Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/PM42qC0EDTaqX3FUKOQbqVP8YcM.roa
File: PM42qC0EDTaqX3FUKOQbqVP8YcM.roa (raw, json)
Hash identifier: AkIf8P8kG7MqedOx+cafOY9qp7yG9S1IwM55IAnYYFI=
Subject key identifier: 3C:CE:36:A8:2D:04:0D:36:AA:5F:71:54:28:E4:1B:A9:53:FC:61:C3
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 018CC7954A7976F862FD45FE5A0508F6C666
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/PM42qC0EDTaqX3FUKOQbqVP8YcM.roa
Signing time: Tue 02 Jan 2024 00:31:39 +0000
ROA not before: Tue 02 Jan 2024 00:31:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41807
IP address blocks: 89.45.166.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:48:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:4a:79:76:f8:62:fd:45:fe:5a:05:08:f6:c6:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Jan 2 00:31:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3cce36a82d040d36aa5f715428e41ba953fc61c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:8c:d9:63:80:48:76:26:cd:7d:49:35:2c:04:
68:a7:48:88:89:08:d7:92:91:ef:82:0e:14:b0:f0:
54:c4:62:18:39:c4:98:12:4b:cd:7d:6b:8d:6f:df:
1f:e0:f4:de:58:c0:b9:77:0f:66:1c:68:4e:2c:93:
35:21:c4:60:f9:a1:e0:0b:69:c3:b7:ce:a6:ac:0e:
82:12:04:04:ee:55:fb:d1:1e:86:30:56:eb:3a:06:
62:d9:29:1d:b0:ce:d1:1a:d5:6d:02:a2:80:9e:34:
60:39:a6:9d:9c:6f:c9:be:83:42:d8:4c:34:82:4c:
7c:36:08:e7:ba:73:27:d3:60:ee:9f:6a:a3:a7:d4:
ec:03:df:a1:f1:38:b1:a8:59:fa:19:36:44:e5:f0:
0d:a8:ae:f1:22:27:ef:12:cb:87:13:61:50:12:9d:
41:68:ea:16:13:25:0c:47:ef:fa:16:3e:60:fe:e9:
02:23:51:19:15:b3:3d:17:91:26:e1:2c:0c:e1:6b:
da:08:98:0c:84:97:a5:fe:4a:d5:03:a5:68:39:f4:
fc:51:52:28:23:d6:16:50:7d:ea:b7:09:09:72:84:
20:fe:5b:99:f2:0a:a9:1a:0e:ea:53:90:5e:00:ed:
3d:6c:fb:02:e0:ea:82:9e:37:6e:f6:57:d6:b8:41:
f8:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:CE:36:A8:2D:04:0D:36:AA:5F:71:54:28:E4:1B:A9:53:FC:61:C3
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/PM42qC0EDTaqX3FUKOQbqVP8YcM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.45.166.0/23
Signature Algorithm: sha256WithRSAEncryption
37:16:85:d2:cb:c5:4f:54:dc:77:2f:a8:74:f3:d4:bc:a9:e5:
19:f9:d1:01:3d:97:d7:f4:33:54:2d:1f:c5:c1:a6:88:ad:e7:
c6:21:79:fb:29:85:19:09:1b:58:e7:c9:f9:60:39:22:11:7a:
73:67:c8:44:57:76:ac:cf:13:90:9d:c2:19:11:ed:79:e8:91:
a1:a7:11:97:14:55:0d:a4:1e:b9:f8:bd:3f:38:bd:72:a6:9d:
79:00:b6:aa:d5:4c:52:ce:db:39:06:6e:26:b3:02:cf:99:ae:
41:f5:6e:54:66:43:f1:5b:d6:8c:e0:5c:af:96:72:8b:b9:45:
d8:e2:53:1a:81:ea:67:e3:f9:82:43:78:07:37:7c:97:fa:05:
92:25:f3:8c:6b:b0:a3:15:c3:32:40:ed:de:6d:d0:d6:d8:61:
e0:51:1a:9c:7d:84:8a:ef:3c:7c:ac:03:18:52:0a:d5:4c:01:
89:a1:60:8d:a1:d3:86:01:7d:cf:10:15:a2:81:1b:de:2b:e1:
8d:b7:ad:ef:4a:0c:5f:4c:2d:7b:67:9e:07:a0:01:f5:70:f2:
38:92:f0:00:a9:11:7e:18:8e:33:b9:0b:9b:c1:4c:c9:eb:e1:
96:eb:65:ce:84:e8:52:9a:74:5c:ab:a9:74:5b:ad:2f:4e:71:
39:3a:4d:b0
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzHlUp5dvhi/UX+WgUI9sZmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjQwMTAyMDAzMTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2NlMzZhODJkMDQwZDM2YWE1ZjcxNTQyOGU0MWJhOTUzZmM2MWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmYzZY4BIdibNfUk1LARop0iIiQjX
kpHvgg4UsPBUxGIYOcSYEkvNfWuNb98f4PTeWMC5dw9mHGhOLJM1IcRg+aHgC2nD
t86mrA6CEgQE7lX70R6GMFbrOgZi2SkdsM7RGtVtAqKAnjRgOaadnG/JvoNC2Ew0
gkx8NgjnunMn02Dun2qjp9TsA9+h8TixqFn6GTZE5fANqK7xIifvEsuHE2FQEp1B
aOoWEyUMR+/6Fj5g/ukCI1EZFbM9F5Em4SwM4WvaCJgMhJel/krVA6VoOfT8UVIo
I9YWUH3qtwkJcoQg/luZ8gqpGg7qU5BeAO09bPsC4OqCnjdu9lfWuEH4LQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFDzONqgtBA02ql9xVCjkG6lT/GHDMB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xL1BNNDJxQzBFRFRhcVgzRlVLT1FicVZQOFljTS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFZLaYw
DQYJKoZIhvcNAQELBQADggEBADcWhdLLxU9U3HcvqHTz1Lyp5Rn50QE9l9f0M1Qt
H8XBpoit58YhefsphRkJG1jnyflgOSIRenNnyERXdqzPE5CdwhkR7XnokaGnEZcU
VQ2kHrn4vT84vXKmnXkAtqrVTFLO2zkGbiazAs+ZrkH1blRmQ/Fb1ozgXK+Wcou5
RdjiUxqB6mfj+YJDeAc3fJf6BZIl84xrsKMVwzJA7d5t0NbYYeBRGpx9hIrvPHys
AxhSCtVMAYmhYI2h04YBfc8QFaKBG94r4Y23re9KDF9MLXtnngegAfVw8jiS8ACp
EX4YjjO5C5vBTMnr4ZbrZc6E6FKadFyrqXRbrS9OcTk6TbA=
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:27:21 2025 by rpki-client