Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/P3FJbQyAkwvqzPAMWIg5W6cMb7E.roa
File: P3FJbQyAkwvqzPAMWIg5W6cMb7E.roa (raw, json)
Hash identifier: 8dD6KHH4o5tCzTtcdk/VwX4HDC5HR0rnd5ZSvvfzkjQ=
Subject key identifier: 3F:71:49:6D:0C:80:93:0B:EA:CC:F0:0C:58:88:39:5B:A7:0C:6F:B1
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 018BD8AD0E4E29BD0A15CA84FC27101D6B03
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/P3FJbQyAkwvqzPAMWIg5W6cMb7E.roa
Signing time: Thu 16 Nov 2023 15:08:21 +0000
ROA not before: Thu 16 Nov 2023 15:08:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209243
IP address blocks: 195.22.156.0/24 maxlen: 24
195.22.157.0/24 maxlen: 24
80.64.216.0/24 maxlen: 24
80.64.217.0/24 maxlen: 24
194.156.177.0/24 maxlen: 24
45.157.34.0/24 maxlen: 24
194.146.49.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d8:ad:0e:4e:29:bd:0a:15:ca:84:fc:27:10:1d:6b:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Nov 16 15:08:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3f71496d0c80930beaccf00c5888395ba70c6fb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:26:87:62:4d:a4:9f:11:6e:39:e9:63:f9:44:
1c:5a:1e:f7:a5:9c:66:85:c3:ce:be:90:81:02:62:
64:c2:8a:b7:cc:61:e5:f5:24:88:1b:f1:d7:56:b6:
23:70:64:ce:1e:8d:7c:fb:aa:be:73:65:be:b1:a3:
56:54:f8:c4:52:8b:8c:55:91:ac:b8:19:1b:c5:54:
d0:9f:10:46:ee:83:96:a6:55:5b:e5:fc:f9:f5:41:
49:23:93:7d:ad:1c:80:f1:12:58:59:fb:89:f4:5d:
13:2a:0b:05:0e:fb:50:be:fc:dd:13:25:cb:e4:f3:
36:c9:df:d6:66:48:a2:58:a0:e9:30:3e:ed:38:43:
2a:e8:d6:68:99:b4:78:cd:33:4d:4a:5a:15:a1:f7:
b4:98:bd:b4:fe:5a:d2:d1:0a:0b:04:8d:47:3e:96:
0d:2c:d6:e1:bd:1a:db:3d:a3:b2:a4:e1:c3:2d:6a:
82:33:cc:57:fb:a9:07:d0:89:33:ba:a2:04:7d:72:
87:58:20:ab:77:09:05:57:1d:d2:da:78:67:8f:32:
1f:ed:a1:7a:6c:a4:60:64:16:63:ec:9b:4c:d5:90:
87:10:6e:a0:be:71:c2:b6:ff:1a:ed:34:b3:cd:71:
96:64:19:c6:ef:e2:83:24:4d:b7:20:08:90:82:79:
96:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:71:49:6D:0C:80:93:0B:EA:CC:F0:0C:58:88:39:5B:A7:0C:6F:B1
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/P3FJbQyAkwvqzPAMWIg5W6cMb7E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.34.0/24
80.64.216.0/23
194.146.49.0/24
194.156.177.0/24
195.22.156.0/23
Signature Algorithm: sha256WithRSAEncryption
8f:56:8c:f0:5e:74:97:be:f1:6e:dc:cd:d5:e1:e0:73:9a:2a:
3b:d1:32:ec:15:f4:b5:50:c8:cb:cf:a5:44:1c:2a:85:0d:99:
6f:4d:d2:99:c7:ac:00:06:78:83:f3:db:7a:fb:33:18:8c:6e:
fe:7c:3d:db:d6:d0:67:a8:da:e2:6a:fe:fc:fe:2d:ef:eb:06:
0d:b6:27:3d:d1:62:bc:84:69:52:e0:6d:6e:37:fc:28:c2:8a:
0b:81:a9:c0:00:0f:aa:b3:4e:2d:f1:f3:aa:98:b4:01:dd:7b:
b6:ed:ee:7b:6a:97:0e:7b:ea:a3:2b:69:65:60:ed:81:e6:21:
70:95:2c:be:d9:9c:c6:ce:d6:07:11:37:7c:f8:64:54:be:d8:
02:a7:58:3b:fa:a9:b5:13:59:85:30:31:c5:d5:d0:be:77:9a:
d5:17:fb:cd:8f:a7:24:b9:ef:57:32:a2:38:2a:80:14:9b:2f:
ff:f3:a7:16:ab:88:03:22:f7:0f:8d:72:1e:67:98:53:20:66:
b7:85:ad:9f:02:2f:14:50:a4:4d:22:06:df:ec:b6:f8:0f:fd:
dc:05:c5:4d:41:e1:21:a5:9a:03:83:ec:55:40:85:08:8a:e7:
63:38:55:86:39:fc:e6:e9:1a:52:f4:74:f9:9e:e3:35:47:d1:
a5:9d:a8:0f
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYvYrQ5OKb0KFcqE/CcQHWsDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjMxMTE2MTUwODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjcxNDk2ZDBjODA5MzBiZWFjY2YwMGM1ODg4Mzk1YmE3MGM2ZmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkiaHYk2knxFuOelj+UQcWh73pZxm
hcPOvpCBAmJkwoq3zGHl9SSIG/HXVrYjcGTOHo18+6q+c2W+saNWVPjEUouMVZGs
uBkbxVTQnxBG7oOWplVb5fz59UFJI5N9rRyA8RJYWfuJ9F0TKgsFDvtQvvzdEyXL
5PM2yd/WZkiiWKDpMD7tOEMq6NZombR4zTNNSloVofe0mL20/lrS0QoLBI1HPpYN
LNbhvRrbPaOypOHDLWqCM8xX+6kH0IkzuqIEfXKHWCCrdwkFVx3S2nhnjzIf7aF6
bKRgZBZj7JtM1ZCHEG6gvnHCtv8a7TSzzXGWZBnG7+KDJE23IAiQgnmWRwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFD9xSW0MgJML6szwDFiIOVunDG+xMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvUDNGSmJReUFrd3ZxelBBTVdJZzVXNmNNYjdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALZ0iAwQB
UEDYAwQAwpIxAwQAwpyxAwQBwxacMA0GCSqGSIb3DQEBCwUAA4IBAQCPVozwXnSX
vvFu3M3V4eBzmio70TLsFfS1UMjLz6VEHCqFDZlvTdKZx6wABniD89t6+zMYjG7+
fD3b1tBnqNriav78/i3v6wYNtic90WK8hGlS4G1uN/wowooLganAAA+qs04t8fOq
mLQB3Xu27e57apcOe+qjK2llYO2B5iFwlSy+2ZzGztYHETd8+GRUvtgCp1g7+qm1
E1mFMDHF1dC+d5rVF/vNj6ckue9XMqI4KoAUmy//86cWq4gDIvcPjXIeZ5hTIGa3
ha2fAi8UUKRNIgbf7Lb4D/3cBcVNQeEhpZoDg+xVQIUIiudjOFWGOfzm6RpS9HT5
nuM1R9GlnagP
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:17 2024 by rpki-client on console-ams.rpki-client.org