Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/1pJpvvMRDQKD2ari2Rh2RY1SSho.roa
File: 1pJpvvMRDQKD2ari2Rh2RY1SSho.roa (raw, json)
Hash identifier: vSxAs+DPIwOaHuSmN660FpxiL7Utpflub74DtRX+/mc=
Subject key identifier: D6:92:69:BE:F3:11:0D:02:83:D9:AA:E2:D9:18:76:45:8D:52:4A:1A
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 0189DA9312EFDA108C106925E3C78FD70725
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/1pJpvvMRDQKD2ari2Rh2RY1SSho.roa
Signing time: Wed 09 Aug 2023 13:53:39 +0000
ROA not before: Wed 09 Aug 2023 13:53:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 45.140.8.0/23 maxlen: 23
109.206.250.0/23 maxlen: 23
2a0c:9e02::/32 maxlen: 40
2a0b:3c41:2::/48 maxlen: 48
2a0e:eb40::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 09 Aug 2023 14:03:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:da:93:12:ef:da:10:8c:10:69:25:e3:c7:8f:d7:07:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Aug 9 13:53:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d69269bef3110d0283d9aae2d91876458d524a1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:da:c4:c0:2b:e8:14:57:e4:01:f4:d0:b9:8c:
38:b1:a5:31:53:36:b6:a7:58:6f:d7:a4:89:8a:80:
7c:80:11:28:ca:ab:12:30:4c:9a:bb:36:db:6a:89:
ad:39:49:cf:8c:0a:e1:ca:3d:6f:61:2a:b6:7a:ec:
0f:69:10:18:2d:3b:ac:68:ad:06:51:62:64:fe:2c:
e0:3c:fa:17:30:f5:3c:62:42:70:35:a1:87:6f:3b:
7d:e5:98:e8:39:cb:2b:e1:83:ea:38:4c:bb:37:c2:
f3:ca:13:a7:f0:d7:d7:e7:d0:f0:2d:e3:2a:17:7b:
65:67:fe:57:2d:5d:03:f6:5f:b3:dd:43:eb:04:cc:
d8:30:3e:2e:19:9d:30:4e:16:db:76:c3:88:8b:c3:
e2:db:90:0e:37:10:76:3a:ad:ac:f8:67:66:9d:e3:
b7:3e:8b:e2:0d:fd:e3:a5:09:e7:02:83:59:67:89:
2d:9f:17:62:2a:08:e0:97:e0:89:91:de:c7:07:95:
29:81:a1:f4:aa:dd:ee:95:98:2a:58:6c:df:44:c9:
f0:c2:1a:d5:0e:df:04:53:4c:1b:1a:29:eb:56:7b:
bf:40:0a:00:a9:0a:6c:37:2b:cf:4b:e6:96:2d:b5:
dc:1e:44:46:99:f6:57:af:6b:3d:30:76:9f:f8:5d:
2d:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:92:69:BE:F3:11:0D:02:83:D9:AA:E2:D9:18:76:45:8D:52:4A:1A
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/1pJpvvMRDQKD2ari2Rh2RY1SSho.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.8.0/23
109.206.250.0/23
IPv6:
2a0b:3c41:2::/48
2a0c:9e02::/32
2a0e:eb40::/32
Signature Algorithm: sha256WithRSAEncryption
87:e6:95:0e:3c:1f:3b:43:ae:86:a0:c7:dd:e4:b6:b0:88:97:
66:53:d7:bc:0e:d2:ec:a1:af:4b:93:55:ab:23:81:b9:34:2b:
8d:cc:4a:56:18:6c:7a:12:2b:ad:59:e1:56:5b:c0:66:06:79:
c4:29:d8:3f:48:37:2e:e8:ef:72:c4:2b:00:6a:79:89:13:e0:
a4:1b:23:df:23:00:6f:23:84:8e:cf:9d:0b:d3:a7:14:63:e1:
95:d9:5a:93:45:21:a8:fa:84:e2:48:79:8d:2c:4b:77:8d:e4:
00:f9:a9:f2:5c:8a:90:2a:0d:76:40:e3:6f:6b:61:5d:58:2d:
1b:d1:eb:ef:b1:c8:a0:78:a5:77:f6:f3:d4:4a:75:d3:8d:73:
33:99:19:32:59:0f:ec:d9:e7:18:28:f3:c2:81:fb:c4:b0:af:
4d:05:d9:3d:0b:2d:fa:03:ea:76:38:be:99:97:42:a5:0b:b7:
6c:2c:32:9c:06:67:10:ac:0b:4b:3b:9d:14:c7:6f:b2:a1:b6:
4b:6a:78:f9:f2:b2:3a:95:b7:10:f6:a1:cf:cd:e5:24:43:32:
e3:63:32:eb:4b:1f:ff:da:e0:66:10:e0:4c:f9:f5:9c:5f:c0:
ba:96:74:9e:77:0f:d1:16:58:f3:43:3f:92:68:ae:9c:91:f9:
3f:5d:ee:19
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAYnakxLv2hCMEGkl48eP1wclMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjMwODA5MTM1MzM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjkyNjliZWYzMTEwZDAyODNkOWFhZTJkOTE4NzY0NThkNTI0YTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAndrEwCvoFFfkAfTQuYw4saUxUza2
p1hv16SJioB8gBEoyqsSMEyauzbbaomtOUnPjArhyj1vYSq2euwPaRAYLTusaK0G
UWJk/izgPPoXMPU8YkJwNaGHbzt95ZjoOcsr4YPqOEy7N8LzyhOn8NfX59DwLeMq
F3tlZ/5XLV0D9l+z3UPrBMzYMD4uGZ0wThbbdsOIi8Pi25AONxB2Oq2s+GdmneO3
PoviDf3jpQnnAoNZZ4ktnxdiKgjgl+CJkd7HB5UpgaH0qt3ulZgqWGzfRMnwwhrV
Dt8EU0wbGinrVnu/QAoAqQpsNyvPS+aWLbXcHkRGmfZXr2s9MHaf+F0tNwIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFNaSab7zEQ0Cg9mq4tkYdkWNUkoaMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvMXBKcHZ2TVJEUUtEMmFyaTJSaDJSWTFTU2hvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzASBAIAATAMAwQBLYwIAwQB
bc76MB0EAgACMBcDBwAqCzxBAAIDBQAqDJ4CAwUAKg7rQDANBgkqhkiG9w0BAQsF
AAOCAQEAh+aVDjwfO0OuhqDH3eS2sIiXZlPXvA7S7KGvS5NVqyOBuTQrjcxKVhhs
ehIrrVnhVlvAZgZ5xCnYP0g3LujvcsQrAGp5iRPgpBsj3yMAbyOEjs+dC9OnFGPh
ldlak0UhqPqE4kh5jSxLd43kAPmp8lyKkCoNdkDjb2thXVgtG9Hr77HIoHild/bz
1Ep1041zM5kZMlkP7NnnGCjzwoH7xLCvTQXZPQst+gPqdji+mZdCpQu3bCwynAZn
EKwLSzudFMdvsqG2S2p4+fKyOpW3EPahz83lJEMy42My60sf/9rgZhDgTPn1nF/A
upZ0nncP0RZY80M/kmiunJH5P13uGQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:25 2024 by rpki-client on console-fra.rpki-client.org