Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/12fc41-89dd-4a21-aa34-76525841dc28/1/PbWzW9ProWWefGH0UeVJl6h1uwQ.roa
File: PbWzW9ProWWefGH0UeVJl6h1uwQ.roa (raw, json)
Hash identifier: ZcQdN1N0oPW2ojfVMlO+n28oZrI34He7AAx9q/oNUng=
Subject key identifier: 3D:B5:B3:5B:D3:EB:A1:65:9E:7C:61:F4:51:E5:49:97:A8:75:BB:04
Certificate issuer: /CN=ced410ea6867ef63f959bad6b21b691cadff87d4
Certificate serial: 01856EB9112426BEA7C6F46687F87889B9E5
Authority key identifier: CE:D4:10:EA:68:67:EF:63:F9:59:BA:D6:B2:1B:69:1C:AD:FF:87:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ztQQ6mhn72P5WbrWshtpHK3_h9Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/12fc41-89dd-4a21-aa34-76525841dc28/1/PbWzW9ProWWefGH0UeVJl6h1uwQ.roa
Signing time: Sun 01 Jan 2023 19:05:00 +0000
ROA not before: Sun 01 Jan 2023 19:05:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42053
IP address blocks: 45.152.92.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:b9:11:24:26:be:a7:c6:f4:66:87:f8:78:89:b9:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ced410ea6867ef63f959bad6b21b691cadff87d4
Validity
Not Before: Jan 1 19:05:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3db5b35bd3eba1659e7c61f451e54997a875bb04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:c6:08:dc:48:ba:b4:6a:ae:ac:03:53:fe:7b:
d9:1c:86:a8:d8:00:59:0e:08:97:04:84:ea:e0:b1:
62:89:42:57:e8:78:a8:80:7e:a5:f3:87:77:b4:40:
3b:32:b0:c5:2e:a7:9d:8c:d0:d9:72:39:cb:de:13:
48:ea:4f:e7:28:da:5a:6f:42:52:26:aa:1d:7e:1d:
6b:95:87:11:d4:53:47:83:91:84:03:95:34:ad:d3:
b7:aa:27:54:3c:ef:55:2f:4d:32:e5:d2:0f:57:c4:
cf:7e:76:0c:0e:dc:75:92:55:cd:6b:4e:c6:4d:8c:
b8:3c:43:66:91:7f:ce:3f:8c:37:07:82:b7:38:47:
1f:55:f8:7f:d9:72:fc:63:ec:9c:51:4d:04:72:3f:
4f:b5:6b:25:ad:22:ce:0b:bf:5d:23:0d:c2:41:38:
f8:f1:e6:19:30:17:3d:0d:96:3e:3b:ff:af:1e:aa:
7e:38:56:ed:e1:dc:9c:1f:65:a7:94:96:fb:75:f8:
92:8f:79:71:12:4f:33:3d:47:01:19:d1:f7:5b:82:
f2:2f:28:28:20:34:38:7a:6a:5b:44:07:be:f1:6b:
03:b5:59:ba:f5:7a:2b:3b:8c:1a:23:7b:a8:79:f3:
59:07:90:6a:c9:9f:fd:51:da:89:b1:f0:4c:23:78:
0e:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:B5:B3:5B:D3:EB:A1:65:9E:7C:61:F4:51:E5:49:97:A8:75:BB:04
X509v3 Authority Key Identifier:
keyid:CE:D4:10:EA:68:67:EF:63:F9:59:BA:D6:B2:1B:69:1C:AD:FF:87:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ztQQ6mhn72P5WbrWshtpHK3_h9Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/12fc41-89dd-4a21-aa34-76525841dc28/1/PbWzW9ProWWefGH0UeVJl6h1uwQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/12fc41-89dd-4a21-aa34-76525841dc28/1/ztQQ6mhn72P5WbrWshtpHK3_h9Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.92.0/22
Signature Algorithm: sha256WithRSAEncryption
65:31:c8:46:7b:63:da:25:87:04:08:76:cb:64:96:57:8f:75:
13:7e:c8:cb:e5:6e:d3:62:c5:53:57:46:11:20:7a:bf:11:c4:
bf:3e:25:ec:25:a8:74:4f:43:7e:82:3e:7e:a7:4f:b1:df:a7:
38:d3:d7:0a:69:f6:17:cd:84:01:ed:d0:56:5b:3f:d0:8a:5c:
9f:68:a3:21:2f:33:df:83:11:e9:0f:b7:92:09:53:a9:08:4f:
98:bb:88:f8:d5:cf:7d:cd:ac:a0:44:50:9c:23:51:39:f9:2a:
79:97:df:e0:d5:59:b6:52:ea:eb:5d:9c:98:43:1a:c6:7d:96:
04:c9:d2:13:37:f2:ac:c1:55:26:46:ad:46:0a:0f:bd:84:d0:
da:9b:69:ad:7a:fe:4d:a3:5b:e0:cf:7d:41:91:bf:d3:ab:ba:
c5:df:99:b7:20:45:cb:6d:4b:90:ba:c9:a9:e0:48:d2:d1:c8:
2f:07:f5:b8:3f:9a:85:87:f0:95:2b:b2:bf:c5:49:5d:d9:b2:
0b:d0:c8:ec:29:4c:a4:a1:18:49:cb:4b:ca:a9:84:2c:44:fe:
8f:7f:38:26:97:1d:14:3e:03:b5:ef:39:a4:6b:c4:76:b8:74:
6b:2f:7e:aa:d3:a2:01:ad:dc:fd:6b:ac:d2:99:6a:43:a9:24:
3f:d0:02:9c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuuREkJr6nxvRmh/h4ibnlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlZDQxMGVhNjg2N2VmNjNmOTU5YmFkNmIyMWI2OTFjYWRm
Zjg3ZDQwHhcNMjMwMTAxMTkwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGI1YjM1YmQzZWJhMTY1OWU3YzYxZjQ1MWU1NDk5N2E4NzViYjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqsYI3Ei6tGqurANT/nvZHIao2ABZ
DgiXBITq4LFiiUJX6HiogH6l84d3tEA7MrDFLqedjNDZcjnL3hNI6k/nKNpab0JS
Jqodfh1rlYcR1FNHg5GEA5U0rdO3qidUPO9VL00y5dIPV8TPfnYMDtx1klXNa07G
TYy4PENmkX/OP4w3B4K3OEcfVfh/2XL8Y+ycUU0Ecj9PtWslrSLOC79dIw3CQTj4
8eYZMBc9DZY+O/+vHqp+OFbt4dycH2WnlJb7dfiSj3lxEk8zPUcBGdH3W4LyLygo
IDQ4empbRAe+8WsDtVm69XorO4waI3uoefNZB5BqyZ/9UdqJsfBMI3gOfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD21s1vT66Flnnxh9FHlSZeodbsEMB8GA1UdIwQY
MBaAFM7UEOpoZ+9j+Vm61rIbaRyt/4fUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenRRUTZtaG43MlA1V2JyV3NodHBISzNfaDlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy8xMmZjNDEtODlkZC00YTIxLWFhMzQt
NzY1MjU4NDFkYzI4LzEvUGJXelc5UHJvV1dlZkdIMFVlVkpsNmgxdXdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy8xMmZjNDEtODlkZC00YTIxLWFhMzQtNzY1MjU4NDFkYzI4
LzEvenRRUTZtaG43MlA1V2JyV3NodHBISzNfaDlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZhcMA0G
CSqGSIb3DQEBCwUAA4IBAQBlMchGe2PaJYcECHbLZJZXj3UTfsjL5W7TYsVTV0YR
IHq/EcS/PiXsJah0T0N+gj5+p0+x36c409cKafYXzYQB7dBWWz/QilyfaKMhLzPf
gxHpD7eSCVOpCE+Yu4j41c99zaygRFCcI1E5+Sp5l9/g1Vm2UurrXZyYQxrGfZYE
ydITN/KswVUmRq1GCg+9hNDam2mtev5No1vgz31Bkb/Tq7rF35m3IEXLbUuQusmp
4EjS0cgvB/W4P5qFh/CVK7K/xUld2bIL0MjsKUykoRhJy0vKqYQsRP6Pfzgmlx0U
PgO17zmka8R2uHRrL36q06IBrdz9a6zSmWpDqSQ/0AKc
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:26 2024 by rpki-client on console-ams.rpki-client.org