Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/pMTd-PRsNmNqCnjtKwM_0y_DRNY.roa
File: pMTd-PRsNmNqCnjtKwM_0y_DRNY.roa (raw, json)
Hash identifier: LDZCZUdn6nmD7nmpe5Rbt+eR9vPlKzYBh6nl3j7cF4M=
Subject key identifier: A4:C4:DD:F8:F4:6C:36:63:6A:0A:78:ED:2B:03:3F:D3:2F:C3:44:D6
Certificate issuer: /CN=3263787fd0f94b37813eef16bc8137423ee3fef3
Certificate serial: 018B29C14C5E4354BC24F9029AEA6E9E110B
Authority key identifier: 32:63:78:7F:D0:F9:4B:37:81:3E:EF:16:BC:81:37:42:3E:E3:FE:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/pMTd-PRsNmNqCnjtKwM_0y_DRNY.roa
Signing time: Fri 13 Oct 2023 15:56:55 +0000
ROA not before: Fri 13 Oct 2023 15:56:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.66.94.0/23 maxlen: 23
37.44.228.0/22 maxlen: 24
192.145.52.0/22 maxlen: 24
192.145.53.0/24 maxlen: 24
192.145.54.0/24 maxlen: 24
192.145.55.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 19 Oct 2023 09:12:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:29:c1:4c:5e:43:54:bc:24:f9:02:9a:ea:6e:9e:11:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3263787fd0f94b37813eef16bc8137423ee3fef3
Validity
Not Before: Oct 13 15:56:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a4c4ddf8f46c36636a0a78ed2b033fd32fc344d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:d5:21:54:44:68:16:ca:3d:4c:40:83:16:ba:
a3:d8:a6:8f:51:a0:72:84:a3:d7:7a:c0:34:f2:c5:
c4:5a:0d:52:2d:f5:dd:f6:6a:80:d7:2e:58:fa:04:
b8:53:55:4e:85:79:41:42:5c:80:e1:95:78:0d:00:
26:1e:fc:3d:59:f2:0e:ac:aa:89:3f:89:20:dc:48:
69:1a:d4:8f:4e:e8:82:e8:ea:2a:0f:1a:d8:1b:18:
c9:f8:06:e3:1e:6a:7f:08:91:9c:f1:75:88:c4:7b:
11:53:61:be:fd:22:f0:c7:20:78:d4:cf:26:16:44:
bf:d8:92:44:e9:81:8c:fe:3f:f4:95:94:14:cb:27:
7a:81:c1:b5:f4:fa:6d:83:7a:00:15:f3:fb:5d:05:
60:44:c6:8e:ee:a7:69:97:c7:fb:ac:dd:6e:f9:32:
e5:ed:73:22:6d:31:60:c6:f7:22:c8:52:f2:04:f8:
9e:ab:0d:3b:1d:73:c7:58:e1:18:4e:a3:4b:41:5e:
f6:70:01:a7:d5:cd:7e:40:14:40:67:1f:f5:c3:dc:
2a:83:36:12:a7:b3:e2:80:c1:00:64:42:4d:56:6c:
1e:e6:92:4b:b6:3d:eb:3d:0b:63:8c:07:4b:89:78:
22:a6:08:8f:1f:d6:f4:5b:7f:d4:a6:ab:6a:76:56:
fb:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:C4:DD:F8:F4:6C:36:63:6A:0A:78:ED:2B:03:3F:D3:2F:C3:44:D6
X509v3 Authority Key Identifier:
keyid:32:63:78:7F:D0:F9:4B:37:81:3E:EF:16:BC:81:37:42:3E:E3:FE:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/pMTd-PRsNmNqCnjtKwM_0y_DRNY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.44.228.0/22
45.66.94.0/23
192.145.52.0/22
Signature Algorithm: sha256WithRSAEncryption
62:f2:ea:14:62:46:cf:70:40:0e:ee:d9:2a:d9:05:1b:e6:5a:
ec:e2:55:b1:dc:c6:40:12:3f:66:da:03:1f:13:dd:10:99:d3:
41:f5:c2:c8:a4:c8:70:cc:d5:ba:53:e0:9f:b4:84:62:fb:43:
0e:75:0a:4a:f3:f7:54:8f:20:a9:aa:eb:cc:06:b8:1b:dd:10:
08:19:bb:37:f3:9d:96:f1:99:83:ef:8b:07:af:26:19:92:0d:
79:49:ff:3e:84:b3:54:4a:40:42:52:34:f6:c1:dc:4f:5e:77:
a0:d1:b8:cf:10:bb:9d:e0:30:d4:1f:b3:f4:40:be:c5:57:86:
c8:a7:be:0e:1a:99:01:b5:14:cc:26:da:9f:5e:15:c4:9f:e6:
95:7d:bc:32:e3:df:70:c7:57:15:43:c1:a0:7a:b7:af:c6:26:
04:2c:0a:bd:94:4c:1f:8b:cb:d8:25:7e:5d:eb:ee:11:ef:0f:
7a:7c:3c:51:00:fe:d7:b1:8c:4c:78:ed:34:3c:14:93:45:38:
55:50:7a:4c:ca:c8:7a:c8:41:8b:1a:f9:1a:47:44:64:96:19:
43:8b:cc:b9:45:7c:41:3e:94:12:5a:02:6e:25:41:b5:a2:bd:
24:be:84:d1:f6:5c:88:1c:5c:d0:b0:0d:7b:6b:a1:40:86:45:
0e:01:b8:f8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYspwUxeQ1S8JPkCmupunhELMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNjM3ODdmZDBmOTRiMzc4MTNlZWYxNmJjODEzNzQyM2Vl
M2ZlZjMwHhcNMjMxMDEzMTU1NjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGM0ZGRmOGY0NmMzNjYzNmEwYTc4ZWQyYjAzM2ZkMzJmYzM0NGQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAltUhVERoFso9TECDFrqj2KaPUaBy
hKPXesA08sXEWg1SLfXd9mqA1y5Y+gS4U1VOhXlBQlyA4ZV4DQAmHvw9WfIOrKqJ
P4kg3EhpGtSPTuiC6OoqDxrYGxjJ+AbjHmp/CJGc8XWIxHsRU2G+/SLwxyB41M8m
FkS/2JJE6YGM/j/0lZQUyyd6gcG19Pptg3oAFfP7XQVgRMaO7qdpl8f7rN1u+TLl
7XMibTFgxvciyFLyBPieqw07HXPHWOEYTqNLQV72cAGn1c1+QBRAZx/1w9wqgzYS
p7PigMEAZEJNVmwe5pJLtj3rPQtjjAdLiXgipgiPH9b0W3/Upqtqdlb7MQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKTE3fj0bDZjagp47SsDP9Mvw0TWMB8GA1UdIwQY
MBaAFDJjeH/Q+Us3gT7vFryBN0I+4/7zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTW1ONGY5RDVTemVCUHU4V3ZJRTNRajdqX3ZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83NzAzZWYtMjQyMi00MzdjLWI5M2Qt
NTk1ZTBiZjVjNjEzLzEvcE1UZC1QUnNObU5xQ25qdEt3TV8weV9EUk5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83NzAzZWYtMjQyMi00MzdjLWI5M2QtNTk1ZTBiZjVjNjEz
LzEvTW1ONGY5RDVTemVCUHU4V3ZJRTNRajdqX3ZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCJSzkAwQB
LUJeAwQCwJE0MA0GCSqGSIb3DQEBCwUAA4IBAQBi8uoUYkbPcEAO7tkq2QUb5lrs
4lWx3MZAEj9m2gMfE90QmdNB9cLIpMhwzNW6U+CftIRi+0MOdQpK8/dUjyCpquvM
Brgb3RAIGbs3852W8ZmD74sHryYZkg15Sf8+hLNUSkBCUjT2wdxPXneg0bjPELud
4DDUH7P0QL7FV4bIp74OGpkBtRTMJtqfXhXEn+aVfbwy499wx1cVQ8GgerevxiYE
LAq9lEwfi8vYJX5d6+4R7w96fDxRAP7XsYxMeO00PBSTRThVUHpMysh6yEGLGvka
R0RklhlDi8y5RXxBPpQSWgJuJUG1or0kvoTR9lyIHFzQsA17a6FAhkUOAbj4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:15 2024 by rpki-client on console-fra.rpki-client.org