Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/501f2b-fd1f-45ea-b494-d73dc4b41ce1/1/pFYovJknjDMSCSNYCs85YLLC9Pk.roa
File: pFYovJknjDMSCSNYCs85YLLC9Pk.roa (raw, json)
Hash identifier: owsz26vWgeV4vCrtBSwa5UTbOBa9MF6c4aQUWvZMU0E=
Subject key identifier: A4:56:28:BC:99:27:8C:33:12:09:23:58:0A:CF:39:60:B2:C2:F4:F9
Certificate issuer: /CN=bc464ba9d26385f54df6254ac248926d370445b0
Certificate serial: 018C5EDB679ED698E15B31EC886609B5BADA
Authority key identifier: BC:46:4B:A9:D2:63:85:F5:4D:F6:25:4A:C2:48:92:6D:37:04:45:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vEZLqdJjhfVN9iVKwkiSbTcERbA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/501f2b-fd1f-45ea-b494-d73dc4b41ce1/1/pFYovJknjDMSCSNYCs85YLLC9Pk.roa
Signing time: Tue 12 Dec 2023 16:28:06 +0000
ROA not before: Tue 12 Dec 2023 16:28:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8540
IP address blocks: 146.19.52.0/24 maxlen: 24
185.151.20.0/22 maxlen: 24
45.155.184.0/22 maxlen: 24
185.227.88.0/23 maxlen: 23
185.227.91.0/24 maxlen: 24
185.236.166.0/24 maxlen: 24
185.236.164.0/23 maxlen: 24
185.209.204.0/22 maxlen: 22
2a0b:4c40::/29 maxlen: 29
2a07:7540::/29 maxlen: 32
Validation: Failed, certificate revoked on Thu 14 Dec 2023 11:26:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:5e:db:67:9e:d6:98:e1:5b:31:ec:88:66:09:b5:ba:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc464ba9d26385f54df6254ac248926d370445b0
Validity
Not Before: Dec 12 16:28:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a45628bc99278c33120923580acf3960b2c2f4f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:de:1a:d7:69:f3:6c:c8:c8:78:e2:a2:35:5e:
24:47:b1:03:c4:d5:5b:e3:73:de:f9:09:04:13:b1:
44:21:47:f3:d8:b8:88:fc:97:a7:ca:62:7e:31:61:
f1:d3:48:b0:58:e9:17:df:cb:e5:36:9f:bf:e2:43:
0f:b1:e6:ca:f4:fa:33:fe:34:41:89:77:4d:59:71:
31:6e:25:5f:29:8d:97:04:d9:f4:2a:ad:14:22:ae:
30:be:83:18:7d:ff:62:3c:c6:f2:d5:e5:91:61:2b:
69:5c:cf:94:8c:0d:69:8c:7d:c8:28:d2:e3:85:f0:
80:a5:e9:82:52:d9:61:f5:a7:b0:2c:71:26:4b:e2:
10:06:b4:3e:57:e9:77:ce:76:c4:e4:32:2f:a6:20:
29:7c:f6:08:04:9a:f2:77:1a:d7:54:bb:81:b6:c6:
0a:39:78:83:e1:e4:61:68:a0:d8:33:ad:ee:f8:b2:
d7:06:33:99:8a:94:cc:b8:5a:ae:77:2a:9a:27:27:
de:21:b1:6f:d8:0c:c8:8b:19:f4:42:97:e1:8a:40:
10:ac:7b:f4:74:37:ce:d9:d5:2e:46:4b:fd:f9:6a:
3c:df:e9:ec:d3:ca:87:96:b3:34:68:fd:6d:cd:06:
b8:a1:9c:30:56:af:55:e7:61:d1:26:9d:67:47:d8:
e8:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:56:28:BC:99:27:8C:33:12:09:23:58:0A:CF:39:60:B2:C2:F4:F9
X509v3 Authority Key Identifier:
keyid:BC:46:4B:A9:D2:63:85:F5:4D:F6:25:4A:C2:48:92:6D:37:04:45:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vEZLqdJjhfVN9iVKwkiSbTcERbA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/501f2b-fd1f-45ea-b494-d73dc4b41ce1/1/pFYovJknjDMSCSNYCs85YLLC9Pk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/501f2b-fd1f-45ea-b494-d73dc4b41ce1/1/vEZLqdJjhfVN9iVKwkiSbTcERbA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.184.0/22
146.19.52.0/24
185.151.20.0/22
185.209.204.0/22
185.227.88.0/23
185.227.91.0/24
185.236.164.0-185.236.166.255
IPv6:
2a07:7540::/29
2a0b:4c40::/29
Signature Algorithm: sha256WithRSAEncryption
24:f4:8e:0f:e3:e6:28:76:94:68:8c:02:4d:d3:b1:4d:40:e3:
dd:ad:51:19:7c:f9:23:ad:13:b6:6c:e0:f5:90:bc:5b:05:79:
52:9d:9c:62:11:b1:81:c4:e7:af:53:dd:44:81:81:a5:54:29:
9e:0d:ec:bb:a9:e3:ad:62:56:f7:d9:f0:0b:37:aa:3a:f2:89:
e2:78:5c:e4:50:51:67:66:46:2c:92:c7:13:4f:95:e0:cf:43:
e3:5d:c2:b8:1e:b9:3c:8d:fe:0b:7a:b6:fa:79:61:fa:2e:8e:
5e:a4:4f:53:aa:40:5c:2f:d8:73:88:b8:44:b4:e9:b7:f0:c3:
94:5c:22:a7:e0:6c:f5:4e:fd:1e:d4:9d:8e:7f:d7:b7:f7:de:
ca:26:15:49:09:26:88:51:fc:af:f1:d3:e1:42:35:1c:5e:4e:
39:1a:89:e6:78:e6:5a:be:80:a6:08:77:6f:cc:aa:cb:3b:56:
b6:4e:85:20:b9:b3:23:7c:f7:3c:32:61:85:79:aa:a6:1a:fd:
cd:ac:55:70:d7:06:59:af:95:0d:2a:b4:85:3b:da:90:71:0e:
9e:08:d9:89:cd:eb:17:b6:0a:1f:5d:c7:a9:2d:8c:28:4a:08:
a9:a4:db:9d:52:ae:5e:0d:aa:1b:39:a8:85:03:04:09:d9:aa:
f3:8a:18:6c
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYxe22ee1pjhWzHsiGYJtbraMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjNDY0YmE5ZDI2Mzg1ZjU0ZGY2MjU0YWMyNDg5MjZkMzcw
NDQ1YjAwHhcNMjMxMjEyMTYyODA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDU2MjhiYzk5Mjc4YzMzMTIwOTIzNTgwYWNmMzk2MGIyYzJmNGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg94a12nzbMjIeOKiNV4kR7EDxNVb
43Pe+QkEE7FEIUfz2LiI/JenymJ+MWHx00iwWOkX38vlNp+/4kMPsebK9Poz/jRB
iXdNWXExbiVfKY2XBNn0Kq0UIq4wvoMYff9iPMby1eWRYStpXM+UjA1pjH3IKNLj
hfCApemCUtlh9aewLHEmS+IQBrQ+V+l3znbE5DIvpiApfPYIBJrydxrXVLuBtsYK
OXiD4eRhaKDYM63u+LLXBjOZipTMuFqudyqaJyfeIbFv2AzIixn0QpfhikAQrHv0
dDfO2dUuRkv9+Wo83+ns08qHlrM0aP1tzQa4oZwwVq9V52HRJp1nR9jouwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFKRWKLyZJ4wzEgkjWArPOWCywvT5MB8GA1UdIwQY
MBaAFLxGS6nSY4X1TfYlSsJIkm03BEWwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkVaTHFkSmpoZlZOOWlWS3draVNiVGNFUmJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS81MDFmMmItZmQxZi00NWVhLWI0OTQt
ZDczZGM0YjQxY2UxLzEvcEZZb3ZKa25qRE1TQ1NOWUNzODVZTExDOVBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS81MDFmMmItZmQxZi00NWVhLWI0OTQtZDczZGM0YjQxY2Ux
LzEvdkVaTHFkSmpoZlZOOWlWS3draVNiVGNFUmJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDA4BAIAATAyAwQCLZu4AwQA
khM0AwQCuZcUAwQCudHMAwQBueNYAwQAueNbMAwDBAK57KQDBAC57KYwFAQCAAIw
DgMFAyoHdUADBQMqC0xAMA0GCSqGSIb3DQEBCwUAA4IBAQAk9I4P4+YodpRojAJN
07FNQOPdrVEZfPkjrRO2bOD1kLxbBXlSnZxiEbGBxOevU91EgYGlVCmeDey7qeOt
Ylb32fALN6o68onieFzkUFFnZkYskscTT5Xgz0PjXcK4Hrk8jf4Lerb6eWH6Lo5e
pE9TqkBcL9hziLhEtOm38MOUXCKn4Gz1Tv0e1J2Of9e3997KJhVJCSaIUfyv8dPh
QjUcXk45GonmeOZavoCmCHdvzKrLO1a2ToUgubMjfPc8MmGFeaqmGv3NrFVw1wZZ
r5UNKrSFO9qQcQ6eCNmJzesXtgofXcepLYwoSgippNudUq5eDaobOaiFAwQJ2arz
ihhs
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:16 2024 by rpki-client on console-ams.rpki-client.org