Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/b54ca3-73d5-4984-8782-9e0aed2fb8ec/1/VPeuTfM5NcwL6GPomKBCGHUi4n0.roa
File: VPeuTfM5NcwL6GPomKBCGHUi4n0.roa (raw, json)
Hash identifier: lOG+0yGOwewBOOiJW/voI215TWnXSWPCqOqeIdmR6Wk=
Subject key identifier: 54:F7:AE:4D:F3:39:35:CC:0B:E8:63:E8:98:A0:42:18:75:22:E2:7D
Certificate issuer: /CN=c8d5e37178d8524c72660a1d796165999e586622
Certificate serial: 018D8370E745EC4FC2380240238B5EE18B5C
Authority key identifier: C8:D5:E3:71:78:D8:52:4C:72:66:0A:1D:79:61:65:99:9E:58:66:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yNXjcXjYUkxyZgodeWFlmZ5YZiI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/b54ca3-73d5-4984-8782-9e0aed2fb8ec/1/VPeuTfM5NcwL6GPomKBCGHUi4n0.roa
Signing time: Wed 07 Feb 2024 12:00:30 +0000
ROA not before: Wed 07 Feb 2024 12:00:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2.57.180.0/22 maxlen: 24
2.59.116.0/24 maxlen: 24
45.12.44.0/22 maxlen: 24
45.15.52.0/22 maxlen: 22
45.67.44.0/22 maxlen: 22
45.86.192.0/22 maxlen: 22
45.95.140.0/22 maxlen: 24
45.130.204.0/22 maxlen: 24
45.136.60.0/22 maxlen: 24
45.145.192.0/22 maxlen: 24
45.151.204.0/22 maxlen: 24
91.225.0.0/24 maxlen: 24
91.227.240.0/23 maxlen: 23
94.142.164.0/22 maxlen: 22
185.39.11.0/24 maxlen: 24
185.57.176.0/22 maxlen: 22
185.232.89.0/24 maxlen: 24
193.3.158.0/24 maxlen: 24
195.244.14.0/23 maxlen: 23
Validation: Failed, certificate revoked on Fri 16 Feb 2024 07:05:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:83:70:e7:45:ec:4f:c2:38:02:40:23:8b:5e:e1:8b:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8d5e37178d8524c72660a1d796165999e586622
Validity
Not Before: Feb 7 12:00:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=54f7ae4df33935cc0be863e898a042187522e27d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:41:61:51:b7:c8:29:56:8a:68:a8:3b:80:00:
86:b0:b1:cf:9b:c9:ab:4d:b9:35:18:70:44:7a:d1:
4f:ac:70:3e:46:37:b3:3e:9a:ea:ca:bd:f1:7a:78:
00:0e:3f:1e:75:b9:82:d7:9b:b3:65:f4:5d:7c:bf:
83:17:d3:86:74:f7:97:69:3b:30:b4:20:ec:79:69:
5f:7c:c9:b8:73:a3:70:df:06:69:80:6e:4d:5c:83:
f8:d8:c7:77:0a:d1:48:28:8c:ef:6e:29:ce:4c:de:
8d:e6:f5:6c:32:1a:71:31:26:0f:38:e8:01:06:aa:
75:62:77:24:09:92:a0:7e:a3:b5:3c:b5:db:c7:be:
4d:80:dc:42:a8:ce:cc:a6:c0:c4:ae:e3:d5:2a:e7:
90:5a:ad:62:35:be:4d:72:af:4c:d4:68:c1:83:4c:
fb:4c:53:c1:6b:9c:61:a1:f1:9c:da:ee:bc:c8:1a:
65:77:55:18:e0:40:da:47:f2:60:7f:b6:40:6c:02:
9c:66:cb:1e:7a:b9:d9:7d:4b:e9:78:9c:da:25:75:
d7:cc:e7:aa:7a:ab:f7:0c:37:28:54:05:26:6e:5b:
c0:f1:1d:58:0d:76:40:84:b1:c8:07:24:b5:bf:5c:
c6:7f:2b:6c:0f:59:b7:4c:0c:39:8b:84:88:6c:ec:
d3:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:F7:AE:4D:F3:39:35:CC:0B:E8:63:E8:98:A0:42:18:75:22:E2:7D
X509v3 Authority Key Identifier:
keyid:C8:D5:E3:71:78:D8:52:4C:72:66:0A:1D:79:61:65:99:9E:58:66:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yNXjcXjYUkxyZgodeWFlmZ5YZiI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/b54ca3-73d5-4984-8782-9e0aed2fb8ec/1/VPeuTfM5NcwL6GPomKBCGHUi4n0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/b54ca3-73d5-4984-8782-9e0aed2fb8ec/1/yNXjcXjYUkxyZgodeWFlmZ5YZiI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.180.0/22
2.59.116.0/24
45.12.44.0/22
45.15.52.0/22
45.67.44.0/22
45.86.192.0/22
45.95.140.0/22
45.130.204.0/22
45.136.60.0/22
45.145.192.0/22
45.151.204.0/22
91.225.0.0/24
91.227.240.0/23
94.142.164.0/22
185.39.11.0/24
185.57.176.0/22
185.232.89.0/24
193.3.158.0/24
195.244.14.0/23
Signature Algorithm: sha256WithRSAEncryption
4b:85:15:b1:7a:b1:3d:95:43:c5:bd:ca:eb:40:4f:57:70:7b:
d8:45:95:17:d4:bc:e2:0b:b2:2e:22:5f:3e:a5:e4:14:ee:2a:
0e:34:69:26:66:f4:d6:f3:1b:8b:b6:f3:07:1e:fc:4e:f1:63:
35:a2:bc:df:49:20:d1:28:a1:2d:75:65:ee:4e:71:ca:b3:7a:
3e:03:6a:e3:13:88:b5:83:e4:cd:56:23:a7:dd:63:31:f7:69:
8d:65:14:61:d7:00:94:13:20:99:77:70:27:d2:ac:47:01:77:
51:b9:9f:aa:5b:6d:24:5b:bd:e3:85:01:cc:60:5b:16:a9:92:
6c:e6:f2:e8:9b:71:d2:b3:f0:c5:6a:03:93:f1:ac:2f:1d:c5:
e9:a0:b5:7c:2d:88:4c:c6:62:d9:17:1b:54:81:64:7c:a4:6f:
2b:31:26:c2:24:7e:86:58:03:47:eb:62:a5:6c:a3:54:0e:72:
bf:88:5b:89:03:02:97:8c:99:e7:3f:d1:13:5d:c9:3e:07:30:
4b:2f:a2:3d:02:fc:de:9e:bc:ca:1c:6c:e0:ae:2c:78:da:30:
e3:ff:17:a7:11:41:e1:5b:dc:e6:8e:22:60:7e:6b:d6:bf:c9:
91:15:71:0a:9d:0f:83:0b:52:95:6b:9c:f4:50:8c:03:e4:a7:
4e:82:4c:e9
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAY2DcOdF7E/COAJAI4te4YtcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ZDVlMzcxNzhkODUyNGM3MjY2MGExZDc5NjE2NTk5OWU1
ODY2MjIwHhcNMjQwMjA3MTIwMDMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NGY3YWU0ZGYzMzkzNWNjMGJlODYzZTg5OGEwNDIxODc1MjJlMjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmEFhUbfIKVaKaKg7gACGsLHPm8mr
Tbk1GHBEetFPrHA+RjezPprqyr3xengADj8edbmC15uzZfRdfL+DF9OGdPeXaTsw
tCDseWlffMm4c6Nw3wZpgG5NXIP42Md3CtFIKIzvbinOTN6N5vVsMhpxMSYPOOgB
Bqp1YnckCZKgfqO1PLXbx75NgNxCqM7MpsDEruPVKueQWq1iNb5Ncq9M1GjBg0z7
TFPBa5xhofGc2u68yBpld1UY4EDaR/Jgf7ZAbAKcZsseernZfUvpeJzaJXXXzOeq
eqv3DDcoVAUmblvA8R1YDXZAhLHIByS1v1zGfytsD1m3TAw5i4SIbOzTdwIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFFT3rk3zOTXMC+hj6JigQhh1IuJ9MB8GA1UdIwQY
MBaAFMjV43F42FJMcmYKHXlhZZmeWGYiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveU5YamNYallVa3h5WmdvZGVXRmxtWjVZWmlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9iNTRjYTMtNzNkNS00OTg0LTg3ODIt
OWUwYWVkMmZiOGVjLzEvVlBldVRmTTVOY3dMNkdQb21LQkNHSFVpNG4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9iNTRjYTMtNzNkNS00OTg0LTg3ODItOWUwYWVkMmZiOGVj
LzEveU5YamNYallVa3h5WmdvZGVXRmxtWjVZWmlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHoweAQCAAEwcgMEAgI5tAME
AAI7dAMEAi0MLAMEAi0PNAMEAi1DLAMEAi1WwAMEAi1fjAMEAi2CzAMEAi2IPAME
Ai2RwAMEAi2XzAMEAFvhAAMEAVvj8AMEAl6OpAMEALknCwMEArk5sAMEALnoWQME
AMEDngMEAcP0DjANBgkqhkiG9w0BAQsFAAOCAQEAS4UVsXqxPZVDxb3K60BPV3B7
2EWVF9S84guyLiJfPqXkFO4qDjRpJmb01vMbi7bzBx78TvFjNaK830kg0SihLXVl
7k5xyrN6PgNq4xOItYPkzVYjp91jMfdpjWUUYdcAlBMgmXdwJ9KsRwF3Ubmfqltt
JFu944UBzGBbFqmSbOby6Jtx0rPwxWoDk/GsLx3F6aC1fC2ITMZi2RcbVIFkfKRv
KzEmwiR+hlgDR+tipWyjVA5yv4hbiQMCl4yZ5z/RE13JPgcwSy+iPQL83p68yhxs
4K4seNow4/8XpxFB4Vvc5o4iYH5r1r/JkRVxCp0PgwtSlWuc9FCMA+SnToJM6Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:31 2024 by rpki-client on console-fra.rpki-client.org