Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/PzoKoOBqokJXQQ1voQicq5MClRQ.roa
File: PzoKoOBqokJXQQ1voQicq5MClRQ.roa (raw, json)
Hash identifier: qg1QbB2UcDlnQlBM8WZHMVZi8zl1U4stbV7KwcaroBg=
Subject key identifier: 3F:3A:0A:A0:E0:6A:A2:42:57:41:0D:6F:A1:08:9C:AB:93:02:95:14
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 01907DDD12BF5A48DA8DC29BC618D0D70FB8
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/PzoKoOBqokJXQQ1voQicq5MClRQ.roa
Signing time: Thu 04 Jul 2024 13:09:18 +0000
ROA not before: Thu 04 Jul 2024 13:09:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 5.181.84.0/24 maxlen: 24
5.181.85.0/24 maxlen: 24
45.94.170.0/24 maxlen: 24
91.223.110.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 12 Jul 2024 11:01:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:7d:dd:12:bf:5a:48:da:8d:c2:9b:c6:18:d0:d7:0f:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jul 4 13:09:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3f3a0aa0e06aa24257410d6fa1089cab93029514
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:11:3b:b5:6b:11:13:a8:99:d4:3c:47:7e:02:
0a:ba:81:92:2d:e0:04:6f:32:0f:6a:42:55:22:22:
89:8c:91:57:b2:fe:5c:f3:98:2b:8b:e9:29:33:df:
38:11:f1:7e:ed:36:4a:f4:5b:f2:73:9c:fe:d8:e3:
8d:33:b4:da:13:a7:49:62:95:08:fa:c5:0c:58:74:
00:d2:72:49:7d:b7:f9:64:af:14:40:87:19:a6:6c:
b7:ef:98:88:31:a4:16:1c:7f:db:00:4e:3d:c2:33:
56:c0:e2:0a:d4:92:5b:51:1c:b8:06:b4:9e:21:0d:
c4:b5:83:fe:55:b7:35:f3:37:8b:04:b5:bb:d2:04:
9e:33:a6:8a:ec:43:61:94:b9:ce:39:56:90:0c:34:
c5:1e:5a:9d:d5:40:da:19:85:40:ed:f9:6d:6b:6c:
b4:c6:aa:a6:63:a5:d1:dc:77:49:ab:2c:02:60:35:
c5:69:fc:73:d3:f4:8a:49:15:b6:90:87:d4:2e:2f:
15:a8:c4:d4:fa:7a:0d:26:43:36:86:ee:f2:e5:a2:
ea:56:eb:44:0d:c1:91:38:95:99:8c:af:8f:7e:9e:
4b:1c:4e:8e:de:4e:d3:d8:f3:87:b5:b2:f6:80:a4:
87:59:76:ae:bd:ca:25:3b:9d:fb:dc:5a:f6:8b:2a:
7c:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:3A:0A:A0:E0:6A:A2:42:57:41:0D:6F:A1:08:9C:AB:93:02:95:14
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/PzoKoOBqokJXQQ1voQicq5MClRQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.84.0/23
45.94.170.0/24
91.223.110.0/24
195.177.95.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:40:7b:24:a8:b0:7d:d4:9b:af:e5:87:8c:49:f7:2a:89:36:
43:13:99:a3:ba:10:01:0f:c4:ca:44:a4:19:55:07:5f:5c:81:
69:6e:e4:29:4a:e9:c3:ab:23:88:36:6d:97:47:fd:65:dc:7b:
a3:dc:f1:e7:1e:94:54:34:61:76:22:d5:ba:83:43:aa:40:c5:
a1:1d:18:5b:5f:36:cf:54:6f:ca:ca:89:eb:22:ab:34:06:46:
b8:c7:ea:17:5e:48:e6:13:0e:08:80:17:9f:e4:e6:3c:6a:f3:
c5:1a:4f:ad:b5:52:c8:3b:e4:db:ca:0a:14:bb:1b:33:84:13:
c3:ce:b2:df:f5:0a:59:75:e9:20:17:84:81:ec:3b:cf:73:6a:
19:9f:cd:3e:70:b6:b9:aa:89:b3:48:59:88:85:5d:cf:82:07:
f2:27:89:78:19:f7:de:18:7e:ff:93:94:9e:a0:e9:c1:d6:0d:
4c:03:6b:ee:b9:17:a9:5e:63:47:3f:34:d3:50:f4:54:15:4b:
24:74:ac:ab:b7:ba:40:16:43:a6:74:60:0c:d5:15:d6:30:16:
8c:7b:c5:90:25:a6:f3:ca:bf:84:5d:4e:24:79:cb:00:d8:8f:
0d:56:05:44:0d:e6:dd:ee:4a:ec:8d:a1:1a:6e:c5:db:cf:a5:
4f:ea:66:93
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZB93RK/WkjajcKbxhjQ1w+4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwNzA0MTMwOTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjNhMGFhMGUwNmFhMjQyNTc0MTBkNmZhMTA4OWNhYjkzMDI5NTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1BE7tWsRE6iZ1DxHfgIKuoGSLeAE
bzIPakJVIiKJjJFXsv5c85gri+kpM984EfF+7TZK9Fvyc5z+2OONM7TaE6dJYpUI
+sUMWHQA0nJJfbf5ZK8UQIcZpmy375iIMaQWHH/bAE49wjNWwOIK1JJbURy4BrSe
IQ3EtYP+Vbc18zeLBLW70gSeM6aK7ENhlLnOOVaQDDTFHlqd1UDaGYVA7flta2y0
xqqmY6XR3HdJqywCYDXFafxz0/SKSRW2kIfULi8VqMTU+noNJkM2hu7y5aLqVutE
DcGROJWZjK+Pfp5LHE6O3k7T2POHtbL2gKSHWXauvcolO5373Fr2iyp8CQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFD86CqDgaqJCV0ENb6EInKuTApUUMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvUHpvS29PQnFva0pYUVExdm9RaWNxNU1DbFJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBBbVUAwQA
LV6qAwQAW99uAwQAw7FfMA0GCSqGSIb3DQEBCwUAA4IBAQCmQHskqLB91Juv5YeM
SfcqiTZDE5mjuhABD8TKRKQZVQdfXIFpbuQpSunDqyOINm2XR/1l3Huj3PHnHpRU
NGF2ItW6g0OqQMWhHRhbXzbPVG/KyonrIqs0Bka4x+oXXkjmEw4IgBef5OY8avPF
Gk+ttVLIO+TbygoUuxszhBPDzrLf9QpZdekgF4SB7DvPc2oZn80+cLa5qomzSFmI
hV3PggfyJ4l4GffeGH7/k5SeoOnB1g1MA2vuuRepXmNHPzTTUPRUFUskdKyrt7pA
FkOmdGAM1RXWMBaMe8WQJabzyr+EXU4kecsA2I8NVgVEDebd7krsjaEabsXbz6VP
6maT
-----END CERTIFICATE-----
Generated at Fri Jul 12 12:56:43 2024 by rpki-client on console-ams.rpki-client.org