Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/0f19e9-1b2b-4812-ab5a-fdf84f83a274/1/PAiIyy-cxUbfp0IbloY1QoPdtL0.roa
File: PAiIyy-cxUbfp0IbloY1QoPdtL0.roa (raw, json)
Hash identifier: +9tkfoByQNHs6tskW3x80S8CLVV7uWNpJImyZf2hK1c=
Subject key identifier: 3C:08:88:CB:2F:9C:C5:46:DF:A7:42:1B:96:86:35:42:83:DD:B4:BD
Certificate issuer: /CN=33954330349f57502a76ae6e99987efc3e3b8109
Certificate serial: 0189AFE325D1964B0BA35F8DFA73576D9F21
Authority key identifier: 33:95:43:30:34:9F:57:50:2A:76:AE:6E:99:98:7E:FC:3E:3B:81:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M5VDMDSfV1Aqdq5umZh-_D47gQk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/0f19e9-1b2b-4812-ab5a-fdf84f83a274/1/PAiIyy-cxUbfp0IbloY1QoPdtL0.roa
Signing time: Tue 01 Aug 2023 06:57:26 +0000
ROA not before: Tue 01 Aug 2023 06:57:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198330
IP address blocks: 185.55.96.0/22 maxlen: 24
185.104.172.0/22 maxlen: 24
185.128.64.0/22 maxlen: 24
45.12.224.0/22 maxlen: 24
134.90.136.0/21 maxlen: 24
185.243.1.0/24 maxlen: 24
45.10.180.0/22 maxlen: 24
2a03:c280::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:af:e3:25:d1:96:4b:0b:a3:5f:8d:fa:73:57:6d:9f:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33954330349f57502a76ae6e99987efc3e3b8109
Validity
Not Before: Aug 1 06:57:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3c0888cb2f9cc546dfa7421b9686354283ddb4bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:87:a8:fd:73:cc:76:aa:11:8b:e5:ef:a7:68:
71:fd:22:fb:38:d1:ac:7c:88:77:dd:2a:e7:a6:8d:
f7:09:0c:03:b3:55:6d:73:bc:e7:26:06:07:a7:75:
bf:91:64:96:4d:93:d1:64:0e:fe:7d:e6:77:63:6d:
39:a8:9e:26:88:0d:10:67:c5:3c:c2:0d:00:d0:ee:
1d:a9:9a:ad:d9:74:fc:f0:c4:0e:27:ef:cd:c9:98:
95:7d:43:2e:1b:0a:b5:70:a2:b4:49:96:8b:66:47:
f4:48:24:9d:a1:8d:dd:08:c3:84:5a:1e:8a:26:26:
45:cd:b2:6b:01:50:da:e5:46:f9:60:a8:3b:79:95:
6e:60:05:bd:8e:39:3e:62:79:62:cc:5f:5a:fb:4f:
ad:7d:19:06:7d:08:fb:25:ac:a6:2c:8a:e1:1b:b7:
30:60:4a:09:11:00:ed:22:0d:c6:cf:1c:10:52:75:
0e:9a:35:47:a3:8c:97:c4:15:a7:f7:33:10:a9:7d:
32:33:f4:62:84:f1:2b:b6:a5:cc:fd:8d:b8:60:4a:
96:08:ab:31:33:50:d6:c6:3e:b4:14:f1:b3:98:d8:
ab:6a:77:91:7b:82:36:c7:6f:2a:f4:07:eb:03:fc:
35:78:29:ea:f3:ee:42:0e:2e:79:66:03:24:48:73:
ac:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:08:88:CB:2F:9C:C5:46:DF:A7:42:1B:96:86:35:42:83:DD:B4:BD
X509v3 Authority Key Identifier:
keyid:33:95:43:30:34:9F:57:50:2A:76:AE:6E:99:98:7E:FC:3E:3B:81:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M5VDMDSfV1Aqdq5umZh-_D47gQk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/0f19e9-1b2b-4812-ab5a-fdf84f83a274/1/PAiIyy-cxUbfp0IbloY1QoPdtL0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/0f19e9-1b2b-4812-ab5a-fdf84f83a274/1/M5VDMDSfV1Aqdq5umZh-_D47gQk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.180.0/22
45.12.224.0/22
134.90.136.0/21
185.55.96.0/22
185.104.172.0/22
185.128.64.0/22
185.243.1.0/24
IPv6:
2a03:c280::/32
Signature Algorithm: sha256WithRSAEncryption
77:16:7e:16:9a:90:c9:84:11:4e:d4:02:0d:c8:12:1a:c0:e9:
3d:07:7b:91:93:81:30:da:9b:5f:b4:23:08:9b:4c:af:55:d0:
a1:53:db:bc:7c:97:9d:b4:4c:05:81:f4:6a:6c:de:94:2e:bd:
c3:f3:89:71:95:a7:88:72:71:04:a4:57:d9:e7:c2:37:94:9e:
9a:75:e9:12:dc:68:99:0c:a4:68:57:2b:02:8e:a3:ce:09:a4:
e3:fd:8a:b2:32:28:1e:62:90:92:4e:71:48:9e:1a:2b:2d:1e:
63:d1:25:42:c4:58:e2:94:9f:f3:c1:5d:e7:f4:7e:87:c0:5e:
1f:b1:e2:45:63:41:36:06:af:c6:c3:11:b9:8d:b8:63:56:86:
66:97:49:90:a3:82:ab:e7:a7:21:0f:c9:d7:6a:3e:a6:d4:0a:
5f:90:f3:a2:03:48:1d:c6:9e:1f:21:db:c7:ef:cb:db:73:ac:
65:21:1d:9e:6e:5a:85:0b:f0:2c:a5:ce:f9:80:a8:74:56:5f:
63:1d:29:77:d3:9d:74:5f:7a:52:7d:c1:25:7b:f4:14:12:99:
ad:4a:34:a7:f3:17:68:ae:33:0d:6f:0f:40:00:4a:c1:4b:36:
da:a9:e1:2c:eb:6d:8c:4d:70:8f:e9:3f:0c:74:42:84:c2:50:
f7:2f:ef:d5
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYmv4yXRlksLo1+N+nNXbZ8hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzOTU0MzMwMzQ5ZjU3NTAyYTc2YWU2ZTk5OTg3ZWZjM2Uz
YjgxMDkwHhcNMjMwODAxMDY1NzI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzA4ODhjYjJmOWNjNTQ2ZGZhNzQyMWI5Njg2MzU0MjgzZGRiNGJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4eo/XPMdqoRi+Xvp2hx/SL7ONGs
fIh33Srnpo33CQwDs1Vtc7znJgYHp3W/kWSWTZPRZA7+feZ3Y205qJ4miA0QZ8U8
wg0A0O4dqZqt2XT88MQOJ+/NyZiVfUMuGwq1cKK0SZaLZkf0SCSdoY3dCMOEWh6K
JiZFzbJrAVDa5Ub5YKg7eZVuYAW9jjk+YnlizF9a+0+tfRkGfQj7JaymLIrhG7cw
YEoJEQDtIg3GzxwQUnUOmjVHo4yXxBWn9zMQqX0yM/RihPErtqXM/Y24YEqWCKsx
M1DWxj60FPGzmNiraneRe4I2x28q9AfrA/w1eCnq8+5CDi55ZgMkSHOsCQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFDwIiMsvnMVG36dCG5aGNUKD3bS9MB8GA1UdIwQY
MBaAFDOVQzA0n1dQKnaubpmYfvw+O4EJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTVWRE1EU2ZWMUFxZHE1dW1aaC1fRDQ3Z1FrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi8wZjE5ZTktMWIyYi00ODEyLWFiNWEt
ZmRmODRmODNhMjc0LzEvUEFpSXl5LWN4VWJmcDBJYmxvWTFRb1BkdEwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi8wZjE5ZTktMWIyYi00ODEyLWFiNWEtZmRmODRmODNhMjc0
LzEvTTVWRE1EU2ZWMUFxZHE1dW1aaC1fRDQ3Z1FrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQCLQq0AwQC
LQzgAwQDhlqIAwQCuTdgAwQCuWisAwQCuYBAAwQAufMBMA0EAgACMAcDBQAqA8KA
MA0GCSqGSIb3DQEBCwUAA4IBAQB3Fn4WmpDJhBFO1AINyBIawOk9B3uRk4Ew2ptf
tCMIm0yvVdChU9u8fJedtEwFgfRqbN6ULr3D84lxlaeIcnEEpFfZ58I3lJ6adekS
3GiZDKRoVysCjqPOCaTj/YqyMigeYpCSTnFInhorLR5j0SVCxFjilJ/zwV3n9H6H
wF4fseJFY0E2Bq/GwxG5jbhjVoZml0mQo4Kr56chD8nXaj6m1ApfkPOiA0gdxp4f
IdvH78vbc6xlIR2eblqFC/Aspc75gKh0Vl9jHSl30510X3pSfcEle/QUEpmtSjSn
8xdorjMNbw9AAErBSzbaqeEs622MTXCP6T8MdEKEwlD3L+/V
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:41 2024 by rpki-client on console-ams.rpki-client.org