Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/Vni_7cfTWHAFYUHgdKSlQjNWTvU.roa
File: Vni_7cfTWHAFYUHgdKSlQjNWTvU.roa (raw, json)
Hash identifier: 44JmQzTin7JP2vR6dThDoFLkAsOH5RMyGREK+pxX5rA=
Subject key identifier: 56:78:BF:ED:C7:D3:58:70:05:61:41:E0:74:A4:A5:42:33:56:4E:F5
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 01856F1DD6CF9872CD52FA4F2C40DE0417B8
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/Vni_7cfTWHAFYUHgdKSlQjNWTvU.roa
Signing time: Sun 01 Jan 2023 20:55:04 +0000
ROA not before: Sun 01 Jan 2023 20:55:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61138
IP address blocks: 45.147.50.0/24 maxlen: 24
80.66.198.0/24 maxlen: 24
141.98.199.0/24 maxlen: 24
94.124.118.0/24 maxlen: 24
185.200.65.0/24 maxlen: 24
185.200.67.0/24 maxlen: 24
149.62.45.0/24 maxlen: 24
45.143.232.0/24 maxlen: 24
185.194.55.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:d6:cf:98:72:cd:52:fa:4f:2c:40:de:04:17:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Jan 1 20:55:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5678bfedc7d35870056141e074a4a54233564ef5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:8f:65:1c:7f:6a:d9:47:2c:ec:b0:50:11:16:
96:52:9b:58:7e:6f:ad:fb:c3:a7:a5:19:45:98:a4:
56:d9:27:e2:d0:89:77:e8:4c:e7:84:c9:a5:e0:29:
e3:43:55:50:72:a0:30:19:56:96:d6:98:fc:3b:53:
bd:d2:0f:df:56:5f:b1:76:28:f5:d3:18:93:1e:bb:
44:27:f1:40:e6:e5:22:50:74:af:b3:a1:a5:b4:29:
0e:3c:ce:eb:8e:15:11:38:7d:ea:de:51:d4:3b:70:
44:43:7f:b2:55:ec:e7:ae:be:05:e0:21:d1:8f:78:
bf:57:10:49:92:5c:74:5d:12:c9:f5:ff:6c:4d:03:
e8:60:bd:4e:ac:fb:0a:e5:f8:b3:fa:b0:cf:e7:97:
6f:e1:1b:e0:7a:ea:6e:af:fc:e3:12:79:9a:98:26:
08:ab:18:6a:46:7e:28:7c:fd:17:a4:b7:e6:0d:b8:
e5:78:6d:cd:64:16:a7:9a:19:76:e3:4e:82:07:5c:
60:6a:8c:b1:cc:84:81:44:ef:5e:35:92:4f:0f:16:
a1:65:0d:c2:30:12:2c:e9:c2:64:e9:66:ad:8d:21:
cc:7f:3f:b0:26:f0:74:91:eb:7c:30:50:51:b6:bc:
56:cd:8d:1c:c3:ea:be:6c:97:06:0b:ce:26:12:87:
2e:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:78:BF:ED:C7:D3:58:70:05:61:41:E0:74:A4:A5:42:33:56:4E:F5
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/Vni_7cfTWHAFYUHgdKSlQjNWTvU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.232.0/24
45.147.50.0/24
80.66.198.0/24
94.124.118.0/24
141.98.199.0/24
149.62.45.0/24
185.194.55.0/24
185.200.65.0/24
185.200.67.0/24
Signature Algorithm: sha256WithRSAEncryption
69:8e:ee:f8:15:ad:87:39:ce:c4:9d:a7:ae:83:03:77:cf:b9:
c1:9e:9c:20:25:8d:64:38:ba:59:35:b6:ca:b1:c5:9d:60:b2:
50:a5:a9:c9:6b:ea:06:5d:65:d4:7d:4d:49:ec:b7:7e:4a:7a:
4b:31:73:18:24:ab:8f:6f:d2:06:fd:78:d2:79:3c:70:62:81:
d8:fe:78:49:9d:19:8b:d0:76:c9:4a:cb:43:e1:5f:1d:61:70:
4c:a1:28:19:38:7b:c5:eb:d4:e9:ee:a0:00:e7:e7:12:03:45:
c0:60:07:52:2e:5c:8c:e6:27:4a:0a:af:8a:36:14:84:58:03:
31:42:cd:e0:6e:93:5f:62:89:62:d3:80:e0:5f:26:de:66:eb:
96:38:60:33:23:90:5b:11:a9:55:54:91:28:95:48:2e:39:7e:
33:d1:c2:09:4c:84:f4:43:5b:0b:0a:f9:2d:cb:0f:14:ce:9a:
fc:d4:df:57:ac:cf:a3:68:81:a2:2c:b3:0c:eb:f6:23:62:df:
16:0d:95:97:0d:02:10:76:0b:1d:f7:a3:b4:79:c2:40:7d:10:
a1:ff:09:d3:b2:2c:2e:c9:bd:a4:68:07:58:4c:c3:db:07:e1:
dc:d0:53:3e:45:f7:3c:6b:60:22:af:05:08:4a:94:e5:d0:62:
f1:61:3d:27
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYVvHdbPmHLNUvpPLEDeBBe4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjMwMTAxMjA1NTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Njc4YmZlZGM3ZDM1ODcwMDU2MTQxZTA3NGE0YTU0MjMzNTY0ZWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArI9lHH9q2Ucs7LBQERaWUptYfm+t
+8OnpRlFmKRW2Sfi0Il36EznhMml4CnjQ1VQcqAwGVaW1pj8O1O90g/fVl+xdij1
0xiTHrtEJ/FA5uUiUHSvs6GltCkOPM7rjhUROH3q3lHUO3BEQ3+yVeznrr4F4CHR
j3i/VxBJklx0XRLJ9f9sTQPoYL1OrPsK5fiz+rDP55dv4Rvgeupur/zjEnmamCYI
qxhqRn4ofP0XpLfmDbjleG3NZBanmhl2406CB1xgaoyxzISBRO9eNZJPDxahZQ3C
MBIs6cJk6WatjSHMfz+wJvB0ket8MFBRtrxWzY0cw+q+bJcGC84mEocuVwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFFZ4v+3H01hwBWFB4HSkpUIzVk71MB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvVm5pXzdjZlRXSEFGWVVIZ2RLU2xRak5XVHZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQALY/oAwQA
LZMyAwQAUELGAwQAXnx2AwQAjWLHAwQAlT4tAwQAucI3AwQAuchBAwQAuchDMA0G
CSqGSIb3DQEBCwUAA4IBAQBpju74Fa2HOc7EnaeugwN3z7nBnpwgJY1kOLpZNbbK
scWdYLJQpanJa+oGXWXUfU1J7Ld+SnpLMXMYJKuPb9IG/XjSeTxwYoHY/nhJnRmL
0HbJSstD4V8dYXBMoSgZOHvF69Tp7qAA5+cSA0XAYAdSLlyM5idKCq+KNhSEWAMx
Qs3gbpNfYoli04DgXybeZuuWOGAzI5BbEalVVJEolUguOX4z0cIJTIT0Q1sLCvkt
yw8Uzpr81N9XrM+jaIGiLLMM6/YjYt8WDZWXDQIQdgsd96O0ecJAfRCh/wnTsiwu
yb2kaAdYTMPbB+Hc0FM+Rfc8a2AirwUISpTl0GLxYT0n
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:59 2023 by rpki-client on console-fra.rpki-client.org