Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/pf966UYEjytHOulOW61QoUBmXI4.roa
File: pf966UYEjytHOulOW61QoUBmXI4.roa (raw, json)
Hash identifier: fzCSEbQ1GVuRbwLxXl1etPD5LCx9UkD7IL5iFxXoKVA=
Subject key identifier: A5:FF:7A:E9:46:04:8F:2B:47:3A:E9:4E:5B:AD:50:A1:40:66:5C:8E
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018F6AE1D968AF301397DC4469AC5E73B449
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/pf966UYEjytHOulOW61QoUBmXI4.roa
Signing time: Sun 12 May 2024 03:38:57 +0000
ROA not before: Sun 12 May 2024 03:38:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.14.166.0/24 maxlen: 24
87.120.68.0/23 maxlen: 24
87.121.60.0/24 maxlen: 24
185.252.160.0/23 maxlen: 24
212.87.205.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 18 May 2024 23:13:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:6a:e1:d9:68:af:30:13:97:dc:44:69:ac:5e:73:b4:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 12 03:38:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a5ff7ae946048f2b473ae94e5bad50a140665c8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:a2:67:05:24:c6:e0:d3:3f:8d:8e:44:9f:f9:
a4:88:93:05:ac:55:da:41:80:95:cc:d1:80:a7:01:
16:f1:a2:1e:84:09:b4:f7:5a:ad:af:12:44:1c:1c:
0c:0a:57:83:f8:35:cb:b5:2d:29:b3:b8:08:cd:03:
96:b6:c9:32:c5:c9:c5:dd:34:4f:4e:7a:5d:e1:e1:
fa:7d:ec:1e:22:47:32:a2:4b:a3:67:f9:f1:b4:9a:
59:d0:05:11:43:a5:a1:f8:e7:df:1e:03:d2:69:64:
59:2d:cc:0f:35:b8:3b:71:e9:7d:17:43:35:77:3b:
50:9f:0c:92:a3:7c:4e:fa:f8:47:65:08:9d:5f:4f:
d2:b4:dd:e2:d3:fc:7e:18:fe:fa:e8:10:ec:c0:7a:
31:a3:5d:2d:0e:47:e1:3c:be:8d:2c:3d:7b:65:e3:
31:12:87:d7:f3:85:ff:26:69:fe:7c:d1:f1:93:3a:
7a:d4:3a:f6:69:02:58:df:e8:f2:25:c9:ed:c9:a2:
84:cf:d1:3e:cf:49:68:ff:3b:10:92:1a:3c:86:36:
27:86:13:e1:0c:61:2b:9f:e3:55:9e:ca:63:bb:32:
64:f3:b6:01:1c:09:df:45:5c:b6:19:f5:36:c0:8c:
05:e4:cc:92:e5:7b:0e:9d:85:78:53:96:57:2c:ab:
36:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:FF:7A:E9:46:04:8F:2B:47:3A:E9:4E:5B:AD:50:A1:40:66:5C:8E
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/pf966UYEjytHOulOW61QoUBmXI4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.166.0/24
87.120.68.0/23
87.121.60.0/24
185.252.160.0/23
212.87.205.0/24
Signature Algorithm: sha256WithRSAEncryption
08:ef:a6:76:95:5e:00:5b:aa:e0:02:9e:ab:4d:3f:73:af:e5:
f4:18:ce:ca:02:52:37:2d:b4:2f:46:55:66:ec:33:cf:ed:24:
de:86:3a:08:c6:02:06:ef:cb:8a:29:cc:94:79:53:7e:5f:cd:
bc:c6:34:1b:45:54:cc:a2:37:bb:b1:41:f8:bf:27:f8:74:3c:
39:fb:87:e8:39:d1:38:a7:8e:00:b0:64:fc:eb:a4:1b:e5:58:
97:45:c6:48:24:3f:25:5a:9b:f3:ba:20:60:d1:92:dd:5e:f0:
08:a6:db:39:4b:62:fd:28:e2:e9:7a:f4:09:c7:e3:7e:e8:02:
f1:12:73:f6:8b:d6:37:0f:1c:cd:b2:fa:fe:f4:08:36:36:f4:
93:03:2b:7f:30:41:36:c5:c5:06:4b:1b:14:46:14:3c:79:09:
1e:cc:5e:58:72:e0:ea:47:09:89:01:ad:04:9d:a9:65:25:24:
ce:e7:85:9a:f2:fe:70:54:4a:55:68:13:76:06:5a:06:d6:7b:
69:a5:22:86:5b:97:3e:d3:3c:96:d6:7f:48:29:b0:3b:92:f8:
75:81:61:f8:ca:ba:13:02:fe:80:18:ae:0e:8e:67:80:be:a6:
58:c3:ef:e4:df:8f:f3:95:2f:83:23:22:23:68:e9:91:f2:0f:
6d:ef:1d:bf
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY9q4dlorzATl9xEaaxec7RJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNTEyMDMzODU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWZmN2FlOTQ2MDQ4ZjJiNDczYWU5NGU1YmFkNTBhMTQwNjY1YzhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwaJnBSTG4NM/jY5En/mkiJMFrFXa
QYCVzNGApwEW8aIehAm091qtrxJEHBwMCleD+DXLtS0ps7gIzQOWtskyxcnF3TRP
Tnpd4eH6feweIkcyokujZ/nxtJpZ0AURQ6Wh+OffHgPSaWRZLcwPNbg7cel9F0M1
dztQnwySo3xO+vhHZQidX0/StN3i0/x+GP766BDswHoxo10tDkfhPL6NLD17ZeMx
EofX84X/Jmn+fNHxkzp61Dr2aQJY3+jyJcntyaKEz9E+z0lo/zsQkho8hjYnhhPh
DGErn+NVnspjuzJk87YBHAnfRVy2GfU2wIwF5MyS5XsOnYV4U5ZXLKs2RQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKX/eulGBI8rRzrpTlutUKFAZlyOMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvcGY5NjZVWUVqeXRIT3VsT1c2MVFvVUJtWEk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALQ6mAwQB
V3hEAwQAV3k8AwQBufygAwQA1FfNMA0GCSqGSIb3DQEBCwUAA4IBAQAI76Z2lV4A
W6rgAp6rTT9zr+X0GM7KAlI3LbQvRlVm7DPP7STehjoIxgIG78uKKcyUeVN+X828
xjQbRVTMoje7sUH4vyf4dDw5+4foOdE4p44AsGT866Qb5ViXRcZIJD8lWpvzuiBg
0ZLdXvAIpts5S2L9KOLpevQJx+N+6ALxEnP2i9Y3DxzNsvr+9Ag2NvSTAyt/MEE2
xcUGSxsURhQ8eQkezF5YcuDqRwmJAa0EnallJSTO54Wa8v5wVEpVaBN2BloG1ntp
pSKGW5c+0zyW1n9IKbA7kvh1gWH4yroTAv6AGK4OjmeAvqZYw+/k34/zlS+DIyIj
aOmR8g9t7x2/
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:43 2024 by rpki-client on console-ams.rpki-client.org