Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/d899cc-5357-471a-bc1c-077bc8ba1e5d/1/VPSqpcNW8DGkeUlb0rXMHuR332E.roa
File: VPSqpcNW8DGkeUlb0rXMHuR332E.roa (raw, json)
Hash identifier: /RJIHYIckf/Q30fBcC65GQlO9OsX4+HABXPDGx517UU=
Subject key identifier: 54:F4:AA:A5:C3:56:F0:31:A4:79:49:5B:D2:B5:CC:1E:E4:77:DF:61
Certificate issuer: /CN=2b4e2d34ccee4576b5ce7605a084e6c08522c228
Certificate serial: 01856CEF3DC3AFC0F8911559D58B9F478598
Authority key identifier: 2B:4E:2D:34:CC:EE:45:76:B5:CE:76:05:A0:84:E6:C0:85:22:C2:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K04tNMzuRXa1znYFoITmwIUiwig.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/d899cc-5357-471a-bc1c-077bc8ba1e5d/1/VPSqpcNW8DGkeUlb0rXMHuR332E.roa
Signing time: Sun 01 Jan 2023 10:44:56 +0000
ROA not before: Sun 01 Jan 2023 10:44:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60501
IP address blocks: 45.129.160.0/22 maxlen: 22
81.16.220.0/22 maxlen: 22
212.102.98.0/24 maxlen: 24
2a0e:4cc0::/29 maxlen: 29
2a0f:c2c0::/29 maxlen: 29
2a0d:2640::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 25 Sep 2023 07:15:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ef:3d:c3:af:c0:f8:91:15:59:d5:8b:9f:47:85:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b4e2d34ccee4576b5ce7605a084e6c08522c228
Validity
Not Before: Jan 1 10:44:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=54f4aaa5c356f031a479495bd2b5cc1ee477df61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:3a:93:ed:0e:a2:34:2d:8f:34:f2:5a:7f:78:
07:c0:13:ab:05:83:e5:f3:6b:59:64:2e:c1:b6:fb:
d0:50:a1:28:ac:da:a6:a9:65:f9:7a:47:21:ed:c6:
6f:e1:af:b9:58:61:33:6e:b1:a3:59:dd:9c:d2:4c:
c0:19:40:26:ac:cb:62:46:01:e1:75:11:ca:c3:03:
7b:1f:49:39:c1:5a:8e:f1:c8:5d:c1:b8:50:34:e8:
81:42:f6:b8:98:9a:74:74:6b:1e:13:93:31:e6:d3:
9d:e0:71:af:c2:f0:ba:66:27:63:45:ef:1d:cb:ec:
05:7f:4c:b2:ef:87:08:eb:b5:04:75:97:d4:43:b0:
f9:a8:3e:3e:9a:53:75:7e:b6:76:0f:1e:30:6a:8b:
23:b9:8a:cf:df:33:28:dc:72:ec:2d:10:df:9c:6a:
a6:1d:6c:18:c2:27:38:db:54:48:01:97:10:b9:85:
15:57:00:38:89:bb:1e:01:a7:ff:1a:d2:87:aa:1c:
9d:16:c5:4c:b7:0e:05:19:9c:79:9d:5a:03:2f:a2:
5c:dc:11:ff:a4:b5:49:8f:6f:35:20:a4:e5:82:15:
85:fa:71:df:6c:48:0a:77:2b:fc:10:23:f7:da:49:
72:f5:d3:89:b0:3d:16:07:89:42:27:2f:b2:50:f8:
aa:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:F4:AA:A5:C3:56:F0:31:A4:79:49:5B:D2:B5:CC:1E:E4:77:DF:61
X509v3 Authority Key Identifier:
keyid:2B:4E:2D:34:CC:EE:45:76:B5:CE:76:05:A0:84:E6:C0:85:22:C2:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K04tNMzuRXa1znYFoITmwIUiwig.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/d899cc-5357-471a-bc1c-077bc8ba1e5d/1/VPSqpcNW8DGkeUlb0rXMHuR332E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/d899cc-5357-471a-bc1c-077bc8ba1e5d/1/K04tNMzuRXa1znYFoITmwIUiwig.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.160.0/22
81.16.220.0/22
212.102.98.0/24
IPv6:
2a0d:2640::/29
2a0e:4cc0::/29
2a0f:c2c0::/29
Signature Algorithm: sha256WithRSAEncryption
a0:54:3d:a6:01:fa:4b:cd:5f:af:e6:bf:44:c8:11:04:23:e5:
92:83:a4:1d:fa:4e:6e:84:ad:5c:4f:19:99:85:87:2e:56:c7:
a1:29:96:b9:bb:e2:ce:83:8a:89:a3:4b:c1:cf:ba:5b:ed:f4:
9d:43:06:24:5a:95:25:67:57:97:50:ed:fa:9c:81:d6:39:58:
80:78:ac:39:53:88:62:0b:30:39:ef:de:f7:7c:90:83:f5:9b:
00:d4:f3:b6:d7:7e:9d:b1:99:e1:b0:41:7d:6b:3c:c5:7b:5a:
bc:be:33:ce:51:f6:59:15:62:3a:55:86:b0:5c:2a:a4:98:25:
dc:0f:47:55:11:b8:5a:1d:5a:ea:dd:3f:39:69:a6:e3:44:db:
65:d9:3c:2b:fb:f0:2c:38:09:04:83:21:fc:95:f7:18:c3:83:
b6:24:c3:85:95:f5:7e:13:11:c3:6c:40:7c:60:53:ed:a6:58:
25:ad:cb:fa:f5:40:f1:5e:60:fa:f4:fd:00:28:0b:14:02:84:
e1:77:ac:aa:87:98:af:5a:9d:7d:c3:fe:27:7e:63:76:be:cf:
d6:d6:90:d9:12:71:ea:6d:4c:68:ec:1c:ce:90:ab:af:61:ab:
df:b6:c0:4a:b9:98:39:04:db:af:a2:45:ea:be:3c:69:aa:75:
ee:1e:71:1e
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYVs7z3Dr8D4kRVZ1YufR4WYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiNGUyZDM0Y2NlZTQ1NzZiNWNlNzYwNWEwODRlNmMwODUy
MmMyMjgwHhcNMjMwMTAxMTA0NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NGY0YWFhNWMzNTZmMDMxYTQ3OTQ5NWJkMmI1Y2MxZWU0NzdkZjYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtTqT7Q6iNC2PNPJaf3gHwBOrBYPl
82tZZC7BtvvQUKEorNqmqWX5ekch7cZv4a+5WGEzbrGjWd2c0kzAGUAmrMtiRgHh
dRHKwwN7H0k5wVqO8chdwbhQNOiBQva4mJp0dGseE5Mx5tOd4HGvwvC6ZidjRe8d
y+wFf0yy74cI67UEdZfUQ7D5qD4+mlN1frZ2Dx4waosjuYrP3zMo3HLsLRDfnGqm
HWwYwic421RIAZcQuYUVVwA4ibseAaf/GtKHqhydFsVMtw4FGZx5nVoDL6Jc3BH/
pLVJj281IKTlghWF+nHfbEgKdyv8ECP32kly9dOJsD0WB4lCJy+yUPiqeQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFFT0qqXDVvAxpHlJW9K1zB7kd99hMB8GA1UdIwQY
MBaAFCtOLTTM7kV2tc52BaCE5sCFIsIoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzA0dE5NenVSWGExem5ZRm9JVG13SVVpd2lnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9kODk5Y2MtNTM1Ny00NzFhLWJjMWMt
MDc3YmM4YmExZTVkLzEvVlBTcXBjTlc4REdrZVVsYjByWE1IdVIzMzJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9kODk5Y2MtNTM1Ny00NzFhLWJjMWMtMDc3YmM4YmExZTVk
LzEvSzA0dE5NenVSWGExem5ZRm9JVG13SVVpd2lnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAYBAIAATASAwQCLYGgAwQC
URDcAwQA1GZiMBsEAgACMBUDBQMqDSZAAwUDKg5MwAMFAyoPwsAwDQYJKoZIhvcN
AQELBQADggEBAKBUPaYB+kvNX6/mv0TIEQQj5ZKDpB36Tm6ErVxPGZmFhy5Wx6Ep
lrm74s6DiomjS8HPulvt9J1DBiRalSVnV5dQ7fqcgdY5WIB4rDlTiGILMDnv3vd8
kIP1mwDU87bXfp2xmeGwQX1rPMV7Wry+M85R9lkVYjpVhrBcKqSYJdwPR1URuFod
WurdPzlppuNE22XZPCv78Cw4CQSDIfyV9xjDg7Ykw4WV9X4TEcNsQHxgU+2mWCWt
y/r1QPFeYPr0/QAoCxQChOF3rKqHmK9anX3D/id+Y3a+z9bWkNkSceptTGjsHM6Q
q69hq9+2wEq5mDkE26+iReq+PGmqde4ecR4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:25 2024 by rpki-client on console-ams.rpki-client.org