Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/501f2b-fd1f-45ea-b494-d73dc4b41ce1/1/rrvqH8FkOgEAe2ljVUQoqKyOMgU.roa
File: rrvqH8FkOgEAe2ljVUQoqKyOMgU.roa (raw, json)
Hash identifier: YJR0ozhh4nw5862ARkRJ9w4uHX5VtCz/kppBRWze4bw=
Subject key identifier: AE:BB:EA:1F:C1:64:3A:01:00:7B:69:63:55:44:28:A8:AC:8E:32:05
Certificate issuer: /CN=bc464ba9d26385f54df6254ac248926d370445b0
Certificate serial: 018571F9FB5D615E626FC4D40BFF9A0CC734
Authority key identifier: BC:46:4B:A9:D2:63:85:F5:4D:F6:25:4A:C2:48:92:6D:37:04:45:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vEZLqdJjhfVN9iVKwkiSbTcERbA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/501f2b-fd1f-45ea-b494-d73dc4b41ce1/1/rrvqH8FkOgEAe2ljVUQoqKyOMgU.roa
Signing time: Mon 02 Jan 2023 10:14:46 +0000
ROA not before: Mon 02 Jan 2023 10:14:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202909
IP address blocks: 185.151.20.0/22 maxlen: 24
45.155.184.0/22 maxlen: 24
185.236.166.0/24 maxlen: 24
185.236.164.0/23 maxlen: 24
2a07:7540::/29 maxlen: 32
Validation: Failed, certificate revoked on Sun 03 Dec 2023 21:33:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:f9:fb:5d:61:5e:62:6f:c4:d4:0b:ff:9a:0c:c7:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc464ba9d26385f54df6254ac248926d370445b0
Validity
Not Before: Jan 2 10:14:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aebbea1fc1643a01007b6963554428a8ac8e3205
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:89:5b:d5:6d:e0:27:34:99:06:dc:3a:3d:04:
a3:1c:00:2a:ca:d6:ce:c7:3b:14:f4:9b:91:45:a2:
52:5a:0f:26:4a:ec:78:03:4b:69:50:a7:30:ab:9f:
1f:4a:e5:a6:e2:eb:21:5d:53:c3:52:3b:ce:e6:5c:
1b:c0:d7:ef:58:d7:50:af:a0:45:e7:e0:a4:ca:9d:
cd:55:ff:84:a6:8c:6d:e1:f8:ac:4f:f5:a3:69:ac:
7c:ca:d1:4c:df:b2:89:3c:4f:19:e6:09:ce:00:24:
74:f3:81:a5:34:95:f7:b4:cb:ce:9c:2c:82:92:c9:
3f:4e:53:0e:6b:94:11:e0:23:23:8e:28:56:70:7c:
1b:ae:4f:0a:2c:a4:a0:6c:82:da:26:f2:0a:d2:c2:
ed:88:5f:8f:c2:04:30:47:6e:1d:86:80:dc:b4:a0:
d2:a0:a2:43:05:4e:4f:98:ce:36:ae:a1:b4:12:5d:
50:73:a6:30:86:c4:63:25:f9:59:1c:d5:ad:e0:36:
3b:ae:43:63:27:8a:6e:9a:8d:f6:58:0c:11:a9:6f:
fa:ec:00:d5:1f:22:97:6e:91:7a:12:c9:24:5a:0a:
fa:57:02:ac:09:08:ca:b8:60:bc:a1:c2:28:fc:ae:
a0:5a:f5:72:8c:2b:f3:72:2c:86:58:b2:51:2e:65:
12:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:BB:EA:1F:C1:64:3A:01:00:7B:69:63:55:44:28:A8:AC:8E:32:05
X509v3 Authority Key Identifier:
keyid:BC:46:4B:A9:D2:63:85:F5:4D:F6:25:4A:C2:48:92:6D:37:04:45:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vEZLqdJjhfVN9iVKwkiSbTcERbA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/501f2b-fd1f-45ea-b494-d73dc4b41ce1/1/rrvqH8FkOgEAe2ljVUQoqKyOMgU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/501f2b-fd1f-45ea-b494-d73dc4b41ce1/1/vEZLqdJjhfVN9iVKwkiSbTcERbA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.184.0/22
185.151.20.0/22
185.236.164.0-185.236.166.255
IPv6:
2a07:7540::/29
Signature Algorithm: sha256WithRSAEncryption
72:3a:cd:65:4b:d5:4f:73:e9:7e:87:34:73:4d:7b:b0:69:d0:
ce:29:e7:c3:10:92:17:bb:f6:26:4a:c3:fe:bf:10:84:f5:d8:
ed:c3:cc:03:7a:d0:4b:01:8f:ea:6f:8c:33:b5:f0:db:e7:26:
7f:8a:6f:de:30:d0:06:7d:d5:b9:63:ea:d8:41:20:9f:8c:57:
d1:70:f5:53:21:f5:86:29:e1:14:62:06:24:97:bd:7f:a6:23:
00:15:b5:fa:51:39:60:01:ae:a8:38:94:f6:c9:8a:97:50:60:
91:99:26:70:35:49:8f:de:db:59:aa:b7:49:71:f1:df:84:78:
e6:f6:38:6d:41:eb:17:5d:27:31:9d:52:65:92:63:fa:0c:8d:
6a:69:c8:4b:fb:32:8c:86:b7:39:5b:ca:04:49:ab:22:11:2f:
e3:95:92:96:12:8e:92:7a:bd:7c:b2:f9:44:b6:ec:09:b4:f4:
66:c4:ad:9b:50:41:a5:60:c3:e6:f1:82:0a:74:3a:37:27:82:
6f:59:a9:1f:2b:01:09:f9:f6:62:29:2b:fc:53:87:e8:90:e0:
52:ee:75:ae:7d:35:cd:ba:10:a9:59:a7:4b:c8:29:eb:21:03:
43:c0:b2:47:15:99:e9:0d:25:5b:65:31:c0:8c:24:70:f1:a1:
c7:f5:fd:c1
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYVx+ftdYV5ib8TUC/+aDMc0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjNDY0YmE5ZDI2Mzg1ZjU0ZGY2MjU0YWMyNDg5MjZkMzcw
NDQ1YjAwHhcNMjMwMTAyMTAxNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWJiZWExZmMxNjQzYTAxMDA3YjY5NjM1NTQ0MjhhOGFjOGUzMjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiIlb1W3gJzSZBtw6PQSjHAAqytbO
xzsU9JuRRaJSWg8mSux4A0tpUKcwq58fSuWm4ushXVPDUjvO5lwbwNfvWNdQr6BF
5+Ckyp3NVf+Epoxt4fisT/Wjaax8ytFM37KJPE8Z5gnOACR084GlNJX3tMvOnCyC
ksk/TlMOa5QR4CMjjihWcHwbrk8KLKSgbILaJvIK0sLtiF+PwgQwR24dhoDctKDS
oKJDBU5PmM42rqG0El1Qc6YwhsRjJflZHNWt4DY7rkNjJ4pumo32WAwRqW/67ADV
HyKXbpF6EskkWgr6VwKsCQjKuGC8ocIo/K6gWvVyjCvzciyGWLJRLmUS1QIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFK676h/BZDoBAHtpY1VEKKisjjIFMB8GA1UdIwQY
MBaAFLxGS6nSY4X1TfYlSsJIkm03BEWwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkVaTHFkSmpoZlZOOWlWS3draVNiVGNFUmJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS81MDFmMmItZmQxZi00NWVhLWI0OTQt
ZDczZGM0YjQxY2UxLzEvcnJ2cUg4RmtPZ0VBZTJsalZVUW9xS3lPTWdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS81MDFmMmItZmQxZi00NWVhLWI0OTQtZDczZGM0YjQxY2Ux
LzEvdkVaTHFkSmpoZlZOOWlWS3draVNiVGNFUmJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQCLZu4AwQC
uZcUMAwDBAK57KQDBAC57KYwDQQCAAIwBwMFAyoHdUAwDQYJKoZIhvcNAQELBQAD
ggEBAHI6zWVL1U9z6X6HNHNNe7Bp0M4p58MQkhe79iZKw/6/EIT12O3DzAN60EsB
j+pvjDO18NvnJn+Kb94w0AZ91blj6thBIJ+MV9Fw9VMh9YYp4RRiBiSXvX+mIwAV
tfpROWABrqg4lPbJipdQYJGZJnA1SY/e21mqt0lx8d+EeOb2OG1B6xddJzGdUmWS
Y/oMjWppyEv7MoyGtzlbygRJqyIRL+OVkpYSjpJ6vXyy+US27Am09GbErZtQQaVg
w+bxggp0Ojcngm9ZqR8rAQn59mIpK/xTh+iQ4FLuda59Nc26EKlZp0vIKeshA0PA
skcVmekNJVtlMcCMJHDxocf1/cE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:58 2024 by rpki-client on console-fra.rpki-client.org