Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/PMg-44IMFuRatqqr9jk-dqJj_as.roa
File: PMg-44IMFuRatqqr9jk-dqJj_as.roa (raw, json)
Hash identifier: fslMO7KerCRz+NsXglaCiddo4COshpRPunilPHHPW7A=
Subject key identifier: 3C:C8:3E:E3:82:0C:16:E4:5A:B6:AA:AB:F6:39:3E:76:A2:63:FD:AB
Certificate issuer: /CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Certificate serial: 018A93093A6EC77A9E7A82980F69CA73E7ED
Authority key identifier: 71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/PMg-44IMFuRatqqr9jk-dqJj_as.roa
Signing time: Thu 14 Sep 2023 09:32:50 +0000
ROA not before: Thu 14 Sep 2023 09:32:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208949
IP address blocks: 45.148.145.0/24 maxlen: 24
45.142.1.0/24 maxlen: 24
45.142.2.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 25 Sep 2023 08:32:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:93:09:3a:6e:c7:7a:9e:7a:82:98:0f:69:ca:73:e7:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Validity
Not Before: Sep 14 09:32:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3cc83ee3820c16e45ab6aaabf6393e76a263fdab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:c3:7f:c5:7e:32:72:bf:dd:1f:e8:90:4b:b7:
54:66:3b:a3:67:22:4b:ca:6d:d4:4d:87:c9:4a:5b:
3a:63:82:29:07:74:14:cf:a2:f8:31:59:1c:31:1a:
1b:f8:fa:0f:94:84:09:c1:6b:a8:42:53:e5:c1:cf:
2a:88:ae:b7:19:2a:4c:b8:a2:2f:68:a8:74:34:24:
66:e6:d2:2b:fa:2d:4f:2f:72:9f:88:9b:70:fd:46:
d0:fd:5c:c8:49:86:8d:1a:03:0e:b8:4c:84:8a:80:
14:2a:f3:f1:48:38:7a:35:cc:60:a2:59:44:23:1a:
dc:86:13:1a:a4:c7:25:37:74:b5:4b:e9:3c:48:7c:
ad:60:60:55:d3:2d:cf:93:5f:f7:3b:b0:c7:40:5a:
cd:b5:7d:5f:ff:87:2f:f7:e4:21:29:0c:37:06:19:
d1:5d:7a:c3:34:36:7e:6f:b2:0c:45:2b:bb:f6:f1:
b9:de:8e:9a:cd:6c:6d:db:19:93:20:e1:bc:9b:ac:
de:d3:42:ae:ef:da:3f:cd:fc:21:c7:bb:79:60:f2:
07:dc:d0:c7:f0:ef:2d:eb:46:02:f7:52:a7:c7:8f:
16:54:87:31:b1:58:86:8b:7a:75:2e:1e:4f:c9:a8:
f4:1f:51:31:23:b2:0a:3a:fc:57:5c:53:ad:66:a3:
c9:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:C8:3E:E3:82:0C:16:E4:5A:B6:AA:AB:F6:39:3E:76:A2:63:FD:AB
X509v3 Authority Key Identifier:
keyid:71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/PMg-44IMFuRatqqr9jk-dqJj_as.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/cb3erw8w-9r551uSrH1b0T8oXec.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.1.0-45.142.2.255
45.148.145.0/24
Signature Algorithm: sha256WithRSAEncryption
28:1c:c2:8c:75:cb:db:bc:c3:c6:2e:38:ce:99:c0:f1:fc:87:
93:06:6e:dd:78:38:6d:65:ab:12:76:8d:ea:30:dd:0d:1a:cd:
65:0b:eb:c8:d9:d1:c8:15:de:07:7b:64:f8:a2:01:86:69:81:
15:1c:75:54:68:01:2a:78:ce:73:26:29:d3:c4:94:4f:18:45:
5a:b9:a3:68:34:a0:c8:f9:8b:4b:6b:14:12:71:17:9d:05:00:
eb:84:ac:e1:f5:46:5a:f7:bf:c0:34:83:d7:df:f6:e2:9e:b7:
21:8e:74:9f:8f:e2:77:0f:e2:55:b0:a1:ec:fa:c4:01:6c:ea:
a5:15:27:06:34:30:1a:85:2f:55:36:d4:09:f6:9e:b3:b2:e9:
7e:ea:2f:89:60:56:ea:0e:c1:46:ab:83:9e:67:47:e1:f4:09:
b0:96:19:45:19:44:12:40:92:49:d0:e8:86:62:aa:29:90:a1:
16:20:7f:cf:e9:6b:90:0b:75:dd:aa:de:9a:02:41:1f:cc:40:
08:52:74:99:b7:bf:c6:af:83:fe:52:9a:cb:a6:03:6c:c8:aa:
4b:25:3c:2d:ba:df:94:fb:a7:5c:88:f0:94:55:0f:94:02:dc:
7a:2e:1c:78:77:69:e2:83:6e:e6:74:0e:bc:9f:c9:7d:5f:d2:
99:a7:9b:0f
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYqTCTpux3qeeoKYD2nKc+ftMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYmRkZWFmMGYzMGZiZGFmOWU3NWI5MmFjN2Q1YmQxM2Yy
ODVkZTcwHhcNMjMwOTE0MDkzMjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2M4M2VlMzgyMGMxNmU0NWFiNmFhYWJmNjM5M2U3NmEyNjNmZGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo8N/xX4ycr/dH+iQS7dUZjujZyJL
ym3UTYfJSls6Y4IpB3QUz6L4MVkcMRob+PoPlIQJwWuoQlPlwc8qiK63GSpMuKIv
aKh0NCRm5tIr+i1PL3KfiJtw/UbQ/VzISYaNGgMOuEyEioAUKvPxSDh6NcxgollE
IxrchhMapMclN3S1S+k8SHytYGBV0y3Pk1/3O7DHQFrNtX1f/4cv9+QhKQw3BhnR
XXrDNDZ+b7IMRSu79vG53o6azWxt2xmTIOG8m6ze00Ku79o/zfwhx7t5YPIH3NDH
8O8t60YC91Knx48WVIcxsViGi3p1Lh5Pyaj0H1ExI7IKOvxXXFOtZqPJEwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFDzIPuOCDBbkWraqq/Y5PnaiY/2rMB8GA1UdIwQY
MBaAFHG93q8PMPva+edbkqx9W9E/KF3nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUt
NDc3MjMxMTkxYTM1LzEvUE1nLTQ0SU1GdVJhdHFxcjlqay1kcUpqX2FzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUtNDc3MjMxMTkxYTM1
LzEvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAAtjgED
BAAtjgIDBAAtlJEwDQYJKoZIhvcNAQELBQADggEBACgcwox1y9u8w8YuOM6ZwPH8
h5MGbt14OG1lqxJ2jeow3Q0azWUL68jZ0cgV3gd7ZPiiAYZpgRUcdVRoASp4znMm
KdPElE8YRVq5o2g0oMj5i0trFBJxF50FAOuErOH1Rlr3v8A0g9ff9uKetyGOdJ+P
4ncP4lWwoez6xAFs6qUVJwY0MBqFL1U21An2nrOy6X7qL4lgVuoOwUarg55nR+H0
CbCWGUUZRBJAkknQ6IZiqimQoRYgf8/pa5ALdd2q3poCQR/MQAhSdJm3v8avg/5S
msumA2zIqkslPC2635T7p1yI8JRVD5QC3HouHHh3aeKDbuZ0DryfyX1f0pmnmw8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:54 2024 by rpki-client on console-ams.rpki-client.org