Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/pIKEldAK9VMKDUbXnb2sb3RIReA.roa
File: pIKEldAK9VMKDUbXnb2sb3RIReA.roa (raw, json)
Hash identifier: JroHXTskhNTQ9NRZiT8of8r+Tvht4y9uLNMLPnJ3IR4=
Subject key identifier: A4:82:84:95:D0:0A:F5:53:0A:0D:46:D7:9D:BD:AC:6F:74:48:45:E0
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 0187C872D5387C64DB3D6A3E0497507B445D
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/pIKEldAK9VMKDUbXnb2sb3RIReA.roa
Signing time: Fri 28 Apr 2023 15:19:41 +0000
ROA not before: Fri 28 Apr 2023 15:19:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57043
IP address blocks: 85.92.108.0/24 maxlen: 24
46.19.68.0/24 maxlen: 24
46.19.69.0/24 maxlen: 24
37.220.84.0/24 maxlen: 24
37.220.85.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 11 Dec 2023 11:58:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:c8:72:d5:38:7c:64:db:3d:6a:3e:04:97:50:7b:44:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Apr 28 15:19:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a4828495d00af5530a0d46d79dbdac6f744845e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:43:aa:20:be:b1:52:24:38:2e:07:f4:77:10:
2f:5f:d8:97:27:d0:cc:8a:3b:10:81:55:d2:2d:b4:
6e:26:df:f6:93:2f:45:b1:fb:f8:e1:04:14:3d:49:
f1:39:3f:ff:fb:3c:b0:4f:38:d6:a5:9c:67:0f:b9:
3a:90:1f:47:a7:2a:28:d8:fa:af:fe:bf:7c:5f:08:
9c:5f:46:7e:50:4c:1b:d0:54:a8:10:5d:30:e1:62:
96:34:65:b2:25:87:dd:c5:87:5e:c3:b8:67:ec:ff:
96:ec:e4:cd:e5:7e:3e:02:4a:a2:b5:07:28:b4:4b:
51:d3:d7:cb:92:89:83:ad:24:d0:eb:83:ab:e2:3b:
18:3e:9e:df:8e:3f:09:20:37:3e:0c:3d:88:9b:fd:
22:4c:ca:e3:8d:ef:af:59:59:53:89:9c:1d:fe:33:
f3:84:a5:1b:95:dc:b4:00:31:ef:8d:3c:83:11:8b:
9f:11:ee:85:5b:f7:da:9f:54:1b:8d:0e:e8:7f:6e:
5f:20:e3:cd:5b:eb:a0:3e:9d:a4:20:18:7e:9b:a9:
68:11:7f:be:d7:0b:71:4a:9a:00:94:e2:1d:5f:d9:
dd:5b:2e:ee:e6:2b:31:77:51:fa:53:21:5e:84:46:
0f:37:f7:52:f2:49:3c:c0:85:af:3b:1a:3e:6e:44:
69:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:82:84:95:D0:0A:F5:53:0A:0D:46:D7:9D:BD:AC:6F:74:48:45:E0
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/pIKEldAK9VMKDUbXnb2sb3RIReA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.220.84.0/23
46.19.68.0/23
85.92.108.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:63:2a:00:e5:05:8e:a5:5c:60:72:4a:d5:1e:f9:bf:97:58:
e0:63:e1:67:d8:e1:42:2f:66:d7:20:e5:cc:bd:e2:01:37:3f:
bc:3e:32:91:bd:71:14:3b:e3:56:b6:a1:9b:01:5b:8d:86:6f:
d3:34:c3:fc:e3:41:62:28:1d:1a:2c:60:a0:2a:22:d1:5a:b6:
0b:5d:70:e7:c8:cb:04:25:bc:fd:c3:43:81:94:78:75:47:fe:
49:60:de:d8:98:7f:67:48:13:83:dc:81:35:a2:b3:75:4b:50:
14:04:f5:d8:2f:62:e9:71:cd:80:df:1c:79:bd:47:15:85:77:
53:b4:da:d2:4a:54:8b:48:ca:b6:fb:51:91:d3:45:a4:8b:6c:
9a:60:04:7b:b0:d7:6b:99:a9:89:f5:c2:5a:32:7c:8f:9a:5c:
ef:26:ae:53:61:82:d1:f9:6b:41:7a:34:83:05:8a:e1:9f:1e:
5c:8c:88:a2:ef:f3:14:7e:7c:eb:db:05:4b:ed:c0:fb:fa:47:
7f:2d:05:79:cc:f4:a2:fb:30:d4:8f:39:58:33:3f:5d:ae:92:
07:01:4d:b7:92:2f:5f:14:fb:67:d5:ff:e4:6d:e5:90:8a:3a:
c8:5d:6e:16:4b:a4:d3:2d:90:48:03:aa:80:db:c3:80:f9:e8:
c7:9c:f6:9d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYfIctU4fGTbPWo+BJdQe0RdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjMwNDI4MTUxOTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDgyODQ5NWQwMGFmNTUzMGEwZDQ2ZDc5ZGJkYWM2Zjc0NDg0NWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxkOqIL6xUiQ4Lgf0dxAvX9iXJ9DM
ijsQgVXSLbRuJt/2ky9Fsfv44QQUPUnxOT//+zywTzjWpZxnD7k6kB9Hpyoo2Pqv
/r98XwicX0Z+UEwb0FSoEF0w4WKWNGWyJYfdxYdew7hn7P+W7OTN5X4+AkqitQco
tEtR09fLkomDrSTQ64Or4jsYPp7fjj8JIDc+DD2Im/0iTMrjje+vWVlTiZwd/jPz
hKUbldy0ADHvjTyDEYufEe6FW/fan1QbjQ7of25fIOPNW+ugPp2kIBh+m6loEX++
1wtxSpoAlOIdX9ndWy7u5isxd1H6UyFehEYPN/dS8kk8wIWvOxo+bkRpHwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKSChJXQCvVTCg1G1529rG90SEXgMB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvcElLRWxkQUs5Vk1LRFViWG5iMnNiM1JJUmVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBJdxUAwQB
LhNEAwQAVVxsMA0GCSqGSIb3DQEBCwUAA4IBAQBOYyoA5QWOpVxgckrVHvm/l1jg
Y+Fn2OFCL2bXIOXMveIBNz+8PjKRvXEUO+NWtqGbAVuNhm/TNMP840FiKB0aLGCg
KiLRWrYLXXDnyMsEJbz9w0OBlHh1R/5JYN7YmH9nSBOD3IE1orN1S1AUBPXYL2Lp
cc2A3xx5vUcVhXdTtNrSSlSLSMq2+1GR00Wki2yaYAR7sNdrmamJ9cJaMnyPmlzv
Jq5TYYLR+WtBejSDBYrhnx5cjIii7/MUfnzr2wVL7cD7+kd/LQV5zPSi+zDUjzlY
Mz9drpIHAU23ki9fFPtn1f/kbeWQijrIXW4WS6TTLZBIA6qA28OA+ejHnPad
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:55 2024 by rpki-client on console-fra.rpki-client.org