Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/1bf7b0-4518-4141-bd6c-64b0e614d004/1/pLyyvBRMcHZlfQ-46HodGf68mZU.roa
File: pLyyvBRMcHZlfQ-46HodGf68mZU.roa (raw, json)
Hash identifier: J/fWQUO8DaeN6mC2+6EBOZEDWr6hQBBOkOXByp0fqtE=
Subject key identifier: A4:BC:B2:BC:14:4C:70:76:65:7D:0F:B8:E8:7A:1D:19:FE:BC:99:95
Certificate issuer: /CN=bb7ccb1a6e3bcab6319d317f62c74bf1e1f41473
Certificate serial: 018D5B16392A75F26CE47EAEC5079232889D
Authority key identifier: BB:7C:CB:1A:6E:3B:CA:B6:31:9D:31:7F:62:C7:4B:F1:E1:F4:14:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u3zLGm47yrYxnTF_YsdL8eH0FHM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/1bf7b0-4518-4141-bd6c-64b0e614d004/1/pLyyvBRMcHZlfQ-46HodGf68mZU.roa
Signing time: Tue 30 Jan 2024 15:56:39 +0000
ROA not before: Tue 30 Jan 2024 15:56:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49223
IP address blocks: 45.14.24.0/22 maxlen: 22
109.108.224.0/19 maxlen: 19
141.138.96.0/19 maxlen: 19
178.74.192.0/18 maxlen: 18
178.74.192.0/19 maxlen: 19
178.74.240.0/20 maxlen: 20
185.16.124.0/22 maxlen: 22
185.181.36.0/22 maxlen: 22
193.106.20.0/22 maxlen: 22
193.148.88.0/22 maxlen: 22
213.226.92.0/22 maxlen: 22
217.30.192.0/20 maxlen: 20
2a04:100::/29 maxlen: 29
2a04:100::/36 maxlen: 36
2a04:100:1000::/36 maxlen: 36
2a04:100:2000::/36 maxlen: 36
Validation: Failed, certificate revoked on Wed 31 Jan 2024 13:18:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:5b:16:39:2a:75:f2:6c:e4:7e:ae:c5:07:92:32:88:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb7ccb1a6e3bcab6319d317f62c74bf1e1f41473
Validity
Not Before: Jan 30 15:56:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a4bcb2bc144c7076657d0fb8e87a1d19febc9995
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:35:38:95:2e:00:5c:3a:f3:7a:7b:b8:31:0e:
39:82:be:35:d8:7d:90:59:52:86:5a:63:ae:4b:39:
c3:0c:e7:ce:82:d0:7f:b4:d8:fc:bb:10:f5:99:fb:
6b:52:57:10:13:0e:6b:f9:28:4a:63:1d:78:9e:da:
c4:d4:d9:a7:78:f0:00:51:88:90:06:bb:1f:35:1c:
52:c6:cd:3f:6b:d6:46:63:33:30:a3:ff:d6:3e:cd:
f9:f2:0f:ae:1d:2e:5d:9f:1f:15:f3:5d:f7:8b:87:
13:85:d8:43:aa:a2:d0:9d:12:1b:da:25:bb:ee:e4:
31:8c:3d:95:4c:05:82:fe:5f:5a:20:1f:69:a5:31:
4b:e3:49:3e:c5:c9:70:76:cb:ce:b3:13:ef:13:4f:
8f:54:d1:7c:b9:fc:7f:f6:b5:29:40:a6:fb:16:dc:
0d:e3:4a:a9:45:52:26:c4:dc:74:1d:04:df:ae:26:
38:ea:4b:df:94:67:82:7f:ae:6b:ea:23:57:3b:79:
88:e1:ee:74:b1:53:6a:f7:64:b0:4a:3d:62:7f:0e:
6c:ac:2d:66:5a:f6:04:df:85:31:a6:71:56:d3:ee:
27:b4:bb:85:ce:bd:c9:7d:47:80:45:d4:9d:81:c5:
4e:c6:d5:fe:f6:0f:97:57:8e:69:22:6c:f8:aa:c2:
fe:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:BC:B2:BC:14:4C:70:76:65:7D:0F:B8:E8:7A:1D:19:FE:BC:99:95
X509v3 Authority Key Identifier:
keyid:BB:7C:CB:1A:6E:3B:CA:B6:31:9D:31:7F:62:C7:4B:F1:E1:F4:14:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u3zLGm47yrYxnTF_YsdL8eH0FHM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/1bf7b0-4518-4141-bd6c-64b0e614d004/1/pLyyvBRMcHZlfQ-46HodGf68mZU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/1bf7b0-4518-4141-bd6c-64b0e614d004/1/u3zLGm47yrYxnTF_YsdL8eH0FHM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.24.0/22
109.108.224.0/19
141.138.96.0/19
178.74.192.0/18
185.16.124.0/22
185.181.36.0/22
193.106.20.0/22
193.148.88.0/22
213.226.92.0/22
217.30.192.0/20
IPv6:
2a04:100::/29
Signature Algorithm: sha256WithRSAEncryption
94:25:1e:15:36:7c:23:cc:ef:3a:ef:45:1c:43:f9:90:51:c7:
40:39:2a:96:91:9f:52:d7:56:50:40:04:fb:7b:39:b7:48:6f:
dc:26:fb:cf:cc:66:30:7f:91:4d:f5:94:22:b0:d2:0e:98:8b:
6e:84:c9:0b:3d:7f:4a:85:29:83:fa:da:00:59:93:84:cc:c6:
57:90:83:3a:b6:a0:58:40:34:1f:32:19:09:32:5c:f2:31:58:
2f:ea:e5:5e:96:d1:ee:a6:75:ac:25:a5:e6:7e:a3:49:07:43:
3c:5c:eb:17:33:5b:54:47:c2:23:73:08:44:0a:f2:7b:ab:86:
dd:d0:fb:fb:62:18:6c:09:e5:60:8b:44:55:cb:b9:64:be:fc:
b9:e3:b6:f9:ce:65:79:cc:31:c8:9e:98:25:69:44:cc:64:c4:
57:8f:63:42:55:79:c4:62:fc:c6:17:27:f7:e8:f9:9c:ce:d4:
04:09:3b:95:81:e7:2a:22:e6:fa:81:be:9e:a0:fc:65:ed:a2:
5e:d0:13:57:cc:ba:5e:f9:8e:00:6a:bc:71:d7:b6:35:67:09:
c2:d9:8a:a2:ee:53:e3:03:fe:01:b0:6e:4b:d3:72:ef:82:11:
a5:55:f1:1a:d6:38:97:20:6c:48:41:bf:e6:08:08:00:64:9c:
86:9c:ff:32
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAY1bFjkqdfJs5H6uxQeSMoidMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiN2NjYjFhNmUzYmNhYjYzMTlkMzE3ZjYyYzc0YmYxZTFm
NDE0NzMwHhcNMjQwMTMwMTU1NjM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGJjYjJiYzE0NGM3MDc2NjU3ZDBmYjhlODdhMWQxOWZlYmM5OTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtjU4lS4AXDrzenu4MQ45gr412H2Q
WVKGWmOuSznDDOfOgtB/tNj8uxD1mftrUlcQEw5r+ShKYx14ntrE1NmnePAAUYiQ
BrsfNRxSxs0/a9ZGYzMwo//WPs358g+uHS5dnx8V8133i4cThdhDqqLQnRIb2iW7
7uQxjD2VTAWC/l9aIB9ppTFL40k+xclwdsvOsxPvE0+PVNF8ufx/9rUpQKb7FtwN
40qpRVImxNx0HQTfriY46kvflGeCf65r6iNXO3mI4e50sVNq92SwSj1ifw5srC1m
WvYE34UxpnFW0+4ntLuFzr3JfUeARdSdgcVOxtX+9g+XV45pImz4qsL+BQIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFKS8srwUTHB2ZX0PuOh6HRn+vJmVMB8GA1UdIwQY
MBaAFLt8yxpuO8q2MZ0xf2LHS/Hh9BRzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTN6TEdtNDd5cll4blRGX1lzZEw4ZUgwRkhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy8xYmY3YjAtNDUxOC00MTQxLWJkNmMt
NjRiMGU2MTRkMDA0LzEvcEx5eXZCUk1jSFpsZlEtNDZIb2RHZjY4bVpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy8xYmY3YjAtNDUxOC00MTQxLWJkNmMtNjRiMGU2MTRkMDA0
LzEvdTN6TEdtNDd5cll4blRGX1lzZEw4ZUgwRkhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwQCLQ4YAwQF
bWzgAwQFjYpgAwQGskrAAwQCuRB8AwQCubUkAwQCwWoUAwQCwZRYAwQC1eJcAwQE
2R7AMA0EAgACMAcDBQMqBAEAMA0GCSqGSIb3DQEBCwUAA4IBAQCUJR4VNnwjzO86
70UcQ/mQUcdAOSqWkZ9S11ZQQAT7ezm3SG/cJvvPzGYwf5FN9ZQisNIOmItuhMkL
PX9KhSmD+toAWZOEzMZXkIM6tqBYQDQfMhkJMlzyMVgv6uVeltHupnWsJaXmfqNJ
B0M8XOsXM1tUR8IjcwhECvJ7q4bd0Pv7YhhsCeVgi0RVy7lkvvy547b5zmV5zDHI
npglaUTMZMRXj2NCVXnEYvzGFyf36PmcztQECTuVgecqIub6gb6eoPxl7aJe0BNX
zLpe+Y4Aarxx17Y1ZwnC2Yqi7lPjA/4BsG5L03LvghGlVfEa1jiXIGxIQb/mCAgA
ZJyGnP8y
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:19:24 2025 by rpki-client