Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/1PsFQjfchUBUPrXAcZJmd8pxyO8.roa
File: 1PsFQjfchUBUPrXAcZJmd8pxyO8.roa (raw, json)
Hash identifier: tIAcc4NbfBv/n2/tp6jgHfX5QnMpcva5E3YuwxR6g+g=
Subject key identifier: D4:FB:05:42:37:DC:85:40:54:3E:B5:C0:71:92:66:77:CA:71:C8:EF
Certificate issuer: /CN=577021dcdf44b6afdd3810547c55a79bd1a9fa3b
Certificate serial: 018C3F2F51B60312DF1EA8B3A91C1CFF429D
Authority key identifier: 57:70:21:DC:DF:44:B6:AF:DD:38:10:54:7C:55:A7:9B:D1:A9:FA:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V3Ah3N9Etq_dOBBUfFWnm9Gp-js.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/1PsFQjfchUBUPrXAcZJmd8pxyO8.roa
Signing time: Wed 06 Dec 2023 12:51:54 +0000
ROA not before: Wed 06 Dec 2023 12:51:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205836
IP address blocks: 185.157.129.0/24 maxlen: 24
185.157.130.0/24 maxlen: 24
185.157.128.0/24 maxlen: 24
185.157.131.0/24 maxlen: 24
45.92.184.0/24 maxlen: 24
45.92.185.0/24 maxlen: 24
45.92.186.0/24 maxlen: 24
45.92.187.0/24 maxlen: 24
185.204.202.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 06 Dec 2023 14:52:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3f:2f:51:b6:03:12:df:1e:a8:b3:a9:1c:1c:ff:42:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=577021dcdf44b6afdd3810547c55a79bd1a9fa3b
Validity
Not Before: Dec 6 12:51:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d4fb054237dc8540543eb5c071926677ca71c8ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:47:f0:4c:3b:bb:ff:2e:59:c3:6f:ca:dd:59:
cf:e3:39:86:ff:9c:63:e0:ab:a6:d9:cd:89:78:3f:
a2:d3:94:8b:e9:aa:65:2a:23:18:b1:40:24:c3:6c:
e4:b6:97:00:08:67:9f:16:62:14:b7:cb:84:03:78:
b7:68:f8:32:2c:12:9f:9f:05:a5:cd:f3:a2:48:e6:
64:f3:28:7b:d8:e3:8c:35:71:e1:1a:34:80:25:0b:
59:ae:25:65:f5:31:76:09:38:aa:32:35:8e:45:7d:
03:0d:20:d2:17:87:f4:68:40:82:73:50:f6:74:fe:
56:83:fb:8b:ee:87:70:17:7c:2e:b7:df:3c:1b:c7:
49:fb:76:79:8e:5d:37:e7:65:4a:11:79:11:ca:4f:
1d:96:e5:fc:ee:2f:8f:97:53:66:88:9e:30:31:cd:
15:d5:08:f4:01:18:e8:a8:f8:f7:c8:b7:8c:58:7f:
06:f0:30:fb:8b:0c:df:4f:b4:25:21:40:e3:c0:b1:
83:12:53:f9:b9:6c:45:ae:c8:75:f7:d9:9c:8d:16:
1f:bd:e6:36:9f:7c:32:6e:b5:8d:3a:65:bc:db:82:
c0:c8:87:97:cd:af:00:28:be:c2:f4:35:b7:d5:58:
bf:0d:5c:85:98:57:f7:95:ea:20:7a:bf:b4:f4:ff:
b5:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:FB:05:42:37:DC:85:40:54:3E:B5:C0:71:92:66:77:CA:71:C8:EF
X509v3 Authority Key Identifier:
keyid:57:70:21:DC:DF:44:B6:AF:DD:38:10:54:7C:55:A7:9B:D1:A9:FA:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V3Ah3N9Etq_dOBBUfFWnm9Gp-js.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/1PsFQjfchUBUPrXAcZJmd8pxyO8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/V3Ah3N9Etq_dOBBUfFWnm9Gp-js.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.92.184.0/22
185.157.128.0/22
185.204.202.0/24
Signature Algorithm: sha256WithRSAEncryption
05:35:7c:9e:f5:b0:6c:c3:b7:f8:2e:3d:7b:13:75:28:3a:96:
e4:52:44:42:58:a8:61:c6:bb:2f:29:87:b9:02:9b:4f:ce:f3:
21:84:e3:d1:a8:53:93:8e:aa:bc:17:58:ff:7c:e6:7d:72:99:
9d:94:9a:81:b9:d6:97:0b:cf:8d:33:60:09:fa:34:8c:d8:8b:
1f:d1:96:12:74:38:ac:09:60:3b:ed:91:29:28:c6:9f:bf:c3:
7f:de:09:1d:ed:72:75:e3:dc:2e:2d:30:07:10:f1:77:ba:df:
a7:f0:8a:02:88:27:73:51:38:78:f8:df:9c:6a:13:d3:7b:78:
20:3c:0e:e9:21:46:3d:77:79:1b:75:b9:93:e0:9b:4d:c8:9c:
95:39:81:7c:84:df:50:b6:cb:c6:8e:4a:27:e3:33:ed:f1:24:
45:ce:4e:21:10:27:8e:b3:22:c5:f5:ff:1f:e1:eb:4a:f8:f0:
38:cc:21:bb:42:66:98:c1:11:1f:47:bb:30:17:4a:0d:01:30:
9c:c2:42:8a:75:5b:d4:eb:e0:56:3c:43:fd:d8:21:4d:c8:04:
a8:2b:79:84:eb:d8:98:06:c4:e2:e4:48:f2:cd:e1:69:55:e9:
f1:66:55:b9:0e:f9:b3:bf:3c:26:0d:8d:ca:a2:93:eb:de:47:
9c:da:be:93
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYw/L1G2AxLfHqizqRwc/0KdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NzAyMWRjZGY0NGI2YWZkZDM4MTA1NDdjNTVhNzliZDFh
OWZhM2IwHhcNMjMxMjA2MTI1MTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGZiMDU0MjM3ZGM4NTQwNTQzZWI1YzA3MTkyNjY3N2NhNzFjOGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhEfwTDu7/y5Zw2/K3VnP4zmG/5xj
4Kum2c2JeD+i05SL6aplKiMYsUAkw2zktpcACGefFmIUt8uEA3i3aPgyLBKfnwWl
zfOiSOZk8yh72OOMNXHhGjSAJQtZriVl9TF2CTiqMjWORX0DDSDSF4f0aECCc1D2
dP5Wg/uL7odwF3wut988G8dJ+3Z5jl0352VKEXkRyk8dluX87i+Pl1NmiJ4wMc0V
1Qj0ARjoqPj3yLeMWH8G8DD7iwzfT7QlIUDjwLGDElP5uWxFrsh199mcjRYfveY2
n3wybrWNOmW824LAyIeXza8AKL7C9DW31Vi/DVyFmFf3leoger+09P+1gwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNT7BUI33IVAVD61wHGSZnfKccjvMB8GA1UdIwQY
MBaAFFdwIdzfRLav3TgQVHxVp5vRqfo7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjNBaDNOOUV0cV9kT0JCVWZGV25tOUdwLWpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS8wYWMyN2EtMjE1OS00OGQ3LThiZmQt
YzkwN2FlMWMyMTFlLzEvMVBzRlFqZmNoVUJVUHJYQWNaSm1kOHB4eU84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS8wYWMyN2EtMjE1OS00OGQ3LThiZmQtYzkwN2FlMWMyMTFl
LzEvVjNBaDNOOUV0cV9kT0JCVWZGV25tOUdwLWpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLVy4AwQC
uZ2AAwQAuczKMA0GCSqGSIb3DQEBCwUAA4IBAQAFNXye9bBsw7f4Lj17E3UoOpbk
UkRCWKhhxrsvKYe5AptPzvMhhOPRqFOTjqq8F1j/fOZ9cpmdlJqBudaXC8+NM2AJ
+jSM2Isf0ZYSdDisCWA77ZEpKMafv8N/3gkd7XJ149wuLTAHEPF3ut+n8IoCiCdz
UTh4+N+cahPTe3ggPA7pIUY9d3kbdbmT4JtNyJyVOYF8hN9QtsvGjkon4zPt8SRF
zk4hECeOsyLF9f8f4etK+PA4zCG7QmaYwREfR7swF0oNATCcwkKKdVvU6+BWPEP9
2CFNyASoK3mE69iYBsTi5EjyzeFpVenxZlW5DvmzvzwmDY3KopPr3kec2r6T
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:13 2024 by rpki-client on console-ams.rpki-client.org