Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/60f9ac-053a-4689-b081-3a3a9f0242b8/1/vn2b-Vrc2-IIZWIhWPrNUAjbr7k.roa
File: vn2b-Vrc2-IIZWIhWPrNUAjbr7k.roa (raw, json)
Hash identifier: +g7EprPNptlQFIdHUBR6Zd9Ahi6Czm2ndSmW5Jh7qEk=
Subject key identifier: BE:7D:9B:F9:5A:DC:DB:E2:08:65:62:21:58:FA:CD:50:08:DB:AF:B9
Certificate issuer: /CN=529ca5a6e5d67421f3f2cd21138cb70704850955
Certificate serial: 018CC726EDB6AC00E65711388C9496C15578
Authority key identifier: 52:9C:A5:A6:E5:D6:74:21:F3:F2:CD:21:13:8C:B7:07:04:85:09:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UpylpuXWdCHz8s0hE4y3BwSFCVU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/60f9ac-053a-4689-b081-3a3a9f0242b8/1/vn2b-Vrc2-IIZWIhWPrNUAjbr7k.roa
Signing time: Mon 01 Jan 2024 22:31:06 +0000
ROA not before: Mon 01 Jan 2024 22:31:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205385
IP address blocks: 185.231.36.0/22 maxlen: 24
185.220.48.0/22 maxlen: 24
2a0b:eec0::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:47:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:ed:b6:ac:00:e6:57:11:38:8c:94:96:c1:55:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=529ca5a6e5d67421f3f2cd21138cb70704850955
Validity
Not Before: Jan 1 22:31:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=be7d9bf95adcdbe20865622158facd5008dbafb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:01:15:02:03:57:77:0f:d9:b1:17:94:51:4a:
60:2c:d5:66:bd:6d:a0:dd:e5:9f:06:b8:04:4b:e6:
63:32:f7:b5:f8:91:5b:d7:e6:fe:c3:33:f7:22:d8:
11:5a:cb:28:18:0f:1d:fb:e9:48:a7:b7:e0:4c:17:
28:e3:1c:2a:b4:a6:cd:d8:9c:49:b8:d9:68:27:8b:
a5:80:5e:80:2d:2b:f9:2d:0e:7c:7b:4b:a0:10:87:
48:62:a5:85:34:14:43:ce:ca:c2:30:fa:f1:95:b8:
0d:27:e2:2d:3d:0e:ef:81:41:ee:c7:66:c8:f3:d0:
49:15:ee:a3:60:4b:f5:bc:fc:9c:de:98:43:90:1e:
55:89:55:b6:00:59:17:90:75:d6:f0:a7:ec:93:14:
8a:d7:31:0c:0d:65:56:c2:d8:bd:de:90:88:c4:8b:
86:04:53:ac:37:30:71:bc:9a:a8:87:02:09:47:43:
07:c4:09:e8:ce:08:d2:a4:1b:24:35:44:55:3f:eb:
aa:00:bd:a5:88:10:eb:e7:ee:9a:b7:71:29:d6:39:
04:e3:b8:8d:2a:be:4b:2f:be:ea:27:d0:39:08:ca:
c8:81:e7:5b:37:a1:88:30:78:14:f6:3c:a2:75:c4:
61:e0:15:51:33:86:f5:b8:32:c3:2e:c0:ea:2d:17:
97:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:7D:9B:F9:5A:DC:DB:E2:08:65:62:21:58:FA:CD:50:08:DB:AF:B9
X509v3 Authority Key Identifier:
keyid:52:9C:A5:A6:E5:D6:74:21:F3:F2:CD:21:13:8C:B7:07:04:85:09:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UpylpuXWdCHz8s0hE4y3BwSFCVU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/60f9ac-053a-4689-b081-3a3a9f0242b8/1/vn2b-Vrc2-IIZWIhWPrNUAjbr7k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/60f9ac-053a-4689-b081-3a3a9f0242b8/1/UpylpuXWdCHz8s0hE4y3BwSFCVU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.48.0/22
185.231.36.0/22
IPv6:
2a0b:eec0::/32
Signature Algorithm: sha256WithRSAEncryption
99:1f:34:23:9f:07:1f:c9:f0:4d:c6:43:0d:bc:f3:21:32:d4:
7c:fb:24:06:e9:14:b7:23:41:78:91:b9:e8:32:c7:dc:01:75:
1d:41:06:f7:c6:a6:ab:b5:28:58:f1:39:6d:c8:2e:6c:8b:a6:
db:83:b6:10:e6:1a:13:6e:0e:34:75:8e:d6:22:52:99:67:d9:
5e:04:8b:99:68:09:37:28:ba:c5:06:4e:79:ce:4e:68:6c:54:
d6:24:cc:55:6c:60:83:b5:98:5e:d2:ff:df:24:f1:e4:6b:53:
fb:48:37:ef:78:b4:76:0f:f5:ce:ab:10:1a:18:e8:d1:28:e8:
79:44:22:b6:02:5a:1c:30:7c:19:c6:39:33:5d:bc:1e:2e:6c:
47:65:41:58:5b:e5:85:fb:75:ec:46:f8:29:52:90:b5:89:c6:
93:67:45:80:ea:27:0b:af:a0:d4:0c:5a:b6:51:59:40:70:79:
36:df:b9:e0:5b:ab:0f:3c:cb:82:2c:13:33:52:39:ae:7a:a5:
c7:94:20:5d:6b:d3:73:a0:e5:33:e3:99:16:31:11:24:0d:76:
6a:0c:c6:3e:2f:41:34:1f:04:4e:99:03:e5:23:5c:fd:5a:e8:
3d:c2:e0:a4:63:60:83:72:f8:9f:2e:4e:bf:c9:f2:4c:bb:f2:
6c:16:c2:35
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzHJu22rADmVxE4jJSWwVV4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyOWNhNWE2ZTVkNjc0MjFmM2YyY2QyMTEzOGNiNzA3MDQ4
NTA5NTUwHhcNMjQwMTAxMjIzMTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTdkOWJmOTVhZGNkYmUyMDg2NTYyMjE1OGZhY2Q1MDA4ZGJhZmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlAEVAgNXdw/ZsReUUUpgLNVmvW2g
3eWfBrgES+ZjMve1+JFb1+b+wzP3ItgRWssoGA8d++lIp7fgTBco4xwqtKbN2JxJ
uNloJ4ulgF6ALSv5LQ58e0ugEIdIYqWFNBRDzsrCMPrxlbgNJ+ItPQ7vgUHux2bI
89BJFe6jYEv1vPyc3phDkB5ViVW2AFkXkHXW8KfskxSK1zEMDWVWwti93pCIxIuG
BFOsNzBxvJqohwIJR0MHxAnozgjSpBskNURVP+uqAL2liBDr5+6at3Ep1jkE47iN
Kr5LL77qJ9A5CMrIgedbN6GIMHgU9jyidcRh4BVRM4b1uDLDLsDqLReX9QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFL59m/la3NviCGViIVj6zVAI26+5MB8GA1UdIwQY
MBaAFFKcpabl1nQh8/LNIROMtwcEhQlVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXB5bHB1WFdkQ0h6OHMwaEU0eTNCd1NGQ1ZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC82MGY5YWMtMDUzYS00Njg5LWIwODEt
M2EzYTlmMDI0MmI4LzEvdm4yYi1WcmMyLUlJWldJaFdQck5VQWpicjdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC82MGY5YWMtMDUzYS00Njg5LWIwODEtM2EzYTlmMDI0MmI4
LzEvVXB5bHB1WFdkQ0h6OHMwaEU0eTNCd1NGQ1ZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCudwwAwQC
ueckMA0EAgACMAcDBQAqC+7AMA0GCSqGSIb3DQEBCwUAA4IBAQCZHzQjnwcfyfBN
xkMNvPMhMtR8+yQG6RS3I0F4kbnoMsfcAXUdQQb3xqartShY8TltyC5si6bbg7YQ
5hoTbg40dY7WIlKZZ9leBIuZaAk3KLrFBk55zk5obFTWJMxVbGCDtZhe0v/fJPHk
a1P7SDfveLR2D/XOqxAaGOjRKOh5RCK2AlocMHwZxjkzXbweLmxHZUFYW+WF+3Xs
RvgpUpC1icaTZ0WA6icLr6DUDFq2UVlAcHk237ngW6sPPMuCLBMzUjmueqXHlCBd
a9NzoOUz45kWMREkDXZqDMY+L0E0HwROmQPlI1z9Wug9wuCkY2CDcvifLk6/yfJM
u/JsFsI1
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:31:45 2025 by rpki-client