Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/1977de-1df4-404c-9da9-0779df1dd64d/1/PQvV6lufULO2pmh1LMCMR_MvD8g.roa
File: PQvV6lufULO2pmh1LMCMR_MvD8g.roa (raw, json)
Hash identifier: xBBEVUQfUR9I5i26KBLbGfhW864HaSQVrbYMK3KYE8c=
Subject key identifier: 3D:0B:D5:EA:5B:9F:50:B3:B6:A6:68:75:2C:C0:8C:47:F3:2F:0F:C8
Certificate issuer: /CN=1913cb4856821d14cd2e0b767c2931a22c154e7c
Certificate serial: 018CC26D5530076AC6A279DAC37D95C183B4
Authority key identifier: 19:13:CB:48:56:82:1D:14:CD:2E:0B:76:7C:29:31:A2:2C:15:4E:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GRPLSFaCHRTNLgt2fCkxoiwVTnw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/1977de-1df4-404c-9da9-0779df1dd64d/1/PQvV6lufULO2pmh1LMCMR_MvD8g.roa
Signing time: Mon 01 Jan 2024 00:29:54 +0000
ROA not before: Mon 01 Jan 2024 00:29:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202246
IP address blocks: 109.204.176.0/20 maxlen: 20
185.128.16.0/22 maxlen: 22
2a10:a5c5::/32 maxlen: 32
2a10:a5c3::/32 maxlen: 32
2a10:a5c7::/32 maxlen: 32
2a10:a5c1::/32 maxlen: 32
2a10:a5c0::/29 maxlen: 29
2a10:a5c4::/32 maxlen: 32
2a10:a5c2::/32 maxlen: 32
2a10:a5c0::/32 maxlen: 32
2a10:a5c6::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 23 Feb 2024 06:52:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:55:30:07:6a:c6:a2:79:da:c3:7d:95:c1:83:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1913cb4856821d14cd2e0b767c2931a22c154e7c
Validity
Not Before: Jan 1 00:29:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3d0bd5ea5b9f50b3b6a668752cc08c47f32f0fc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:1f:83:d4:c4:b2:64:a8:9d:e1:89:8c:f6:42:
14:e1:4d:19:31:4a:aa:28:7f:80:af:b1:6d:f7:f3:
83:09:42:11:61:db:da:cf:cd:1d:4d:9a:75:e0:1a:
89:f4:e6:d0:15:87:30:1b:f0:97:3a:be:d1:70:91:
51:ef:b7:d3:65:f1:ef:1d:cc:51:a7:eb:62:d5:e0:
ef:6d:42:6a:ab:63:12:0c:9c:b9:fd:38:67:6c:5b:
83:6b:6c:5d:19:5d:a0:c8:25:f4:86:bf:06:d0:9a:
a0:b8:40:8c:42:2d:d9:7d:55:e0:19:2a:2d:07:dc:
9c:ee:b3:5d:f0:75:38:e8:db:04:a1:78:1d:c4:b4:
3e:22:01:c0:e9:fa:48:59:9b:c3:73:3e:88:73:73:
73:f8:12:94:c9:ca:d2:83:eb:3e:2f:15:47:d1:cc:
db:b1:a1:90:e0:57:b8:1e:9f:b9:d1:14:71:2a:3d:
19:e1:26:24:a0:09:d1:80:09:91:a9:f2:b2:2d:4d:
7f:bc:32:5d:9a:05:88:77:4d:83:0e:40:59:91:95:
bd:0c:7a:f5:79:9d:ce:06:94:4a:2c:51:9e:a6:c3:
d9:67:9d:eb:5b:cc:73:69:78:f3:45:d4:ce:e0:bd:
ab:25:ef:83:fb:ae:02:01:62:cd:70:8b:f3:11:c1:
c3:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:0B:D5:EA:5B:9F:50:B3:B6:A6:68:75:2C:C0:8C:47:F3:2F:0F:C8
X509v3 Authority Key Identifier:
keyid:19:13:CB:48:56:82:1D:14:CD:2E:0B:76:7C:29:31:A2:2C:15:4E:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GRPLSFaCHRTNLgt2fCkxoiwVTnw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/1977de-1df4-404c-9da9-0779df1dd64d/1/PQvV6lufULO2pmh1LMCMR_MvD8g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/1977de-1df4-404c-9da9-0779df1dd64d/1/GRPLSFaCHRTNLgt2fCkxoiwVTnw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.204.176.0/20
185.128.16.0/22
IPv6:
2a10:a5c0::/29
Signature Algorithm: sha256WithRSAEncryption
a5:56:a6:8b:04:b4:2c:ae:ba:d0:b3:e3:1d:07:45:61:7f:c2:
5b:fb:06:3d:69:cd:19:a2:f1:e4:f8:3a:ea:9f:bd:46:70:b3:
06:e1:c9:e2:b8:69:a4:b0:b2:48:56:72:98:8b:09:2b:b6:5c:
71:5e:87:09:9e:da:40:e4:60:f6:4e:6a:f0:92:3e:d0:1c:dd:
21:3b:6a:2f:d2:5b:cf:b9:df:2c:f9:20:1c:83:6c:39:0c:1b:
4c:cb:e5:f5:8a:6b:d2:45:8d:73:3d:0c:93:6e:54:63:ac:21:
c6:0d:46:66:57:08:34:0c:70:ce:4c:a3:1e:94:18:74:06:3c:
c2:77:ff:ed:74:14:96:1d:e7:97:75:6a:4a:6f:90:3e:4b:6c:
46:84:2c:fc:7f:57:24:7d:1d:74:9e:02:6c:7d:04:b7:a3:31:
86:5e:ae:a0:7d:34:a0:e2:c2:0e:88:c7:46:13:bf:dc:83:fc:
e5:24:33:24:a9:da:52:e2:a2:71:a0:c9:8c:44:1f:a2:f4:c4:
a1:8f:32:cc:f9:a9:52:19:95:06:32:3b:b2:95:1b:d9:cd:6a:
84:bc:4a:86:8c:be:0f:5e:84:cc:56:5a:f4:24:38:96:fe:8d:
12:40:0a:76:ea:80:0d:98:7d:aa:b8:63:f6:45:eb:7b:86:20:
9b:0a:18:6f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzCbVUwB2rGonnaw32VwYO0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5MTNjYjQ4NTY4MjFkMTRjZDJlMGI3NjdjMjkzMWEyMmMx
NTRlN2MwHhcNMjQwMTAxMDAyOTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDBiZDVlYTViOWY1MGIzYjZhNjY4NzUyY2MwOGM0N2YzMmYwZmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkx+D1MSyZKid4YmM9kIU4U0ZMUqq
KH+Ar7Ft9/ODCUIRYdvaz80dTZp14BqJ9ObQFYcwG/CXOr7RcJFR77fTZfHvHcxR
p+ti1eDvbUJqq2MSDJy5/ThnbFuDa2xdGV2gyCX0hr8G0JqguECMQi3ZfVXgGSot
B9yc7rNd8HU46NsEoXgdxLQ+IgHA6fpIWZvDcz6Ic3Nz+BKUycrSg+s+LxVH0czb
saGQ4Fe4Hp+50RRxKj0Z4SYkoAnRgAmRqfKyLU1/vDJdmgWId02DDkBZkZW9DHr1
eZ3OBpRKLFGepsPZZ53rW8xzaXjzRdTO4L2rJe+D+64CAWLNcIvzEcHDfwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFD0L1epbn1CztqZodSzAjEfzLw/IMB8GA1UdIwQY
MBaAFBkTy0hWgh0UzS4LdnwpMaIsFU58MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1JQTFNGYUNIUlROTGd0MmZDa3hvaXdWVG53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS8xOTc3ZGUtMWRmNC00MDRjLTlkYTkt
MDc3OWRmMWRkNjRkLzEvUFF2VjZsdWZVTE8ycG1oMUxNQ01SX012RDhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS8xOTc3ZGUtMWRmNC00MDRjLTlkYTktMDc3OWRmMWRkNjRk
LzEvR1JQTFNGYUNIUlROTGd0MmZDa3hvaXdWVG53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEbcywAwQC
uYAQMA0EAgACMAcDBQMqEKXAMA0GCSqGSIb3DQEBCwUAA4IBAQClVqaLBLQsrrrQ
s+MdB0Vhf8Jb+wY9ac0ZovHk+Drqn71GcLMG4cniuGmksLJIVnKYiwkrtlxxXocJ
ntpA5GD2Tmrwkj7QHN0hO2ov0lvPud8s+SAcg2w5DBtMy+X1imvSRY1zPQyTblRj
rCHGDUZmVwg0DHDOTKMelBh0BjzCd//tdBSWHeeXdWpKb5A+S2xGhCz8f1ckfR10
ngJsfQS3ozGGXq6gfTSg4sIOiMdGE7/cg/zlJDMkqdpS4qJxoMmMRB+i9MShjzLM
+alSGZUGMjuylRvZzWqEvEqGjL4PXoTMVlr0JDiW/o0SQAp26oANmH2quGP2Ret7
hiCbChhv
-----END CERTIFICATE-----
Generated at Fri Feb 23 10:44:39 2024 by rpki-client on console-ams.rpki-client.org