Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/88c454-cbaa-43fd-b3c1-13b9110ce20c/1/AhmmPymWQ0ZJOQT1Tnf7Cvh3XGY.roa
File: AhmmPymWQ0ZJOQT1Tnf7Cvh3XGY.roa (raw, json)
Hash identifier: sEqWdMbrScUYSdw1GwNveUX2O1+piNjIuEoQJrV9xjY=
Subject key identifier: 02:19:A6:3F:29:96:43:46:49:39:04:F5:4E:77:FB:0A:F8:77:5C:66
Certificate issuer: /CN=166afc51c922fd842fec5b0cbbd26ebdbd1a161e
Certificate serial: 018DE6ED4E8B38085E23FFC5B01CA557CBE7
Authority key identifier: 16:6A:FC:51:C9:22:FD:84:2F:EC:5B:0C:BB:D2:6E:BD:BD:1A:16:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Fmr8Ucki_YQv7FsMu9Juvb0aFh4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/88c454-cbaa-43fd-b3c1-13b9110ce20c/1/AhmmPymWQ0ZJOQT1Tnf7Cvh3XGY.roa
Signing time: Mon 26 Feb 2024 19:38:48 +0000
ROA not before: Mon 26 Feb 2024 19:38:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203847
IP address blocks: 45.142.15.0/24 maxlen: 24
62.112.200.0/22 maxlen: 22
185.122.44.0/22 maxlen: 22
185.206.52.0/23 maxlen: 23
193.162.128.0/24 maxlen: 24
2a01:57e0:200::/39 maxlen: 39
2a01:57e0:400::/39 maxlen: 39
Validation: Failed, certificate revoked on Wed 28 Feb 2024 09:51:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:e6:ed:4e:8b:38:08:5e:23:ff:c5:b0:1c:a5:57:cb:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=166afc51c922fd842fec5b0cbbd26ebdbd1a161e
Validity
Not Before: Feb 26 19:38:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0219a63f29964346493904f54e77fb0af8775c66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:fd:9d:f1:2e:03:02:2a:e0:b5:75:78:17:ec:
c7:85:9e:8d:be:8b:66:04:89:d7:50:9e:af:9b:be:
45:c4:fb:ea:83:be:d7:cf:f4:4e:0f:18:fe:ae:d0:
40:02:1c:35:21:76:2e:bb:21:3d:37:2f:4b:88:ed:
0e:c8:c6:48:b1:09:26:1f:94:cd:14:0a:69:fd:2b:
2b:98:6a:bf:1c:07:25:69:85:70:51:4b:2f:4c:a1:
30:06:bf:d2:e4:5c:49:89:6c:2f:6d:9b:f8:d1:e2:
f6:14:09:05:61:a3:61:bd:81:f0:90:90:15:87:de:
c9:09:e8:ed:9d:48:bc:6d:fa:69:ff:1d:0f:34:53:
01:f4:ef:d8:0d:94:ef:a6:2d:38:c9:61:a8:df:ab:
87:16:9d:ac:41:02:e9:bd:70:f2:0c:09:ee:18:48:
8c:01:a6:8e:5e:23:17:db:1e:72:d7:4e:d3:95:c9:
f6:60:65:ad:10:2f:b6:ab:e4:cd:77:a7:36:e6:31:
25:84:fb:c7:db:14:62:bb:3e:eb:98:90:27:91:dc:
01:59:4d:12:33:18:41:bd:b7:43:ec:f5:03:04:d2:
ec:df:0d:39:6f:20:dc:f9:a3:2a:ba:aa:1e:0d:79:
c6:be:2f:db:4b:b5:d8:6e:73:71:80:28:4b:47:ad:
f4:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:19:A6:3F:29:96:43:46:49:39:04:F5:4E:77:FB:0A:F8:77:5C:66
X509v3 Authority Key Identifier:
keyid:16:6A:FC:51:C9:22:FD:84:2F:EC:5B:0C:BB:D2:6E:BD:BD:1A:16:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Fmr8Ucki_YQv7FsMu9Juvb0aFh4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/88c454-cbaa-43fd-b3c1-13b9110ce20c/1/AhmmPymWQ0ZJOQT1Tnf7Cvh3XGY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/88c454-cbaa-43fd-b3c1-13b9110ce20c/1/Fmr8Ucki_YQv7FsMu9Juvb0aFh4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.15.0/24
62.112.200.0/22
185.122.44.0/22
185.206.52.0/23
193.162.128.0/24
IPv6:
2a01:57e0:200::-2a01:57e0:5ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
09:af:85:e2:8a:5b:d6:33:07:17:d4:8f:73:ec:63:bd:2a:a6:
fa:9f:d9:42:7e:f8:d4:c7:eb:dc:65:1d:71:8c:ee:6d:c0:c4:
fc:1b:2e:fe:6d:90:a8:af:01:4b:b3:4f:29:d6:e1:e1:f8:28:
de:2e:e2:a2:9b:ae:70:ca:df:48:78:88:64:99:0c:58:8e:d0:
68:1a:1b:cf:f5:04:71:bd:7f:4c:5f:38:22:5a:2b:7a:05:dc:
fa:b6:0a:ec:f2:7f:cf:28:aa:16:2a:1c:9f:80:f8:df:69:e0:
6e:0e:df:8b:d5:e9:1f:fb:59:7a:4c:f8:8f:93:c3:8c:5a:d5:
0d:fc:68:a8:ec:66:28:4f:8c:a4:79:ea:55:ec:0a:e2:49:4a:
61:6e:f5:ce:d6:c2:40:8b:41:78:fa:b9:bf:69:ce:62:7d:d6:
95:47:56:c2:94:e9:1b:88:28:a1:4a:7a:58:2b:86:9a:4a:4d:
ea:e4:1d:69:a0:ac:d4:91:51:da:86:90:26:a2:47:0e:b1:1b:
e8:60:fa:41:9d:94:15:08:5b:df:25:ab:8a:dc:27:57:a6:33:
e5:b7:45:fa:5d:fb:28:d5:7d:46:29:ea:66:56:b4:06:1d:89:
46:84:40:9f:2f:49:76:cb:28:6c:ed:b6:d7:a5:fe:e2:6c:d1:
09:0f:61:4a
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAY3m7U6LOAheI//FsBylV8vnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2NmFmYzUxYzkyMmZkODQyZmVjNWIwY2JiZDI2ZWJkYmQx
YTE2MWUwHhcNMjQwMjI2MTkzODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjE5YTYzZjI5OTY0MzQ2NDkzOTA0ZjU0ZTc3ZmIwYWY4Nzc1YzY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/2d8S4DAirgtXV4F+zHhZ6Nvotm
BInXUJ6vm75FxPvqg77Xz/RODxj+rtBAAhw1IXYuuyE9Ny9LiO0OyMZIsQkmH5TN
FApp/SsrmGq/HAclaYVwUUsvTKEwBr/S5FxJiWwvbZv40eL2FAkFYaNhvYHwkJAV
h97JCejtnUi8bfpp/x0PNFMB9O/YDZTvpi04yWGo36uHFp2sQQLpvXDyDAnuGEiM
AaaOXiMX2x5y107Tlcn2YGWtEC+2q+TNd6c25jElhPvH2xRiuz7rmJAnkdwBWU0S
MxhBvbdD7PUDBNLs3w05byDc+aMquqoeDXnGvi/bS7XYbnNxgChLR630HQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFAIZpj8plkNGSTkE9U53+wr4d1xmMB8GA1UdIwQY
MBaAFBZq/FHJIv2EL+xbDLvSbr29GhYeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRm1yOFVja2lfWVF2N0ZzTXU5SnV2YjBhRmg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy84OGM0NTQtY2JhYS00M2ZkLWIzYzEt
MTNiOTExMGNlMjBjLzEvQWhtbVB5bVdRMFpKT1FUMVRuZjdDdmgzWEdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy84OGM0NTQtY2JhYS00M2ZkLWIzYzEtMTNiOTExMGNlMjBj
LzEvRm1yOFVja2lfWVF2N0ZzTXU5SnV2YjBhRmg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDAkBAIAATAeAwQALY4PAwQC
PnDIAwQCuXosAwQBuc40AwQAwaKAMBgEAgACMBIwEAMGASoBV+ACAwYBKgFX4AQw
DQYJKoZIhvcNAQELBQADggEBAAmvheKKW9YzBxfUj3PsY70qpvqf2UJ++NTH69xl
HXGM7m3AxPwbLv5tkKivAUuzTynW4eH4KN4u4qKbrnDK30h4iGSZDFiO0GgaG8/1
BHG9f0xfOCJaK3oF3Pq2Cuzyf88oqhYqHJ+A+N9p4G4O34vV6R/7WXpM+I+Tw4xa
1Q38aKjsZihPjKR56lXsCuJJSmFu9c7WwkCLQXj6ub9pzmJ91pVHVsKU6RuIKKFK
elgrhppKTerkHWmgrNSRUdqGkCaiRw6xG+hg+kGdlBUIW98lq4rcJ1emM+W3Rfpd
+yjVfUYp6mZWtAYdiUaEQJ8vSXbLKGztttel/uJs0QkPYUo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:19 2024 by rpki-client on console-ams.rpki-client.org