Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/02cdc2-40a8-4781-860b-2388c906bc62/1/Prcly965532A4EeTQwxvXk96gNs.roa
File: Prcly965532A4EeTQwxvXk96gNs.roa (raw, json)
Hash identifier: QikpCF+Ulj0DcVXrFyHP/1t7sxs++aVHuVrKU4i7KVQ=
Subject key identifier: 3E:B7:25:CB:DE:B9:E7:7D:80:E0:47:93:43:0C:6F:5E:4F:7A:80:DB
Certificate issuer: /CN=63d5b48848107b86e142d1c06c29d4b70e7394d3
Certificate serial: 018CC9BBFDF2D1FE9AE483B3CAC3EA7C852E
Authority key identifier: 63:D5:B4:88:48:10:7B:86:E1:42:D1:C0:6C:29:D4:B7:0E:73:94:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y9W0iEgQe4bhQtHAbCnUtw5zlNM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/02cdc2-40a8-4781-860b-2388c906bc62/1/Prcly965532A4EeTQwxvXk96gNs.roa
Signing time: Tue 02 Jan 2024 10:33:09 +0000
ROA not before: Tue 02 Jan 2024 10:33:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208161
IP address blocks: 45.156.185.0/24 maxlen: 24
45.156.186.0/24 maxlen: 24
45.156.184.0/24 maxlen: 24
45.156.187.0/24 maxlen: 24
2a0f:2b81::/32 maxlen: 32
Validation: Failed, certificate revoked on Sun 07 Jan 2024 12:13:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:fd:f2:d1:fe:9a:e4:83:b3:ca:c3:ea:7c:85:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63d5b48848107b86e142d1c06c29d4b70e7394d3
Validity
Not Before: Jan 2 10:33:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3eb725cbdeb9e77d80e04793430c6f5e4f7a80db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:ac:85:5d:07:6c:17:07:82:ae:ef:58:a6:1c:
ac:34:54:cf:fd:3d:66:07:09:79:e3:45:ed:6d:82:
e6:66:52:9d:5f:67:d8:b6:8f:dd:47:51:05:60:51:
fb:ac:9e:e5:33:f7:29:03:04:bc:30:9d:c4:d9:59:
38:87:1b:1b:3b:ac:d9:b8:82:16:59:25:2f:9d:68:
c7:95:c3:23:55:60:f7:84:7b:39:08:96:1b:95:45:
7f:6d:14:9a:79:b6:2e:e6:2f:bb:42:c0:96:e1:5d:
74:eb:a5:6f:5d:8a:34:2e:1e:87:1c:37:fe:06:76:
6a:67:04:44:cb:b2:b0:3d:a4:33:95:4e:7e:44:1f:
4d:3d:a0:a7:86:01:2f:52:fa:18:d9:f6:38:2f:18:
5a:3f:e6:08:de:42:a7:8c:c1:de:ab:37:bd:52:59:
5e:c8:cc:f2:7f:cd:a2:ac:be:05:9d:97:e4:e5:98:
df:43:ed:25:41:99:04:bd:49:0f:fe:09:cb:9a:56:
9c:b6:22:f6:66:3e:39:b9:0f:31:04:ea:92:7d:7f:
4f:95:fc:7a:5e:ba:1e:f1:72:91:5c:a3:1b:50:61:
6b:ed:9b:88:ba:a7:4d:cc:9d:34:9c:e7:5b:28:e8:
bc:96:eb:7f:72:17:3b:80:a5:9a:3b:88:51:7f:79:
dd:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:B7:25:CB:DE:B9:E7:7D:80:E0:47:93:43:0C:6F:5E:4F:7A:80:DB
X509v3 Authority Key Identifier:
keyid:63:D5:B4:88:48:10:7B:86:E1:42:D1:C0:6C:29:D4:B7:0E:73:94:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y9W0iEgQe4bhQtHAbCnUtw5zlNM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/02cdc2-40a8-4781-860b-2388c906bc62/1/Prcly965532A4EeTQwxvXk96gNs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/02cdc2-40a8-4781-860b-2388c906bc62/1/Y9W0iEgQe4bhQtHAbCnUtw5zlNM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.184.0/22
IPv6:
2a0f:2b81::/32
Signature Algorithm: sha256WithRSAEncryption
0d:04:6f:95:0f:84:4a:c9:03:10:f5:aa:72:88:da:97:ed:9f:
a8:31:f1:c8:1b:1f:c4:2d:6d:01:4a:f0:ee:84:76:a3:4f:87:
da:22:bc:cc:d8:99:88:d6:2c:fd:cd:5d:8a:c0:69:67:0e:b9:
c9:77:c3:1f:18:b2:83:37:28:b5:d5:19:e3:9b:36:b4:36:d5:
75:3c:56:81:e4:ea:bf:ed:01:54:3d:96:3c:dd:9b:66:6d:1c:
db:55:59:b5:52:5a:08:96:27:f4:20:a7:21:72:9f:64:0b:fc:
3e:86:df:68:32:61:50:b7:d9:b1:d6:1b:fd:9c:32:f3:6f:b9:
16:53:59:c0:d6:51:95:f3:51:97:93:98:b7:d1:9f:6b:4c:f8:
c4:f5:b0:0f:34:c4:4d:22:ed:c5:1f:e9:db:5a:30:86:e7:3e:
72:48:f3:68:22:b6:06:02:5f:19:7c:8b:1c:7f:ec:f4:e1:cc:
9d:4c:c0:21:eb:be:49:fe:83:f5:9a:a0:3f:d7:8f:ee:ef:da:
49:ca:6a:f6:1c:84:a3:6f:44:d8:41:65:87:b2:7d:d2:20:ef:
71:fe:b3:29:09:54:63:29:d1:51:67:69:4a:45:d8:09:6a:cd:
92:08:56:39:5f:79:e5:91:c2:14:7e:50:a5:11:18:9b:2a:27:
b3:f7:4f:79
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJu/3y0f6a5IOzysPqfIUuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZDViNDg4NDgxMDdiODZlMTQyZDFjMDZjMjlkNGI3MGU3
Mzk0ZDMwHhcNMjQwMTAyMTAzMzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWI3MjVjYmRlYjllNzdkODBlMDQ3OTM0MzBjNmY1ZTRmN2E4MGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiqyFXQdsFweCru9YphysNFTP/T1m
Bwl540XtbYLmZlKdX2fYto/dR1EFYFH7rJ7lM/cpAwS8MJ3E2Vk4hxsbO6zZuIIW
WSUvnWjHlcMjVWD3hHs5CJYblUV/bRSaebYu5i+7QsCW4V1066VvXYo0Lh6HHDf+
BnZqZwREy7KwPaQzlU5+RB9NPaCnhgEvUvoY2fY4LxhaP+YI3kKnjMHeqze9Ulle
yMzyf82irL4FnZfk5ZjfQ+0lQZkEvUkP/gnLmlactiL2Zj45uQ8xBOqSfX9Plfx6
Xroe8XKRXKMbUGFr7ZuIuqdNzJ00nOdbKOi8lut/chc7gKWaO4hRf3ndhQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFD63Jcveued9gOBHk0MMb15PeoDbMB8GA1UdIwQY
MBaAFGPVtIhIEHuG4ULRwGwp1LcOc5TTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTlXMGlFZ1FlNGJoUXRIQWJDblV0dzV6bE5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS8wMmNkYzItNDBhOC00NzgxLTg2MGIt
MjM4OGM5MDZiYzYyLzEvUHJjbHk5NjU1MzJBNEVlVFF3eHZYazk2Z05zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS8wMmNkYzItNDBhOC00NzgxLTg2MGItMjM4OGM5MDZiYzYy
LzEvWTlXMGlFZ1FlNGJoUXRIQWJDblV0dzV6bE5NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZy4MA0E
AgACMAcDBQAqDyuBMA0GCSqGSIb3DQEBCwUAA4IBAQANBG+VD4RKyQMQ9apyiNqX
7Z+oMfHIGx/ELW0BSvDuhHajT4faIrzM2JmI1iz9zV2KwGlnDrnJd8MfGLKDNyi1
1Rnjmza0NtV1PFaB5Oq/7QFUPZY83ZtmbRzbVVm1UloIlif0IKchcp9kC/w+ht9o
MmFQt9mx1hv9nDLzb7kWU1nA1lGV81GXk5i30Z9rTPjE9bAPNMRNIu3FH+nbWjCG
5z5ySPNoIrYGAl8ZfIscf+z04cydTMAh675J/oP1mqA/14/u79pJymr2HISjb0TY
QWWHsn3SIO9x/rMpCVRjKdFRZ2lKRdgJas2SCFY5X3nlkcIUflClERibKiez9095
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:31 2024 by rpki-client on console-fra.rpki-client.org