Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/VSVdQnmw5r6cMWQxrMv1_4PC2h4.roa
File: VSVdQnmw5r6cMWQxrMv1_4PC2h4.roa (raw, json)
Hash identifier: SA1Z0Vwa4foXJfui/kKhzq+8tCh4G1/4WIQxKnVCa3s=
Subject key identifier: 55:25:5D:42:79:B0:E6:BE:9C:31:64:31:AC:CB:F5:FF:83:C2:DA:1E
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 018D643CB49669B14E7B61811F68CD9F79C1
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/VSVdQnmw5r6cMWQxrMv1_4PC2h4.roa
Signing time: Thu 01 Feb 2024 10:35:16 +0000
ROA not before: Thu 01 Feb 2024 10:35:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200462
IP address blocks: 2.58.52.0/23 maxlen: 32
5.180.192.0/23 maxlen: 24
5.180.195.0/24 maxlen: 24
45.86.124.0/22 maxlen: 24
94.247.43.0/24 maxlen: 32
2a00:f826:8::/48 maxlen: 48
2a07:6fc0:10::/44 maxlen: 48
2a09:e1c0::/32 maxlen: 128
2a0c:8900::/29 maxlen: 128
2a0e:de80::/29 maxlen: 48
Validation: Failed, certificate revoked on Thu 07 Mar 2024 11:32:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:64:3c:b4:96:69:b1:4e:7b:61:81:1f:68:cd:9f:79:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Feb 1 10:35:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=55255d4279b0e6be9c316431accbf5ff83c2da1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:04:97:03:3a:61:02:98:ee:f0:cf:ba:07:3d:
0c:76:f1:6c:53:fe:7c:ff:0c:2c:cb:dd:b3:51:fb:
e6:b8:73:ac:07:c5:22:73:1b:16:e5:08:3a:94:ba:
f0:49:f7:cc:b4:9f:bc:f0:9e:7c:16:84:46:30:b7:
d1:fd:48:b1:90:f6:4a:3b:a7:54:56:ac:2c:43:0b:
6b:d2:b7:dc:42:f7:82:09:e5:32:a2:33:2d:73:45:
b9:36:56:d3:c3:c7:8a:3d:b8:ad:ae:8f:b4:3c:b4:
7b:c3:99:ee:de:d3:a7:ad:2e:59:5d:1a:bc:08:29:
62:0a:3d:0c:ea:3f:61:95:12:8d:be:c4:1d:60:b3:
e4:95:c2:d7:a7:62:87:40:b7:d0:bc:3e:a6:3a:3f:
8e:6c:f9:43:92:f8:26:84:74:85:a1:d2:cd:e2:1b:
d7:31:ba:a8:af:c4:55:c6:32:c6:fa:87:3d:4c:2f:
d5:6f:62:31:45:b5:5c:73:11:a1:81:b7:0a:33:04:
13:6a:6e:08:23:b2:96:82:c1:a9:af:1a:d6:65:43:
4a:2f:98:94:29:96:83:05:c2:b4:dc:25:42:46:f1:
06:3e:e6:79:24:0a:82:51:97:61:4b:ac:d4:90:d5:
8c:76:f1:b5:e2:b5:6f:04:49:8d:44:22:df:8f:10:
a7:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:25:5D:42:79:B0:E6:BE:9C:31:64:31:AC:CB:F5:FF:83:C2:DA:1E
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/VSVdQnmw5r6cMWQxrMv1_4PC2h4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.52.0/23
5.180.192.0/23
5.180.195.0/24
45.86.124.0/22
94.247.43.0/24
IPv6:
2a00:f826:8::/48
2a07:6fc0:10::/44
2a09:e1c0::/32
2a0c:8900::/29
2a0e:de80::/29
Signature Algorithm: sha256WithRSAEncryption
a8:83:e3:e0:3d:af:9a:da:83:9c:4a:15:54:79:75:30:17:39:
0f:2c:ce:f2:71:6d:00:4e:22:4f:d1:c0:65:e5:8b:6c:f3:45:
2c:fe:f1:2b:a6:21:93:e3:b1:ab:e0:7c:97:1c:a9:32:de:7d:
cf:9d:df:2a:00:50:a7:2c:5e:33:eb:ca:b3:fb:ad:b5:c7:3b:
46:62:9b:1f:62:29:8a:20:a0:d4:88:8f:6b:80:6d:6c:48:b0:
16:ea:1c:b4:6d:34:f1:5c:54:2d:5b:ba:e8:00:ad:a3:24:a3:
43:3f:b1:d4:7c:61:0b:06:42:ab:e3:45:d9:58:ea:e7:76:89:
e5:47:12:82:8e:91:86:f4:2b:7f:08:73:10:0a:79:39:73:98:
6e:ef:37:2e:eb:8b:74:88:c2:31:12:7b:de:45:68:54:e8:ed:
20:75:9c:b7:4c:17:80:2b:e8:70:8f:63:b9:16:9c:29:c7:c5:
51:e1:8a:e6:08:d1:f2:40:b7:f4:76:f5:56:1a:c6:b0:d8:c8:
d6:a8:27:70:c5:f8:99:c7:5c:ef:5e:c3:46:85:66:e6:31:ce:
05:ad:13:24:e4:af:6d:ee:a4:a1:8b:f9:e6:c4:7d:17:a9:41:
ee:dd:7a:7d:c0:13:c6:ec:8b:30:da:ba:6d:82:e9:e8:0f:ce:
96:32:7f:f2
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAY1kPLSWabFOe2GBH2jNn3nBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjQwMjAxMTAzNTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTI1NWQ0Mjc5YjBlNmJlOWMzMTY0MzFhY2NiZjVmZjgzYzJkYTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvwSXAzphApju8M+6Bz0MdvFsU/58
/wwsy92zUfvmuHOsB8UicxsW5Qg6lLrwSffMtJ+88J58FoRGMLfR/UixkPZKO6dU
VqwsQwtr0rfcQveCCeUyojMtc0W5NlbTw8eKPbitro+0PLR7w5nu3tOnrS5ZXRq8
CCliCj0M6j9hlRKNvsQdYLPklcLXp2KHQLfQvD6mOj+ObPlDkvgmhHSFodLN4hvX
Mbqor8RVxjLG+oc9TC/Vb2IxRbVccxGhgbcKMwQTam4II7KWgsGprxrWZUNKL5iU
KZaDBcK03CVCRvEGPuZ5JAqCUZdhS6zUkNWMdvG14rVvBEmNRCLfjxCn5QIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFFUlXUJ5sOa+nDFkMazL9f+DwtoeMB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEvVlNWZFFubXc1cjZjTVdReHJNdjFfNFBDMmg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTAkBAIAATAeAwQBAjo0AwQB
BbTAAwQABbTDAwQCLVZ8AwQAXvcrMC0EAgACMCcDBwAqAPgmAAgDBwQqB2/AABAD
BQAqCeHAAwUDKgyJAAMFAyoO3oAwDQYJKoZIhvcNAQELBQADggEBAKiD4+A9r5ra
g5xKFVR5dTAXOQ8szvJxbQBOIk/RwGXli2zzRSz+8SumIZPjsavgfJccqTLefc+d
3yoAUKcsXjPryrP7rbXHO0Zimx9iKYogoNSIj2uAbWxIsBbqHLRtNPFcVC1buugA
raMko0M/sdR8YQsGQqvjRdlY6ud2ieVHEoKOkYb0K38IcxAKeTlzmG7vNy7ri3SI
wjESe95FaFTo7SB1nLdMF4Ar6HCPY7kWnCnHxVHhiuYI0fJAt/R29VYaxrDYyNao
J3DF+JnHXO9ew0aFZuYxzgWtEyTkr23upKGL+ebEfRepQe7den3AE8bsizDaum2C
6egPzpYyf/I=
-----END CERTIFICATE-----
Generated at Thu Mar 7 16:57:46 2024 by rpki-client on console-fra.rpki-client.org