Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/PJY88P8Sx3PREtCQK0F1xmQxUZs.roa
File: PJY88P8Sx3PREtCQK0F1xmQxUZs.roa (raw, json)
Hash identifier: TMAHKc3tvffEVaiMuVuiU6j88SgFwsk8uETyRLoOEJ0=
Subject key identifier: 3C:96:3C:F0:FF:12:C7:73:D1:12:D0:90:2B:41:75:C6:64:31:51:9B
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018571E88D1E12C145EF7D80A9F0B9B6F375
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/PJY88P8Sx3PREtCQK0F1xmQxUZs.roa
Signing time: Mon 02 Jan 2023 09:55:43 +0000
ROA not before: Mon 02 Jan 2023 09:55:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202890
IP address blocks: 45.9.28.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:e8:8d:1e:12:c1:45:ef:7d:80:a9:f0:b9:b6:f3:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jan 2 09:55:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3c963cf0ff12c773d112d0902b4175c66431519b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:80:ce:dd:52:c9:f9:83:26:69:2a:00:29:a2:
70:72:45:e3:82:9f:ed:2f:b0:32:8b:19:e0:ea:fc:
2f:a6:21:d0:9c:39:b9:42:a0:1f:d9:38:24:2f:a2:
a8:63:5f:ec:71:65:95:dd:ab:4f:ed:6e:de:db:d5:
87:96:3c:d2:d9:96:8c:52:36:17:ce:ee:95:0b:ac:
55:49:39:78:19:3b:02:1e:83:57:f6:45:7c:97:16:
2e:b5:be:9c:02:16:c3:f9:37:2f:d6:d5:af:e4:45:
38:7f:bd:d8:6a:ed:d5:41:bd:e6:ba:98:da:93:d2:
bd:1d:b9:39:98:39:fa:24:2c:5c:0c:e7:d7:57:a3:
82:9b:74:72:51:b4:c4:44:34:cc:18:2f:3c:1c:41:
74:a0:82:57:72:1a:af:0d:20:22:55:f6:73:ec:3f:
62:1e:15:fe:e2:2f:c0:e0:d4:2b:ba:6d:e1:b7:c7:
71:bc:85:aa:89:88:c4:7a:1a:9d:1f:87:80:b5:29:
b5:80:b9:53:29:a2:1c:4c:1a:aa:c7:9f:19:cc:23:
e5:03:b2:17:1e:bd:e9:c1:98:71:d6:88:6d:8b:38:
01:5d:1a:0b:dc:c7:8c:2e:a9:6f:81:8a:94:a6:f6:
e1:73:4a:1f:16:2f:2e:86:8a:a9:06:be:6b:39:f3:
ce:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:96:3C:F0:FF:12:C7:73:D1:12:D0:90:2B:41:75:C6:64:31:51:9B
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/PJY88P8Sx3PREtCQK0F1xmQxUZs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.28.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:a5:58:04:08:c9:7e:f8:38:38:72:68:d2:df:fb:d4:a2:20:
bc:42:91:97:13:85:43:86:7b:f1:e2:36:48:9c:51:3f:59:7c:
a6:3e:91:c9:34:b0:e5:ab:3a:1f:4c:d6:5a:94:13:28:36:fb:
15:ca:65:b4:73:cb:a2:ac:a6:3f:35:01:89:b8:f5:ec:15:60:
78:e4:4a:82:9a:31:18:61:21:4e:45:8b:3a:b4:fb:94:8d:c8:
d7:b2:7d:55:07:08:e5:68:95:05:6e:06:5b:44:e9:4f:12:d2:
a2:d9:70:ec:9e:b7:db:37:09:db:a9:a6:3f:ac:fc:b2:b2:72:
18:67:d0:20:8a:81:a4:b6:37:5b:29:a6:fd:c3:2b:1b:23:5a:
f0:7a:ac:b4:2e:dd:d2:e5:44:c0:ab:6f:5e:3b:13:9c:52:62:
49:57:a8:4b:d5:3a:a3:28:52:25:71:e8:65:34:a8:08:84:71:
2b:34:4e:94:50:04:ee:b4:e9:98:37:f8:8e:03:0b:0c:9d:27:
27:49:e7:ad:ea:6f:9d:f9:af:ac:4b:d5:48:3c:3e:e6:30:54:
6b:eb:49:57:3c:9d:07:a7:3e:ea:43:6c:7b:c2:7f:ae:ea:f3:
ec:f6:01:04:eb:0d:ad:fa:5a:90:f2:59:7f:8e:84:ec:98:11:
ab:1e:35:b0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx6I0eEsFF732AqfC5tvN1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwMTAyMDk1NTQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzk2M2NmMGZmMTJjNzczZDExMmQwOTAyYjQxNzVjNjY0MzE1MTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuoDO3VLJ+YMmaSoAKaJwckXjgp/t
L7Ayixng6vwvpiHQnDm5QqAf2TgkL6KoY1/scWWV3atP7W7e29WHljzS2ZaMUjYX
zu6VC6xVSTl4GTsCHoNX9kV8lxYutb6cAhbD+Tcv1tWv5EU4f73Yau3VQb3mupja
k9K9Hbk5mDn6JCxcDOfXV6OCm3RyUbTERDTMGC88HEF0oIJXchqvDSAiVfZz7D9i
HhX+4i/A4NQrum3ht8dxvIWqiYjEehqdH4eAtSm1gLlTKaIcTBqqx58ZzCPlA7IX
Hr3pwZhx1ohtizgBXRoL3MeMLqlvgYqUpvbhc0ofFi8uhoqpBr5rOfPOJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDyWPPD/Esdz0RLQkCtBdcZkMVGbMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvUEpZODhQOFN4M1BSRXRDUUswRjF4bVF4VVpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQkcMA0G
CSqGSIb3DQEBCwUAA4IBAQCOpVgECMl++Dg4cmjS3/vUoiC8QpGXE4VDhnvx4jZI
nFE/WXymPpHJNLDlqzofTNZalBMoNvsVymW0c8uirKY/NQGJuPXsFWB45EqCmjEY
YSFORYs6tPuUjcjXsn1VBwjlaJUFbgZbROlPEtKi2XDsnrfbNwnbqaY/rPyysnIY
Z9AgioGktjdbKab9wysbI1rweqy0Lt3S5UTAq29eOxOcUmJJV6hL1TqjKFIlcehl
NKgIhHErNE6UUATutOmYN/iOAwsMnScnSeet6m+d+a+sS9VIPD7mMFRr60lXPJ0H
pz7qQ2x7wn+u6vPs9gEE6w2t+lqQ8ll/joTsmBGrHjWw
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:18 2024 by rpki-client on console-ams.rpki-client.org