Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/ec48be-9250-4f7c-9c87-641b8e60d3e2/1/vc2HvHnmsieYzuEEQu-7MTRKXWQ.roa
File: vc2HvHnmsieYzuEEQu-7MTRKXWQ.roa (raw, json)
Hash identifier: EcOGVXYL2joz5LAoWgAjtZOgf4nwmXxklEpXARPP2N8=
Subject key identifier: BD:CD:87:BC:79:E6:B2:27:98:CE:E1:04:42:EF:BB:31:34:4A:5D:64
Certificate issuer: /CN=94948e5f2fa04b222a6e96883b840f7124531556
Certificate serial: 0189973FF086B9B3E32DC2059FE8E08CE5E6
Authority key identifier: 94:94:8E:5F:2F:A0:4B:22:2A:6E:96:88:3B:84:0F:71:24:53:15:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lJSOXy-gSyIqbpaIO4QPcSRTFVY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/ec48be-9250-4f7c-9c87-641b8e60d3e2/1/vc2HvHnmsieYzuEEQu-7MTRKXWQ.roa
Signing time: Thu 27 Jul 2023 12:08:17 +0000
ROA not before: Thu 27 Jul 2023 12:08:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60117
IP address blocks: 185.117.73.0/24 maxlen: 24
185.117.72.0/24 maxlen: 24
185.198.58.0/24 maxlen: 24
185.198.56.0/24 maxlen: 24
185.198.59.0/24 maxlen: 24
185.183.98.0/24 maxlen: 24
185.183.97.0/24 maxlen: 24
188.116.36.0/24 maxlen: 24
185.141.24.0/24 maxlen: 24
185.141.25.0/24 maxlen: 24
185.141.27.0/24 maxlen: 24
194.36.188.0/24 maxlen: 24
194.36.190.0/24 maxlen: 24
194.36.191.0/24 maxlen: 24
185.45.192.0/24 maxlen: 24
185.82.200.0/24 maxlen: 24
185.82.202.0/24 maxlen: 24
185.45.194.0/24 maxlen: 24
185.45.195.0/24 maxlen: 24
185.244.148.0/24 maxlen: 24
185.106.120.0/24 maxlen: 24
185.106.123.0/24 maxlen: 24
185.244.149.0/24 maxlen: 24
185.106.122.0/24 maxlen: 24
185.244.151.0/24 maxlen: 24
212.8.251.0/24 maxlen: 24
2a05:9341::/32 maxlen: 32
2a0e:df40::/32 maxlen: 32
2a05:9342::/32 maxlen: 32
2a04:dd00::/29 maxlen: 29
2a06:3d80::/29 maxlen: 29
2a04:dd01::/32 maxlen: 32
2a05:9340::/32 maxlen: 32
2a04:dd00::/32 maxlen: 32
2a03:660::/32 maxlen: 32
2a04:dd02::/32 maxlen: 32
2a05:9340::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:97:3f:f0:86:b9:b3:e3:2d:c2:05:9f:e8:e0:8c:e5:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94948e5f2fa04b222a6e96883b840f7124531556
Validity
Not Before: Jul 27 12:08:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bdcd87bc79e6b22798cee10442efbb31344a5d64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:18:4d:8d:50:2c:2b:73:e8:05:09:0c:43:6f:
e5:04:63:00:10:25:50:1c:11:12:3d:2e:1d:4d:46:
6d:ae:f9:72:d3:51:c6:85:d6:4e:7c:b4:2f:82:ea:
6b:6d:47:64:f3:df:d0:d0:91:51:29:05:50:2f:1f:
b9:c5:4e:28:e3:4f:36:c4:e6:6b:f2:50:85:a9:71:
ed:95:b3:4d:9a:63:1c:a8:fb:f8:a8:8a:7d:24:ef:
f7:cf:05:65:0f:74:0a:14:74:ef:ac:af:39:58:41:
7f:dc:a8:4b:2a:d7:cc:03:89:7d:2a:f5:db:4c:7c:
fd:64:b3:d0:a4:49:db:2d:bc:db:e5:6f:8b:2d:ce:
4e:73:d9:60:db:cf:51:8c:df:53:2a:79:49:2f:b2:
5b:9f:01:3d:af:be:cf:8a:2b:95:b5:e2:50:4b:9f:
c7:14:bb:fa:0f:95:ef:42:7f:80:4e:19:bd:57:a4:
e8:f5:c5:ac:0d:5e:c4:28:93:85:02:76:14:02:aa:
23:71:c6:1a:ec:e7:bc:c1:96:fa:fb:53:18:bb:3f:
77:19:35:77:46:44:03:aa:d1:26:18:d0:08:9e:bb:
f3:0b:6c:74:8f:56:29:27:0a:c5:97:d2:b3:94:d8:
4c:a6:91:16:dd:db:95:74:04:eb:0d:75:e9:5a:09:
34:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:CD:87:BC:79:E6:B2:27:98:CE:E1:04:42:EF:BB:31:34:4A:5D:64
X509v3 Authority Key Identifier:
keyid:94:94:8E:5F:2F:A0:4B:22:2A:6E:96:88:3B:84:0F:71:24:53:15:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lJSOXy-gSyIqbpaIO4QPcSRTFVY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/ec48be-9250-4f7c-9c87-641b8e60d3e2/1/vc2HvHnmsieYzuEEQu-7MTRKXWQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/ec48be-9250-4f7c-9c87-641b8e60d3e2/1/lJSOXy-gSyIqbpaIO4QPcSRTFVY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.45.192.0/24
185.45.194.0/23
185.82.200.0/24
185.82.202.0/24
185.106.120.0/24
185.106.122.0/23
185.117.72.0/23
185.141.24.0/23
185.141.27.0/24
185.183.97.0-185.183.98.255
185.198.56.0/24
185.198.58.0/23
185.244.148.0/23
185.244.151.0/24
188.116.36.0/24
194.36.188.0/24
194.36.190.0/23
212.8.251.0/24
IPv6:
2a03:660::/32
2a04:dd00::/29
2a05:9340::/29
2a06:3d80::/29
2a0e:df40::/32
Signature Algorithm: sha256WithRSAEncryption
63:8e:40:e2:60:06:7d:66:ca:ee:15:6c:60:70:c9:18:7d:f4:
59:0e:d6:d7:2a:71:17:82:b7:5c:28:07:e9:f5:fd:3f:bf:87:
98:eb:e8:f6:c7:5a:2f:ef:dc:a2:52:1c:2a:f0:b7:67:c5:a9:
5b:c8:52:4c:cb:6f:a3:2f:e6:be:d6:53:f7:1c:1f:b5:e3:a4:
4e:3c:2f:de:1a:82:29:46:55:8a:ee:22:df:90:ac:5c:31:3d:
81:62:8e:50:16:4f:c4:9d:d8:6e:30:15:ce:5e:cc:5d:96:c8:
af:6c:6e:77:b5:86:64:2f:c2:56:fd:4f:bc:46:07:c4:52:54:
4f:13:b2:ad:a6:8b:b7:5f:52:67:19:a7:78:93:fa:89:84:35:
ba:f9:22:9b:0d:e8:5c:04:33:5c:e5:b5:e1:01:c7:74:93:51:
a1:99:0d:8d:71:9d:d7:5f:c2:dc:e3:f8:dc:6e:ba:c2:a4:e9:
16:97:5b:2f:fc:b5:9c:fb:47:aa:88:ac:ed:7e:4e:71:de:8b:
cd:df:6a:3b:b2:ea:ce:ae:c0:9e:36:5d:3b:02:6d:49:a6:68:
e7:52:70:9b:ba:55:f4:3f:e8:85:f6:67:1e:ce:64:03:31:0d:
a2:a6:36:bf:0a:d6:aa:42:88:6e:8c:1b:e6:87:b4:91:f2:08:
b9:1c:67:cf
-----BEGIN CERTIFICATE-----
MIIFmTCCBIGgAwIBAgISAYmXP/CGubPjLcIFn+jgjOXmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0OTQ4ZTVmMmZhMDRiMjIyYTZlOTY4ODNiODQwZjcxMjQ1
MzE1NTYwHhcNMjMwNzI3MTIwODE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGNkODdiYzc5ZTZiMjI3OThjZWUxMDQ0MmVmYmIzMTM0NGE1ZDY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnhhNjVAsK3PoBQkMQ2/lBGMAECVQ
HBESPS4dTUZtrvly01HGhdZOfLQvguprbUdk89/Q0JFRKQVQLx+5xU4o4082xOZr
8lCFqXHtlbNNmmMcqPv4qIp9JO/3zwVlD3QKFHTvrK85WEF/3KhLKtfMA4l9KvXb
THz9ZLPQpEnbLbzb5W+LLc5Oc9lg289RjN9TKnlJL7JbnwE9r77PiiuVteJQS5/H
FLv6D5XvQn+AThm9V6To9cWsDV7EKJOFAnYUAqojccYa7Oe8wZb6+1MYuz93GTV3
RkQDqtEmGNAInrvzC2x0j1YpJwrFl9KzlNhMppEW3duVdATrDXXpWgk0TQIDAQAB
o4ICpTCCAqEwHQYDVR0OBBYEFL3Nh7x55rInmM7hBELvuzE0Sl1kMB8GA1UdIwQY
MBaAFJSUjl8voEsiKm6WiDuED3EkUxVWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEpTT1h5LWdTeUlxYnBhSU80UVBjU1JURlZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9lYzQ4YmUtOTI1MC00ZjdjLTljODct
NjQxYjhlNjBkM2UyLzEvdmMySHZIbm1zaWVZenVFRVF1LTdNVFJLWFdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9lYzQ4YmUtOTI1MC00ZjdjLTljODctNjQxYjhlNjBkM2Uy
LzEvbEpTT1h5LWdTeUlxYnBhSU80UVBjU1JURlZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG6BggrBgEFBQcBBwEB/wSBqjCBpzB6BAIAATB0AwQAuS3A
AwQBuS3CAwQAuVLIAwQAuVLKAwQAuWp4AwQBuWp6AwQBuXVIAwQBuY0YAwQAuY0b
MAwDBAC5t2EDBAC5t2IDBAC5xjgDBAG5xjoDBAG59JQDBAC59JcDBAC8dCQDBADC
JLwDBAHCJL4DBADUCPswKQQCAAIwIwMFACoDBmADBQMqBN0AAwUDKgWTQAMFAyoG
PYADBQAqDt9AMA0GCSqGSIb3DQEBCwUAA4IBAQBjjkDiYAZ9ZsruFWxgcMkYffRZ
DtbXKnEXgrdcKAfp9f0/v4eY6+j2x1ov79yiUhwq8LdnxalbyFJMy2+jL+a+1lP3
HB+146ROPC/eGoIpRlWK7iLfkKxcMT2BYo5QFk/EndhuMBXOXsxdlsivbG53tYZk
L8JW/U+8RgfEUlRPE7Ktpou3X1JnGad4k/qJhDW6+SKbDehcBDNc5bXhAcd0k1Gh
mQ2NcZ3XX8Lc4/jcbrrCpOkWl1sv/LWc+0eqiKztfk5x3ovN32o7surOrsCeNl07
Am1JpmjnUnCbulX0P+iF9mcezmQDMQ2ipja/CtaqQohujBvmh7SR8gi5HGfP
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:50 2024 by rpki-client on console-ams.rpki-client.org