Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/pLvM1kgK_5vbWpRmwyAsb95-0wY.roa
File: pLvM1kgK_5vbWpRmwyAsb95-0wY.roa (raw, json)
Hash identifier: wyFzCE4TdukJkBpIuxhQthMdSghwLQt1lfK/O8xFZUE=
Subject key identifier: A4:BB:CC:D6:48:0A:FF:9B:DB:5A:94:66:C3:20:2C:6F:DE:7E:D3:06
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018BB9AB140D0A26CF32CB14D17B223B87D4
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/pLvM1kgK_5vbWpRmwyAsb95-0wY.roa
Signing time: Fri 10 Nov 2023 14:37:58 +0000
ROA not before: Fri 10 Nov 2023 14:37:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60446
IP address blocks: 45.14.164.0/24 maxlen: 24
45.9.157.0/24 maxlen: 24
2.59.252.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 10 Nov 2023 15:32:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b9:ab:14:0d:0a:26:cf:32:cb:14:d1:7b:22:3b:87:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 10 14:37:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a4bbccd6480aff9bdb5a9466c3202c6fde7ed306
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:78:b8:7f:7f:64:1c:89:af:d6:af:c2:93:ff:
5c:f3:57:24:2b:0d:85:84:24:93:4a:29:37:27:f2:
f7:b9:2b:fa:bc:93:0a:37:5d:78:8c:5e:ad:8a:95:
8a:b9:6b:9f:82:6c:02:cb:9c:d0:0b:f9:ac:76:f4:
ab:b9:71:ac:f1:a1:14:c3:d0:ef:95:a0:0f:6b:70:
52:ad:8a:6d:04:fc:6e:f7:69:3a:30:46:a4:fb:08:
09:5b:0b:48:1c:fe:b3:15:12:72:39:b9:65:ba:78:
ca:1b:b9:18:26:9e:90:ad:1a:37:ba:bc:13:c9:58:
d6:2f:b7:6f:b4:23:bb:95:0c:93:46:34:6d:3f:05:
70:bb:7f:0b:94:e2:9d:87:72:16:13:31:b1:a8:be:
40:6e:c4:c0:a1:75:44:24:f2:42:df:34:58:7a:ca:
70:eb:48:f2:c3:56:1c:05:c5:ed:30:76:42:a4:f4:
39:90:2b:57:e7:b9:5f:59:48:05:3b:d7:4a:63:94:
a9:3e:97:74:38:32:5c:3a:10:a9:b4:8f:b8:9f:6d:
0a:56:9a:6a:52:bb:f7:4c:c4:52:c4:0c:26:63:93:
b1:08:2a:48:c7:13:91:f1:56:4c:31:b5:e0:42:68:
37:b9:ee:36:35:7b:7f:bb:29:82:83:13:4b:58:af:
b9:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:BB:CC:D6:48:0A:FF:9B:DB:5A:94:66:C3:20:2C:6F:DE:7E:D3:06
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/pLvM1kgK_5vbWpRmwyAsb95-0wY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.252.0/24
45.9.157.0/24
45.14.164.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:17:d8:8c:a8:d7:d3:b8:57:45:90:0d:3d:2b:ad:2e:d4:81:
d7:5d:7b:5d:7b:e6:82:c9:b2:27:a9:a5:e0:fb:5f:f0:06:a7:
9b:c9:00:69:a9:69:6b:9e:d5:3d:56:5b:54:04:83:54:bd:9f:
50:4d:76:09:e3:1f:ae:a6:e2:b0:59:2b:0e:9a:e6:7a:ca:e9:
20:c3:3f:58:9f:65:51:53:fc:52:cd:ff:0e:ef:3d:e2:e8:fa:
d0:0a:22:97:41:d2:5a:00:65:02:69:60:2e:1d:ff:17:d7:74:
ed:d5:2c:1b:2a:a8:c1:c0:33:41:cc:c2:85:61:83:3e:ef:11:
4b:44:54:1e:3a:b0:dd:ad:1f:41:b5:f6:01:d6:f1:64:83:e5:
14:8b:7a:c4:32:71:06:79:47:54:ce:71:3c:41:67:b5:74:ce:
7e:00:4e:10:d8:af:ee:89:ea:32:3c:3d:f1:56:31:a2:54:4c:
83:af:95:1d:0f:d0:da:47:f7:c5:c5:b9:75:91:c0:3d:8f:7d:
2c:a0:7d:b4:bf:8f:18:84:43:60:32:5c:49:95:85:04:43:4b:
b2:9a:ff:54:e4:e9:2c:5c:af:c0:3e:0c:5c:17:8f:1b:09:30:
78:5b:63:8c:5e:62:62:b6:22:77:c4:48:40:57:b4:3d:44:e2:
ef:10:e0:32
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYu5qxQNCibPMssU0XsiO4fUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMTEwMTQzNzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGJiY2NkNjQ4MGFmZjliZGI1YTk0NjZjMzIwMmM2ZmRlN2VkMzA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqXi4f39kHImv1q/Ck/9c81ckKw2F
hCSTSik3J/L3uSv6vJMKN114jF6tipWKuWufgmwCy5zQC/msdvSruXGs8aEUw9Dv
laAPa3BSrYptBPxu92k6MEak+wgJWwtIHP6zFRJyObllunjKG7kYJp6QrRo3urwT
yVjWL7dvtCO7lQyTRjRtPwVwu38LlOKdh3IWEzGxqL5AbsTAoXVEJPJC3zRYespw
60jyw1YcBcXtMHZCpPQ5kCtX57lfWUgFO9dKY5SpPpd0ODJcOhCptI+4n20KVppq
Urv3TMRSxAwmY5OxCCpIxxOR8VZMMbXgQmg3ue42NXt/uymCgxNLWK+5hwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKS7zNZICv+b21qUZsMgLG/eftMGMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvcEx2TTFrZ0tfNXZiV3BSbXd5QXNiOTUtMHdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAAjv8AwQA
LQmdAwQALQ6kMA0GCSqGSIb3DQEBCwUAA4IBAQBuF9iMqNfTuFdFkA09K60u1IHX
XXtde+aCybInqaXg+1/wBqebyQBpqWlrntU9VltUBINUvZ9QTXYJ4x+upuKwWSsO
muZ6yukgwz9Yn2VRU/xSzf8O7z3i6PrQCiKXQdJaAGUCaWAuHf8X13Tt1SwbKqjB
wDNBzMKFYYM+7xFLRFQeOrDdrR9BtfYB1vFkg+UUi3rEMnEGeUdUznE8QWe1dM5+
AE4Q2K/uieoyPD3xVjGiVEyDr5UdD9DaR/fFxbl1kcA9j30soH20v48YhENgMlxJ
lYUEQ0uymv9U5OksXK/APgxcF48bCTB4W2OMXmJitiJ3xEhAV7Q9ROLvEOAy
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:43 2024 by rpki-client on console-ams.rpki-client.org