Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/VZDKbdQZe8Huy8EWxY0L6LTtVj8.roa
File: VZDKbdQZe8Huy8EWxY0L6LTtVj8.roa (raw, json)
Hash identifier: R99JqAIg9iE88+8THF7u91CsmpIAUJO7QYCNUs/+vl0=
Subject key identifier: 55:90:CA:6D:D4:19:7B:C1:EE:CB:C1:16:C5:8D:0B:E8:B4:ED:56:3F
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018DE672A1FC5341F965E464FA7CC678C189
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/VZDKbdQZe8Huy8EWxY0L6LTtVj8.roa
Signing time: Mon 26 Feb 2024 17:24:48 +0000
ROA not before: Mon 26 Feb 2024 17:24:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8038
IP address blocks: 46.229.255.0/24 maxlen: 24
91.190.107.0/24 maxlen: 24
185.150.0.0/24 maxlen: 24
185.165.44.0/24 maxlen: 24
185.217.118.0/24 maxlen: 24
203.25.124.0/24 maxlen: 24
203.159.82.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 27 Feb 2024 12:54:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:e6:72:a1:fc:53:41:f9:65:e4:64:fa:7c:c6:78:c1:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Feb 26 17:24:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5590ca6dd4197bc1eecbc116c58d0be8b4ed563f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:c8:f1:69:93:a3:cd:41:30:3a:94:57:2e:70:
e1:6e:d2:a7:28:fe:e0:bd:24:1a:ce:d0:78:56:a5:
c0:0e:b7:3a:79:29:20:3a:ff:ea:b6:1f:0a:35:5b:
63:9d:fa:9f:d4:2b:95:16:6b:36:ca:1c:c8:d2:20:
d5:ae:9d:db:3f:26:06:b0:dd:c8:44:f4:0f:5d:75:
8c:f9:df:d2:a4:47:7a:b5:57:58:59:20:7d:0f:2e:
7b:28:53:70:cf:5e:5e:27:e0:9f:63:ce:b0:9a:a5:
72:4e:b7:a6:1a:f9:8f:91:f3:66:5d:2b:1d:81:2a:
c1:15:23:76:46:cd:86:29:84:93:24:48:a5:7b:26:
a2:27:b9:5c:75:36:38:56:f4:ff:53:17:0f:1d:cd:
b1:f0:16:49:7b:70:d8:52:81:14:09:fe:60:50:4a:
5d:07:6b:0b:73:38:bb:6c:60:62:1a:28:66:5c:27:
07:0a:05:4b:d6:9a:ba:cf:d2:a4:44:36:eb:08:04:
41:bf:9d:87:ac:4d:7c:15:74:31:a0:b9:e4:7a:cd:
9f:c4:b6:4d:ca:25:dd:e9:b6:ef:02:e3:b6:7f:99:
54:7f:36:7b:18:6e:00:60:7b:26:bc:f7:9d:5f:3b:
3d:f9:ec:4b:e4:02:4f:bd:3c:15:e1:a5:bb:20:6a:
66:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:90:CA:6D:D4:19:7B:C1:EE:CB:C1:16:C5:8D:0B:E8:B4:ED:56:3F
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/VZDKbdQZe8Huy8EWxY0L6LTtVj8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.229.255.0/24
91.190.107.0/24
185.150.0.0/24
185.165.44.0/24
185.217.118.0/24
203.25.124.0/24
203.159.82.0/24
Signature Algorithm: sha256WithRSAEncryption
25:f4:30:ea:8c:54:7c:b0:34:f6:f3:43:9b:12:15:10:ee:43:
2e:12:68:3b:cb:e3:04:22:5e:92:72:5e:f8:54:8f:35:46:53:
2a:96:01:6d:c4:62:d2:e7:60:3c:4c:0b:78:9c:af:d2:f5:fe:
e4:0e:f5:d3:3a:96:56:5a:64:ef:cd:bc:21:10:7c:7c:10:d0:
4b:b9:49:dd:20:07:ac:41:06:5a:92:21:35:6e:6b:15:ee:58:
13:cc:fa:8d:91:2c:a1:f6:7f:c3:2e:14:2e:42:b5:ad:9b:d5:
73:2b:8d:77:8f:fd:dd:99:48:4e:c9:58:d9:7c:ff:72:5b:5f:
6c:92:4f:aa:a4:f8:9c:5f:58:98:28:07:9b:f0:63:7a:dc:69:
bc:a9:4e:45:70:06:d6:35:f7:7d:07:b8:c1:9b:91:b8:23:35:
8c:31:0e:5f:4a:29:5d:84:50:89:71:60:b7:85:5d:16:60:30:
ed:a3:e5:dc:8e:c3:7f:ef:24:19:a4:b4:77:3a:ea:aa:68:3d:
ee:7b:3e:96:3a:4c:8c:84:d2:54:3c:9d:9f:8f:0d:d9:71:e3:
15:ae:41:3c:01:f9:04:a2:a4:7a:cf:05:94:a6:ec:7c:1d:c7:
91:f3:95:82:9d:51:e2:65:03:68:d8:7b:fe:10:db:c9:ae:cc:
dd:40:7c:fa
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY3mcqH8U0H5ZeRk+nzGeMGJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwMjI2MTcyNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTkwY2E2ZGQ0MTk3YmMxZWVjYmMxMTZjNThkMGJlOGI0ZWQ1NjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjMjxaZOjzUEwOpRXLnDhbtKnKP7g
vSQaztB4VqXADrc6eSkgOv/qth8KNVtjnfqf1CuVFms2yhzI0iDVrp3bPyYGsN3I
RPQPXXWM+d/SpEd6tVdYWSB9Dy57KFNwz15eJ+CfY86wmqVyTremGvmPkfNmXSsd
gSrBFSN2Rs2GKYSTJEileyaiJ7lcdTY4VvT/UxcPHc2x8BZJe3DYUoEUCf5gUEpd
B2sLczi7bGBiGihmXCcHCgVL1pq6z9KkRDbrCARBv52HrE18FXQxoLnkes2fxLZN
yiXd6bbvAuO2f5lUfzZ7GG4AYHsmvPedXzs9+exL5AJPvTwV4aW7IGpmLwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFFWQym3UGXvB7svBFsWNC+i07VY/MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvVlpES2JkUVplOEh1eThFV3hZMEw2TFR0Vmo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALuX/AwQA
W75rAwQAuZYAAwQAuaUsAwQAudl2AwQAyxl8AwQAy59SMA0GCSqGSIb3DQEBCwUA
A4IBAQAl9DDqjFR8sDT280ObEhUQ7kMuEmg7y+MEIl6Scl74VI81RlMqlgFtxGLS
52A8TAt4nK/S9f7kDvXTOpZWWmTvzbwhEHx8ENBLuUndIAesQQZakiE1bmsV7lgT
zPqNkSyh9n/DLhQuQrWtm9VzK413j/3dmUhOyVjZfP9yW19skk+qpPicX1iYKAeb
8GN63Gm8qU5FcAbWNfd9B7jBm5G4IzWMMQ5fSildhFCJcWC3hV0WYDDto+XcjsN/
7yQZpLR3OuqqaD3uez6WOkyMhNJUPJ2fjw3ZceMVrkE8AfkEoqR6zwWUpux8HceR
85WCnVHiZQNo2Hv+ENvJrszdQHz6
-----END CERTIFICATE-----
Generated at Tue Feb 27 15:32:19 2024 by rpki-client on console-fra.rpki-client.org