Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/vn94QDTHUSTVw0rPMTfPoKZDbxE.roa
File: vn94QDTHUSTVw0rPMTfPoKZDbxE.roa (raw, json)
Hash identifier: RtAo5+2j7gNc36YffcgwovVwBsRnpFgfOUOyC+QAjXI=
Subject key identifier: BE:7F:78:40:34:C7:51:24:D5:C3:4A:CF:31:37:CF:A0:A6:43:6F:11
Certificate issuer: /CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Certificate serial: 0188E246478AB1D697178B1CC9E07B8A2CD4
Authority key identifier: 64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/vn94QDTHUSTVw0rPMTfPoKZDbxE.roa
Signing time: Thu 22 Jun 2023 08:43:56 +0000
ROA not before: Thu 22 Jun 2023 08:43:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50261
IP address blocks: 45.147.156.0/22 maxlen: 22
80.64.64.0/21 maxlen: 21
37.220.128.0/20 maxlen: 20
77.111.112.0/21 maxlen: 21
80.64.72.0/21 maxlen: 21
92.61.96.0/20 maxlen: 20
77.111.120.0/21 maxlen: 21
109.74.48.0/20 maxlen: 20
2a02:d400::/29 maxlen: 29
2a02:d400:6::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 21 Jul 2023 07:56:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:e2:46:47:8a:b1:d6:97:17:8b:1c:c9:e0:7b:8a:2c:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Validity
Not Before: Jun 22 08:43:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=be7f784034c75124d5c34acf3137cfa0a6436f11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:2b:42:dc:d1:e2:70:01:36:8f:9f:45:8d:3d:
ff:0a:a1:71:37:4a:67:95:65:c0:98:09:3e:5e:49:
19:9d:42:e0:ba:ac:36:4f:e8:1e:05:70:eb:c4:2a:
40:a1:18:69:66:50:ab:82:77:e2:68:bd:fe:de:c0:
d5:0e:9e:d9:89:31:dd:6b:10:97:b5:e9:e0:37:74:
9b:28:e2:86:0f:b4:36:67:f4:ea:60:e8:7e:56:27:
57:48:29:4c:54:9d:92:92:d0:ba:2c:fa:2a:ca:61:
60:22:10:84:90:50:5b:1f:4b:0a:5e:3a:cf:6e:4b:
cc:f8:7a:93:9a:64:7a:7e:08:32:8f:8e:29:2b:99:
b6:3a:8b:fe:25:2f:f5:f6:24:1e:42:7b:44:8d:b2:
54:c8:ae:d2:70:1e:c5:e1:92:bc:73:d8:bc:9f:8e:
72:5a:e5:d1:ee:81:e6:ff:2e:31:fa:d3:b8:f0:d1:
bb:53:b1:c6:a3:c1:7d:4b:cd:0d:d0:89:96:3f:a7:
5b:d5:c5:1b:2c:0d:80:38:d7:56:c0:fb:73:6e:51:
df:6a:0e:83:0a:74:18:87:ad:4b:79:cb:0c:a0:60:
3c:aa:ce:61:c0:8c:e1:81:e9:da:03:0f:e1:81:87:
2c:37:31:f3:a4:de:f3:c8:50:17:60:d4:6a:2f:c8:
5d:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:7F:78:40:34:C7:51:24:D5:C3:4A:CF:31:37:CF:A0:A6:43:6F:11
X509v3 Authority Key Identifier:
keyid:64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/vn94QDTHUSTVw0rPMTfPoKZDbxE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.220.128.0/20
45.147.156.0/22
77.111.112.0/20
80.64.64.0/20
92.61.96.0/20
109.74.48.0/20
IPv6:
2a02:d400::/29
Signature Algorithm: sha256WithRSAEncryption
53:9a:80:19:bd:91:f1:2f:46:d0:75:b4:65:f5:fa:da:c7:65:
68:9d:59:61:a0:a9:c2:a4:b8:ae:b6:f8:44:ba:17:7d:83:4b:
f6:f8:4a:f3:0d:c2:1b:63:a7:49:a6:d7:cf:b0:6d:b3:70:47:
ee:0d:51:e7:32:69:70:7b:f6:a7:4f:81:0d:65:0b:77:41:03:
d7:aa:b6:4c:c8:f0:ee:4b:02:d8:81:a4:6e:0b:c2:94:71:d4:
71:28:99:fe:d1:ac:21:30:ee:78:00:65:ac:10:fc:44:71:24:
2d:08:1a:b1:c0:13:f7:2e:96:3e:c5:0c:a1:0c:bf:a6:cd:86:
86:4d:b6:8b:cd:01:9c:a6:df:f8:5a:9a:9d:4c:13:63:f1:df:
6e:81:58:ba:58:37:3d:92:81:3d:63:e9:92:7b:4c:39:0c:ec:
97:30:e9:2f:af:3d:7c:1b:a2:78:78:23:96:78:e9:df:e0:13:
17:c3:f2:50:6d:ab:34:20:a5:ad:7f:23:f4:7c:bc:0f:64:cc:
99:c9:9b:58:83:80:b0:86:2a:21:d2:f1:10:39:f5:c2:df:6b:
ee:57:c2:46:25:0d:99:4f:0b:39:58:f8:a7:fa:34:1b:ba:c2:
bf:c5:24:47:85:bb:61:bb:19:41:c8:1c:55:7c:50:36:cd:84:
e9:27:dd:11
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYjiRkeKsdaXF4scyeB7iizUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0MTk3NTU4M2IyNTAzNjJjODE1MGY2M2FkYjMwYTBmNmEw
YzZmYzMwHhcNMjMwNjIyMDg0MzU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTdmNzg0MDM0Yzc1MTI0ZDVjMzRhY2YzMTM3Y2ZhMGE2NDM2ZjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoCtC3NHicAE2j59FjT3/CqFxN0pn
lWXAmAk+XkkZnULguqw2T+geBXDrxCpAoRhpZlCrgnfiaL3+3sDVDp7ZiTHdaxCX
tengN3SbKOKGD7Q2Z/TqYOh+VidXSClMVJ2SktC6LPoqymFgIhCEkFBbH0sKXjrP
bkvM+HqTmmR6fggyj44pK5m2Oov+JS/19iQeQntEjbJUyK7ScB7F4ZK8c9i8n45y
WuXR7oHm/y4x+tO48NG7U7HGo8F9S80N0ImWP6db1cUbLA2AONdWwPtzblHfag6D
CnQYh61LecsMoGA8qs5hwIzhgenaAw/hgYcsNzHzpN7zyFAXYNRqL8hd0QIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFL5/eEA0x1Ek1cNKzzE3z6CmQ28RMB8GA1UdIwQY
MBaAFGQZdVg7JQNiyBUPY62zCg9qDG/DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQt
ZjFjMzNhYTJmZDUwLzEvdm45NFFEVEhVU1RWdzByUE1UZlBvS1pEYnhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQtZjFjMzNhYTJmZDUw
LzEvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQEJdyAAwQC
LZOcAwQETW9wAwQEUEBAAwQEXD1gAwQEbUowMA0EAgACMAcDBQMqAtQAMA0GCSqG
SIb3DQEBCwUAA4IBAQBTmoAZvZHxL0bQdbRl9frax2VonVlhoKnCpLiutvhEuhd9
g0v2+ErzDcIbY6dJptfPsG2zcEfuDVHnMmlwe/anT4ENZQt3QQPXqrZMyPDuSwLY
gaRuC8KUcdRxKJn+0awhMO54AGWsEPxEcSQtCBqxwBP3LpY+xQyhDL+mzYaGTbaL
zQGcpt/4WpqdTBNj8d9ugVi6WDc9koE9Y+mSe0w5DOyXMOkvrz18G6J4eCOWeOnf
4BMXw/JQbas0IKWtfyP0fLwPZMyZyZtYg4Cwhioh0vEQOfXC32vuV8JGJQ2ZTws5
WPin+jQbusK/xSRHhbthuxlByBxVfFA2zYTpJ90R
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:21 2024 by rpki-client on console-fra.rpki-client.org