Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/pfHwT-9Xz06RyZwdyWMXV-7H7Cw.roa
File: pfHwT-9Xz06RyZwdyWMXV-7H7Cw.roa (raw, json)
Hash identifier: lRL+NH5F8T2D/DK5ybzOpOMDKQf91z5P+uZxKZOCWH4=
Subject key identifier: A5:F1:F0:4F:EF:57:CF:4E:91:C9:9C:1D:C9:63:17:57:EE:C7:EC:2C
Certificate issuer: /CN=18101772248996b87d90840c2d27d62549458173
Certificate serial: 01856F66EE3621E0D56933B341684B386645
Authority key identifier: 18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/pfHwT-9Xz06RyZwdyWMXV-7H7Cw.roa
Signing time: Sun 01 Jan 2023 22:14:54 +0000
ROA not before: Sun 01 Jan 2023 22:14:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 996
IP address blocks: 148.222.240.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 18 Jan 2023 08:56:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:66:ee:36:21:e0:d5:69:33:b3:41:68:4b:38:66:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18101772248996b87d90840c2d27d62549458173
Validity
Not Before: Jan 1 22:14:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a5f1f04fef57cf4e91c99c1dc9631757eec7ec2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:43:e9:1f:93:0d:f6:e6:82:4d:3f:be:0b:05:
2e:e4:a8:2e:d2:f6:20:82:50:76:d6:b6:51:f1:d6:
bc:ac:bb:e8:74:37:fb:cb:49:61:7d:9e:06:b3:ec:
c4:a0:67:6d:9c:9f:42:69:4f:1d:ed:7e:59:84:19:
50:e3:aa:65:46:d1:e3:b9:d7:27:c6:98:9e:2f:cc:
0b:48:33:98:3e:61:34:58:46:cf:06:d6:45:da:78:
fd:d8:11:f9:b3:76:12:0e:63:3f:f9:37:a9:73:8c:
80:da:08:c5:42:b2:ee:70:01:87:58:d9:c1:95:e3:
32:3e:2c:35:d8:f9:d1:40:a5:c9:1f:13:52:e1:41:
67:75:fb:0a:45:2a:d7:d3:9e:5e:6c:21:05:82:56:
05:75:02:79:5e:1c:b0:9c:f8:57:b4:a0:41:bb:5f:
50:5a:9a:fe:b9:1d:ae:2f:ab:36:d8:ec:9d:67:7a:
53:26:9e:78:20:f7:a5:0d:dd:af:63:af:d9:ce:ed:
53:0c:93:73:df:99:54:98:bb:65:35:03:fa:8d:18:
a7:e0:8f:05:54:5a:ed:58:6f:8d:e1:50:b1:59:06:
6f:8c:a0:96:66:0c:4d:bc:a2:6d:04:b9:83:a3:f7:
cc:e9:e7:e0:de:4e:93:7d:3b:f5:5e:a2:a8:c8:aa:
86:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:F1:F0:4F:EF:57:CF:4E:91:C9:9C:1D:C9:63:17:57:EE:C7:EC:2C
X509v3 Authority Key Identifier:
keyid:18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/pfHwT-9Xz06RyZwdyWMXV-7H7Cw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/GBAXciSJlrh9kIQMLSfWJUlFgXM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
148.222.240.0/22
Signature Algorithm: sha256WithRSAEncryption
78:1f:c0:e6:41:63:2f:9c:27:9e:a1:c3:95:b0:98:72:b9:84:
3a:0a:fb:2b:c9:49:df:16:1f:62:93:be:43:28:78:4b:eb:c3:
1a:3b:16:b7:47:78:98:6d:8e:8a:5e:c3:ab:91:d1:4b:6f:e8:
f6:b2:9f:15:d2:7c:68:38:6e:fb:29:b4:4f:95:48:77:e9:a9:
c8:9e:8b:fc:15:5a:7c:99:13:5a:e0:72:c3:85:b4:aa:35:b9:
c5:f8:e1:42:1b:c6:47:5a:fb:55:ad:db:d7:f7:99:fa:69:b3:
9e:9f:41:06:7f:2e:db:77:d9:4c:8c:4d:08:86:86:59:6d:72:
a4:88:20:37:3c:65:49:71:2c:0f:51:b7:a5:18:35:2a:f7:4d:
d1:8a:75:72:e3:38:77:d8:ba:33:ed:07:0d:45:24:d5:eb:87:
8a:c9:85:df:1b:0d:71:b8:fb:29:14:b7:ac:e4:a6:11:bd:6e:
4e:92:a0:4a:09:aa:07:90:5a:4d:1e:06:ac:b1:ae:29:0c:ad:
08:43:8d:48:11:08:a8:03:c5:57:74:19:29:c6:6f:5a:63:1f:
ea:cd:33:8b:a0:e6:b1:0b:05:e2:16:49:21:ed:22:65:da:ce:
17:46:b8:5f:2e:ef:a2:52:9e:01:90:62:b6:a8:d1:28:ff:60:
52:17:6d:60
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvZu42IeDVaTOzQWhLOGZFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4MTAxNzcyMjQ4OTk2Yjg3ZDkwODQwYzJkMjdkNjI1NDk0
NTgxNzMwHhcNMjMwMTAxMjIxNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWYxZjA0ZmVmNTdjZjRlOTFjOTljMWRjOTYzMTc1N2VlYzdlYzJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtEPpH5MN9uaCTT++CwUu5Kgu0vYg
glB21rZR8da8rLvodDf7y0lhfZ4Gs+zEoGdtnJ9CaU8d7X5ZhBlQ46plRtHjudcn
xpieL8wLSDOYPmE0WEbPBtZF2nj92BH5s3YSDmM/+Tepc4yA2gjFQrLucAGHWNnB
leMyPiw12PnRQKXJHxNS4UFndfsKRSrX055ebCEFglYFdQJ5XhywnPhXtKBBu19Q
Wpr+uR2uL6s22OydZ3pTJp54IPelDd2vY6/Zzu1TDJNz35lUmLtlNQP6jRin4I8F
VFrtWG+N4VCxWQZvjKCWZgxNvKJtBLmDo/fM6efg3k6TfTv1XqKoyKqGCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKXx8E/vV89OkcmcHcljF1fux+wsMB8GA1UdIwQY
MBaAFBgQF3IkiZa4fZCEDC0n1iVJRYFzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0JBWGNpU0pscmg5a0lRTUxTZldKVWxGZ1hNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8yMGE1YTUtMGJhMi00MDUyLWJlYjQt
M2NjODVhZDNjMTkwLzEvcGZId1QtOVh6MDZSeVp3ZHlXTVhWLTdIN0N3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8yMGE1YTUtMGJhMi00MDUyLWJlYjQtM2NjODVhZDNjMTkw
LzEvR0JBWGNpU0pscmg5a0lRTUxTZldKVWxGZ1hNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQClN7wMA0G
CSqGSIb3DQEBCwUAA4IBAQB4H8DmQWMvnCeeocOVsJhyuYQ6CvsryUnfFh9ik75D
KHhL68MaOxa3R3iYbY6KXsOrkdFLb+j2sp8V0nxoOG77KbRPlUh36anInov8FVp8
mRNa4HLDhbSqNbnF+OFCG8ZHWvtVrdvX95n6abOen0EGfy7bd9lMjE0IhoZZbXKk
iCA3PGVJcSwPUbelGDUq903RinVy4zh32Loz7QcNRSTV64eKyYXfGw1xuPspFLes
5KYRvW5OkqBKCaoHkFpNHgassa4pDK0IQ41IEQioA8VXdBkpxm9aYx/qzTOLoOax
CwXiFkkh7SJl2s4XRrhfLu+iUp4BkGK2qNEo/2BSF21g
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:38 2024 by rpki-client on console-ams.rpki-client.org