Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/pZhQUfFeYOSsMqH4gLSVy3O-1Ps.roa
File: pZhQUfFeYOSsMqH4gLSVy3O-1Ps.roa (raw, json)
Hash identifier: 2Jf94VBXc6jL0+Le9iRRHOe4eANFYZFfegYIlehRUFo=
Subject key identifier: A5:98:50:51:F1:5E:60:E4:AC:32:A1:F8:80:B4:95:CB:73:BE:D4:FB
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0190FE04CC744D611751444B6A829FF223EC
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/pZhQUfFeYOSsMqH4gLSVy3O-1Ps.roa
Signing time: Mon 29 Jul 2024 10:24:05 +0000
ROA not before: Mon 29 Jul 2024 10:24:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 147186
IP address blocks: 45.129.86.0/23 maxlen: 24
185.252.176.0/24 maxlen: 24
193.35.19.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 01 Aug 2024 07:03:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:fe:04:cc:74:4d:61:17:51:44:4b:6a:82:9f:f2:23:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jul 29 10:24:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a5985051f15e60e4ac32a1f880b495cb73bed4fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:dd:22:68:71:4d:ab:89:a5:6c:78:f9:02:6d:
96:3f:4e:38:34:f5:7f:01:af:57:24:f4:1d:b0:02:
63:29:ac:16:c6:22:57:ab:9e:bd:72:2e:b1:f2:42:
e0:8a:f3:95:05:e2:58:c2:53:cb:39:e3:5a:21:b9:
18:37:f8:a5:24:7d:e4:2b:3d:f5:da:7e:2c:08:58:
1e:8c:73:31:44:1e:d6:bb:b3:5f:d8:8f:45:5f:2a:
cb:da:78:d6:98:d8:a4:21:ab:b6:2d:7b:1a:9a:b4:
f1:71:d6:61:f3:3c:c7:64:6d:db:60:e7:5e:4e:fe:
bd:50:28:90:a4:7c:a3:13:d5:b1:e0:2f:25:23:25:
e7:d4:14:9e:4b:4b:e7:63:5c:37:be:da:de:0b:8f:
dc:b0:9a:32:10:4c:8e:8b:a8:f8:15:56:53:7e:54:
c2:ff:aa:fb:cd:01:62:4a:49:c5:db:2f:2b:b3:56:
77:ce:ca:09:38:b2:b4:ad:9e:43:d8:46:b1:e6:33:
c2:64:a1:c4:51:eb:fc:c7:91:c1:28:ff:5a:3d:83:
c1:b1:a6:b7:6d:6a:ff:a4:fd:de:7f:fb:c9:52:8d:
ef:1a:0b:6b:4f:11:b8:09:09:42:41:85:9b:32:4c:
34:02:27:9a:04:00:b8:3d:c5:2a:71:a9:45:ff:a2:
b9:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:98:50:51:F1:5E:60:E4:AC:32:A1:F8:80:B4:95:CB:73:BE:D4:FB
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/pZhQUfFeYOSsMqH4gLSVy3O-1Ps.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.86.0/23
185.252.176.0/24
193.35.19.0/24
Signature Algorithm: sha256WithRSAEncryption
70:50:79:04:db:31:31:cf:5d:76:06:34:13:67:a2:e2:7b:b2:
f5:b6:b3:dc:0d:6a:8d:61:2a:13:7b:e7:cb:73:db:99:13:a5:
9e:2b:94:83:08:34:21:f9:5c:a2:39:ce:6c:07:6e:51:49:ff:
bb:43:99:dc:c7:f2:15:74:a8:63:01:b2:ad:af:c9:b5:6f:63:
49:e2:db:34:cb:f8:d2:c4:23:b6:f8:59:bd:3d:44:a6:82:9d:
b7:e7:53:e6:ec:b9:a3:23:40:33:1b:99:d5:71:37:6e:df:c9:
76:52:16:97:3f:6c:0a:7b:e6:f9:3b:19:d1:c7:e6:83:71:6c:
af:94:79:78:3c:29:da:b3:4d:0b:bc:61:fb:4a:bf:47:7d:62:
c3:7f:4a:82:84:5a:ab:75:29:92:1a:12:d2:c9:fb:71:ef:fb:
ef:25:c5:52:b6:32:fb:6b:76:39:ea:0a:45:d2:32:fa:74:c5:
b1:b8:51:ef:62:6a:63:43:2b:15:f5:43:f9:7d:90:e6:8e:51:
d5:45:f3:03:33:cc:5f:bd:a2:5b:2f:b3:6e:a1:62:71:fb:fb:
f7:e5:99:5d:5a:c4:c5:38:cd:ac:a8:33:67:38:4f:6d:7b:8b:
4c:19:20:31:17:22:dc:78:52:f1:9f:35:55:6a:49:60:8c:f0:
57:a9:3e:f2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZD+BMx0TWEXUURLaoKf8iPsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNzI5MTAyNDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTk4NTA1MWYxNWU2MGU0YWMzMmExZjg4MGI0OTVjYjczYmVkNGZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyt0iaHFNq4mlbHj5Am2WP044NPV/
Aa9XJPQdsAJjKawWxiJXq569ci6x8kLgivOVBeJYwlPLOeNaIbkYN/ilJH3kKz31
2n4sCFgejHMxRB7Wu7Nf2I9FXyrL2njWmNikIau2LXsamrTxcdZh8zzHZG3bYOde
Tv69UCiQpHyjE9Wx4C8lIyXn1BSeS0vnY1w3vtreC4/csJoyEEyOi6j4FVZTflTC
/6r7zQFiSknF2y8rs1Z3zsoJOLK0rZ5D2Eax5jPCZKHEUev8x5HBKP9aPYPBsaa3
bWr/pP3ef/vJUo3vGgtrTxG4CQlCQYWbMkw0AieaBAC4PcUqcalF/6K5aQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKWYUFHxXmDkrDKh+IC0lctzvtT7MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvcFpoUVVmRmVZT1NzTXFINGdMU1Z5M08tMVBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBLYFWAwQA
ufywAwQAwSMTMA0GCSqGSIb3DQEBCwUAA4IBAQBwUHkE2zExz112BjQTZ6Lie7L1
trPcDWqNYSoTe+fLc9uZE6WeK5SDCDQh+VyiOc5sB25RSf+7Q5ncx/IVdKhjAbKt
r8m1b2NJ4ts0y/jSxCO2+Fm9PUSmgp2351Pm7LmjI0AzG5nVcTdu38l2UhaXP2wK
e+b5OxnRx+aDcWyvlHl4PCnas00LvGH7Sr9HfWLDf0qChFqrdSmSGhLSyftx7/vv
JcVStjL7a3Y56gpF0jL6dMWxuFHvYmpjQysV9UP5fZDmjlHVRfMDM8xfvaJbL7Nu
oWJx+/v35ZldWsTFOM2sqDNnOE9te4tMGSAxFyLceFLxnzVVaklgjPBXqT7y
-----END CERTIFICATE-----
Generated at Thu Aug 1 08:35:33 2024 by rpki-client on console-fra.rpki-client.org