Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/758c96-611d-4167-80cd-041ab302c2f9/1/PzsrGkX1FgQERnB1OFv_i9TB5vM.roa
File: PzsrGkX1FgQERnB1OFv_i9TB5vM.roa (raw, json)
Hash identifier: g61yC/0a/QTi6WnowLhDn0WWEByYyO3PGoxGMl8eZp0=
Subject key identifier: 3F:3B:2B:1A:45:F5:16:04:04:46:70:75:38:5B:FF:8B:D4:C1:E6:F3
Certificate issuer: /CN=e5825fbee7c43a29838eabe4fc87d794349c0c80
Certificate serial: 019126D3DD624F2B642BFE3CE23DF8FCFDDE
Authority key identifier: E5:82:5F:BE:E7:C4:3A:29:83:8E:AB:E4:FC:87:D7:94:34:9C:0C:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5YJfvufEOimDjqvk_IfXlDScDIA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/758c96-611d-4167-80cd-041ab302c2f9/1/PzsrGkX1FgQERnB1OFv_i9TB5vM.roa
Signing time: Tue 06 Aug 2024 08:35:04 +0000
ROA not before: Tue 06 Aug 2024 08:35:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48045
IP address blocks: 46.46.64.0/18 maxlen: 18
94.240.128.0/22 maxlen: 22
94.240.160.0/19 maxlen: 19
2a09:65c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 12 Aug 2024 10:31:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:26:d3:dd:62:4f:2b:64:2b:fe:3c:e2:3d:f8:fc:fd:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5825fbee7c43a29838eabe4fc87d794349c0c80
Validity
Not Before: Aug 6 08:35:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3f3b2b1a45f5160404467075385bff8bd4c1e6f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:3e:67:aa:2b:d6:85:3e:51:09:1d:4a:3e:11:
7c:56:db:e2:21:07:63:0e:b9:cb:f5:44:46:92:0b:
0b:41:38:33:b6:fa:fb:55:d0:7b:dd:dc:eb:7f:0e:
b8:40:0a:96:11:92:1d:57:d1:f2:53:d4:45:f2:04:
29:6c:12:17:e4:93:f4:5a:5e:ef:88:ea:51:b6:ca:
6a:a4:38:83:a8:6a:e9:94:ec:87:26:ce:56:e7:fc:
cc:a0:d8:c4:2e:cc:0f:8b:f3:bd:e8:88:89:ac:86:
72:37:7f:f0:8f:f3:e2:a6:7b:53:6d:82:69:4d:d0:
79:a3:79:2f:8b:c9:38:3f:d0:82:73:b8:ab:57:bf:
5b:11:68:3f:12:21:43:f4:cd:cf:e2:5c:b8:a3:33:
2f:d6:bb:c7:db:47:da:c8:6c:51:e0:7a:b8:b5:e7:
e4:1f:ff:e0:39:2b:f5:2b:93:c4:91:49:ad:66:91:
ab:a9:e6:a1:60:40:f4:4c:1f:c2:8e:44:80:17:a3:
2b:db:48:15:d8:66:25:93:91:da:b5:3d:66:92:2f:
9e:4c:eb:6d:54:70:a6:91:10:bc:0c:fe:99:40:15:
c0:06:8d:38:e0:57:8d:83:b7:f5:4d:51:3e:5a:7e:
ea:ed:d4:d0:33:7d:69:d8:4e:e9:82:af:3d:29:03:
10:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:3B:2B:1A:45:F5:16:04:04:46:70:75:38:5B:FF:8B:D4:C1:E6:F3
X509v3 Authority Key Identifier:
keyid:E5:82:5F:BE:E7:C4:3A:29:83:8E:AB:E4:FC:87:D7:94:34:9C:0C:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5YJfvufEOimDjqvk_IfXlDScDIA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/758c96-611d-4167-80cd-041ab302c2f9/1/PzsrGkX1FgQERnB1OFv_i9TB5vM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/758c96-611d-4167-80cd-041ab302c2f9/1/5YJfvufEOimDjqvk_IfXlDScDIA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.46.64.0/18
94.240.128.0/22
94.240.160.0/19
IPv6:
2a09:65c0::/32
Signature Algorithm: sha256WithRSAEncryption
76:dd:5d:bf:98:ca:e6:e8:83:9f:b4:22:1c:1c:42:98:81:86:
55:9d:69:5f:28:98:e0:05:a7:c2:f7:68:02:d0:06:31:99:fd:
a9:2b:4a:0e:5b:85:71:9d:77:83:fb:18:c5:f6:ef:c4:e8:89:
10:7b:af:97:4f:88:2c:a1:ed:ce:83:48:99:3c:21:1c:09:e9:
09:ea:ce:5f:c6:ac:b4:69:55:f5:a8:ef:dc:cd:fd:10:53:e3:
f9:db:fd:2a:4b:84:f9:83:18:91:b3:c9:b3:8c:66:f7:be:9e:
ce:ea:38:8b:56:f4:92:9f:aa:b3:59:13:2e:1d:3c:b0:5e:f2:
bb:00:3c:1f:66:5d:62:ed:8b:06:13:0a:63:f0:10:82:6f:a5:
05:24:9c:1d:15:ec:e1:77:d7:a6:a1:22:90:d8:81:99:b9:ce:
b3:a5:8f:87:32:ba:74:06:ba:b0:72:b1:56:2f:fc:fb:61:f0:
54:71:ca:d2:09:45:26:ec:76:c2:6c:04:f2:c7:46:b5:c8:fe:
29:78:e1:a3:0b:6c:54:62:0d:14:63:86:96:92:7e:db:a2:60:
9b:a2:d3:7e:e9:2b:b5:74:a5:cf:64:bf:e9:e5:f3:5c:d5:6b:
1a:a2:b6:95:26:1c:9f:e5:1e:d1:f8:f4:d7:3e:e0:ec:0a:d1:
0f:0e:78:50
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZEm091iTytkK/484j34/P3eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1ODI1ZmJlZTdjNDNhMjk4MzhlYWJlNGZjODdkNzk0MzQ5
YzBjODAwHhcNMjQwODA2MDgzNTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjNiMmIxYTQ1ZjUxNjA0MDQ0NjcwNzUzODViZmY4YmQ0YzFlNmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwj5nqivWhT5RCR1KPhF8VtviIQdj
DrnL9URGkgsLQTgztvr7VdB73dzrfw64QAqWEZIdV9HyU9RF8gQpbBIX5JP0Wl7v
iOpRtspqpDiDqGrplOyHJs5W5/zMoNjELswPi/O96IiJrIZyN3/wj/PipntTbYJp
TdB5o3kvi8k4P9CCc7irV79bEWg/EiFD9M3P4ly4ozMv1rvH20fayGxR4Hq4tefk
H//gOSv1K5PEkUmtZpGrqeahYED0TB/CjkSAF6Mr20gV2GYlk5HatT1mki+eTOtt
VHCmkRC8DP6ZQBXABo044FeNg7f1TVE+Wn7q7dTQM31p2E7pgq89KQMQrQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFD87KxpF9RYEBEZwdThb/4vUwebzMB8GA1UdIwQY
MBaAFOWCX77nxDopg46r5PyH15Q0nAyAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVlKZnZ1ZkVPaW1EanF2a19JZlhsRFNjRElBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS83NThjOTYtNjExZC00MTY3LTgwY2Qt
MDQxYWIzMDJjMmY5LzEvUHpzckdrWDFGZ1FFUm5CMU9Gdl9pOVRCNXZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS83NThjOTYtNjExZC00MTY3LTgwY2QtMDQxYWIzMDJjMmY5
LzEvNVlKZnZ1ZkVPaW1EanF2a19JZlhsRFNjRElBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQGLi5AAwQC
XvCAAwQFXvCgMA0EAgACMAcDBQAqCWXAMA0GCSqGSIb3DQEBCwUAA4IBAQB23V2/
mMrm6IOftCIcHEKYgYZVnWlfKJjgBafC92gC0AYxmf2pK0oOW4VxnXeD+xjF9u/E
6IkQe6+XT4gsoe3Og0iZPCEcCekJ6s5fxqy0aVX1qO/czf0QU+P52/0qS4T5gxiR
s8mzjGb3vp7O6jiLVvSSn6qzWRMuHTywXvK7ADwfZl1i7YsGEwpj8BCCb6UFJJwd
Fezhd9emoSKQ2IGZuc6zpY+HMrp0BrqwcrFWL/z7YfBUccrSCUUm7HbCbATyx0a1
yP4peOGjC2xUYg0UY4aWkn7bomCbotN+6Su1dKXPZL/p5fNc1WsaoraVJhyf5R7R
+PTXPuDsCtEPDnhQ
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:18:03 2025 by rpki-client