Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/6669bb-1f62-42a3-9e8d-49a6545786e6/1/pFdz3dqde8bMzGeMAT6M3y0bzQQ.roa
File: pFdz3dqde8bMzGeMAT6M3y0bzQQ.roa (raw, json)
Hash identifier: F+GosuyLgCPmN20Zx8V03FWlKOht+90USZqo6M9tkEY=
Subject key identifier: A4:57:73:DD:DA:9D:7B:C6:CC:CC:67:8C:01:3E:8C:DF:2D:1B:CD:04
Certificate issuer: /CN=c6c0fdbb65ca491cb83cc085a43e0340596ae873
Certificate serial: 018DC100A7B50A61737BC34B3D0938CBD8E0
Authority key identifier: C6:C0:FD:BB:65:CA:49:1C:B8:3C:C0:85:A4:3E:03:40:59:6A:E8:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xsD9u2XKSRy4PMCFpD4DQFlq6HM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/6669bb-1f62-42a3-9e8d-49a6545786e6/1/pFdz3dqde8bMzGeMAT6M3y0bzQQ.roa
Signing time: Mon 19 Feb 2024 10:54:22 +0000
ROA not before: Mon 19 Feb 2024 10:54:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31631
IP address blocks: 45.150.140.0/22 maxlen: 22
80.252.120.0/22 maxlen: 22
103.110.208.0/22 maxlen: 22
109.224.248.0/21 maxlen: 21
185.108.168.0/22 maxlen: 22
185.205.172.0/22 maxlen: 22
193.178.54.0/23 maxlen: 23
193.178.112.0/23 maxlen: 23
2a06:e40::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 16 Sep 2024 12:21:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c1:00:a7:b5:0a:61:73:7b:c3:4b:3d:09:38:cb:d8:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6c0fdbb65ca491cb83cc085a43e0340596ae873
Validity
Not Before: Feb 19 10:54:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a45773ddda9d7bc6cccc678c013e8cdf2d1bcd04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:a1:0c:ff:ae:f9:e1:d8:bb:19:96:df:b8:aa:
60:91:22:8e:da:a3:43:c8:b2:bb:ba:ba:24:04:8a:
4a:f8:26:32:c2:d6:1d:e3:a8:ee:b6:14:42:eb:86:
fc:1e:bc:6d:36:d6:c9:42:1b:cd:93:26:0a:7f:fa:
f3:df:e0:41:4b:43:8b:ad:89:6c:9d:b2:3d:fc:1c:
c2:1a:33:6b:d6:89:b7:22:a7:49:df:fb:ca:20:ca:
4d:9f:39:0d:01:1e:8f:9b:6f:a4:09:c0:99:06:68:
ea:4b:98:de:a9:3d:ca:b7:67:00:13:51:78:e7:a7:
b2:5e:ad:06:49:29:b1:26:dc:a7:5c:4d:9f:3b:5f:
6d:38:24:4d:fa:a9:74:62:71:aa:9d:47:b5:a7:f4:
b4:d2:6c:a6:69:7b:ca:0a:1b:15:bc:3d:bc:e5:d6:
f2:d2:51:91:e3:01:c5:5e:44:e5:35:2c:83:02:b9:
0b:30:ca:79:80:48:0c:b3:09:68:31:c9:95:ad:92:
66:6e:31:52:28:2e:ce:ec:4d:9a:1a:39:79:d1:51:
ae:e0:1c:3d:7c:f4:74:8b:52:b4:65:d9:4e:0f:60:
cf:19:2a:99:d7:55:cb:89:1f:53:3b:d1:48:70:96:
3c:88:0f:10:6d:bb:02:70:3d:48:ce:56:38:f7:e7:
5e:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:57:73:DD:DA:9D:7B:C6:CC:CC:67:8C:01:3E:8C:DF:2D:1B:CD:04
X509v3 Authority Key Identifier:
keyid:C6:C0:FD:BB:65:CA:49:1C:B8:3C:C0:85:A4:3E:03:40:59:6A:E8:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xsD9u2XKSRy4PMCFpD4DQFlq6HM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/6669bb-1f62-42a3-9e8d-49a6545786e6/1/pFdz3dqde8bMzGeMAT6M3y0bzQQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/6669bb-1f62-42a3-9e8d-49a6545786e6/1/xsD9u2XKSRy4PMCFpD4DQFlq6HM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.140.0/22
80.252.120.0/22
103.110.208.0/22
109.224.248.0/21
185.108.168.0/22
185.205.172.0/22
193.178.54.0/23
193.178.112.0/23
IPv6:
2a06:e40::/29
Signature Algorithm: sha256WithRSAEncryption
1d:d3:e5:2a:8b:92:d9:8f:03:05:e2:a5:59:48:24:66:25:6b:
e4:b5:93:99:97:80:1c:72:5c:bd:c6:2c:9a:22:f8:76:8b:73:
7c:77:87:2c:a8:e9:35:d7:ec:71:65:3f:8d:2b:3a:c1:1d:d3:
cf:a8:22:c8:8d:23:4e:1d:0c:f3:62:87:7f:2e:ef:03:c9:06:
b5:ed:f2:28:b7:94:18:cf:1a:3f:3c:68:69:0d:b6:52:f7:47:
be:85:d8:65:ae:80:7d:f6:92:84:8d:1c:8c:e7:93:e0:d6:9c:
be:fe:c1:e2:1a:0f:fd:f8:0e:8b:f3:2c:9f:4a:95:bd:e1:07:
d8:e8:06:09:4e:d0:be:39:3d:6c:18:30:00:74:be:ed:d1:f8:
76:25:f0:51:02:8c:6a:78:73:22:df:c8:71:a9:4c:b5:5f:77:
1d:8e:90:61:f5:92:3f:02:90:03:85:52:d6:25:2d:b8:15:da:
e2:28:03:96:5c:7d:b2:c7:ee:89:12:41:55:8e:06:43:91:8e:
2f:c0:83:46:ae:93:ad:53:be:4d:ba:fa:c0:dc:87:8a:54:b7:
ba:b3:b2:f5:21:e2:02:14:3f:b0:01:1f:a2:ea:0e:97:c6:af:
ce:ef:35:f5:e0:d3:06:47:fa:de:0a:e6:5a:2e:e1:24:51:d6:
ee:66:1a:e2
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAY3BAKe1CmFze8NLPQk4y9jgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2YzBmZGJiNjVjYTQ5MWNiODNjYzA4NWE0M2UwMzQwNTk2
YWU4NzMwHhcNMjQwMjE5MTA1NDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDU3NzNkZGRhOWQ3YmM2Y2NjYzY3OGMwMTNlOGNkZjJkMWJjZDA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAraEM/6754di7GZbfuKpgkSKO2qND
yLK7urokBIpK+CYywtYd46juthRC64b8HrxtNtbJQhvNkyYKf/rz3+BBS0OLrYls
nbI9/BzCGjNr1om3IqdJ3/vKIMpNnzkNAR6Pm2+kCcCZBmjqS5jeqT3Kt2cAE1F4
56eyXq0GSSmxJtynXE2fO19tOCRN+ql0YnGqnUe1p/S00mymaXvKChsVvD285dby
0lGR4wHFXkTlNSyDArkLMMp5gEgMswloMcmVrZJmbjFSKC7O7E2aGjl50VGu4Bw9
fPR0i1K0ZdlOD2DPGSqZ11XLiR9TO9FIcJY8iA8QbbsCcD1IzlY49+deLQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFKRXc93anXvGzMxnjAE+jN8tG80EMB8GA1UdIwQY
MBaAFMbA/btlykkcuDzAhaQ+A0BZauhzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHNEOXUyWEtTUnk0UE1DRnBENERRRmxxNkhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi82NjY5YmItMWY2Mi00MmEzLTllOGQt
NDlhNjU0NTc4NmU2LzEvcEZkejNkcWRlOGJNekdlTUFUNk0zeTBielFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi82NjY5YmItMWY2Mi00MmEzLTllOGQtNDlhNjU0NTc4NmU2
LzEveHNEOXUyWEtTUnk0UE1DRnBENERRRmxxNkhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQCLZaMAwQC
UPx4AwQCZ27QAwQDbeD4AwQCuWyoAwQCuc2sAwQBwbI2AwQBwbJwMA0EAgACMAcD
BQMqBg5AMA0GCSqGSIb3DQEBCwUAA4IBAQAd0+Uqi5LZjwMF4qVZSCRmJWvktZOZ
l4Accly9xiyaIvh2i3N8d4csqOk11+xxZT+NKzrBHdPPqCLIjSNOHQzzYod/Lu8D
yQa17fIot5QYzxo/PGhpDbZS90e+hdhlroB99pKEjRyM55Pg1py+/sHiGg/9+A6L
8yyfSpW94QfY6AYJTtC+OT1sGDAAdL7t0fh2JfBRAoxqeHMi38hxqUy1X3cdjpBh
9ZI/ApADhVLWJS24FdriKAOWXH2yx+6JEkFVjgZDkY4vwINGrpOtU75NuvrA3IeK
VLe6s7L1IeICFD+wAR+i6g6Xxq/O7zX14NMGR/reCuZaLuEkUdbuZhri
-----END CERTIFICATE-----
Generated at Mon Sep 16 16:37:21 2024 by rpki-client on console-fra.rpki-client.org