Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/PPWVknc4IkgqvUt5HJihyOdbzXo.roa
File: PPWVknc4IkgqvUt5HJihyOdbzXo.roa (raw, json)
Hash identifier: apRBd4cnalkCX2bESWi7WUcMgfhW3qKlfCMIDQ9s2Tc=
Subject key identifier: 3C:F5:95:92:77:38:22:48:2A:BD:4B:79:1C:98:A1:C8:E7:5B:CD:7A
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 018AD55D2A87313FED653F9254D9779963A2
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/PPWVknc4IkgqvUt5HJihyOdbzXo.roa
Signing time: Wed 27 Sep 2023 06:39:27 +0000
ROA not before: Wed 27 Sep 2023 06:39:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206150
IP address blocks: 45.130.140.0/24 maxlen: 24
2a0f:f47::/32 maxlen: 32
2a0f:f45::/32 maxlen: 32
2a0f:f41::/32 maxlen: 32
2a0f:f44::/32 maxlen: 32
2a0f:f40::/32 maxlen: 32
2a0f:f46::/32 maxlen: 32
2a07:e342::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 13 Nov 2023 09:04:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d5:5d:2a:87:31:3f:ed:65:3f:92:54:d9:77:99:63:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Sep 27 06:39:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3cf59592773822482abd4b791c98a1c8e75bcd7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:c6:92:7c:da:d4:91:da:3a:89:a6:3d:2d:2f:
92:08:3a:9e:c6:cf:6e:69:9a:10:b1:7b:68:b9:df:
9d:a7:53:a7:b3:b0:61:fe:18:11:16:09:18:39:c6:
44:ee:4e:ae:6e:89:4c:06:42:9b:e8:27:cf:0f:2b:
9e:f1:35:fe:99:6a:55:8a:a8:e7:8b:90:7a:88:0b:
4f:ff:17:28:20:82:01:3a:7a:0e:66:a5:5b:03:e1:
25:f9:c4:c5:25:0a:77:77:e9:d8:ea:4e:06:50:30:
c9:6b:2b:4f:4c:ec:be:3d:00:fd:a8:3c:65:95:f7:
c6:20:89:9a:e9:b5:5e:1d:01:ce:ac:24:1c:c3:7c:
10:b3:b8:d1:ba:26:d0:93:e3:8b:51:8e:8d:58:fc:
a1:b0:da:81:ee:23:c9:df:96:6c:b7:d7:8e:a9:65:
a9:a1:50:95:bd:e5:6b:ae:03:94:1c:49:5b:24:a7:
c2:01:e1:08:28:8c:e2:e2:84:2a:ba:8f:84:ae:5a:
17:3c:45:ba:b5:96:a1:e9:f3:fc:cc:4b:f8:24:ed:
ab:9c:93:5b:7e:e7:e3:94:41:cd:bb:ea:b1:9f:3f:
3c:76:a4:64:0b:16:9c:80:89:e5:7a:3f:61:dc:34:
91:68:33:b2:07:bf:fc:95:1d:8a:89:e2:14:94:73:
45:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:F5:95:92:77:38:22:48:2A:BD:4B:79:1C:98:A1:C8:E7:5B:CD:7A
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/PPWVknc4IkgqvUt5HJihyOdbzXo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.140.0/24
IPv6:
2a07:e342::/32
2a0f:f40::/31
2a0f:f44::/30
Signature Algorithm: sha256WithRSAEncryption
29:d0:41:38:90:ce:52:05:cd:07:2a:b3:1d:04:37:3a:20:08:
55:45:87:d0:3b:03:c8:d7:30:2c:0f:a9:b9:c7:98:86:93:e7:
95:22:64:2e:a7:4d:c2:06:37:4a:30:b9:f7:cd:7d:87:fe:56:
9b:36:ac:6f:78:fc:85:47:7f:6d:0f:18:3e:5b:73:5f:2d:da:
ab:42:1b:0c:6e:93:e1:19:96:92:9b:e3:24:14:bb:ec:c2:54:
2e:23:ae:ca:b4:f9:84:39:b9:57:68:00:10:12:33:e5:f5:c6:
c2:18:f7:05:e4:9b:ce:18:86:dd:ad:0e:4e:3e:2f:9f:58:43:
c2:f7:08:92:2d:27:a4:3f:df:b3:c0:ee:d9:be:85:90:bb:ca:
f6:55:cb:43:5c:75:03:20:6a:fe:a6:7b:bd:6f:20:9b:a7:8b:
b4:ad:71:3a:a8:e6:ce:a9:bc:39:53:5d:53:70:d7:c7:13:36:
e4:1a:04:fb:be:be:d7:26:ec:f4:03:81:ae:bb:3c:a6:5d:6a:
64:7c:b7:d3:26:85:e3:ca:1e:d2:a5:bd:fd:e2:31:de:8e:28:
e6:58:9a:18:74:fe:6f:e2:dc:22:f2:f2:77:19:fe:74:b0:1c:
bc:e9:6b:53:dd:54:96:91:45:24:b0:5b:b9:03:53:b9:d7:37:
84:d6:94:b7
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYrVXSqHMT/tZT+SVNl3mWOiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjMwOTI3MDYzOTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2Y1OTU5Mjc3MzgyMjQ4MmFiZDRiNzkxYzk4YTFjOGU3NWJjZDdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8caSfNrUkdo6iaY9LS+SCDqexs9u
aZoQsXtoud+dp1Ons7Bh/hgRFgkYOcZE7k6ubolMBkKb6CfPDyue8TX+mWpViqjn
i5B6iAtP/xcoIIIBOnoOZqVbA+El+cTFJQp3d+nY6k4GUDDJaytPTOy+PQD9qDxl
lffGIIma6bVeHQHOrCQcw3wQs7jRuibQk+OLUY6NWPyhsNqB7iPJ35Zst9eOqWWp
oVCVveVrrgOUHElbJKfCAeEIKIzi4oQquo+ErloXPEW6tZah6fP8zEv4JO2rnJNb
fufjlEHNu+qxnz88dqRkCxacgInlej9h3DSRaDOyB7/8lR2KieIUlHNFfQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFDz1lZJ3OCJIKr1LeRyYocjnW816MB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvUFBXVmtuYzRJa2dxdlV0NUhKaWh5T2RielhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAMBAIAATAGAwQALYKMMBsE
AgACMBUDBQAqB+NCAwUBKg8PQAMFAioPD0QwDQYJKoZIhvcNAQELBQADggEBACnQ
QTiQzlIFzQcqsx0ENzogCFVFh9A7A8jXMCwPqbnHmIaT55UiZC6nTcIGN0owuffN
fYf+Vps2rG94/IVHf20PGD5bc18t2qtCGwxuk+EZlpKb4yQUu+zCVC4jrsq0+YQ5
uVdoABASM+X1xsIY9wXkm84Yht2tDk4+L59YQ8L3CJItJ6Q/37PA7tm+hZC7yvZV
y0NcdQMgav6me71vIJuni7StcTqo5s6pvDlTXVNw18cTNuQaBPu+vtcm7PQDga67
PKZdamR8t9MmhePKHtKlvf3iMd6OKOZYmhh0/m/i3CLy8ncZ/nSwHLzpa1PdVJaR
RSSwW7kDU7nXN4TWlLc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:51 2024 by rpki-client on console-ams.rpki-client.org