Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8ce6a1-130c-480e-a903-db8eff1b11a0/1/VTXkvsE5dEwdD6pldj8hX3tK7yo.roa
File: VTXkvsE5dEwdD6pldj8hX3tK7yo.roa (raw, json)
Hash identifier: VF7PJOpRcWIR8y6M5d8hWs69jU3yi6N9VSHxEjN6pZM=
Subject key identifier: 55:35:E4:BE:C1:39:74:4C:1D:0F:AA:65:76:3F:21:5F:7B:4A:EF:2A
Certificate issuer: /CN=ac8a0e0b1b21f093333c0748145b1628418cf2b5
Certificate serial: 0185BB5CD62C40558E03C214056B1A5C01A7
Authority key identifier: AC:8A:0E:0B:1B:21:F0:93:33:3C:07:48:14:5B:16:28:41:8C:F2:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rIoOCxsh8JMzPAdIFFsWKEGM8rU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8ce6a1-130c-480e-a903-db8eff1b11a0/1/VTXkvsE5dEwdD6pldj8hX3tK7yo.roa
Signing time: Mon 16 Jan 2023 16:15:01 +0000
ROA not before: Mon 16 Jan 2023 16:15:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200000
IP address blocks: 185.233.120.0/22 maxlen: 22
185.124.8.0/22 maxlen: 22
185.233.136.0/22 maxlen: 22
37.139.64.0/21 maxlen: 21
185.39.224.0/22 maxlen: 22
185.233.152.0/22 maxlen: 23
185.149.40.0/22 maxlen: 22
185.233.116.0/22 maxlen: 22
185.235.168.0/22 maxlen: 22
45.154.218.0/24 maxlen: 24
109.205.96.0/21 maxlen: 21
185.104.44.0/22 maxlen: 22
185.104.45.0/24 maxlen: 24
185.65.244.0/22 maxlen: 22
217.173.208.0/20 maxlen: 20
185.226.24.0/22 maxlen: 22
185.225.212.0/22 maxlen: 22
185.25.116.0/22 maxlen: 22
185.68.16.0/24 maxlen: 24
185.68.16.0/22 maxlen: 22
185.233.36.0/22 maxlen: 22
185.233.40.0/22 maxlen: 22
185.233.44.0/22 maxlen: 22
185.130.120.0/22 maxlen: 22
185.209.168.0/22 maxlen: 22
185.69.152.0/22 maxlen: 22
185.239.180.0/22 maxlen: 22
185.234.176.0/22 maxlen: 22
2a0c:c80::/29 maxlen: 29
2a0c:6080::/29 maxlen: 29
2a0c:684::/30 maxlen: 30
2a0c:d80::/29 maxlen: 29
2a0c:e80::/29 maxlen: 29
2a04:8000::/29 maxlen: 29
2a0d:6500::/29 maxlen: 29
2a0d:1100::/29 maxlen: 29
2a05:480::/29 maxlen: 29
2a0c:680::/29 maxlen: 29
2a0c:780::/29 maxlen: 29
2a00:7a60::/32 maxlen: 32
2a06:6440::/29 maxlen: 29
2a0c:681::/32 maxlen: 32
2a0c:682::/31 maxlen: 31
2a0c:a80::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 09 Feb 2023 13:47:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:bb:5c:d6:2c:40:55:8e:03:c2:14:05:6b:1a:5c:01:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac8a0e0b1b21f093333c0748145b1628418cf2b5
Validity
Not Before: Jan 16 16:15:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5535e4bec139744c1d0faa65763f215f7b4aef2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:14:cb:6a:75:46:3a:c2:b4:03:96:eb:30:e3:
4b:6e:e8:25:ec:54:c3:aa:ee:de:a9:c0:06:08:fa:
d2:45:99:77:ba:36:79:c6:f9:08:c9:1d:35:18:bd:
36:21:07:9a:f3:2d:9a:4b:8c:64:15:b3:bd:45:17:
50:9a:93:55:be:11:2d:71:52:cd:8f:12:39:e9:59:
0b:a8:9a:b7:ac:ae:c1:22:d1:03:7c:f8:d9:3c:4c:
0c:33:d4:ab:fc:bb:46:9d:15:6a:c7:2d:2e:8f:84:
d1:ab:21:0f:0f:11:a9:98:15:e9:89:b5:ce:d7:22:
d4:75:a3:a8:25:15:33:bd:fb:8d:4c:8d:c6:23:9b:
85:96:0c:de:f4:e6:17:25:7c:61:39:00:c4:35:89:
69:78:b8:d2:3b:d7:e3:ef:c3:2b:7a:6b:e8:cf:5a:
e6:37:ec:0f:b0:17:b5:36:c1:51:00:e9:69:51:70:
36:df:a0:9d:c7:26:26:41:91:ed:bd:8c:df:9c:40:
ef:f7:d1:44:13:f8:0b:42:29:93:c4:11:49:e8:1c:
47:17:ee:6e:ff:ab:58:99:1b:01:70:b5:6e:b4:d4:
bc:0d:ed:b3:d4:34:09:22:b8:0b:0d:cf:aa:33:22:
bc:b7:b8:fd:df:63:52:2f:56:27:28:0b:a0:28:98:
d7:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:35:E4:BE:C1:39:74:4C:1D:0F:AA:65:76:3F:21:5F:7B:4A:EF:2A
X509v3 Authority Key Identifier:
keyid:AC:8A:0E:0B:1B:21:F0:93:33:3C:07:48:14:5B:16:28:41:8C:F2:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rIoOCxsh8JMzPAdIFFsWKEGM8rU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8ce6a1-130c-480e-a903-db8eff1b11a0/1/VTXkvsE5dEwdD6pldj8hX3tK7yo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8ce6a1-130c-480e-a903-db8eff1b11a0/1/rIoOCxsh8JMzPAdIFFsWKEGM8rU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.64.0/21
45.154.218.0/24
109.205.96.0/21
185.25.116.0/22
185.39.224.0/22
185.65.244.0/22
185.68.16.0/22
185.69.152.0/22
185.104.44.0/22
185.124.8.0/22
185.130.120.0/22
185.149.40.0/22
185.209.168.0/22
185.225.212.0/22
185.226.24.0/22
185.233.36.0-185.233.47.255
185.233.116.0-185.233.123.255
185.233.136.0/22
185.233.152.0/22
185.234.176.0/22
185.235.168.0/22
185.239.180.0/22
217.173.208.0/20
IPv6:
2a00:7a60::/32
2a04:8000::/29
2a05:480::/29
2a06:6440::/29
2a0c:680::/29
2a0c:780::/29
2a0c:a80::/29
2a0c:c80::/29
2a0c:d80::/29
2a0c:e80::/29
2a0c:6080::/29
2a0d:1100::/29
2a0d:6500::/29
Signature Algorithm: sha256WithRSAEncryption
3a:78:8f:c9:11:6e:91:70:1d:89:c0:9e:4d:ee:f2:d7:f7:92:
3c:a1:32:f5:7c:34:67:33:94:39:e7:c1:98:33:35:c7:c3:ce:
2a:d2:9f:7b:26:67:0a:44:cf:eb:fc:ba:86:98:95:be:89:2a:
b0:cc:73:98:52:c6:38:30:c6:46:c4:99:19:0e:ea:e6:8c:84:
e4:68:87:9d:bc:e0:64:6f:32:b9:92:8e:2a:7f:e7:fb:73:32:
cc:ad:10:c1:3a:56:6e:65:4d:09:04:21:96:4c:06:09:ce:f7:
1a:a9:7e:f0:00:79:2f:1d:ee:a3:83:ae:7a:a3:c0:b2:31:49:
25:0a:f4:d2:fa:67:9c:40:06:09:74:69:ef:b5:ea:1f:99:e5:
38:1a:51:19:38:8c:b9:31:1b:00:03:17:5f:d8:6a:ce:8e:b9:
f7:72:92:9e:f5:85:25:d7:e4:0e:22:6e:2a:ba:ce:9c:d7:c8:
35:e3:59:3c:bd:d8:00:1d:e3:db:5f:53:a2:d7:db:e7:f7:ab:
81:c1:3d:a8:89:ce:d9:cd:88:7d:63:41:5a:00:79:80:36:fb:
22:a4:21:5d:98:18:e4:ef:cd:bc:4d:ca:f4:96:d1:f6:c2:5e:
47:36:4e:cc:4b:ff:a2:cb:ae:77:c5:44:0d:dc:37:79:1a:58:
cd:4f:4a:a3
-----BEGIN CERTIFICATE-----
MIIF/DCCBOSgAwIBAgISAYW7XNYsQFWOA8IUBWsaXAGnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjOGEwZTBiMWIyMWYwOTMzMzNjMDc0ODE0NWIxNjI4NDE4
Y2YyYjUwHhcNMjMwMTE2MTYxNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTM1ZTRiZWMxMzk3NDRjMWQwZmFhNjU3NjNmMjE1ZjdiNGFlZjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnxTLanVGOsK0A5brMONLbugl7FTD
qu7eqcAGCPrSRZl3ujZ5xvkIyR01GL02IQea8y2aS4xkFbO9RRdQmpNVvhEtcVLN
jxI56VkLqJq3rK7BItEDfPjZPEwMM9Sr/LtGnRVqxy0uj4TRqyEPDxGpmBXpibXO
1yLUdaOoJRUzvfuNTI3GI5uFlgze9OYXJXxhOQDENYlpeLjSO9fj78Mremvoz1rm
N+wPsBe1NsFRAOlpUXA236CdxyYmQZHtvYzfnEDv99FEE/gLQimTxBFJ6BxHF+5u
/6tYmRsBcLVutNS8De2z1DQJIrgLDc+qMyK8t7j932NSL1YnKAugKJjXjwIDAQAB
o4IDCDCCAwQwHQYDVR0OBBYEFFU15L7BOXRMHQ+qZXY/IV97Su8qMB8GA1UdIwQY
MBaAFKyKDgsbIfCTMzwHSBRbFihBjPK1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcklvT0N4c2g4Sk16UEFkSUZGc1dLRUdNOHJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84Y2U2YTEtMTMwYy00ODBlLWE5MDMt
ZGI4ZWZmMWIxMWEwLzEvVlRYa3ZzRTVkRXdkRDZwbGRqOGhYM3RLN3lvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84Y2U2YTEtMTMwYy00ODBlLWE5MDMtZGI4ZWZmMWIxMWEw
LzEvcklvT0N4c2g4Sk16UEFkSUZGc1dLRUdNOHJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBHAYIKwYBBQUHAQcBAf8EggELMIIBBzCBoQQCAAEwgZoD
BAMli0ADBAAtmtoDBANtzWADBAK5GXQDBAK5J+ADBAK5QfQDBAK5RBADBAK5RZgD
BAK5aCwDBAK5fAgDBAK5gngDBAK5lSgDBAK50agDBAK54dQDBAK54hgwDAMEArnp
JAMEBLnpIDAMAwQCuel0AwQCuel4AwQCuemIAwQCuemYAwQCueqwAwQCueuoAwQC
ue+0AwQE2a3QMGEEAgACMFsDBQAqAHpgAwUDKgSAAAMFAyoFBIADBQMqBmRAAwUD
KgwGgAMFAyoMB4ADBQMqDAqAAwUDKgwMgAMFAyoMDYADBQMqDA6AAwUDKgxggAMF
AyoNEQADBQMqDWUAMA0GCSqGSIb3DQEBCwUAA4IBAQA6eI/JEW6RcB2JwJ5N7vLX
95I8oTL1fDRnM5Q558GYMzXHw84q0p97JmcKRM/r/LqGmJW+iSqwzHOYUsY4MMZG
xJkZDurmjITkaIedvOBkbzK5ko4qf+f7czLMrRDBOlZuZU0JBCGWTAYJzvcaqX7w
AHkvHe6jg656o8CyMUklCvTS+mecQAYJdGnvteofmeU4GlEZOIy5MRsAAxdf2GrO
jrn3cpKe9YUl1+QOIm4qus6c18g141k8vdgAHePbX1Oi19vn96uBwT2oic7ZzYh9
Y0FaAHmANvsipCFdmBjk7828Tcr0ltH2wl5HNk7MS/+iy653xUQN3Dd5GljNT0qj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:43 2024 by rpki-client on console-fra.rpki-client.org