Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/c920ec-07dc-469d-b884-b98bbb1637c0/1/P_DGsUmCIi_ttro3foDTVwXIr_4.roa
File: P_DGsUmCIi_ttro3foDTVwXIr_4.roa (raw, json)
Hash identifier: exgaIOxI5hCnV8/d/14DlkMmJQBs/cfviGj5sk1AOGk=
Subject key identifier: 3F:F0:C6:B1:49:82:22:2F:ED:B6:BA:37:7E:80:D3:57:05:C8:AF:FE
Certificate issuer: /CN=9c0aae6d45d06df7c4278ef4f218e42db807094c
Certificate serial: 018CC7277644FF6E94EC57A575D538A774C9
Authority key identifier: 9C:0A:AE:6D:45:D0:6D:F7:C4:27:8E:F4:F2:18:E4:2D:B8:07:09:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nAqubUXQbffEJ4708hjkLbgHCUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/c920ec-07dc-469d-b884-b98bbb1637c0/1/P_DGsUmCIi_ttro3foDTVwXIr_4.roa
Signing time: Mon 01 Jan 2024 22:31:41 +0000
ROA not before: Mon 01 Jan 2024 22:31:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1942
IP address blocks: 160.103.0.0/16 maxlen: 16
45.149.140.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:48:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:76:44:ff:6e:94:ec:57:a5:75:d5:38:a7:74:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c0aae6d45d06df7c4278ef4f218e42db807094c
Validity
Not Before: Jan 1 22:31:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3ff0c6b14982222fedb6ba377e80d35705c8affe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:9d:9d:a2:a9:c0:75:bf:78:03:40:2d:c1:dd:
3f:d4:f0:f2:de:64:7f:87:b5:85:ee:73:c3:d2:32:
e1:d3:ff:35:3e:dd:47:54:62:1e:18:a3:da:ba:6d:
6f:43:a0:08:ab:26:79:01:58:a2:08:70:d6:d7:1e:
b4:c3:50:da:ee:32:7b:71:32:ce:b0:46:0b:f1:d9:
9e:0d:09:94:1e:4e:75:39:f7:d2:18:16:e4:aa:ad:
9a:17:7d:72:8c:8e:99:bc:0b:ac:a9:29:77:be:39:
69:c1:c4:7c:e1:44:9a:68:cd:7e:97:8a:65:42:71:
e9:ae:10:72:00:d4:c5:3d:a4:08:01:cd:d7:05:fd:
2f:5f:f0:41:47:1b:c5:30:48:5d:f5:c0:49:2d:7b:
01:d8:17:89:3a:69:80:48:5f:a2:68:76:6a:23:44:
46:12:9a:18:dc:67:47:91:ed:0e:ce:33:cd:dd:66:
ed:ed:66:df:64:a6:6f:cd:96:cf:60:5a:1d:07:81:
50:c9:61:19:d4:16:b7:40:c5:19:85:c9:ec:0a:a0:
a2:b5:91:57:3b:93:45:c6:12:b6:6e:40:3f:b5:7f:
79:a9:be:fc:bc:cd:e3:cd:f9:6d:7d:c5:50:00:76:
76:be:8e:48:cb:3f:1d:7a:6d:33:29:0a:06:eb:39:
77:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:F0:C6:B1:49:82:22:2F:ED:B6:BA:37:7E:80:D3:57:05:C8:AF:FE
X509v3 Authority Key Identifier:
keyid:9C:0A:AE:6D:45:D0:6D:F7:C4:27:8E:F4:F2:18:E4:2D:B8:07:09:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nAqubUXQbffEJ4708hjkLbgHCUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/c920ec-07dc-469d-b884-b98bbb1637c0/1/P_DGsUmCIi_ttro3foDTVwXIr_4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/c920ec-07dc-469d-b884-b98bbb1637c0/1/nAqubUXQbffEJ4708hjkLbgHCUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.140.0/22
160.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5b:87:96:fa:b4:54:1e:ef:4c:84:ae:a8:bd:c6:ee:9a:4f:07:
de:56:11:f2:2d:0e:b2:9f:9f:18:75:3f:1a:62:22:ef:b4:09:
96:29:40:c2:a7:52:6a:cf:89:a9:a0:f2:56:e3:02:76:da:ce:
c3:95:23:f7:8c:16:35:a0:07:d5:14:d1:3b:b1:f0:f4:2b:72:
06:14:e0:9c:4b:e4:5b:d7:15:91:4f:7c:2c:f4:24:a8:55:ab:
dd:6b:5b:3e:0f:d5:8f:b0:05:17:12:51:9e:26:70:7f:a3:f8:
dd:7e:8e:67:7a:80:66:f8:29:6b:3e:ee:a4:fd:2b:bd:e2:95:
24:7a:54:0b:3b:a7:76:fd:12:25:3a:81:db:84:2c:ce:d6:cd:
1e:76:ea:a6:2c:ad:d7:81:c4:a1:0a:b3:12:f3:74:1d:22:fc:
3a:5a:ba:cf:da:f4:b7:44:5b:ab:57:d7:55:7b:ff:ea:9d:1b:
34:a5:d5:ba:00:e8:5e:23:d9:40:c9:7b:52:78:4d:a0:29:66:
24:9c:ea:4d:5a:11:ca:9e:77:d5:73:c1:b4:64:5c:9e:16:89:
ff:8e:57:2c:50:f8:5a:02:a5:d8:73:15:f2:0a:1b:85:ba:1f:
09:9d:94:74:4c:20:75:d0:e3:cc:a4:12:1d:44:40:4e:16:df:
8a:50:0f:c8
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgISAYzHJ3ZE/26U7FelddU4p3TJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljMGFhZTZkNDVkMDZkZjdjNDI3OGVmNGYyMThlNDJkYjgw
NzA5NGMwHhcNMjQwMTAxMjIzMTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmYwYzZiMTQ5ODIyMjJmZWRiNmJhMzc3ZTgwZDM1NzA1YzhhZmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlp2doqnAdb94A0Atwd0/1PDy3mR/
h7WF7nPD0jLh0/81Pt1HVGIeGKPaum1vQ6AIqyZ5AViiCHDW1x60w1Da7jJ7cTLO
sEYL8dmeDQmUHk51OffSGBbkqq2aF31yjI6ZvAusqSl3vjlpwcR84USaaM1+l4pl
QnHprhByANTFPaQIAc3XBf0vX/BBRxvFMEhd9cBJLXsB2BeJOmmASF+iaHZqI0RG
EpoY3GdHke0OzjPN3Wbt7WbfZKZvzZbPYFodB4FQyWEZ1Ba3QMUZhcnsCqCitZFX
O5NFxhK2bkA/tX95qb78vM3jzfltfcVQAHZ2vo5Iyz8dem0zKQoG6zl3rQIDAQAB
o4ICDjCCAgowHQYDVR0OBBYEFD/wxrFJgiIv7ba6N36A01cFyK/+MB8GA1UdIwQY
MBaAFJwKrm1F0G33xCeO9PIY5C24BwlMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkFxdWJVWFFiZmZFSjQ3MDhoamtMYmdIQ1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9jOTIwZWMtMDdkYy00NjlkLWI4ODQt
Yjk4YmJiMTYzN2MwLzEvUF9ER3NVbUNJaV90dHJvM2ZvRFRWd1hJcl80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9jOTIwZWMtMDdkYy00NjlkLWI4ODQtYjk4YmJiMTYzN2Mw
LzEvbkFxdWJVWFFiZmZFSjQ3MDhoamtMYmdIQ1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCQGCCsGAQUFBwEHAQH/BBUwEzARBAIAATALAwQCLZWMAwMA
oGcwDQYJKoZIhvcNAQELBQADggEBAFuHlvq0VB7vTISuqL3G7ppPB95WEfItDrKf
nxh1PxpiIu+0CZYpQMKnUmrPiamg8lbjAnbazsOVI/eMFjWgB9UU0Tux8PQrcgYU
4JxL5FvXFZFPfCz0JKhVq91rWz4P1Y+wBRcSUZ4mcH+j+N1+jmd6gGb4KWs+7qT9
K73ilSR6VAs7p3b9EiU6gduELM7WzR526qYsrdeBxKEKsxLzdB0i/Dpaus/a9LdE
W6tX11V7/+qdGzSl1boA6F4j2UDJe1J4TaApZiSc6k1aEcqed9VzwbRkXJ4Wif+O
VyxQ+FoCpdhzFfIKG4W6HwmdlHRMIHXQ48ykEh1EQE4W34pQD8g=
-----END CERTIFICATE-----
Generated at Fri Apr 18 20:19:22 2025 by rpki-client