Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/bf2ba5-f280-49e5-9a34-fec25d2e918d/1/POWMHbFHTa1VpEftbGGPjibIU3o.roa
File: POWMHbFHTa1VpEftbGGPjibIU3o.roa (raw, json)
Hash identifier: DKxyxtvTtMoIIoL2GBmJFetjqiqwNgFIHiejSLZIE6M=
Subject key identifier: 3C:E5:8C:1D:B1:47:4D:AD:55:A4:47:ED:6C:61:8F:8E:26:C8:53:7A
Certificate issuer: /CN=59dda539feb8f8a3725342600670c0c154e4baaa
Certificate serial: 0185704BA0EAF47E036C0BB5AA3CE671C595
Authority key identifier: 59:DD:A5:39:FE:B8:F8:A3:72:53:42:60:06:70:C0:C1:54:E4:BA:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wd2lOf64-KNyU0JgBnDAwVTkuqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/bf2ba5-f280-49e5-9a34-fec25d2e918d/1/POWMHbFHTa1VpEftbGGPjibIU3o.roa
Signing time: Mon 02 Jan 2023 02:24:42 +0000
ROA not before: Mon 02 Jan 2023 02:24:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49847
IP address blocks: 185.42.225.0/24 maxlen: 24
185.42.224.0/24 maxlen: 24
185.42.226.0/24 maxlen: 24
185.42.227.0/24 maxlen: 24
45.132.172.0/24 maxlen: 24
45.132.175.0/24 maxlen: 24
45.132.174.0/24 maxlen: 24
45.132.173.0/24 maxlen: 24
2a04:9240::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:31:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:4b:a0:ea:f4:7e:03:6c:0b:b5:aa:3c:e6:71:c5:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=59dda539feb8f8a3725342600670c0c154e4baaa
Validity
Not Before: Jan 2 02:24:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3ce58c1db1474dad55a447ed6c618f8e26c8537a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:f1:aa:72:4d:f9:e2:31:44:b6:0e:2a:02:40:
6b:c3:3e:d8:a9:69:18:cd:28:32:ea:84:ca:ab:c4:
bb:0f:a5:d2:88:63:d5:9b:d8:aa:e5:b9:f5:6d:31:
17:f9:9b:ad:12:fa:92:69:a4:9f:37:60:cb:73:c8:
c3:f8:05:82:3b:bd:16:08:86:bf:9f:e7:06:af:75:
4f:6a:ec:f4:08:22:fc:27:0d:4a:db:bd:70:85:18:
f8:19:83:c3:d4:1a:3f:3f:94:a2:c1:d9:83:90:98:
ac:cb:4e:a7:51:60:86:44:97:c9:49:cd:a5:38:43:
e2:bb:38:61:e7:59:33:b0:e6:7c:60:76:e5:41:36:
42:bd:3b:ce:13:20:e5:c6:e5:1b:97:33:8c:da:3d:
21:84:2a:31:94:f8:35:92:41:25:e1:ae:ae:a4:33:
91:3a:a9:2d:26:56:a2:b4:f7:3c:14:94:43:a3:0c:
9d:35:b0:f3:98:d5:80:a7:e1:8e:30:d8:76:5c:9d:
74:40:e7:61:14:cb:2b:f4:7c:5e:17:d3:c7:92:90:
48:84:48:1d:5f:b8:fd:f5:59:0e:f6:fd:ed:08:1c:
ef:10:ef:8d:a7:6b:ca:92:c1:0b:a2:f6:a6:ba:c3:
a0:b2:7c:8d:de:34:1b:a9:2b:fc:d6:8b:c3:3d:b2:
71:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:E5:8C:1D:B1:47:4D:AD:55:A4:47:ED:6C:61:8F:8E:26:C8:53:7A
X509v3 Authority Key Identifier:
keyid:59:DD:A5:39:FE:B8:F8:A3:72:53:42:60:06:70:C0:C1:54:E4:BA:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wd2lOf64-KNyU0JgBnDAwVTkuqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/bf2ba5-f280-49e5-9a34-fec25d2e918d/1/POWMHbFHTa1VpEftbGGPjibIU3o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/bf2ba5-f280-49e5-9a34-fec25d2e918d/1/Wd2lOf64-KNyU0JgBnDAwVTkuqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.172.0/22
185.42.224.0/22
IPv6:
2a04:9240::/29
Signature Algorithm: sha256WithRSAEncryption
a7:7b:c9:3b:88:38:e4:e0:c3:48:3e:c8:e5:43:84:d1:25:02:
01:14:ce:96:c7:e7:a7:b7:7c:f5:69:cf:fa:b0:34:c0:94:fd:
32:c5:c7:03:65:a4:4f:db:b3:a5:59:fd:0f:33:bb:82:bd:92:
c8:97:8f:bb:54:6c:4a:26:9c:58:3c:36:ec:84:ea:0a:84:7e:
0e:1c:e8:ee:89:ba:71:42:b6:31:0e:16:81:59:d6:f3:4f:3c:
e4:0b:a9:3f:6d:70:d6:ab:4f:99:c1:79:b1:9e:09:00:60:ec:
b2:02:7d:5b:db:c4:a9:36:f9:87:04:d8:58:43:21:21:41:0a:
90:c6:db:af:a4:03:35:d2:24:82:bb:a3:ba:c9:41:70:e1:f4:
48:a5:51:40:95:0b:59:3d:73:1d:44:53:fd:64:81:8f:f3:0b:
e4:fd:56:7e:fb:c8:c3:0c:d5:38:59:42:b3:91:6b:98:9c:f2:
a9:fc:df:1f:74:fc:32:78:88:bb:5e:b4:5f:16:8e:90:d6:8e:
e3:36:c5:df:12:c0:47:bb:e4:13:7f:1f:6e:6a:98:ea:35:0f:
90:3c:a1:22:d2:55:a3:25:4c:62:8d:0e:cf:cf:02:9c:14:d7:
5d:81:11:10:0a:59:49:3a:50:36:f3:5f:f1:93:2a:b4:cc:ab:
f7:04:2c:7b
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVwS6Dq9H4DbAu1qjzmccWVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5ZGRhNTM5ZmViOGY4YTM3MjUzNDI2MDA2NzBjMGMxNTRl
NGJhYWEwHhcNMjMwMTAyMDIyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2U1OGMxZGIxNDc0ZGFkNTVhNDQ3ZWQ2YzYxOGY4ZTI2Yzg1MzdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnvGqck354jFEtg4qAkBrwz7YqWkY
zSgy6oTKq8S7D6XSiGPVm9iq5bn1bTEX+ZutEvqSaaSfN2DLc8jD+AWCO70WCIa/
n+cGr3VPauz0CCL8Jw1K271whRj4GYPD1Bo/P5SiwdmDkJisy06nUWCGRJfJSc2l
OEPiuzhh51kzsOZ8YHblQTZCvTvOEyDlxuUblzOM2j0hhCoxlPg1kkEl4a6upDOR
OqktJlaitPc8FJRDowydNbDzmNWAp+GOMNh2XJ10QOdhFMsr9HxeF9PHkpBIhEgd
X7j99VkO9v3tCBzvEO+Np2vKksELovamusOgsnyN3jQbqSv81ovDPbJxCQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDzljB2xR02tVaRH7Wxhj44myFN6MB8GA1UdIwQY
MBaAFFndpTn+uPijclNCYAZwwMFU5LqqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2QybE9mNjQtS055VTBKZ0JuREF3VlRrdXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9iZjJiYTUtZjI4MC00OWU1LTlhMzQt
ZmVjMjVkMmU5MThkLzEvUE9XTUhiRkhUYTFWcEVmdGJHR1BqaWJJVTNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9iZjJiYTUtZjI4MC00OWU1LTlhMzQtZmVjMjVkMmU5MThk
LzEvV2QybE9mNjQtS055VTBKZ0JuREF3VlRrdXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLYSsAwQC
uSrgMA0EAgACMAcDBQMqBJJAMA0GCSqGSIb3DQEBCwUAA4IBAQCne8k7iDjk4MNI
PsjlQ4TRJQIBFM6Wx+ent3z1ac/6sDTAlP0yxccDZaRP27OlWf0PM7uCvZLIl4+7
VGxKJpxYPDbshOoKhH4OHOjuibpxQrYxDhaBWdbzTzzkC6k/bXDWq0+ZwXmxngkA
YOyyAn1b28SpNvmHBNhYQyEhQQqQxtuvpAM10iSCu6O6yUFw4fRIpVFAlQtZPXMd
RFP9ZIGP8wvk/VZ++8jDDNU4WUKzkWuYnPKp/N8fdPwyeIi7XrRfFo6Q1o7jNsXf
EsBHu+QTfx9uapjqNQ+QPKEi0lWjJUxijQ7PzwKcFNddgREQCllJOlA281/xkyq0
zKv3BCx7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:14 2024 by rpki-client on console-fra.rpki-client.org