Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/PlKZZCqTP1wKsj2aMijoaa0WFmk.roa
File: PlKZZCqTP1wKsj2aMijoaa0WFmk.roa (raw, json)
Hash identifier: pKa8e25/xLDkA+VgmxAQ1cV5X8GmPOqRs1VvNX/3714=
Subject key identifier: 3E:52:99:64:2A:93:3F:5C:0A:B2:3D:9A:32:28:E8:69:AD:16:16:69
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 01856CE612AF3DE992978F51B0928A0111F0
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/PlKZZCqTP1wKsj2aMijoaa0WFmk.roa
Signing time: Sun 01 Jan 2023 10:34:55 +0000
ROA not before: Sun 01 Jan 2023 10:34:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34549
IP address blocks: 45.90.96.0/22 maxlen: 22
45.13.236.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 02 Aug 2023 09:02:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:e6:12:af:3d:e9:92:97:8f:51:b0:92:8a:01:11:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Jan 1 10:34:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3e5299642a933f5c0ab23d9a3228e869ad161669
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:4f:f4:b9:65:d6:8c:01:ef:ab:2e:3d:9c:b6:
f7:e1:fe:a0:b4:58:d1:77:4e:19:a4:20:0a:ae:87:
a3:07:ee:3e:fe:06:fb:1e:f9:24:00:8e:d9:7a:47:
0e:49:26:39:a5:60:3c:3a:41:6f:19:44:62:6d:d4:
ce:4c:7a:24:66:a3:71:23:69:0a:33:5f:7c:5b:c9:
d5:0e:97:9d:70:7a:df:2c:04:4e:87:8b:ff:10:5e:
6a:4e:50:27:59:17:92:27:d1:4e:3b:e8:fc:3d:16:
20:a9:aa:1f:d9:bd:66:c6:07:85:63:75:0c:0c:05:
16:29:12:2d:46:87:35:bc:65:57:72:ba:d1:39:bc:
3f:98:8f:7b:f4:7a:d2:69:e7:93:02:b6:7b:18:aa:
14:cf:67:42:94:29:ab:06:2e:34:45:00:64:be:28:
b9:52:f1:e0:e6:ca:87:c3:de:90:a4:6c:95:72:8c:
7d:d4:4c:22:d7:dc:ba:9a:d6:96:87:e5:e5:8f:c4:
56:af:bf:46:cb:45:e4:7f:d2:c4:2c:4c:e5:8b:c6:
36:a4:5a:7b:c8:96:4e:e3:8a:a5:d5:c9:b7:27:04:
1a:ae:d7:c0:ba:61:d2:91:87:15:5c:3d:c8:00:39:
46:91:bd:d6:41:27:d9:a0:c5:80:98:31:74:89:56:
e5:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:52:99:64:2A:93:3F:5C:0A:B2:3D:9A:32:28:E8:69:AD:16:16:69
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/PlKZZCqTP1wKsj2aMijoaa0WFmk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.236.0/22
45.90.96.0/22
Signature Algorithm: sha256WithRSAEncryption
41:f3:29:20:4f:cb:dd:73:8b:36:88:7b:4f:aa:6b:1a:3d:b9:
8e:30:57:64:ae:fe:c5:c0:49:02:27:e0:8c:cf:34:b8:95:a5:
36:e4:2f:7e:03:3e:8d:83:a9:86:e5:13:8b:80:9b:c3:16:19:
f5:2c:4b:3a:71:f2:3b:bf:df:33:9d:ab:f4:8a:be:d9:1c:cc:
a1:48:26:81:41:bf:ed:79:25:34:11:f4:f9:6c:35:d8:e1:2f:
ae:2d:a1:40:16:7e:e0:e7:11:72:ca:08:3c:a0:35:b8:e8:e3:
fc:3d:b9:2f:51:3c:d3:70:01:c0:de:fc:50:c0:3f:af:16:9b:
53:fc:f0:1e:86:29:bc:5c:24:96:9a:23:ec:83:1b:84:07:b8:
4a:9d:77:0a:09:a4:6b:ac:1b:c2:61:e8:f4:fb:0c:7e:52:9f:
50:4f:72:0c:4e:fd:68:cc:43:3b:c8:1a:9d:e2:bd:cc:c5:79:
00:60:52:e3:69:06:1f:be:55:6e:bf:03:9d:ed:05:a6:fb:4d:
b2:fd:06:4e:0e:21:c9:3c:ef:fd:98:9a:ab:8a:17:a5:5a:99:
cd:fb:f0:0e:bd:51:25:82:db:26:51:9d:96:f2:3c:e1:8a:89:
5b:23:17:31:50:9b:6e:d0:75:b8:6b:52:c5:1b:fe:2c:10:8c:
b8:c4:d3:b3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVs5hKvPemSl49RsJKKARHwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjMwMTAxMTAzNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTUyOTk2NDJhOTMzZjVjMGFiMjNkOWEzMjI4ZTg2OWFkMTYxNjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA20/0uWXWjAHvqy49nLb34f6gtFjR
d04ZpCAKroejB+4+/gb7HvkkAI7ZekcOSSY5pWA8OkFvGURibdTOTHokZqNxI2kK
M198W8nVDpedcHrfLAROh4v/EF5qTlAnWReSJ9FOO+j8PRYgqaof2b1mxgeFY3UM
DAUWKRItRoc1vGVXcrrRObw/mI979HrSaeeTArZ7GKoUz2dClCmrBi40RQBkvii5
UvHg5sqHw96QpGyVcox91Ewi19y6mtaWh+Xlj8RWr79Gy0Xkf9LELEzli8Y2pFp7
yJZO44ql1cm3JwQartfAumHSkYcVXD3IADlGkb3WQSfZoMWAmDF0iVblDwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFD5SmWQqkz9cCrI9mjIo6GmtFhZpMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvUGxLWlpDcVRQMXdLc2oyYU1pam9hYTBXRm1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLQ3sAwQC
LVpgMA0GCSqGSIb3DQEBCwUAA4IBAQBB8ykgT8vdc4s2iHtPqmsaPbmOMFdkrv7F
wEkCJ+CMzzS4laU25C9+Az6Ng6mG5ROLgJvDFhn1LEs6cfI7v98znav0ir7ZHMyh
SCaBQb/teSU0EfT5bDXY4S+uLaFAFn7g5xFyygg8oDW46OP8PbkvUTzTcAHA3vxQ
wD+vFptT/PAehim8XCSWmiPsgxuEB7hKnXcKCaRrrBvCYej0+wx+Up9QT3IMTv1o
zEM7yBqd4r3MxXkAYFLjaQYfvlVuvwOd7QWm+02y/QZODiHJPO/9mJqrihelWpnN
+/AOvVElgtsmUZ2W8jzhiolbIxcxUJtu0HW4a1LFG/4sEIy4xNOz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:28 2024 by rpki-client on console-fra.rpki-client.org