Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/d85a23-148a-4dbf-b2a3-4c26d020d425/1/VqNWM_ztoeDR5HWiHe1SiO_J0Qk.roa
File: VqNWM_ztoeDR5HWiHe1SiO_J0Qk.roa (raw, json)
Hash identifier: LdUuxFfMyBuB2oBB0U70jt9kxGZ5yKVbnZhzmIRFdP0=
Subject key identifier: 56:A3:56:33:FC:ED:A1:E0:D1:E4:75:A2:1D:ED:52:88:EF:C9:D1:09
Certificate issuer: /CN=c2b52ea3cabd146a577dfcdfb875ff5a357572d7
Certificate serial: 018DA7E1123D379CE520CE59F3114DE68BCF
Authority key identifier: C2:B5:2E:A3:CA:BD:14:6A:57:7D:FC:DF:B8:75:FF:5A:35:75:72:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wrUuo8q9FGpXffzfuHX_WjV1ctc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/d85a23-148a-4dbf-b2a3-4c26d020d425/1/VqNWM_ztoeDR5HWiHe1SiO_J0Qk.roa
Signing time: Wed 14 Feb 2024 13:49:21 +0000
ROA not before: Wed 14 Feb 2024 13:49:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204988
IP address blocks: 185.229.148.0/22 maxlen: 22
185.229.148.0/24 maxlen: 24
2a0d:9e00::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:47:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a7:e1:12:3d:37:9c:e5:20:ce:59:f3:11:4d:e6:8b:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2b52ea3cabd146a577dfcdfb875ff5a357572d7
Validity
Not Before: Feb 14 13:49:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=56a35633fceda1e0d1e475a21ded5288efc9d109
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:25:5b:17:2f:ff:21:21:39:43:65:8e:d2:56:
6a:e2:e1:71:7b:d7:c6:00:ea:a9:6f:53:4b:26:f7:
ee:2a:3e:8a:30:27:07:21:57:4c:d1:50:87:8b:d3:
e0:0e:c7:d6:0c:16:4d:32:72:13:e6:97:0c:cf:b4:
33:ce:6d:bf:9f:c7:b8:fa:44:fb:bf:67:92:31:29:
a2:af:26:09:d1:64:8c:dc:2e:01:42:ee:28:e1:58:
88:88:60:1e:5c:b3:2c:3b:c5:7c:04:b8:af:a3:48:
0a:df:04:da:a8:07:03:21:bf:49:49:73:45:22:c6:
8d:98:7d:94:dc:42:e4:a0:6f:e1:02:a3:5a:f5:d0:
c7:66:39:e3:83:c4:4b:a0:cb:b0:69:cd:79:20:70:
64:c4:28:ad:72:e4:6a:ec:45:41:8c:ce:6f:b8:44:
bf:b9:6c:bf:92:bb:1a:71:1b:e5:cb:aa:97:38:b9:
b6:73:02:93:63:b2:be:1d:23:77:09:08:22:e6:eb:
c0:49:7a:9e:e4:b6:88:7f:5c:c4:6f:4f:a4:23:a0:
ef:c3:06:31:c1:3c:dc:ce:2b:61:bb:25:3d:97:48:
39:5d:c1:1f:1f:c7:27:7a:3d:fa:31:5b:35:bb:72:
fb:39:9c:4f:0c:d0:f9:dc:17:2d:df:1c:f7:ec:b8:
1d:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:A3:56:33:FC:ED:A1:E0:D1:E4:75:A2:1D:ED:52:88:EF:C9:D1:09
X509v3 Authority Key Identifier:
keyid:C2:B5:2E:A3:CA:BD:14:6A:57:7D:FC:DF:B8:75:FF:5A:35:75:72:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wrUuo8q9FGpXffzfuHX_WjV1ctc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/d85a23-148a-4dbf-b2a3-4c26d020d425/1/VqNWM_ztoeDR5HWiHe1SiO_J0Qk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/d85a23-148a-4dbf-b2a3-4c26d020d425/1/wrUuo8q9FGpXffzfuHX_WjV1ctc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.229.148.0/22
IPv6:
2a0d:9e00::/29
Signature Algorithm: sha256WithRSAEncryption
be:cc:69:87:9f:08:f1:ca:7e:89:35:a9:28:16:25:e2:06:6c:
57:e5:63:b4:41:97:5f:c3:9a:1e:ff:bf:75:81:87:1e:9b:a1:
d0:a4:fd:5d:f3:8c:6f:74:65:ad:ea:42:6f:5f:06:1d:71:66:
6d:95:0c:2e:b1:27:3d:13:07:b5:ff:2b:f5:c1:9c:20:3c:29:
41:4a:b6:53:90:ca:b1:6f:38:0d:fe:79:b5:8c:a1:eb:56:d7:
60:59:c6:43:77:5a:8c:76:0a:eb:d6:cd:ae:70:57:e6:6b:27:
c0:3a:3b:75:98:90:25:4c:2d:6d:aa:29:dd:3e:03:b3:3e:61:
9d:37:c4:3a:ba:13:23:1c:4b:c2:d8:a2:43:d9:97:d7:ef:1b:
c8:ae:8b:9a:ed:a5:1f:69:7b:ff:64:35:88:7e:cf:d7:2b:90:
7e:43:bd:48:82:ef:e1:08:9f:08:35:14:1b:98:45:d7:7d:af:
b3:f5:ae:0b:d6:8f:88:f7:da:4b:43:6f:e7:45:e3:ec:3a:b6:
c8:d8:72:38:9e:1a:be:d4:61:a8:e6:4d:50:70:e8:7b:c0:0d:
9c:ce:52:14:a1:4a:f9:ac:68:86:75:c6:36:a4:2a:b0:2e:3a:
cb:f5:b3:9d:90:0f:61:7d:2f:f1:c0:62:48:e1:d1:9f:5f:e7:
67:84:39:c3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY2n4RI9N5zlIM5Z8xFN5ovPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyYjUyZWEzY2FiZDE0NmE1NzdkZmNkZmI4NzVmZjVhMzU3
NTcyZDcwHhcNMjQwMjE0MTM0OTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmEzNTYzM2ZjZWRhMWUwZDFlNDc1YTIxZGVkNTI4OGVmYzlkMTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiSVbFy//ISE5Q2WO0lZq4uFxe9fG
AOqpb1NLJvfuKj6KMCcHIVdM0VCHi9PgDsfWDBZNMnIT5pcMz7Qzzm2/n8e4+kT7
v2eSMSmiryYJ0WSM3C4BQu4o4ViIiGAeXLMsO8V8BLivo0gK3wTaqAcDIb9JSXNF
IsaNmH2U3ELkoG/hAqNa9dDHZjnjg8RLoMuwac15IHBkxCitcuRq7EVBjM5vuES/
uWy/krsacRvly6qXOLm2cwKTY7K+HSN3CQgi5uvASXqe5LaIf1zEb0+kI6DvwwYx
wTzczithuyU9l0g5XcEfH8cnej36MVs1u3L7OZxPDND53Bct3xz37LgdIQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFajVjP87aHg0eR1oh3tUojvydEJMB8GA1UdIwQY
MBaAFMK1LqPKvRRqV33837h1/1o1dXLXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3JVdW84cTlGR3BYZmZ6ZnVIWF9XalYxY3RjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC9kODVhMjMtMTQ4YS00ZGJmLWIyYTMt
NGMyNmQwMjBkNDI1LzEvVnFOV01fenRvZURSNUhXaUhlMVNpT19KMFFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC9kODVhMjMtMTQ4YS00ZGJmLWIyYTMtNGMyNmQwMjBkNDI1
LzEvd3JVdW84cTlGR3BYZmZ6ZnVIWF9XalYxY3RjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCueWUMA0E
AgACMAcDBQMqDZ4AMA0GCSqGSIb3DQEBCwUAA4IBAQC+zGmHnwjxyn6JNakoFiXi
BmxX5WO0QZdfw5oe/791gYcem6HQpP1d84xvdGWt6kJvXwYdcWZtlQwusSc9Ewe1
/yv1wZwgPClBSrZTkMqxbzgN/nm1jKHrVtdgWcZDd1qMdgrr1s2ucFfmayfAOjt1
mJAlTC1tqindPgOzPmGdN8Q6uhMjHEvC2KJD2ZfX7xvIroua7aUfaXv/ZDWIfs/X
K5B+Q71Igu/hCJ8INRQbmEXXfa+z9a4L1o+I99pLQ2/nRePsOrbI2HI4nhq+1GGo
5k1QcOh7wA2czlIUoUr5rGiGdcY2pCqwLjrL9bOdkA9hfS/xwGJI4dGfX+dnhDnD
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:00:35 2025 by rpki-client