Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/vDWBEpigq01SyJjwMfeGee0hCPI.roa
File: vDWBEpigq01SyJjwMfeGee0hCPI.roa (raw, json)
Hash identifier: ezl9YZl84TYVC8ocv01EIQDgh71vsuoBrM63m2SZjQ0=
Subject key identifier: BC:35:81:12:98:A0:AB:4D:52:C8:98:F0:31:F7:86:79:ED:21:08:F2
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 0185737AC54C2839E6A2C7FC39C45B6E68DE
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/vDWBEpigq01SyJjwMfeGee0hCPI.roa
Signing time: Mon 02 Jan 2023 17:15:03 +0000
ROA not before: Mon 02 Jan 2023 17:15:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51223
IP address blocks: 185.139.60.0/22 maxlen: 24
185.26.4.0/22 maxlen: 24
89.32.80.0/21 maxlen: 24
89.36.44.0/22 maxlen: 24
178.237.128.0/20 maxlen: 24
212.119.48.0/22 maxlen: 24
176.113.84.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 18 Dec 2023 15:16:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:7a:c5:4c:28:39:e6:a2:c7:fc:39:c4:5b:6e:68:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Jan 2 17:15:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bc35811298a0ab4d52c898f031f78679ed2108f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:02:fd:07:de:4e:e6:00:ba:46:e1:21:74:e2:
81:59:65:71:74:f9:9f:fe:fe:b8:d4:d1:0c:a2:6e:
ba:75:ff:40:2f:cc:e1:8c:97:3c:d9:de:c4:e0:e5:
d0:45:07:58:d3:55:f3:a4:0f:01:8d:ac:d5:89:a8:
aa:7f:1e:e6:08:31:aa:aa:1c:cc:50:16:64:0f:d4:
16:e7:58:a3:8b:9d:3c:75:c5:56:80:87:f4:04:c1:
37:0f:89:af:29:37:ca:8a:5e:d3:8d:2e:77:0b:2d:
c2:4c:17:e0:82:3d:64:1e:cc:f2:8f:4d:a0:6b:fa:
17:2e:82:ec:3d:46:e1:44:cd:c4:f1:7a:2d:3d:de:
82:ff:6a:fe:c5:2c:cd:bf:a8:f8:a9:a2:a3:ca:a1:
d8:19:87:1e:b5:b6:11:0e:08:75:d8:21:cc:49:52:
47:ff:fe:87:cf:c6:b3:f9:ea:d7:07:41:29:aa:a4:
63:84:b1:31:92:f1:e0:21:f5:82:23:55:d2:06:72:
89:ae:8b:73:30:04:a8:c5:37:b7:ad:87:c0:72:2e:
29:d8:a5:79:ab:63:e2:4b:04:98:88:b3:67:22:2e:
8e:a8:17:3b:46:fc:2a:bc:da:92:ae:f6:63:20:d4:
d1:78:0d:93:7a:35:01:53:d2:57:56:99:3d:2b:4c:
eb:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:35:81:12:98:A0:AB:4D:52:C8:98:F0:31:F7:86:79:ED:21:08:F2
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/vDWBEpigq01SyJjwMfeGee0hCPI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.32.80.0/21
89.36.44.0/22
176.113.84.0/22
178.237.128.0/20
185.26.4.0/22
185.139.60.0/22
212.119.48.0/22
Signature Algorithm: sha256WithRSAEncryption
65:c0:48:30:2e:b7:12:78:43:f0:3e:f6:20:12:5a:b6:c2:4b:
1d:74:95:01:00:77:41:dc:54:ae:df:74:03:e4:a0:af:4b:5c:
f3:e9:ee:9d:b1:f8:f5:39:e3:c0:1a:d7:25:6f:b4:46:39:31:
bc:eb:42:43:97:0c:a0:45:b5:71:71:0b:6f:23:ff:9c:85:f2:
e0:45:17:2f:90:05:60:fb:1e:67:2d:b6:c4:56:01:ab:5a:f7:
99:34:74:67:af:bc:36:d3:2d:17:26:46:c2:6f:c5:cd:de:d7:
12:42:e9:96:b6:9e:1a:21:e4:35:f1:38:ab:76:59:1e:26:3b:
c6:9e:fa:9b:fe:9b:c3:f1:18:a9:45:de:18:c9:8b:17:16:df:
46:69:d1:9a:3e:1d:32:da:3a:68:32:03:9e:8c:4e:de:3c:32:
da:08:cb:44:b2:a4:72:15:6c:6c:c9:46:04:09:18:d8:19:11:
db:e4:16:56:17:9e:a2:90:ea:40:ae:b8:6d:b4:c3:d5:1a:32:
85:f9:e7:43:72:16:ab:df:a9:7a:f2:99:41:b8:cc:9d:d3:12:
d3:cd:02:24:1c:49:dd:6b:78:4e:a7:47:d9:79:1b:7f:39:cf:
0e:e2:ee:f1:b9:48:49:e6:d6:36:71:ab:c0:44:16:11:d6:35:
23:83:96:20
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYVzesVMKDnmosf8OcRbbmjeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjMwMTAyMTcxNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzM1ODExMjk4YTBhYjRkNTJjODk4ZjAzMWY3ODY3OWVkMjEwOGYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqAL9B95O5gC6RuEhdOKBWWVxdPmf
/v641NEMom66df9AL8zhjJc82d7E4OXQRQdY01XzpA8BjazViaiqfx7mCDGqqhzM
UBZkD9QW51iji508dcVWgIf0BME3D4mvKTfKil7TjS53Cy3CTBfggj1kHszyj02g
a/oXLoLsPUbhRM3E8XotPd6C/2r+xSzNv6j4qaKjyqHYGYcetbYRDgh12CHMSVJH
//6Hz8az+erXB0EpqqRjhLExkvHgIfWCI1XSBnKJrotzMASoxTe3rYfAci4p2KV5
q2PiSwSYiLNnIi6OqBc7RvwqvNqSrvZjINTReA2TejUBU9JXVpk9K0zrYwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFLw1gRKYoKtNUsiY8DH3hnntIQjyMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvdkRXQkVwaWdxMDFTeUpqd01mZUdlZTBoQ1BJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQDWSBQAwQC
WSQsAwQCsHFUAwQEsu2AAwQCuRoEAwQCuYs8AwQC1HcwMA0GCSqGSIb3DQEBCwUA
A4IBAQBlwEgwLrcSeEPwPvYgElq2wksddJUBAHdB3FSu33QD5KCvS1zz6e6dsfj1
OePAGtclb7RGOTG860JDlwygRbVxcQtvI/+chfLgRRcvkAVg+x5nLbbEVgGrWveZ
NHRnr7w20y0XJkbCb8XN3tcSQumWtp4aIeQ18TirdlkeJjvGnvqb/pvD8RipRd4Y
yYsXFt9GadGaPh0y2jpoMgOejE7ePDLaCMtEsqRyFWxsyUYECRjYGRHb5BZWF56i
kOpArrhttMPVGjKF+edDchar36l68plBuMyd0xLTzQIkHEnda3hOp0fZeRt/Oc8O
4u7xuUhJ5tY2cavARBYR1jUjg5Yg
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:51 2024 by rpki-client on console-ams.rpki-client.org