /CN=0ae427101cb2e2bd565084de6471f6eb48d24f96
Certificate serial: 018CC94DA6E6000B89FC9B6AC14719AC906C
Authority key identifier: 0A:E4:27:10:1C:B2:E2:BD:56:50:84:DE:64:71:F6:EB:48:D2:4F:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CuQnEByy4r1WUITeZHH260jST5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/e112fc-05ef-4f1f-85be-7c9e684ccce2/1/VtkJizS8p7cds7RKgAcryl6mKKU.roa
Signing time: Tue 02 Jan 2024 08:32:38 +0000
ROA not before: Tue 02 Jan 2024 08:32:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205367
IP address blocks: 185.220.181.0/24 maxlen: 24
185.220.180.0/24 maxlen: 24
185.220.183.0/24 maxlen: 24
185.220.180.0/22 maxlen: 22
185.220.182.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:47:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:a6:e6:00:0b:89:fc:9b:6a:c1:47:19:ac:90:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ae427101cb2e2bd565084de6471f6eb48d24f96
Validity
Not Before: Jan 2 08:32:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=56d9098b34bca7b71db3b44a80072bca5ea628a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:91:42:e6:b4:99:57:85:f5:86:b6:b2:cd:31:
d7:3b:76:4a:13:b6:09:9e:f8:2a:52:3d:74:cc:fa:
63:b9:fd:05:f4:6a:6f:d6:bd:b9:f0:cf:da:11:f8:
01:8b:a1:81:21:e9:c8:7d:b1:a6:b9:e1:23:26:ac:
57:74:0c:4c:31:34:61:24:86:03:62:26:4d:83:09:
80:86:d0:19:89:5c:4f:0c:76:49:36:25:2d:77:9d:
a3:11:78:f3:04:cf:7c:54:f7:25:3b:91:ba:4a:13:
53:80:fa:85:ce:a1:42:f9:76:19:8e:71:d3:26:0e:
d1:19:f4:25:6d:07:b0:fe:7b:4d:00:77:ce:8e:ff:
7b:21:34:b0:ab:b1:91:d0:dc:2a:b2:27:28:19:34:
ba:bf:7f:02:41:0f:a0:a6:42:df:3d:10:ea:7b:c9:
5a:e0:9a:cd:8e:22:c8:0f:81:05:d9:9b:1e:64:e5:
d7:78:e0:a4:71:e3:6a:90:7f:93:46:d0:49:e0:e8:
2b:4a:e1:f3:63:88:0e:59:12:66:e5:36:bc:eb:ce:
ad:df:fe:20:d0:05:96:a0:3f:d7:ee:f6:a0:7d:aa:
80:a4:fb:2b:6c:65:08:25:77:8a:73:6d:20:2f:85:
64:f0:c0:86:53:af:b4:0a:d9:d7:da:33:38:b7:5c:
fd:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:D9:09:8B:34:BC:A7:B7:1D:B3:B4:4A:80:07:2B:CA:5E:A6:28:A5
X509v3 Authority Key Identifier:
keyid:0A:E4:27:10:1C:B2:E2:BD:56:50:84:DE:64:71:F6:EB:48:D2:4F:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CuQnEByy4r1WUITeZHH260jST5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/e112fc-05ef-4f1f-85be-7c9e684ccce2/1/VtkJizS8p7cds7RKgAcryl6mKKU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/e112fc-05ef-4f1f-85be-7c9e684ccce2/1/CuQnEByy4r1WUITeZHH260jST5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.180.0/22
Signature Algorithm: sha256WithRSAEncryption
07:9d:8c:9a:74:49:bf:72:a6:3b:7f:27:70:0d:c5:ec:5e:87:
c1:14:f4:fc:cb:5c:29:73:96:0a:eb:35:db:f6:ca:08:99:ff:
c9:7a:f9:86:67:db:45:e8:9d:fe:4d:13:f1:53:8f:3b:34:ff:
46:66:ee:5e:13:18:20:43:93:86:69:2f:ef:94:6c:a7:f0:73:
e7:b3:67:c2:f0:2c:9c:5f:d6:32:61:2f:58:b1:d2:45:30:3d:
30:33:22:fb:b5:a5:ce:2b:a8:2b:3b:6c:61:03:c4:49:33:96:
83:25:33:73:d9:9b:9e:f7:46:4d:b6:16:6e:cf:17:30:fa:35:
ab:4c:4c:e9:ae:c0:c2:3f:40:b9:b6:03:8d:9a:b5:51:2e:d2:
fb:a0:5c:b8:02:20:e9:d0:00:c7:79:f3:75:3d:4a:dd:af:d1:
82:92:a8:06:72:d1:29:1b:62:63:3b:0c:8a:d6:d5:43:9f:2e:
54:5a:63:3a:4e:c8:53:f6:e0:11:2e:dd:5b:56:f5:29:4b:bd:
73:5d:99:76:62:e7:03:a3:ef:d7:d9:2a:77:36:eb:4e:5a:87:
8d:41:50:70:3a:5a:77:52:c0:8c:41:5a:16:ea:d8:10:6e:f8:
0d:90:a1:6f:35:b7:2e:a9:02:ed:a8:25:00:0a:be:29:f7:86:
85:0b:83:dc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTabmAAuJ/JtqwUcZrJBsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhZTQyNzEwMWNiMmUyYmQ1NjUwODRkZTY0NzFmNmViNDhk
MjRmOTYwHhcNMjQwMTAyMDgzMjM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmQ5MDk4YjM0YmNhN2I3MWRiM2I0NGE4MDA3MmJjYTVlYTYyOGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl5FC5rSZV4X1hrayzTHXO3ZKE7YJ
nvgqUj10zPpjuf0F9Gpv1r258M/aEfgBi6GBIenIfbGmueEjJqxXdAxMMTRhJIYD
YiZNgwmAhtAZiVxPDHZJNiUtd52jEXjzBM98VPclO5G6ShNTgPqFzqFC+XYZjnHT
Jg7RGfQlbQew/ntNAHfOjv97ITSwq7GR0NwqsicoGTS6v38CQQ+gpkLfPRDqe8la
4JrNjiLID4EF2ZseZOXXeOCkceNqkH+TRtBJ4OgrSuHzY4gOWRJm5Ta8686t3/4g
0AWWoD/X7vagfaqApPsrbGUIJXeKc20gL4Vk8MCGU6+0CtnX2jM4t1z9DwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFbZCYs0vKe3HbO0SoAHK8pepiilMB8GA1UdIwQY
MBaAFArkJxAcsuK9VlCE3mRx9utI0k+WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3VRbkVCeXk0cjFXVUlUZVpISDI2MGpTVDVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9lMTEyZmMtMDVlZi00ZjFmLTg1YmUt
N2M5ZTY4NGNjY2UyLzEvVnRrSml6UzhwN2NkczdSS2dBY3J5bDZtS0tVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC9lMTEyZmMtMDVlZi00ZjFmLTg1YmUtN2M5ZTY4NGNjY2Uy
LzEvQ3VRbkVCeXk0cjFXVUlUZVpISDI2MGpTVDVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudy0MA0G
CSqGSIb3DQEBCwUAA4IBAQAHnYyadEm/cqY7fydwDcXsXofBFPT8y1wpc5YK6zXb
9soImf/JevmGZ9tF6J3+TRPxU487NP9GZu5eExggQ5OGaS/vlGyn8HPns2fC8Cyc
X9YyYS9YsdJFMD0wMyL7taXOK6grO2xhA8RJM5aDJTNz2Zue90ZNthZuzxcw+jWr
TEzprsDCP0C5tgONmrVRLtL7oFy4AiDp0ADHefN1PUrdr9GCkqgGctEpG2JjOwyK
1tVDny5UWmM6TshT9uARLt1bVvUpS71zXZl2YucDo+/X2Sp3NutOWoeNQVBwOlp3
UsCMQVoW6tgQbvgNkKFvNbcuqQLtqCUACr4p94aFC4Pc
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:15:05 2025 by rpki-client