Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/vis_y8wijdpfkMqiP9s06qpWCPE.roa
File: vis_y8wijdpfkMqiP9s06qpWCPE.roa (raw, json)
Hash identifier: 02ElSstC0YIwF16kMd+/qqteoE9iTAdsDuD4Rs5/44c=
Subject key identifier: BE:2B:3F:CB:CC:22:8D:DA:5F:90:CA:A2:3F:DB:34:EA:AA:56:08:F1
Certificate issuer: /CN=0db67c5c7fa7fe2492eec37cf427642b71d425b0
Certificate serial: 018CC6B933192C3D692C602D01014C4AB362
Authority key identifier: 0D:B6:7C:5C:7F:A7:FE:24:92:EE:C3:7C:F4:27:64:2B:71:D4:25:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DbZ8XH-n_iSS7sN89CdkK3HUJbA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/vis_y8wijdpfkMqiP9s06qpWCPE.roa
Signing time: Mon 01 Jan 2024 20:31:15 +0000
ROA not before: Mon 01 Jan 2024 20:31:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201106
IP address blocks: 194.124.218.0/23 maxlen: 32
178.22.30.0/24 maxlen: 32
194.124.224.0/23 maxlen: 32
45.142.156.0/24 maxlen: 32
45.142.157.0/24 maxlen: 32
45.142.158.0/23 maxlen: 32
94.154.114.0/24 maxlen: 32
194.147.98.0/23 maxlen: 32
194.147.100.0/23 maxlen: 32
188.93.139.0/24 maxlen: 32
45.150.226.0/23 maxlen: 32
193.218.200.0/23 maxlen: 32
45.154.212.0/22 maxlen: 32
45.150.164.0/22 maxlen: 32
193.221.94.0/23 maxlen: 32
45.151.132.0/22 maxlen: 32
45.145.74.0/23 maxlen: 32
45.145.72.0/23 maxlen: 32
2a0e:da40:4000::/34 maxlen: 128
Validation: Failed, certificate revoked on Mon 29 Jan 2024 04:39:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:33:19:2c:3d:69:2c:60:2d:01:01:4c:4a:b3:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0db67c5c7fa7fe2492eec37cf427642b71d425b0
Validity
Not Before: Jan 1 20:31:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=be2b3fcbcc228dda5f90caa23fdb34eaaa5608f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:b6:48:10:61:c9:99:9b:91:d3:1e:c2:68:7c:
55:c6:24:99:2b:f2:1a:82:c7:80:64:3f:10:94:88:
34:75:14:95:cf:01:0f:a0:02:30:e3:95:70:28:77:
38:8a:ee:06:31:ab:f9:b6:db:d9:24:0b:22:8a:0c:
5a:d2:67:d8:3c:e5:62:d3:43:3a:43:c0:58:0d:df:
f1:75:1c:e0:ce:78:bf:74:9a:f6:e1:a8:e2:2d:a1:
a6:84:f5:4c:70:16:93:0f:8d:fa:dd:fe:67:4a:25:
b1:f3:15:06:3d:38:08:30:ac:fc:e9:4b:83:fb:2e:
57:4d:07:5c:ac:d6:86:67:ee:16:78:6f:4d:89:12:
a8:5c:e9:f3:8f:33:86:8c:98:38:dd:eb:6f:31:2a:
36:9f:73:ea:71:33:bc:0b:fe:59:8b:0d:dd:e2:8b:
59:a6:53:6a:fe:50:90:15:b5:fb:40:a8:c4:02:e3:
b9:10:69:47:e3:bc:39:94:03:19:bf:2a:6a:bd:37:
45:f5:84:40:1e:05:93:15:b5:69:63:52:95:14:c0:
68:5c:85:9e:bb:4a:e9:90:17:6d:08:61:2f:c8:08:
b0:23:2a:44:1a:1e:43:b3:8c:2f:33:f2:f3:7e:fe:
f7:51:06:11:89:09:52:7d:b1:e3:64:10:9e:1e:8c:
85:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:2B:3F:CB:CC:22:8D:DA:5F:90:CA:A2:3F:DB:34:EA:AA:56:08:F1
X509v3 Authority Key Identifier:
keyid:0D:B6:7C:5C:7F:A7:FE:24:92:EE:C3:7C:F4:27:64:2B:71:D4:25:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DbZ8XH-n_iSS7sN89CdkK3HUJbA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/vis_y8wijdpfkMqiP9s06qpWCPE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/DbZ8XH-n_iSS7sN89CdkK3HUJbA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.156.0/22
45.145.72.0/22
45.150.164.0/22
45.150.226.0/23
45.151.132.0/22
45.154.212.0/22
94.154.114.0/24
178.22.30.0/24
188.93.139.0/24
193.218.200.0/23
193.221.94.0/23
194.124.218.0/23
194.124.224.0/23
194.147.98.0-194.147.101.255
IPv6:
2a0e:da40:4000::/34
Signature Algorithm: sha256WithRSAEncryption
45:d0:26:66:85:80:a0:5f:a3:c2:7d:b8:f6:d6:1a:0f:b6:67:
51:16:74:91:07:a3:69:b9:c6:4b:b1:e4:d5:67:f9:f3:49:3f:
41:6a:61:8a:e4:59:e1:ae:b6:e7:01:3f:c8:e9:51:a9:65:fa:
52:d4:ae:1a:7b:22:2e:21:c1:c8:be:13:b9:d6:88:db:cc:ea:
23:cf:8c:7d:31:d0:6b:4c:8f:02:1a:f0:29:d7:ca:a9:75:13:
a3:aa:60:27:bb:52:5d:b3:55:88:ec:23:d2:69:e5:55:d2:29:
2a:61:8a:44:f8:e8:65:dd:0e:23:ce:e1:c3:37:8e:f5:56:5d:
9c:b5:68:fb:a2:ba:b0:9a:4e:ea:60:8f:fc:40:66:e0:e3:bd:
70:5a:b5:0c:26:fc:3a:9b:32:a3:37:a7:d5:1b:6b:88:1c:54:
c4:20:6d:f4:49:8c:a6:b6:33:cf:b0:9f:5f:2f:87:da:96:c3:
04:bc:96:60:7d:a8:db:ad:b0:a0:cb:39:d4:43:9d:57:cb:bc:
30:2f:ef:53:ee:8e:dc:ff:c5:a9:3d:c2:11:ba:b0:8c:c6:8c:
f4:aa:51:eb:56:b5:39:78:86:e0:e5:21:4f:f2:fe:95:e3:64:
a0:ed:f9:92:76:24:08:1d:cd:9f:f1:82:6d:40:fc:03:a7:9c:
12:55:d1:10
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAYzGuTMZLD1pLGAtAQFMSrNiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkYjY3YzVjN2ZhN2ZlMjQ5MmVlYzM3Y2Y0Mjc2NDJiNzFk
NDI1YjAwHhcNMjQwMTAxMjAzMTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTJiM2ZjYmNjMjI4ZGRhNWY5MGNhYTIzZmRiMzRlYWFhNTYwOGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAprZIEGHJmZuR0x7CaHxVxiSZK/Ia
gseAZD8QlIg0dRSVzwEPoAIw45VwKHc4iu4GMav5ttvZJAsiigxa0mfYPOVi00M6
Q8BYDd/xdRzgzni/dJr24ajiLaGmhPVMcBaTD4363f5nSiWx8xUGPTgIMKz86UuD
+y5XTQdcrNaGZ+4WeG9NiRKoXOnzjzOGjJg43etvMSo2n3PqcTO8C/5Ziw3d4otZ
plNq/lCQFbX7QKjEAuO5EGlH47w5lAMZvypqvTdF9YRAHgWTFbVpY1KVFMBoXIWe
u0rpkBdtCGEvyAiwIypEGh5Ds4wvM/Lzfv73UQYRiQlSfbHjZBCeHoyFEQIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFL4rP8vMIo3aX5DKoj/bNOqqVgjxMB8GA1UdIwQY
MBaAFA22fFx/p/4kku7DfPQnZCtx1CWwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGJaOFhILW5faVNTN3NOODlDZGtLM0hVSmJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS8wZjM3NTctZjBlZC00ZTdlLTkzMjkt
YjAzZGY5OTZlNDgxLzEvdmlzX3k4d2lqZHBma01xaVA5czA2cXBXQ1BFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS8wZjM3NTctZjBlZC00ZTdlLTkzMjktYjAzZGY5OTZlNDgx
LzEvRGJaOFhILW5faVNTN3NOODlDZGtLM0hVSmJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwYgQCAAEwXAMEAi2OnAME
Ai2RSAMEAi2WpAMEAS2W4gMEAi2XhAMEAi2a1AMEAF6acgMEALIWHgMEALxdiwME
AcHayAMEAcHdXgMEAcJ82gMEAcJ84DAMAwQBwpNiAwQBwpNkMA4EAgACMAgDBgYq
DtpAQDANBgkqhkiG9w0BAQsFAAOCAQEARdAmZoWAoF+jwn249tYaD7ZnURZ0kQej
abnGS7Hk1Wf580k/QWphiuRZ4a625wE/yOlRqWX6UtSuGnsiLiHByL4TudaI28zq
I8+MfTHQa0yPAhrwKdfKqXUTo6pgJ7tSXbNViOwj0mnlVdIpKmGKRPjoZd0OI87h
wzeO9VZdnLVo+6K6sJpO6mCP/EBm4OO9cFq1DCb8Opsyozen1RtriBxUxCBt9EmM
prYzz7CfXy+H2pbDBLyWYH2o262woMs51EOdV8u8MC/vU+6O3P/FqT3CEbqwjMaM
9KpR61a1OXiG4OUhT/L+leNkoO35knYkCB3Nn/GCbUD8A6ecElXREA==
Generated at Mon Jan 29 05:58:30 2024 by rpki-client on console-ams.rpki-client.org