Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/pCmasnjTNUC_Lpi4H9GF5tevfzY.roa
File: pCmasnjTNUC_Lpi4H9GF5tevfzY.roa (raw, json)
Hash identifier: GtclQQW7gd87a+1M9ihJU+58tm5Eb2NY92GDpr0Q20A=
Subject key identifier: A4:29:9A:B2:78:D3:35:40:BF:2E:98:B8:1F:D1:85:E6:D7:AF:7F:36
Certificate issuer: /CN=0551605b675ece4e0fce7175ae31a93fa8272ba6
Certificate serial: 01879909AFE697F62E935C00C0DF6286AE66
Authority key identifier: 05:51:60:5B:67:5E:CE:4E:0F:CE:71:75:AE:31:A9:3F:A8:27:2B:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BVFgW2dezk4PznF1rjGpP6gnK6Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/pCmasnjTNUC_Lpi4H9GF5tevfzY.roa
Signing time: Wed 19 Apr 2023 10:22:41 +0000
ROA not before: Wed 19 Apr 2023 10:22:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.84.242.0/23 maxlen: 23
85.208.47.0/24 maxlen: 24
85.208.45.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 21 Apr 2023 21:59:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:99:09:af:e6:97:f6:2e:93:5c:00:c0:df:62:86:ae:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0551605b675ece4e0fce7175ae31a93fa8272ba6
Validity
Not Before: Apr 19 10:22:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a4299ab278d33540bf2e98b81fd185e6d7af7f36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:db:59:53:86:37:1b:c7:3c:7a:a0:11:6b:e3:
6f:13:d8:cd:e7:55:f9:fb:08:63:72:3c:b9:63:88:
db:1e:7a:f0:25:1e:fc:4a:a0:9e:97:6a:1b:60:6d:
63:d0:b5:aa:fc:e4:43:3c:cf:dc:ba:86:3f:34:9f:
97:f4:aa:50:09:1e:c4:78:23:3b:43:95:33:48:9c:
21:53:9c:b3:26:f2:f0:2f:25:f8:be:fd:47:ec:21:
d5:d4:5d:1c:52:68:df:b4:c6:a3:e3:91:09:dc:72:
03:d0:32:70:d6:13:ec:cb:1b:ad:e9:42:2f:0c:fd:
3e:eb:3f:30:1a:31:35:8b:04:dc:fc:f7:d7:ac:7e:
3d:88:9d:63:b6:f8:ac:26:10:1f:43:57:df:03:57:
e9:fa:f5:85:27:e0:d4:6d:78:28:e7:7f:fd:61:d5:
5c:0f:97:0b:82:7d:33:26:b3:ad:f7:21:36:d4:8c:
58:7b:b0:d8:cb:c0:16:b1:5f:90:d7:17:6f:e2:f7:
5a:3f:9f:27:d2:75:33:73:73:64:5e:79:b3:59:dd:
c0:c4:18:db:ef:d1:ec:da:85:c5:01:0c:aa:e4:a5:
41:fc:3e:28:3f:b7:c2:ed:5f:b0:36:a8:ff:30:21:
a3:5e:7a:f2:6d:e2:59:f1:15:d4:50:a2:c2:4f:93:
ff:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:29:9A:B2:78:D3:35:40:BF:2E:98:B8:1F:D1:85:E6:D7:AF:7F:36
X509v3 Authority Key Identifier:
keyid:05:51:60:5B:67:5E:CE:4E:0F:CE:71:75:AE:31:A9:3F:A8:27:2B:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BVFgW2dezk4PznF1rjGpP6gnK6Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/pCmasnjTNUC_Lpi4H9GF5tevfzY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/BVFgW2dezk4PznF1rjGpP6gnK6Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.242.0/23
85.208.45.0/24
85.208.47.0/24
Signature Algorithm: sha256WithRSAEncryption
83:59:4d:a3:96:9f:07:0f:63:dc:d6:a8:32:67:7e:03:92:ea:
86:a2:48:41:84:83:ee:02:fb:10:ba:7f:03:e8:e1:75:fc:52:
e4:9f:12:fc:83:74:b8:35:56:5b:89:d4:07:92:b0:80:18:0a:
37:6d:9d:2d:3c:cd:a8:31:87:d6:f7:ea:a6:c2:cc:cb:0e:cd:
34:52:dd:2b:4b:fa:5a:2e:68:67:e6:85:6c:72:bb:44:1d:a5:
02:34:12:a3:67:c6:06:08:97:e4:d1:c1:1d:dc:41:7d:df:6e:
3e:a8:bb:c7:6e:69:09:d3:5c:85:ee:9f:9b:82:11:42:ed:e9:
69:a9:77:2b:a7:16:f9:90:73:e2:a0:b1:7d:68:d7:89:09:98:
67:04:27:4f:f1:96:17:32:5a:ff:9e:d6:7f:9e:d9:d5:e0:71:
86:91:74:00:11:3f:be:ea:ab:95:19:61:9f:29:22:bf:0f:63:
76:d7:6a:a7:bd:00:08:62:f8:6f:8c:c9:15:d8:16:65:44:3f:
a6:fb:02:97:3e:b6:5d:7a:a6:af:ae:96:c7:7a:2a:06:60:c1:
97:ba:41:ad:e1:e2:b5:db:36:26:a0:60:25:a0:7f:35:d9:71:
78:0c:05:1b:7b:cb:7c:ec:86:4d:c9:95:f6:ef:77:0f:36:0f:
57:7f:5d:b0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYeZCa/ml/Yuk1wAwN9ihq5mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NTE2MDViNjc1ZWNlNGUwZmNlNzE3NWFlMzFhOTNmYTgy
NzJiYTYwHhcNMjMwNDE5MTAyMjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDI5OWFiMjc4ZDMzNTQwYmYyZTk4YjgxZmQxODVlNmQ3YWY3ZjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvNtZU4Y3G8c8eqARa+NvE9jN51X5
+whjcjy5Y4jbHnrwJR78SqCel2obYG1j0LWq/ORDPM/cuoY/NJ+X9KpQCR7EeCM7
Q5UzSJwhU5yzJvLwLyX4vv1H7CHV1F0cUmjftMaj45EJ3HID0DJw1hPsyxut6UIv
DP0+6z8wGjE1iwTc/PfXrH49iJ1jtvisJhAfQ1ffA1fp+vWFJ+DUbXgo53/9YdVc
D5cLgn0zJrOt9yE21IxYe7DYy8AWsV+Q1xdv4vdaP58n0nUzc3NkXnmzWd3AxBjb
79Hs2oXFAQyq5KVB/D4oP7fC7V+wNqj/MCGjXnrybeJZ8RXUUKLCT5P/nQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKQpmrJ40zVAvy6YuB/RhebXr382MB8GA1UdIwQY
MBaAFAVRYFtnXs5OD85xda4xqT+oJyumMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlZGZ1cyZGV6azRQem5GMXJqR3BQNmduSzZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yOGVhNDUtN2QzMC00NmRmLThmMmEt
MDc3OWY0OGVjZWEwLzEvcENtYXNualROVUNfTHBpNEg5R0Y1dGV2ZnpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yOGVhNDUtN2QzMC00NmRmLThmMmEtMDc3OWY0OGVjZWEw
LzEvQlZGZ1cyZGV6azRQem5GMXJqR3BQNmduSzZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBLVTyAwQA
VdAtAwQAVdAvMA0GCSqGSIb3DQEBCwUAA4IBAQCDWU2jlp8HD2Pc1qgyZ34DkuqG
okhBhIPuAvsQun8D6OF1/FLknxL8g3S4NVZbidQHkrCAGAo3bZ0tPM2oMYfW9+qm
wszLDs00Ut0rS/paLmhn5oVscrtEHaUCNBKjZ8YGCJfk0cEd3EF9324+qLvHbmkJ
01yF7p+bghFC7elpqXcrpxb5kHPioLF9aNeJCZhnBCdP8ZYXMlr/ntZ/ntnV4HGG
kXQAET++6quVGWGfKSK/D2N212qnvQAIYvhvjMkV2BZlRD+m+wKXPrZdeqavrpbH
eioGYMGXukGt4eK12zYmoGAloH812XF4DAUbe8t87IZNyZX273cPNg9Xf12w
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:24 2024 by rpki-client on console-fra.rpki-client.org