Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/PAnuTo-tVI7z2PoXjso0YIt2vYs.roa
File: PAnuTo-tVI7z2PoXjso0YIt2vYs.roa (raw, json)
Hash identifier: ekTqrfV5l1LgMHDykFepdp0SHZGe49qvjft5DNsDQsw=
Subject key identifier: 3C:09:EE:4E:8F:AD:54:8E:F3:D8:FA:17:8E:CA:34:60:8B:76:BD:8B
Certificate issuer: /CN=28107ab6921ef8cb2deca3eb766478cff3e5fc6d
Certificate serial: 018E9B2482F1C9EC52096A1A5E588F5C9FB2
Authority key identifier: 28:10:7A:B6:92:1E:F8:CB:2D:EC:A3:EB:76:64:78:CF:F3:E5:FC:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/PAnuTo-tVI7z2PoXjso0YIt2vYs.roa
Signing time: Mon 01 Apr 2024 19:30:45 +0000
ROA not before: Mon 01 Apr 2024 19:30:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50225
IP address blocks: 45.139.198.0/24 maxlen: 24
45.139.199.0/24 maxlen: 24
95.214.174.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 30 Jul 2024 20:20:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:9b:24:82:f1:c9:ec:52:09:6a:1a:5e:58:8f:5c:9f:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28107ab6921ef8cb2deca3eb766478cff3e5fc6d
Validity
Not Before: Apr 1 19:30:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3c09ee4e8fad548ef3d8fa178eca34608b76bd8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:c3:b2:82:34:50:2e:42:f3:51:b8:8f:f6:b5:
83:8e:4a:12:46:ea:d1:9b:2f:c7:a2:58:4a:24:93:
35:d4:f5:f4:62:60:ed:86:90:18:4c:50:72:cb:7e:
c7:5a:a0:44:15:b6:8b:0c:69:d8:a4:d1:3c:a1:5d:
cf:c2:62:c0:d1:f3:e3:05:d1:df:ce:65:21:3e:46:
c9:f8:73:d3:3a:f0:85:fc:d7:fe:55:13:3f:cf:00:
92:68:ef:3d:5a:e9:e2:ec:a2:49:73:f8:53:63:08:
b0:3e:26:f2:a7:4a:15:5c:bc:a7:40:3e:76:68:d9:
9f:74:ab:98:4d:50:15:8e:ce:3d:ac:3a:36:15:5f:
2d:00:c9:3d:1f:e0:3c:65:ca:e5:65:c0:07:c4:02:
9f:3b:bc:85:a7:88:89:a5:69:62:23:e0:7b:21:a6:
22:2e:23:ac:98:18:b8:49:54:89:9e:f2:ba:c7:12:
6f:4b:5d:0b:a0:03:43:fd:95:20:af:66:6e:62:5a:
ad:f5:9b:73:65:6f:b4:84:16:f2:ab:ae:d4:23:af:
ed:ee:98:21:b8:15:24:88:ae:6f:aa:7d:f4:07:e0:
96:37:c3:e8:2c:14:55:7e:b2:1d:0e:c6:1a:58:aa:
d6:70:7f:fb:8e:fb:31:5a:3a:d3:f9:85:fa:cb:bd:
4c:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:09:EE:4E:8F:AD:54:8E:F3:D8:FA:17:8E:CA:34:60:8B:76:BD:8B
X509v3 Authority Key Identifier:
keyid:28:10:7A:B6:92:1E:F8:CB:2D:EC:A3:EB:76:64:78:CF:F3:E5:FC:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/PAnuTo-tVI7z2PoXjso0YIt2vYs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.198.0/23
95.214.174.0/24
Signature Algorithm: sha256WithRSAEncryption
21:54:89:2c:b3:47:cc:cb:e2:8e:d2:30:28:4f:be:33:f0:bb:
b9:77:a4:dc:30:d3:96:1f:0f:d1:e2:43:2c:30:f9:e0:f7:64:
61:20:de:c8:b3:27:25:52:df:5f:87:f8:03:38:3b:91:45:71:
83:89:89:9a:6f:41:99:b7:c2:ff:2f:9f:e7:a8:d7:e1:1b:55:
29:4a:32:4e:ca:61:c3:1b:30:29:3b:12:15:f4:60:db:d6:9a:
bb:0d:7f:24:3b:59:6c:bb:49:ff:d7:b8:ff:7a:7c:04:6c:c9:
42:b7:fa:17:6e:ed:0f:c0:d3:2e:04:14:fd:b6:db:7a:14:d9:
15:9f:9f:7c:f5:0a:52:64:3f:a3:00:92:df:86:33:da:86:51:
9e:e7:cb:c3:29:e0:18:03:0d:95:e7:ff:69:39:0f:b7:b6:4a:
f1:08:a5:78:40:d6:4b:62:64:4f:d8:6d:c0:d3:09:f6:cf:b2:
45:78:51:0a:5a:f7:36:8e:78:93:26:1b:f4:60:62:a4:ba:7c:
38:30:ab:6a:74:c4:ac:c2:f0:69:ca:1c:3a:4d:19:bd:40:21:
89:32:f3:a8:8c:69:21:22:27:1e:ad:af:cd:b3:61:b4:2c:11:
a3:37:bb:82:dc:96:4d:09:77:94:e2:88:24:7e:3b:b0:55:2b:
ff:58:6d:17
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY6bJILxyexSCWoaXliPXJ+yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MTA3YWI2OTIxZWY4Y2IyZGVjYTNlYjc2NjQ3OGNmZjNl
NWZjNmQwHhcNMjQwNDAxMTkzMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzA5ZWU0ZThmYWQ1NDhlZjNkOGZhMTc4ZWNhMzQ2MDhiNzZiZDhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhMOygjRQLkLzUbiP9rWDjkoSRurR
my/HolhKJJM11PX0YmDthpAYTFByy37HWqBEFbaLDGnYpNE8oV3PwmLA0fPjBdHf
zmUhPkbJ+HPTOvCF/Nf+VRM/zwCSaO89Wuni7KJJc/hTYwiwPibyp0oVXLynQD52
aNmfdKuYTVAVjs49rDo2FV8tAMk9H+A8ZcrlZcAHxAKfO7yFp4iJpWliI+B7IaYi
LiOsmBi4SVSJnvK6xxJvS10LoAND/ZUgr2ZuYlqt9ZtzZW+0hBbyq67UI6/t7pgh
uBUkiK5vqn30B+CWN8PoLBRVfrIdDsYaWKrWcH/7jvsxWjrT+YX6y71MtwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDwJ7k6PrVSO89j6F47KNGCLdr2LMB8GA1UdIwQY
MBaAFCgQeraSHvjLLeyj63ZkeM/z5fxtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0JCNnRwSWUtTXN0N0tQcmRtUjR6X1BsX0cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8wODgyNmUtNzdkMC00MzdiLWExYzIt
YzBmYjNlZjc2NDBlLzEvUEFudVRvLXRWSTd6MlBvWGpzbzBZSXQydllzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8wODgyNmUtNzdkMC00MzdiLWExYzItYzBmYjNlZjc2NDBl
LzEvS0JCNnRwSWUtTXN0N0tQcmRtUjR6X1BsX0cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLYvGAwQA
X9auMA0GCSqGSIb3DQEBCwUAA4IBAQAhVIkss0fMy+KO0jAoT74z8Lu5d6TcMNOW
Hw/R4kMsMPng92RhIN7IsyclUt9fh/gDODuRRXGDiYmab0GZt8L/L5/nqNfhG1Up
SjJOymHDGzApOxIV9GDb1pq7DX8kO1lsu0n/17j/enwEbMlCt/oXbu0PwNMuBBT9
ttt6FNkVn5989QpSZD+jAJLfhjPahlGe58vDKeAYAw2V5/9pOQ+3tkrxCKV4QNZL
YmRP2G3A0wn2z7JFeFEKWvc2jniTJhv0YGKkunw4MKtqdMSswvBpyhw6TRm9QCGJ
MvOojGkhIicera/Ns2G0LBGjN7uC3JZNCXeU4ogkfjuwVSv/WG0X
-----END CERTIFICATE-----
Generated at Tue Jul 30 21:42:45 2024 by rpki-client on console-ams.rpki-client.org