Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/03beb4-240b-4cbf-aa3f-9fdc106c8153/1/vRBoYDSmCsOHOV_x78YG5ImYmJc.roa
File: vRBoYDSmCsOHOV_x78YG5ImYmJc.roa (raw, json)
Hash identifier: kZI4uuAHxgAcAvuMQ+uKZRYHrGv+iBsnbfzE7pnlrPk=
Subject key identifier: BD:10:68:60:34:A6:0A:C3:87:39:5F:F1:EF:C6:06:E4:89:98:98:97
Certificate issuer: /CN=03eca793245752b67a881f78e35ab8ff49dd3ec1
Certificate serial: 018CE9808372AD7D44C76D6A5F186BF1B6F4
Authority key identifier: 03:EC:A7:93:24:57:52:B6:7A:88:1F:78:E3:5A:B8:FF:49:DD:3E:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A-ynkyRXUrZ6iB9441q4_0ndPsE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/03beb4-240b-4cbf-aa3f-9fdc106c8153/1/vRBoYDSmCsOHOV_x78YG5ImYmJc.roa
Signing time: Mon 08 Jan 2024 14:36:02 +0000
ROA not before: Mon 08 Jan 2024 14:36:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50903
IP address blocks: 178.23.32.0/21 maxlen: 24
45.148.156.0/22 maxlen: 24
185.118.92.0/22 maxlen: 24
45.159.68.0/22 maxlen: 24
2a00:ab80::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:48:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:e9:80:83:72:ad:7d:44:c7:6d:6a:5f:18:6b:f1:b6:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03eca793245752b67a881f78e35ab8ff49dd3ec1
Validity
Not Before: Jan 8 14:36:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bd10686034a60ac387395ff1efc606e489989897
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:5d:1f:90:28:27:00:20:ad:89:00:06:4e:0d:
ba:06:ff:d1:7c:e4:5d:e5:c8:25:45:b1:e5:ef:fb:
e5:e7:00:23:f4:1e:39:e0:f5:bc:4c:c5:f8:2b:e7:
7a:fa:79:e2:98:75:8d:e6:0f:3a:b7:84:96:64:ec:
1b:96:cd:fa:89:c3:d6:a2:3d:63:bc:e8:7c:f4:ee:
8f:e7:22:ba:e5:fd:38:e0:ed:4f:1d:1a:59:e4:3a:
17:dd:37:2f:fd:d1:73:80:aa:be:27:e7:3a:ac:ca:
7c:73:b9:99:9e:50:44:be:7f:75:3e:3e:f5:48:c9:
21:e6:98:bd:50:74:12:27:10:ef:37:55:94:2c:fe:
7c:7c:72:30:80:a2:3d:ae:3b:ab:b5:6c:00:22:ce:
b6:a8:bd:f4:ee:80:aa:89:bd:e8:48:a8:ee:0f:5e:
31:17:2f:b2:42:79:6b:72:61:98:17:a8:21:28:03:
0b:1d:47:63:af:b4:4a:b3:0d:93:6c:c6:b6:b3:86:
29:e2:7c:c9:4e:b8:25:e6:6a:58:37:3a:60:36:c0:
f2:e8:9a:ea:d2:04:28:ed:16:22:bb:68:61:a6:86:
97:9d:30:30:a0:e8:cc:a8:23:f5:54:a9:ce:aa:80:
27:7b:96:e5:f2:a7:14:38:67:3e:4f:d9:81:fd:dd:
2b:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:10:68:60:34:A6:0A:C3:87:39:5F:F1:EF:C6:06:E4:89:98:98:97
X509v3 Authority Key Identifier:
keyid:03:EC:A7:93:24:57:52:B6:7A:88:1F:78:E3:5A:B8:FF:49:DD:3E:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A-ynkyRXUrZ6iB9441q4_0ndPsE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/03beb4-240b-4cbf-aa3f-9fdc106c8153/1/vRBoYDSmCsOHOV_x78YG5ImYmJc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/03beb4-240b-4cbf-aa3f-9fdc106c8153/1/A-ynkyRXUrZ6iB9441q4_0ndPsE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.156.0/22
45.159.68.0/22
178.23.32.0/21
185.118.92.0/22
IPv6:
2a00:ab80::/32
Signature Algorithm: sha256WithRSAEncryption
86:12:44:48:e9:b6:4a:1a:bf:50:c7:43:46:bf:10:52:84:82:
62:09:11:7f:09:ff:a3:2d:e5:2d:b6:ac:7a:ae:eb:4d:e8:96:
30:10:9b:06:b2:09:2f:5c:70:d4:c6:4e:a8:59:f1:b6:4a:54:
d4:fe:ff:82:36:16:42:c8:8d:2c:00:71:25:b5:f2:eb:2c:80:
12:f4:1d:5e:68:e8:f0:70:67:6a:ea:3a:b6:93:38:3d:8e:2b:
79:25:ed:cf:a8:de:4d:0d:60:45:43:d0:a6:30:60:9c:2b:bb:
d6:2c:22:58:75:03:48:cf:36:39:9d:8c:ca:64:a7:da:52:3b:
c2:66:6a:bd:51:f1:02:ac:4e:22:78:89:af:fa:a4:1e:ee:9f:
95:ce:31:39:27:6f:08:40:15:cf:0f:59:7e:a7:31:c2:17:6f:
2e:a3:83:29:ea:da:c0:fb:75:76:f6:e8:b1:0b:99:1e:7b:ee:
71:04:0f:1d:82:30:e3:d7:54:1d:c7:00:46:fb:a3:25:8c:15:
f1:bd:d7:25:ed:fb:d8:b6:ad:07:7e:72:4f:66:9e:32:9d:d8:
ec:8d:c2:60:e8:02:81:45:5b:dc:44:be:9f:c7:eb:97:72:d3:
42:15:b1:c7:55:15:6e:41:5f:7b:a0:2f:fd:b6:47:81:61:69:
d6:67:26:ee
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzpgINyrX1Ex21qXxhr8bb0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzZWNhNzkzMjQ1NzUyYjY3YTg4MWY3OGUzNWFiOGZmNDlk
ZDNlYzEwHhcNMjQwMTA4MTQzNjAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDEwNjg2MDM0YTYwYWMzODczOTVmZjFlZmM2MDZlNDg5OTg5ODk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhF0fkCgnACCtiQAGTg26Bv/RfORd
5cglRbHl7/vl5wAj9B454PW8TMX4K+d6+nnimHWN5g86t4SWZOwbls36icPWoj1j
vOh89O6P5yK65f044O1PHRpZ5DoX3Tcv/dFzgKq+J+c6rMp8c7mZnlBEvn91Pj71
SMkh5pi9UHQSJxDvN1WULP58fHIwgKI9rjurtWwAIs62qL307oCqib3oSKjuD14x
Fy+yQnlrcmGYF6ghKAMLHUdjr7RKsw2TbMa2s4Yp4nzJTrgl5mpYNzpgNsDy6Jrq
0gQo7RYiu2hhpoaXnTAwoOjMqCP1VKnOqoAne5bl8qcUOGc+T9mB/d0r+wIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFL0QaGA0pgrDhzlf8e/GBuSJmJiXMB8GA1UdIwQY
MBaAFAPsp5MkV1K2eogfeONauP9J3T7BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQS15bmt5UlhVclo2aUI5NDQxcTRfMG5kUHNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS8wM2JlYjQtMjQwYi00Y2JmLWFhM2Yt
OWZkYzEwNmM4MTUzLzEvdlJCb1lEU21Dc09IT1ZfeDc4WUc1SW1ZbUpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS8wM2JlYjQtMjQwYi00Y2JmLWFhM2YtOWZkYzEwNmM4MTUz
LzEvQS15bmt5UlhVclo2aUI5NDQxcTRfMG5kUHNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCLZScAwQC
LZ9EAwQDshcgAwQCuXZcMA0EAgACMAcDBQAqAKuAMA0GCSqGSIb3DQEBCwUAA4IB
AQCGEkRI6bZKGr9Qx0NGvxBShIJiCRF/Cf+jLeUttqx6rutN6JYwEJsGsgkvXHDU
xk6oWfG2SlTU/v+CNhZCyI0sAHEltfLrLIAS9B1eaOjwcGdq6jq2kzg9jit5Je3P
qN5NDWBFQ9CmMGCcK7vWLCJYdQNIzzY5nYzKZKfaUjvCZmq9UfECrE4ieImv+qQe
7p+VzjE5J28IQBXPD1l+pzHCF28uo4Mp6trA+3V29uixC5kee+5xBA8dgjDj11Qd
xwBG+6MljBXxvdcl7fvYtq0HfnJPZp4yndjsjcJg6AKBRVvcRL6fx+uXctNCFbHH
VRVuQV97oC/9tkeBYWnWZybu
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:00:50 2025 by rpki-client