Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/529be9-1fcf-46a3-b13d-c8acb7173b62/1/Pm1HEEhPOeYPWNSQsiG6kKZGa-U.roa
File: Pm1HEEhPOeYPWNSQsiG6kKZGa-U.roa (raw, json)
Hash identifier: SyhGCgtLoitDOeyVQM6pOMd1dPqcoCsxrBo5EeQxqEQ=
Subject key identifier: 3E:6D:47:10:48:4F:39:E6:0F:58:D4:90:B2:21:BA:90:A6:46:6B:E5
Certificate issuer: /CN=cc110bef9c5b96a831c7abf95592744bbaf1ee67
Certificate serial: 01856C4120D2F12AD0FB1DF83BAF1014F017
Authority key identifier: CC:11:0B:EF:9C:5B:96:A8:31:C7:AB:F9:55:92:74:4B:BA:F1:EE:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zBEL75xblqgxx6v5VZJ0S7rx7mc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/529be9-1fcf-46a3-b13d-c8acb7173b62/1/Pm1HEEhPOeYPWNSQsiG6kKZGa-U.roa
Signing time: Sun 01 Jan 2023 07:34:45 +0000
ROA not before: Sun 01 Jan 2023 07:34:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205500
IP address blocks: 45.152.171.0/24 maxlen: 24
45.152.168.0/22 maxlen: 22
185.216.16.0/22 maxlen: 22
2a0f:5000::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:41:20:d2:f1:2a:d0:fb:1d:f8:3b:af:10:14:f0:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cc110bef9c5b96a831c7abf95592744bbaf1ee67
Validity
Not Before: Jan 1 07:34:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3e6d4710484f39e60f58d490b221ba90a6466be5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:4d:b5:9c:c6:82:33:bf:a8:88:95:64:4c:40:
17:a0:7f:59:77:00:95:1b:86:a1:55:18:35:e5:3c:
15:9e:48:c4:f5:c3:52:af:ee:f2:05:23:79:14:29:
c6:bf:86:56:fe:21:7e:88:b7:fd:60:e1:55:44:3e:
6b:df:04:5f:1c:e8:75:07:15:dd:40:33:36:bd:65:
0e:c5:5d:ee:80:65:32:01:a5:db:51:48:99:0c:d7:
5e:e3:17:90:21:85:dd:ed:be:17:52:e5:21:b1:04:
ed:55:75:82:73:18:11:54:0b:71:4c:ac:37:c0:83:
08:82:5e:43:a9:f4:60:07:3b:26:d4:15:28:c0:4c:
b3:76:11:c0:63:a6:7d:c1:d1:26:c6:2d:ee:b7:68:
d4:30:1a:e2:4a:c1:5e:74:07:54:97:3f:dd:3a:81:
66:aa:0d:c1:60:ac:e9:11:65:cf:7f:a0:a9:7e:f6:
11:e3:ac:c1:b7:16:fc:8c:c5:72:4f:b3:73:e3:ce:
1c:40:44:67:ed:39:b2:2e:36:c9:27:aa:28:0c:f7:
6c:17:3a:92:8e:be:4d:e1:ff:6c:43:cb:63:c1:ae:
59:77:48:ea:d0:7d:21:4b:c2:77:d9:45:e7:c9:76:
1e:ee:a2:02:94:4b:22:06:48:fe:33:e7:c2:e9:b9:
65:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:6D:47:10:48:4F:39:E6:0F:58:D4:90:B2:21:BA:90:A6:46:6B:E5
X509v3 Authority Key Identifier:
keyid:CC:11:0B:EF:9C:5B:96:A8:31:C7:AB:F9:55:92:74:4B:BA:F1:EE:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zBEL75xblqgxx6v5VZJ0S7rx7mc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/529be9-1fcf-46a3-b13d-c8acb7173b62/1/Pm1HEEhPOeYPWNSQsiG6kKZGa-U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/529be9-1fcf-46a3-b13d-c8acb7173b62/1/zBEL75xblqgxx6v5VZJ0S7rx7mc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.168.0/22
185.216.16.0/22
IPv6:
2a0f:5000::/29
Signature Algorithm: sha256WithRSAEncryption
c5:66:4f:b2:d6:3c:f2:c2:c3:4e:b9:f0:08:aa:67:38:b4:88:
74:0e:01:a4:8d:4c:78:48:74:93:8a:a4:46:bf:37:64:a9:78:
10:6c:80:93:d8:88:1c:c1:ed:ef:90:4e:1a:97:fd:fe:99:d4:
19:d8:80:37:bf:53:da:0e:e0:18:64:9f:35:21:bf:53:8f:6e:
dd:e9:b5:b5:33:15:33:a2:c9:7b:cf:3d:bd:7a:fe:b5:00:1c:
95:40:66:de:24:31:6d:f5:4c:66:d0:c1:e5:1f:b5:2a:b7:c8:
9a:f3:6e:4c:bb:64:18:4b:48:9f:04:ca:d0:d8:64:fe:87:cc:
13:44:fc:e3:ae:c1:29:ce:e3:fb:35:4b:e9:c4:a3:9c:72:b5:
7e:4a:6d:1c:4a:eb:ae:ed:96:a7:7b:f1:d1:35:38:5b:f6:5d:
7e:52:8c:5e:34:44:41:19:67:b9:75:38:6f:12:0d:11:09:04:
83:eb:21:4b:50:6d:19:7e:e4:b8:2c:4c:c0:3a:6f:0a:e6:60:
5a:0c:74:d4:d9:b7:6c:b0:76:d4:39:bc:cd:29:31:16:86:fc:
5b:33:09:cd:6e:16:14:6e:1e:5c:bb:e8:22:f9:29:c4:a3:10:
77:17:c0:56:24:4b:66:39:12:16:57:86:e7:71:c9:e8:52:b1:
5c:ed:59:e1
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVsQSDS8SrQ+x34O68QFPAXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjMTEwYmVmOWM1Yjk2YTgzMWM3YWJmOTU1OTI3NDRiYmFm
MWVlNjcwHhcNMjMwMTAxMDczNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTZkNDcxMDQ4NGYzOWU2MGY1OGQ0OTBiMjIxYmE5MGE2NDY2YmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj021nMaCM7+oiJVkTEAXoH9ZdwCV
G4ahVRg15TwVnkjE9cNSr+7yBSN5FCnGv4ZW/iF+iLf9YOFVRD5r3wRfHOh1BxXd
QDM2vWUOxV3ugGUyAaXbUUiZDNde4xeQIYXd7b4XUuUhsQTtVXWCcxgRVAtxTKw3
wIMIgl5DqfRgBzsm1BUowEyzdhHAY6Z9wdEmxi3ut2jUMBriSsFedAdUlz/dOoFm
qg3BYKzpEWXPf6CpfvYR46zBtxb8jMVyT7Nz484cQERn7TmyLjbJJ6ooDPdsFzqS
jr5N4f9sQ8tjwa5Zd0jq0H0hS8J32UXnyXYe7qIClEsiBkj+M+fC6bllOwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFD5tRxBITznmD1jUkLIhupCmRmvlMB8GA1UdIwQY
MBaAFMwRC++cW5aoMcer+VWSdEu68e5nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekJFTDc1eGJscWd4eDZ2NVZaSjBTN3J4N21jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi81MjliZTktMWZjZi00NmEzLWIxM2Qt
YzhhY2I3MTczYjYyLzEvUG0xSEVFaFBPZVlQV05TUXNpRzZrS1pHYS1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi81MjliZTktMWZjZi00NmEzLWIxM2QtYzhhY2I3MTczYjYy
LzEvekJFTDc1eGJscWd4eDZ2NVZaSjBTN3J4N21jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLZioAwQC
udgQMA0EAgACMAcDBQMqD1AAMA0GCSqGSIb3DQEBCwUAA4IBAQDFZk+y1jzywsNO
ufAIqmc4tIh0DgGkjUx4SHSTiqRGvzdkqXgQbICT2Igcwe3vkE4al/3+mdQZ2IA3
v1PaDuAYZJ81Ib9Tj27d6bW1MxUzosl7zz29ev61AByVQGbeJDFt9Uxm0MHlH7Uq
t8ia825Mu2QYS0ifBMrQ2GT+h8wTRPzjrsEpzuP7NUvpxKOccrV+Sm0cSuuu7Zan
e/HRNThb9l1+UoxeNERBGWe5dThvEg0RCQSD6yFLUG0ZfuS4LEzAOm8K5mBaDHTU
2bdssHbUObzNKTEWhvxbMwnNbhYUbh5cu+gi+SnEoxB3F8BWJEtmORIWV4bnccno
UrFc7Vnh
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:19 2024 by rpki-client on console-ams.rpki-client.org