Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/8cc506-7e71-4705-a289-b42364895083/1/VVq0IDAIZ6P-0UoSHfsEK8PRRvw.roa
File: VVq0IDAIZ6P-0UoSHfsEK8PRRvw.roa (raw, json)
Hash identifier: /cYd//6N4mWzCzgAnbCweTeyq0qVULqE2T2q5JIjNDo=
Subject key identifier: 55:5A:B4:20:30:08:67:A3:FE:D1:4A:12:1D:FB:04:2B:C3:D1:46:FC
Certificate issuer: /CN=d6e2694652aa298511edafbe18d2b1cdbc792638
Certificate serial: 0188B5531EF4184A7262AA4A8455D776D99F
Authority key identifier: D6:E2:69:46:52:AA:29:85:11:ED:AF:BE:18:D2:B1:CD:BC:79:26:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1uJpRlKqKYUR7a--GNKxzbx5Jjg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/8cc506-7e71-4705-a289-b42364895083/1/VVq0IDAIZ6P-0UoSHfsEK8PRRvw.roa
Signing time: Tue 13 Jun 2023 15:15:03 +0000
ROA not before: Tue 13 Jun 2023 15:15:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60423
IP address blocks: 5.145.119.0/24 maxlen: 24
185.24.253.0/24 maxlen: 24
185.24.252.0/24 maxlen: 24
185.24.255.0/24 maxlen: 24
5.145.117.0/24 maxlen: 24
5.145.118.0/24 maxlen: 24
5.145.113.0/24 maxlen: 24
5.145.114.0/24 maxlen: 24
2a04:2f00::/48 maxlen: 48
2a04:2f00:3::/48 maxlen: 48
2a04:2f00:1::/48 maxlen: 48
2a04:2f00:2::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:b5:53:1e:f4:18:4a:72:62:aa:4a:84:55:d7:76:d9:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d6e2694652aa298511edafbe18d2b1cdbc792638
Validity
Not Before: Jun 13 15:15:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=555ab420300867a3fed14a121dfb042bc3d146fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:6e:ad:a6:c7:c3:7c:b2:2c:57:5f:73:be:f9:
79:2c:9c:60:e1:d1:fb:b9:94:74:54:11:cb:30:1b:
5c:d1:2d:dc:43:b7:48:37:73:24:8e:0b:30:00:ab:
8e:82:4c:f2:dc:4a:13:48:6a:f3:43:0f:8a:45:62:
6f:c7:6c:60:e6:8a:fb:35:4e:df:28:9e:6c:d5:e4:
45:2f:ee:97:ee:90:4f:cd:92:fd:43:8a:00:c9:78:
4b:46:54:77:c5:ef:6c:75:da:e2:58:08:00:0a:67:
26:ba:76:a8:4a:a3:82:21:2e:38:38:50:21:f4:35:
31:a7:e4:bc:ba:fe:cc:f3:72:5a:e4:3d:8f:29:2e:
aa:66:e9:d4:81:82:c9:6e:23:b0:39:b9:4a:d8:9f:
d3:44:31:32:e4:d5:de:b1:69:1c:1d:77:b6:21:f7:
ae:cb:41:85:63:91:b7:83:af:73:f5:c5:ea:1c:7f:
60:2a:18:cf:54:1f:93:98:a2:bd:47:b2:ba:f8:99:
d6:f2:eb:bc:61:90:91:fe:f9:ca:1f:f6:e8:ed:ba:
89:04:d6:b9:ba:3c:e3:71:e2:e1:88:85:f3:52:45:
ec:43:34:43:8d:e0:5b:37:b3:71:d1:ee:11:ca:46:
72:2c:49:7c:1a:9c:09:c3:ec:fd:23:62:ed:d3:8d:
44:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:5A:B4:20:30:08:67:A3:FE:D1:4A:12:1D:FB:04:2B:C3:D1:46:FC
X509v3 Authority Key Identifier:
keyid:D6:E2:69:46:52:AA:29:85:11:ED:AF:BE:18:D2:B1:CD:BC:79:26:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1uJpRlKqKYUR7a--GNKxzbx5Jjg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/8cc506-7e71-4705-a289-b42364895083/1/VVq0IDAIZ6P-0UoSHfsEK8PRRvw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/8cc506-7e71-4705-a289-b42364895083/1/1uJpRlKqKYUR7a--GNKxzbx5Jjg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.145.113.0-5.145.114.255
5.145.117.0-5.145.119.255
185.24.252.0/23
185.24.255.0/24
IPv6:
2a04:2f00::/46
Signature Algorithm: sha256WithRSAEncryption
ac:57:cc:08:fd:2c:c4:73:2e:91:f4:58:9f:41:1b:95:85:43:
a0:6c:87:33:ff:2e:14:98:28:6e:d7:51:b1:a5:3a:7a:79:5f:
b2:9f:58:f0:71:a8:6c:65:fd:4d:06:af:d1:3f:1a:3a:2f:6e:
39:c1:b0:83:80:c5:51:70:e6:88:98:24:11:92:93:8e:ed:3d:
f2:5b:28:ed:38:9b:df:37:a2:92:96:c8:ad:67:1a:ff:c2:f4:
08:5e:ae:98:81:c9:5a:7c:78:07:a0:db:05:e5:f9:5c:b0:51:
a1:60:83:eb:69:9b:59:78:99:e8:19:c7:0f:56:12:fe:30:ac:
48:85:26:cb:25:9a:9c:42:d3:c0:bd:e4:a7:87:fc:83:b1:8d:
9e:60:1e:c0:cc:85:db:96:0a:96:85:ff:1a:f5:0f:d1:6b:c4:
c0:a5:a7:49:07:72:5a:0f:a3:fd:e7:6a:12:05:2b:ca:d8:6f:
a9:3e:0c:d3:f2:ee:ca:52:80:13:3c:cb:43:c1:a0:fd:26:8e:
07:58:32:d3:10:ff:fc:ee:cd:9f:e0:52:86:28:94:f0:11:46:
9c:9e:e2:70:8c:51:16:9b:75:47:da:6b:ee:be:0c:27:17:e2:
d9:b3:9f:90:c9:4f:cb:31:41:05:79:5c:f7:1a:58:47:d8:d8:
ff:d5:09:14
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYi1Ux70GEpyYqpKhFXXdtmfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2ZTI2OTQ2NTJhYTI5ODUxMWVkYWZiZTE4ZDJiMWNkYmM3
OTI2MzgwHhcNMjMwNjEzMTUxNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTVhYjQyMDMwMDg2N2EzZmVkMTRhMTIxZGZiMDQyYmMzZDE0NmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk26tpsfDfLIsV19zvvl5LJxg4dH7
uZR0VBHLMBtc0S3cQ7dIN3MkjgswAKuOgkzy3EoTSGrzQw+KRWJvx2xg5or7NU7f
KJ5s1eRFL+6X7pBPzZL9Q4oAyXhLRlR3xe9sddriWAgACmcmunaoSqOCIS44OFAh
9DUxp+S8uv7M83Ja5D2PKS6qZunUgYLJbiOwOblK2J/TRDEy5NXesWkcHXe2Ifeu
y0GFY5G3g69z9cXqHH9gKhjPVB+TmKK9R7K6+JnW8uu8YZCR/vnKH/bo7bqJBNa5
ujzjceLhiIXzUkXsQzRDjeBbN7Nx0e4RykZyLEl8GpwJw+z9I2Lt041E5wIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFFVatCAwCGej/tFKEh37BCvD0Ub8MB8GA1UdIwQY
MBaAFNbiaUZSqimFEe2vvhjSsc28eSY4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXVKcFJsS3FLWVVSN2EtLUdOS3h6Yng1SmpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC84Y2M1MDYtN2U3MS00NzA1LWEyODkt
YjQyMzY0ODk1MDgzLzEvVlZxMElEQUlaNlAtMFVvU0hmc0VLOFBSUnZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC84Y2M1MDYtN2U3MS00NzA1LWEyODktYjQyMzY0ODk1MDgz
LzEvMXVKcFJsS3FLWVVSN2EtLUdOS3h6Yng1SmpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAuBAIAATAoMAwDBAAFkXED
BAAFkXIwDAMEAAWRdQMEAwWRcAMEAbkY/AMEALkY/zAPBAIAAjAJAwcCKgQvAAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQCsV8wI/SzEcy6R9FifQRuVhUOgbIcz/y4UmChu
11GxpTp6eV+yn1jwcahsZf1NBq/RPxo6L245wbCDgMVRcOaImCQRkpOO7T3yWyjt
OJvfN6KSlsitZxr/wvQIXq6YgclafHgHoNsF5flcsFGhYIPraZtZeJnoGccPVhL+
MKxIhSbLJZqcQtPAveSnh/yDsY2eYB7AzIXblgqWhf8a9Q/Ra8TApadJB3JaD6P9
52oSBSvK2G+pPgzT8u7KUoATPMtDwaD9Jo4HWDLTEP/87s2f4FKGKJTwEUacnuJw
jFEWm3VH2mvuvgwnF+LZs5+QyU/LMUEFeVz3GlhH2Nj/1QkU
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:18 2023 by rpki-client on console.sobornost.net