Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/P-jJo4yDAI19dVv1fLWkueAv-EI.roa
File: P-jJo4yDAI19dVv1fLWkueAv-EI.roa (raw, json)
Hash identifier: hCFXc0skRdCR9KHxC42z3OBn0tsHHRYB3Vs+5YtZvGs=
Subject key identifier: 3F:E8:C9:A3:8C:83:00:8D:7D:75:5B:F5:7C:B5:A4:B9:E0:2F:F8:42
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 018CF2F794371A151D94C640AD8C1FEB06F0
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/P-jJo4yDAI19dVv1fLWkueAv-EI.roa
Signing time: Wed 10 Jan 2024 10:42:40 +0000
ROA not before: Wed 10 Jan 2024 10:42:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9312
IP address blocks: 149.62.46.0/24 maxlen: 24
45.90.210.0/24 maxlen: 24
45.90.208.0/24 maxlen: 24
149.62.47.0/24 maxlen: 24
45.90.211.0/24 maxlen: 24
45.90.209.0/24 maxlen: 24
194.36.243.0/24 maxlen: 24
95.214.165.0/24 maxlen: 24
95.214.164.0/24 maxlen: 24
194.169.55.0/24 maxlen: 24
45.142.124.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 24 Oct 2024 06:28:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f2:f7:94:37:1a:15:1d:94:c6:40:ad:8c:1f:eb:06:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Jan 10 10:42:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3fe8c9a38c83008d7d755bf57cb5a4b9e02ff842
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:f6:5c:11:a0:dc:67:a3:71:2b:67:ff:69:ce:
88:d3:b7:3d:3d:86:56:2d:14:e6:1b:cd:a0:78:9b:
f8:ae:83:00:76:69:dd:00:3a:b2:6b:a5:81:1f:52:
11:f8:19:1f:25:bc:17:cd:72:4e:1d:b0:ba:e6:06:
dc:fb:7b:7c:cc:0f:c5:de:ae:12:72:5d:b5:2c:5c:
33:29:17:3c:d8:ec:7b:6b:bd:87:e8:92:60:06:9d:
53:6c:f0:02:14:0e:83:6a:6b:d8:84:ff:b0:38:c6:
80:fd:a6:98:34:23:94:91:22:f7:68:08:76:37:e5:
90:b9:c0:8b:7a:e0:f8:36:45:69:dd:1e:de:28:ee:
f2:a0:38:8a:0e:32:d7:f4:d2:dd:63:af:bd:74:f6:
7b:60:95:cc:2a:2a:09:7c:cf:b2:60:b9:d6:3c:37:
f9:c8:e7:2c:b2:77:8b:7b:e1:ff:3f:15:40:f9:93:
dc:d5:74:54:c1:60:14:53:80:3f:2e:7e:35:d1:1d:
3c:e4:92:0c:e0:6e:d9:1c:55:07:38:c0:a2:e0:02:
26:11:92:08:78:75:17:64:2d:b3:5c:8b:a8:0b:2d:
28:eb:aa:94:27:4f:13:38:fd:75:f0:e4:bd:98:ab:
9f:03:b4:79:96:0f:87:c8:96:09:00:91:59:38:ca:
6a:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:E8:C9:A3:8C:83:00:8D:7D:75:5B:F5:7C:B5:A4:B9:E0:2F:F8:42
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/P-jJo4yDAI19dVv1fLWkueAv-EI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.208.0/22
45.142.124.0/24
95.214.164.0/23
149.62.46.0/23
194.36.243.0/24
194.169.55.0/24
Signature Algorithm: sha256WithRSAEncryption
00:93:e4:3d:e8:7c:43:d3:ec:2c:a1:70:24:c4:15:b9:be:c7:
df:5b:e3:db:39:c2:4a:c4:00:f9:47:d6:47:fc:7e:1c:5d:b5:
33:88:41:e0:3f:a5:d6:68:f4:3e:4d:97:8d:84:7d:fd:83:cb:
5d:68:94:88:22:76:07:b3:fd:42:10:ff:b1:ff:24:29:7e:da:
2b:a0:9c:0e:be:38:9e:26:d1:19:4b:b8:63:43:b0:dd:60:05:
a8:a6:35:14:ad:07:de:7b:eb:08:d6:2b:72:a4:41:d3:8a:4a:
fd:6c:4e:95:77:25:06:f1:bc:93:66:67:e1:5b:1d:87:ef:df:
ed:6c:57:11:ac:70:26:37:b4:d5:7a:c4:00:12:b1:94:2f:af:
f9:18:51:5a:59:91:ca:92:52:27:ca:68:8e:3a:c6:f5:65:4e:
e2:42:02:5d:cc:0a:20:5e:d0:f5:36:c3:b5:d4:52:10:a8:ed:
8b:31:c2:40:d7:4a:60:15:37:1a:6b:8c:50:8d:6d:0b:0a:e5:
d5:32:83:c7:1b:98:fc:de:cc:ba:ba:eb:7e:77:f9:cb:d9:11:
88:f9:03:22:aa:d8:7b:f8:91:6f:6e:1c:27:f2:55:9c:f4:70:
71:ed:4f:90:e3:c9:85:23:7d:0a:9d:5f:7d:b5:bf:72:7e:a0:
e8:32:09:29
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzy95Q3GhUdlMZArYwf6wbwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjQwMTEwMTA0MjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmU4YzlhMzhjODMwMDhkN2Q3NTViZjU3Y2I1YTRiOWUwMmZmODQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgPZcEaDcZ6NxK2f/ac6I07c9PYZW
LRTmG82geJv4roMAdmndADqya6WBH1IR+BkfJbwXzXJOHbC65gbc+3t8zA/F3q4S
cl21LFwzKRc82Ox7a72H6JJgBp1TbPACFA6DamvYhP+wOMaA/aaYNCOUkSL3aAh2
N+WQucCLeuD4NkVp3R7eKO7yoDiKDjLX9NLdY6+9dPZ7YJXMKioJfM+yYLnWPDf5
yOcssneLe+H/PxVA+ZPc1XRUwWAUU4A/Ln410R085JIM4G7ZHFUHOMCi4AImEZII
eHUXZC2zXIuoCy0o66qUJ08TOP118OS9mKufA7R5lg+HyJYJAJFZOMpqCwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFD/oyaOMgwCNfXVb9Xy1pLngL/hCMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvUC1qSm80eURBSTE5ZFZ2MWZMV2t1ZUF2LUVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCLVrQAwQA
LY58AwQBX9akAwQBlT4uAwQAwiTzAwQAwqk3MA0GCSqGSIb3DQEBCwUAA4IBAQAA
k+Q96HxD0+wsoXAkxBW5vsffW+PbOcJKxAD5R9ZH/H4cXbUziEHgP6XWaPQ+TZeN
hH39g8tdaJSIInYHs/1CEP+x/yQpftoroJwOvjieJtEZS7hjQ7DdYAWopjUUrQfe
e+sI1itypEHTikr9bE6VdyUG8byTZmfhWx2H79/tbFcRrHAmN7TVesQAErGUL6/5
GFFaWZHKklInymiOOsb1ZU7iQgJdzAogXtD1NsO11FIQqO2LMcJA10pgFTcaa4xQ
jW0LCuXVMoPHG5j83sy6uut+d/nL2RGI+QMiqth7+JFvbhwn8lWc9HBx7U+Q48mF
I30KnV99tb9yfqDoMgkp
-----END CERTIFICATE-----
Generated at Thu Oct 24 10:02:34 2024 by rpki-client on console-ams.rpki-client.org