Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/1bcb2d-f58b-4e44-b133-dfcbdf3b1058/1/PFTEoaiTcE4fVQpJiki1Hgc4xpk.roa
File: PFTEoaiTcE4fVQpJiki1Hgc4xpk.roa (raw, json)
Hash identifier: BelZShzWOPzX4pucdM9FzDcU1YlPO0mtPn3QstKjfWw=
Subject key identifier: 3C:54:C4:A1:A8:93:70:4E:1F:55:0A:49:8A:48:B5:1E:07:38:C6:99
Certificate issuer: /CN=a1d0315373b09b061aa59f129d592eabf7b3aaef
Certificate serial: 01856F14DDB303FE4868B2821596AFC79C79
Authority key identifier: A1:D0:31:53:73:B0:9B:06:1A:A5:9F:12:9D:59:2E:AB:F7:B3:AA:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/odAxU3OwmwYapZ8SnVkuq_ezqu8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/1bcb2d-f58b-4e44-b133-dfcbdf3b1058/1/PFTEoaiTcE4fVQpJiki1Hgc4xpk.roa
Signing time: Sun 01 Jan 2023 20:45:16 +0000
ROA not before: Sun 01 Jan 2023 20:45:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 139471
IP address blocks: 45.157.70.0/24 maxlen: 24
45.157.69.0/24 maxlen: 24
45.157.68.0/22 maxlen: 22
45.157.71.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 24 Feb 2023 02:48:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:dd:b3:03:fe:48:68:b2:82:15:96:af:c7:9c:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a1d0315373b09b061aa59f129d592eabf7b3aaef
Validity
Not Before: Jan 1 20:45:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3c54c4a1a893704e1f550a498a48b51e0738c699
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:b0:58:99:c9:a3:a7:f4:00:b5:62:55:64:bf:
00:71:74:ca:42:d8:a4:ed:db:1f:c2:8e:6e:f7:4d:
55:98:8c:11:6e:77:b3:b9:ea:84:7f:d5:24:d0:84:
10:09:e3:cb:3d:ce:1a:0e:26:b1:85:b1:86:c0:fe:
0b:01:df:4e:0d:c3:3c:ab:ff:40:6a:74:b9:68:16:
a6:4e:fe:b3:49:19:36:73:50:e5:61:60:eb:be:10:
98:89:3b:33:ec:ff:fc:43:5c:f5:57:13:c6:30:6c:
ba:5c:fd:09:ed:75:be:8e:a4:c8:ae:05:6c:05:98:
5a:1d:1f:ee:70:d1:a4:cc:a9:63:5c:eb:33:83:e5:
8a:db:de:6b:d2:26:f8:40:2c:39:d9:66:15:17:12:
a5:4e:c5:02:6e:70:df:7e:ad:89:68:65:9a:90:09:
80:3c:e1:e1:4d:72:bc:68:fa:c2:60:5f:74:26:69:
3e:1d:14:3f:0a:98:1b:fc:92:be:ca:e3:b2:f1:c7:
7c:a9:7a:9a:12:ab:e4:74:b8:27:a3:5f:58:10:e0:
0c:95:ee:1e:46:61:28:76:92:d8:6a:7f:d0:ec:9d:
b7:66:04:85:a7:00:99:92:bd:7c:14:4c:c1:78:c9:
77:51:54:68:88:c3:46:3c:29:04:6b:02:10:30:ba:
0c:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:54:C4:A1:A8:93:70:4E:1F:55:0A:49:8A:48:B5:1E:07:38:C6:99
X509v3 Authority Key Identifier:
keyid:A1:D0:31:53:73:B0:9B:06:1A:A5:9F:12:9D:59:2E:AB:F7:B3:AA:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/odAxU3OwmwYapZ8SnVkuq_ezqu8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/1bcb2d-f58b-4e44-b133-dfcbdf3b1058/1/PFTEoaiTcE4fVQpJiki1Hgc4xpk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/1bcb2d-f58b-4e44-b133-dfcbdf3b1058/1/odAxU3OwmwYapZ8SnVkuq_ezqu8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.68.0/22
Signature Algorithm: sha256WithRSAEncryption
b3:2b:97:ed:89:6d:d6:25:a8:f9:1e:63:6d:68:0c:e9:b5:86:
d7:d4:1f:7d:fa:53:a2:65:05:ec:db:0f:8d:dd:f4:27:b1:f2:
b3:ab:4a:d4:24:31:6f:0c:41:b5:0a:75:b8:62:2a:2b:6f:46:
84:fb:4c:eb:74:cc:5a:18:4b:21:bd:6d:26:1d:dc:93:85:32:
e1:bb:7a:fd:6e:ce:9e:b8:51:bc:e6:bc:c2:bf:2d:dc:a7:b8:
e2:5e:cb:39:26:5e:58:b9:c0:d6:7b:cd:f6:cc:b5:86:c8:d6:
18:29:15:94:18:21:38:c0:cf:c6:13:ea:e1:1e:c1:a4:4c:cc:
81:6f:c4:62:5f:38:18:bd:e9:24:97:35:0f:d1:28:0a:9a:de:
9b:72:97:a0:8a:32:05:c4:c0:ee:31:71:aa:47:28:55:f0:c3:
80:b3:ba:c0:b7:a6:12:c8:da:7e:a6:af:6e:b7:58:20:62:a0:
df:22:3b:13:82:24:79:91:5a:ee:9b:65:6f:cf:0e:67:dd:88:
9c:66:7a:35:e6:a6:2f:8b:77:98:a8:40:15:a5:e2:67:33:c2:
9e:bb:49:53:ac:7c:5e:46:19:c4:49:7a:60:7c:47:34:aa:b9:
21:75:c8:9b:cc:2e:88:0b:cf:a2:44:c5:e8:1f:b2:54:d8:36:
a2:22:8f:ab
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvFN2zA/5IaLKCFZavx5x5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExZDAzMTUzNzNiMDliMDYxYWE1OWYxMjlkNTkyZWFiZjdi
M2FhZWYwHhcNMjMwMTAxMjA0NTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzU0YzRhMWE4OTM3MDRlMWY1NTBhNDk4YTQ4YjUxZTA3MzhjNjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlbBYmcmjp/QAtWJVZL8AcXTKQtik
7dsfwo5u901VmIwRbnezueqEf9Uk0IQQCePLPc4aDiaxhbGGwP4LAd9ODcM8q/9A
anS5aBamTv6zSRk2c1DlYWDrvhCYiTsz7P/8Q1z1VxPGMGy6XP0J7XW+jqTIrgVs
BZhaHR/ucNGkzKljXOszg+WK295r0ib4QCw52WYVFxKlTsUCbnDffq2JaGWakAmA
POHhTXK8aPrCYF90Jmk+HRQ/Cpgb/JK+yuOy8cd8qXqaEqvkdLgno19YEOAMle4e
RmEodpLYan/Q7J23ZgSFpwCZkr18FEzBeMl3UVRoiMNGPCkEawIQMLoMHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDxUxKGok3BOH1UKSYpItR4HOMaZMB8GA1UdIwQY
MBaAFKHQMVNzsJsGGqWfEp1ZLqv3s6rvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2RBeFUzT3dtd1lhcFo4U25Wa3VxX2V6cXU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy8xYmNiMmQtZjU4Yi00ZTQ0LWIxMzMt
ZGZjYmRmM2IxMDU4LzEvUEZURW9haVRjRTRmVlFwSmlraTFIZ2M0eHBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy8xYmNiMmQtZjU4Yi00ZTQ0LWIxMzMtZGZjYmRmM2IxMDU4
LzEvb2RBeFUzT3dtd1lhcFo4U25Wa3VxX2V6cXU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZ1EMA0G
CSqGSIb3DQEBCwUAA4IBAQCzK5ftiW3WJaj5HmNtaAzptYbX1B99+lOiZQXs2w+N
3fQnsfKzq0rUJDFvDEG1CnW4Yiorb0aE+0zrdMxaGEshvW0mHdyThTLhu3r9bs6e
uFG85rzCvy3cp7jiXss5Jl5YucDWe832zLWGyNYYKRWUGCE4wM/GE+rhHsGkTMyB
b8RiXzgYvekklzUP0SgKmt6bcpegijIFxMDuMXGqRyhV8MOAs7rAt6YSyNp+pq9u
t1ggYqDfIjsTgiR5kVrum2Vvzw5n3YicZno15qYvi3eYqEAVpeJnM8Keu0lTrHxe
RhnESXpgfEc0qrkhdcibzC6IC8+iRMXoH7JU2DaiIo+r
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:25 2024 by rpki-client on console-fra.rpki-client.org