Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/PqdFVfHQBzfGSxkUJRobwMdLneA.roa
File: PqdFVfHQBzfGSxkUJRobwMdLneA.roa (raw, json)
Hash identifier: O4kn/mk/+6Id4XIXkn3L7db9dym/ongNxGvuXUMyjQM=
Subject key identifier: 3E:A7:45:55:F1:D0:07:37:C6:4B:19:14:25:1A:1B:C0:C7:4B:9D:E0
Certificate issuer: /CN=cd108c225f2478cd4230179890d07284be1636cd
Certificate serial: 018CC86FFE0DA3A4AD35633C62A643FAE151
Authority key identifier: CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/PqdFVfHQBzfGSxkUJRobwMdLneA.roa
Signing time: Tue 02 Jan 2024 04:30:31 +0000
ROA not before: Tue 02 Jan 2024 04:30:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31863
IP address blocks: 45.142.154.0/24 maxlen: 24
185.202.100.0/24 maxlen: 24
45.91.224.0/24 maxlen: 24
194.126.227.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 02 Feb 2024 03:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:fe:0d:a3:a4:ad:35:63:3c:62:a6:43:fa:e1:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd108c225f2478cd4230179890d07284be1636cd
Validity
Not Before: Jan 2 04:30:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3ea74555f1d00737c64b1914251a1bc0c74b9de0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:55:ad:90:ef:21:a5:7f:e3:c2:25:fd:32:c4:
14:d6:3f:e6:cd:39:d2:d5:26:d4:65:7b:cd:d8:44:
57:2e:d7:4a:0c:30:8e:fe:e8:ca:55:b7:bc:00:92:
95:7f:34:36:b0:44:d2:91:fa:d1:12:08:35:fc:bd:
90:90:90:de:10:69:6f:a4:d8:41:a2:51:91:06:66:
88:be:25:eb:e6:7c:04:73:2b:86:ea:9f:0c:f8:8b:
b0:bf:d7:93:3e:50:8a:e2:2f:01:7d:bb:98:48:53:
6b:7e:dd:d1:03:e7:2b:f7:49:99:69:21:3f:0a:28:
90:20:ad:02:49:df:ca:0f:04:11:4b:6b:22:0c:b4:
ac:cc:da:ea:f6:c8:3a:49:a5:ea:3c:11:e9:88:d0:
e3:8a:07:8c:5f:bb:72:cc:da:c2:b5:2d:be:05:98:
79:7d:0e:15:e4:f9:74:c4:e0:ab:26:8d:56:4a:62:
de:45:74:05:44:51:ef:8c:aa:47:31:8f:e3:b8:c9:
41:d6:a2:11:0a:0c:b2:eb:54:c7:85:1c:27:79:8d:
d8:83:59:74:67:17:53:00:be:e1:25:ef:16:8d:d3:
4a:b8:35:ee:00:d8:0a:43:e3:09:d2:61:48:31:81:
03:8a:3e:1f:1b:94:74:1b:16:f0:bc:ae:28:03:c7:
4c:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:A7:45:55:F1:D0:07:37:C6:4B:19:14:25:1A:1B:C0:C7:4B:9D:E0
X509v3 Authority Key Identifier:
keyid:CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/PqdFVfHQBzfGSxkUJRobwMdLneA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/zRCMIl8keM1CMBeYkNByhL4WNs0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.224.0/24
45.142.154.0/24
185.202.100.0/24
194.126.227.0/24
Signature Algorithm: sha256WithRSAEncryption
14:71:87:8e:62:ba:17:db:f9:6f:72:d2:43:87:86:2e:b5:c4:
6f:79:70:25:fc:f4:1e:95:10:21:dc:b9:a2:d2:0c:03:92:18:
c7:bf:63:40:e0:b9:fe:17:46:f3:bb:30:8e:35:ad:df:8a:ee:
04:0d:0f:b9:99:91:af:ca:b4:98:a5:68:01:1d:ab:b6:fc:3f:
c9:ed:ac:a8:08:de:04:cb:ae:d7:35:15:37:9c:5a:f9:36:20:
a9:bf:42:d0:7a:89:ab:3a:ef:aa:9c:fe:a2:86:03:04:4d:d2:
ae:35:a0:5a:36:3a:9e:85:e0:eb:2e:11:73:7f:e2:1e:a6:b4:
a6:dd:ce:73:e1:54:ab:f4:28:b6:f1:83:85:3a:97:3d:b4:21:
5e:b4:bf:e5:95:87:87:6a:4f:fd:ea:fb:8c:1a:6f:20:e1:77:
de:3d:8b:ca:d2:28:bd:3c:04:ae:18:2c:97:c7:7a:cd:1f:a5:
d4:ae:22:3c:4e:3d:e4:02:20:73:f4:0c:fe:e3:4b:91:a5:bd:
48:f9:d0:f4:8b:63:7c:9f:49:2a:1b:bc:53:e0:f2:8c:6f:1b:
95:e2:cf:c0:3f:a8:78:44:4a:7e:82:57:ee:6e:0a:95:48:75:
6e:48:cd:9d:c3:d7:1f:10:91:09:b7:06:24:11:c1:a0:21:e8:
59:25:a3:a8
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzIb/4No6StNWM8YqZD+uFRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMTA4YzIyNWYyNDc4Y2Q0MjMwMTc5ODkwZDA3Mjg0YmUx
NjM2Y2QwHhcNMjQwMTAyMDQzMDMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWE3NDU1NWYxZDAwNzM3YzY0YjE5MTQyNTFhMWJjMGM3NGI5ZGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyFWtkO8hpX/jwiX9MsQU1j/mzTnS
1SbUZXvN2ERXLtdKDDCO/ujKVbe8AJKVfzQ2sETSkfrREgg1/L2QkJDeEGlvpNhB
olGRBmaIviXr5nwEcyuG6p8M+Iuwv9eTPlCK4i8BfbuYSFNrft3RA+cr90mZaSE/
CiiQIK0CSd/KDwQRS2siDLSszNrq9sg6SaXqPBHpiNDjigeMX7tyzNrCtS2+BZh5
fQ4V5Pl0xOCrJo1WSmLeRXQFRFHvjKpHMY/juMlB1qIRCgyy61THhRwneY3Yg1l0
ZxdTAL7hJe8WjdNKuDXuANgKQ+MJ0mFIMYEDij4fG5R0GxbwvK4oA8dMpQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFD6nRVXx0Ac3xksZFCUaG8DHS53gMB8GA1UdIwQY
MBaAFM0QjCJfJHjNQjAXmJDQcoS+FjbNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQt
YWU1MDI3MzY4MWE3LzEvUHFkRlZmSFFCemZHU3hrVUpSb2J3TWRMbmVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQtYWU1MDI3MzY4MWE3
LzEvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALVvgAwQA
LY6aAwQAucpkAwQAwn7jMA0GCSqGSIb3DQEBCwUAA4IBAQAUcYeOYroX2/lvctJD
h4YutcRveXAl/PQelRAh3Lmi0gwDkhjHv2NA4Ln+F0bzuzCONa3fiu4EDQ+5mZGv
yrSYpWgBHau2/D/J7ayoCN4Ey67XNRU3nFr5NiCpv0LQeomrOu+qnP6ihgMETdKu
NaBaNjqeheDrLhFzf+IeprSm3c5z4VSr9Ci28YOFOpc9tCFetL/llYeHak/96vuM
Gm8g4XfePYvK0ii9PASuGCyXx3rNH6XUriI8Tj3kAiBz9Az+40uRpb1I+dD0i2N8
n0kqG7xT4PKMbxuV4s/AP6h4REp+glfubgqVSHVuSM2dw9cfEJEJtwYkEcGgIehZ
JaOo
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:56 2024 by rpki-client on console-fra.rpki-client.org