Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/VY7I6_CBQHo1iykX7URjOLniRMA.roa
File: VY7I6_CBQHo1iykX7URjOLniRMA.roa (raw, json)
Hash identifier: QeKqZDoEzoHCD0168c2xr/LuluzWWPWI2Mm+uG0MhG8=
Subject key identifier: 55:8E:C8:EB:F0:81:40:7A:35:8B:29:17:ED:44:63:38:B9:E2:44:C0
Certificate issuer: /CN=3aba1172472ea80265d12982967de0a8b0bc5901
Certificate serial: 018A3B7BBCBDC20AFD9DE88E87F30B69544C
Authority key identifier: 3A:BA:11:72:47:2E:A8:02:65:D1:29:82:96:7D:E0:A8:B0:BC:59:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OroRckcuqAJl0SmCln3gqLC8WQE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/VY7I6_CBQHo1iykX7URjOLniRMA.roa
Signing time: Mon 28 Aug 2023 09:31:19 +0000
ROA not before: Mon 28 Aug 2023 09:31:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201942
IP address blocks: 185.58.196.0/22 maxlen: 22
185.119.112.0/22 maxlen: 22
195.184.72.0/24 maxlen: 24
45.130.16.0/22 maxlen: 22
193.56.3.0/24 maxlen: 24
46.226.144.0/21 maxlen: 21
195.182.205.0/24 maxlen: 24
193.163.117.0/24 maxlen: 24
193.46.216.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:3b:7b:bc:bd:c2:0a:fd:9d:e8:8e:87:f3:0b:69:54:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3aba1172472ea80265d12982967de0a8b0bc5901
Validity
Not Before: Aug 28 09:31:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=558ec8ebf081407a358b2917ed446338b9e244c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:36:b7:85:16:fd:bc:0d:63:7b:31:bc:2e:9d:
d4:1d:8d:90:3d:c5:66:05:30:ef:42:9b:47:39:33:
32:76:8f:2a:3c:08:2e:ed:a4:a4:ee:cd:bf:15:24:
a0:3f:58:68:a2:f5:ae:bc:4d:5d:b0:55:3f:14:66:
53:8a:68:da:9c:cd:7b:b4:90:b2:41:01:52:74:9f:
8f:83:be:2f:76:8a:4d:73:5d:84:fd:3a:34:d4:a4:
e9:67:2f:96:33:42:0a:20:a1:14:00:e5:ff:a2:27:
b8:93:53:c5:05:14:de:bd:89:ac:a1:3d:93:24:95:
5d:2e:05:2e:ff:6f:cb:99:26:d6:9a:59:25:18:2c:
f0:ea:f6:09:7b:c7:93:4a:50:04:b6:28:0f:08:ca:
9b:b5:63:2d:0d:eb:5d:60:b3:b6:7f:1b:15:db:67:
75:27:80:4f:c8:3b:45:98:26:57:89:11:26:ee:a7:
47:69:76:4e:30:63:df:8c:d6:4e:2b:55:6a:d9:db:
e3:9d:31:9b:9e:95:14:95:1f:90:d2:89:ff:c8:b5:
93:fc:a2:3a:ab:3b:1b:65:da:61:9c:bb:fd:87:58:
75:4d:a4:16:f0:19:44:ee:03:52:ac:1b:b5:d5:2d:
04:e9:51:6d:b3:eb:91:f9:89:10:00:d6:6f:88:ed:
b8:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:8E:C8:EB:F0:81:40:7A:35:8B:29:17:ED:44:63:38:B9:E2:44:C0
X509v3 Authority Key Identifier:
keyid:3A:BA:11:72:47:2E:A8:02:65:D1:29:82:96:7D:E0:A8:B0:BC:59:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OroRckcuqAJl0SmCln3gqLC8WQE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/VY7I6_CBQHo1iykX7URjOLniRMA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/OroRckcuqAJl0SmCln3gqLC8WQE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.16.0/22
46.226.144.0/21
185.58.196.0/22
185.119.112.0/22
193.46.216.0/24
193.56.3.0/24
193.163.117.0/24
195.182.205.0/24
195.184.72.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:26:af:7b:a7:da:78:54:14:07:92:d1:23:c0:f0:c3:68:34:
1d:79:0b:06:8c:a6:93:13:3e:62:b3:73:c4:2a:67:1a:2a:3f:
8a:0a:2d:44:f2:50:94:da:36:15:28:9d:e1:26:c1:64:45:c2:
55:32:e6:e4:18:04:e8:a7:1a:0f:81:41:8d:46:97:98:91:50:
cb:6e:74:09:00:59:27:22:f8:e1:ee:04:d1:c6:76:55:8a:b8:
29:7b:ec:c5:6e:1a:c8:8c:f4:44:c5:1a:1c:e2:9f:1e:d0:ed:
fb:f1:33:b1:43:63:52:9f:4a:d2:12:ba:e6:52:ed:6a:34:f8:
b2:cf:a2:5e:bf:3b:59:41:1a:9d:3e:1e:2f:0f:f7:49:16:6c:
4b:f3:1b:f0:8d:3c:83:41:c0:5a:ce:6f:51:11:71:99:be:40:
e8:5f:e2:21:a0:e1:3e:1f:40:73:ec:b8:bb:6e:a9:c3:12:0f:
4b:e2:85:6d:24:42:c2:75:66:6f:09:cf:4c:86:7c:ea:94:d4:
23:26:88:ba:23:12:22:57:97:16:3f:c0:b2:af:46:f0:3b:9f:
58:09:28:80:13:67:a3:da:93:7b:a7:58:10:9c:bc:6a:58:c0:
52:53:21:a2:07:49:46:21:95:05:b3:2b:c3:f0:fa:fc:e2:bf:
c4:30:9a:09
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYo7e7y9wgr9neiOh/MLaVRMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhYmExMTcyNDcyZWE4MDI2NWQxMjk4Mjk2N2RlMGE4YjBi
YzU5MDEwHhcNMjMwODI4MDkzMTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NThlYzhlYmYwODE0MDdhMzU4YjI5MTdlZDQ0NjMzOGI5ZTI0NGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgTa3hRb9vA1jezG8Lp3UHY2QPcVm
BTDvQptHOTMydo8qPAgu7aSk7s2/FSSgP1hoovWuvE1dsFU/FGZTimjanM17tJCy
QQFSdJ+Pg74vdopNc12E/To01KTpZy+WM0IKIKEUAOX/oie4k1PFBRTevYmsoT2T
JJVdLgUu/2/LmSbWmlklGCzw6vYJe8eTSlAEtigPCMqbtWMtDetdYLO2fxsV22d1
J4BPyDtFmCZXiREm7qdHaXZOMGPfjNZOK1Vq2dvjnTGbnpUUlR+Q0on/yLWT/KI6
qzsbZdphnLv9h1h1TaQW8BlE7gNSrBu11S0E6VFts+uR+YkQANZviO24XwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFFWOyOvwgUB6NYspF+1EYzi54kTAMB8GA1UdIwQY
MBaAFDq6EXJHLqgCZdEpgpZ94KiwvFkBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3JvUmNrY3VxQUpsMFNtQ2xuM2dxTEM4V1FFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My83YjFjNTUtZGRkMC00MjgxLTgzNzgt
NGRkMDQzNDZhYmMzLzEvVlk3STZfQ0JRSG8xaXlrWDdVUmpPTG5pUk1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My83YjFjNTUtZGRkMC00MjgxLTgzNzgtNGRkMDQzNDZhYmMz
LzEvT3JvUmNrY3VxQUpsMFNtQ2xuM2dxTEM4V1FFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQCLYIQAwQD
LuKQAwQCuTrEAwQCuXdwAwQAwS7YAwQAwTgDAwQAwaN1AwQAw7bNAwQAw7hIMA0G
CSqGSIb3DQEBCwUAA4IBAQA/Jq97p9p4VBQHktEjwPDDaDQdeQsGjKaTEz5is3PE
KmcaKj+KCi1E8lCU2jYVKJ3hJsFkRcJVMubkGATopxoPgUGNRpeYkVDLbnQJAFkn
Ivjh7gTRxnZVirgpe+zFbhrIjPRExRoc4p8e0O378TOxQ2NSn0rSErrmUu1qNPiy
z6JevztZQRqdPh4vD/dJFmxL8xvwjTyDQcBazm9REXGZvkDoX+IhoOE+H0Bz7Li7
bqnDEg9L4oVtJELCdWZvCc9MhnzqlNQjJoi6IxIiV5cWP8Cyr0bwO59YCSiAE2ej
2pN7p1gQnLxqWMBSUyGiB0lGIZUFsyvD8Pr84r/EMJoJ
-----END CERTIFICATE-----
Generated at Fri Oct 6 11:59:32 2023 by rpki-client on console-fra.rpki-client.org