Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/P6HmGHVSHGyek6xcWd6Dkw_Uh68.roa
File: P6HmGHVSHGyek6xcWd6Dkw_Uh68.roa (raw, json)
Hash identifier: +s9QGOQbCpqpK7vPdM/q7KDqAak12QtETdvpkqqft4g=
Subject key identifier: 3F:A1:E6:18:75:52:1C:6C:9E:93:AC:5C:59:DE:83:93:0F:D4:87:AF
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 019247A01E39FB625F7E3C095A32A19EA3EE
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/P6HmGHVSHGyek6xcWd6Dkw_Uh68.roa
Signing time: Tue 01 Oct 2024 10:28:48 +0000
ROA not before: Tue 01 Oct 2024 10:28:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208258
IP address blocks: 45.144.244.0/23 maxlen: 24
45.144.246.0/24 maxlen: 24
45.151.156.0/23 maxlen: 24
45.151.158.0/24 maxlen: 24
45.154.238.0/24 maxlen: 24
185.208.208.0/24 maxlen: 24
185.208.209.0/24 maxlen: 24
185.208.210.0/24 maxlen: 24
185.208.211.0/24 maxlen: 24
185.227.82.0/24 maxlen: 24
185.228.83.0/24 maxlen: 24
185.243.112.0/24 maxlen: 24
185.243.113.0/24 maxlen: 24
194.146.48.0/24 maxlen: 24
195.26.6.0/24 maxlen: 24
195.26.7.0/24 maxlen: 24
2a0b:3c40:1::/48 maxlen: 48
2a0b:3c40:9::/48 maxlen: 48
2a0b:3c40:11::/48 maxlen: 48
2a0b:3c40:12::/48 maxlen: 48
2a0b:3c40:15::/48 maxlen: 48
2a0b:3c40:16::/48 maxlen: 48
2a0b:3c40:17::/48 maxlen: 48
2a0b:3c40:20::/48 maxlen: 48
2a0b:3c40:21::/48 maxlen: 48
2a0b:3c40:25::/48 maxlen: 48
2a0b:3c40:fca6::/48 maxlen: 48
2a0e:5540::/48 maxlen: 48
2a0e:5540:10::/48 maxlen: 48
2a0e:5540:11::/48 maxlen: 48
2a0e:5540:12::/48 maxlen: 48
2a0e:5540:100::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 21 Oct 2024 11:18:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:47:a0:1e:39:fb:62:5f:7e:3c:09:5a:32:a1:9e:a3:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Oct 1 10:28:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3fa1e61875521c6c9e93ac5c59de83930fd487af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:2d:66:83:f8:cc:c3:4d:6d:ff:93:39:ff:5b:
4f:b1:f4:8b:2f:9d:c9:f6:27:e4:09:9d:7e:e2:d2:
b3:67:91:0b:2e:95:4e:56:05:e9:e6:6d:a0:42:2f:
9c:72:a6:93:83:03:d3:bb:72:a3:19:2b:e0:88:69:
e8:d0:f3:a4:31:cb:a9:cd:aa:89:5e:a2:67:59:2d:
95:0a:33:f8:a0:83:cb:7f:59:2d:00:d8:bd:ab:8c:
9f:cf:d8:1e:b9:3d:1c:7e:19:2c:f7:e8:bd:8a:21:
1a:42:1b:3f:79:db:b1:18:ee:d2:ec:27:23:ea:85:
e6:98:fa:ab:5f:6a:5b:b3:e9:4b:61:d8:a2:50:0f:
12:8e:17:8b:be:11:f9:47:33:5c:04:13:03:84:65:
15:42:f7:64:a3:7b:74:9a:0b:51:af:37:a5:4c:e8:
92:88:dd:99:9b:09:f4:90:75:85:11:ce:f0:dc:ca:
89:fb:43:bb:ce:b4:59:3d:e5:5f:41:38:db:e2:2a:
fe:9f:85:de:b3:f5:ad:56:30:32:66:29:d1:10:a1:
75:37:75:e0:fd:18:35:12:79:9d:a5:f1:8b:98:a8:
e5:77:34:aa:11:a6:d4:05:5e:06:1f:f2:d3:dd:bd:
58:12:0c:a1:45:06:6f:4a:ac:93:40:f1:36:70:d6:
ef:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:A1:E6:18:75:52:1C:6C:9E:93:AC:5C:59:DE:83:93:0F:D4:87:AF
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/P6HmGHVSHGyek6xcWd6Dkw_Uh68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.244.0-45.144.246.255
45.151.156.0-45.151.158.255
45.154.238.0/24
185.208.208.0/22
185.227.82.0/24
185.228.83.0/24
185.243.112.0/23
194.146.48.0/24
195.26.6.0/23
IPv6:
2a0b:3c40:1::/48
2a0b:3c40:9::/48
2a0b:3c40:11::-2a0b:3c40:12:ffff:ffff:ffff:ffff:ffff
2a0b:3c40:15::-2a0b:3c40:17:ffff:ffff:ffff:ffff:ffff
2a0b:3c40:20::/47
2a0b:3c40:25::/48
2a0b:3c40:fca6::/48
2a0e:5540::/48
2a0e:5540:10::-2a0e:5540:12:ffff:ffff:ffff:ffff:ffff
2a0e:5540:100::/48
Signature Algorithm: sha256WithRSAEncryption
b6:46:9c:8a:cc:19:94:01:02:0f:8c:5e:29:85:8c:79:ee:d0:
a7:67:2b:6f:cd:1f:25:a3:5a:bc:43:96:4a:05:f5:2d:30:22:
c2:87:6b:f9:34:49:3a:78:f8:ac:e4:cb:97:db:c1:73:44:e6:
31:f3:fa:13:80:8e:b6:bb:26:f4:67:46:e6:be:e0:ab:e6:00:
85:d9:70:91:68:64:5d:77:57:90:71:59:9c:ab:7b:aa:e6:b0:
92:1e:86:6c:4a:48:6a:67:40:6f:80:89:31:1c:a4:19:7a:cb:
c4:43:f6:1f:90:47:12:fe:47:34:4a:03:57:d8:2a:84:37:17:
4f:ef:50:d7:35:34:c2:18:86:50:de:39:07:b1:93:ce:bc:77:
f9:f7:fc:c6:7d:14:b4:f3:23:f1:56:e7:16:8a:6f:e5:59:8c:
e7:15:23:5b:5d:00:55:8a:9b:f8:76:17:38:66:fb:8e:cf:ec:
d8:88:fe:4e:ad:3b:f7:38:8d:37:9f:93:dd:69:48:74:84:28:
b0:1f:6e:8f:d8:11:60:66:54:62:e6:d7:de:87:de:1a:54:47:
83:10:e1:f1:e8:d2:38:89:5f:65:c0:41:4d:65:9e:3a:a3:98:
70:53:01:65:07:a6:42:59:db:69:3f:13:f0:a0:6f:32:b9:41:
23:7b:53:61
-----BEGIN CERTIFICATE-----
MIIFxDCCBKygAwIBAgISAZJHoB45+2JffjwJWjKhnqPuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjQxMDAxMTAyODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmExZTYxODc1NTIxYzZjOWU5M2FjNWM1OWRlODM5MzBmZDQ4N2FmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAki1mg/jMw01t/5M5/1tPsfSLL53J
9ifkCZ1+4tKzZ5ELLpVOVgXp5m2gQi+ccqaTgwPTu3KjGSvgiGno0POkMcupzaqJ
XqJnWS2VCjP4oIPLf1ktANi9q4yfz9geuT0cfhks9+i9iiEaQhs/eduxGO7S7Ccj
6oXmmPqrX2pbs+lLYdiiUA8SjheLvhH5RzNcBBMDhGUVQvdko3t0mgtRrzelTOiS
iN2Zmwn0kHWFEc7w3MqJ+0O7zrRZPeVfQTjb4ir+n4Xes/WtVjAyZinREKF1N3Xg
/Rg1EnmdpfGLmKjldzSqEabUBV4GH/LT3b1YEgyhRQZvSqyTQPE2cNbvAQIDAQAB
o4IC0DCCAswwHQYDVR0OBBYEFD+h5hh1UhxsnpOsXFneg5MP1IevMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvUDZIbUdIVlNIR3llazZ4Y1dkNkRrd19VaDY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHlBggrBgEFBQcBBwEB/wSB1TCB0jBMBAIAATBGMAwDBAIt
kPQDBAAtkPYwDAMEAi2XnAMEAC2XngMEAC2a7gMEArnQ0AMEALnjUgMEALnkUwME
AbnzcAMEAMKSMAMEAcMaBjCBgQQCAAIwewMHACoLPEAAAQMHACoLPEAACTASAwcA
Kgs8QAARAwcAKgs8QAASMBIDBwAqCzxAABUDBwMqCzxAABADBwEqCzxAACADBwAq
CzxAACUDBwAqCzxA/KYDBwAqDlVAAAAwEgMHBCoOVUAAEAMHACoOVUAAEgMHACoO
VUABADANBgkqhkiG9w0BAQsFAAOCAQEAtkaciswZlAECD4xeKYWMee7Qp2crb80f
JaNavEOWSgX1LTAiwodr+TRJOnj4rOTLl9vBc0TmMfP6E4COtrsm9GdG5r7gq+YA
hdlwkWhkXXdXkHFZnKt7quawkh6GbEpIamdAb4CJMRykGXrLxEP2H5BHEv5HNEoD
V9gqhDcXT+9Q1zU0whiGUN45B7GTzrx3+ff8xn0UtPMj8VbnFopv5VmM5xUjW10A
VYqb+HYXOGb7js/s2Ij+Tq079ziNN5+T3WlIdIQosB9uj9gRYGZUYubX3ofeGlRH
gxDh8ejSOIlfZcBBTWWeOqOYcFMBZQemQlnbaT8T8KBvMrlBI3tTYQ==
-----END CERTIFICATE-----
Generated at Mon Oct 21 13:26:13 2024 by rpki-client on console-fra.rpki-client.org