Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/pojq15zgJFHA3ZdIlORfP9EUr28.roa
File: pojq15zgJFHA3ZdIlORfP9EUr28.roa (raw, json)
Hash identifier: 7CyNEaEvCl9nZRvtFihRoqiDlPFmXpmZOPgVs3T0f/s=
Subject key identifier: A6:88:EA:D7:9C:E0:24:51:C0:DD:97:48:94:E4:5F:3F:D1:14:AF:6F
Certificate issuer: /CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Certificate serial: 018D13D7F289AB8E33D7B65A2FB5F5012CA0
Authority key identifier: EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/pojq15zgJFHA3ZdIlORfP9EUr28.roa
Signing time: Tue 16 Jan 2024 19:55:35 +0000
ROA not before: Tue 16 Jan 2024 19:55:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12722
IP address blocks: 45.10.109.0/24 maxlen: 24
45.88.208.0/24 maxlen: 24
45.88.211.0/24 maxlen: 24
176.53.187.0/24 maxlen: 24
194.32.124.0/24 maxlen: 24
194.32.126.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 21 Jan 2024 19:16:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:13:d7:f2:89:ab:8e:33:d7:b6:5a:2f:b5:f5:01:2c:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Validity
Not Before: Jan 16 19:55:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a688ead79ce02451c0dd974894e45f3fd114af6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:7f:ee:4f:ee:8e:f1:4b:17:4e:55:94:15:a0:
fc:58:6f:aa:83:3b:dd:de:a3:86:1a:19:3d:d8:5c:
a3:87:2a:9d:ca:13:28:bb:47:bb:84:14:8e:c2:ee:
9e:5d:72:00:cf:af:49:a6:24:87:49:f2:79:22:36:
07:e0:e2:07:d8:cc:b2:40:a3:f5:5a:55:55:12:28:
cb:bd:2a:90:18:7f:f1:94:c3:cf:4b:fa:07:2e:d4:
08:15:a4:de:97:47:46:dc:61:c3:18:7c:e5:b6:3b:
62:0c:5d:8d:6e:d4:e4:1d:5a:03:86:a1:f5:b0:09:
0e:58:dc:fc:b2:1e:bb:fe:9e:4f:bc:8d:c2:b4:61:
22:63:08:2d:16:d8:36:8d:46:1b:8c:2c:6d:a7:23:
00:0c:6d:eb:c5:1c:e1:62:dc:e6:d8:59:7f:96:86:
db:32:08:f0:8b:61:84:e8:7b:80:88:27:ce:e1:42:
a4:24:22:be:bb:3b:83:61:b1:44:a7:81:29:87:52:
6b:0a:18:a7:b6:f2:27:f5:e3:8f:a6:3e:17:c9:cb:
6b:1f:1d:77:cf:35:6b:99:99:39:39:c0:8d:3f:0b:
24:e0:12:38:66:fc:4a:ba:4e:d6:0f:ff:b1:b5:74:
50:4c:6a:ee:eb:73:d4:a1:98:dc:f7:44:e2:3b:c9:
92:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:88:EA:D7:9C:E0:24:51:C0:DD:97:48:94:E4:5F:3F:D1:14:AF:6F
X509v3 Authority Key Identifier:
keyid:EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/pojq15zgJFHA3ZdIlORfP9EUr28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.109.0/24
45.88.208.0/24
45.88.211.0/24
176.53.187.0/24
194.32.124.0/24
194.32.126.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:4e:8f:67:77:08:05:a0:3f:9c:c8:09:fe:46:e0:1a:f2:c5:
65:0e:00:71:cf:68:2d:b1:94:55:46:b3:19:a3:a3:86:09:4e:
68:e8:ba:7a:8e:c3:ac:ae:dc:3a:e1:64:f0:64:73:ca:d7:c2:
19:45:c2:20:0b:6c:ee:be:f5:04:2d:2f:e1:87:fb:d5:dc:89:
11:8b:68:4e:88:7a:9c:64:2c:51:93:ef:a1:d9:17:d7:2d:d9:
39:28:a7:56:a0:59:09:e0:6e:c4:9a:52:17:cc:27:21:ed:8b:
e6:21:4b:1b:d1:0b:27:1f:80:8c:26:e6:be:a7:24:f2:42:7a:
61:5f:66:19:74:47:1b:74:86:a3:0e:88:3e:b4:24:54:03:33:
99:37:bd:27:e2:af:24:2a:1d:88:38:e3:60:ff:98:18:7d:81:
20:8d:5b:be:da:64:ab:eb:ca:0f:33:0e:b1:de:38:65:00:5c:
e7:ed:2e:90:32:7c:6f:91:e7:27:a5:97:e6:e9:ad:66:4a:3f:
69:a2:07:3b:9d:3b:ff:ec:16:d3:b3:d1:bf:63:72:42:17:c7:
27:9a:3f:99:1a:70:71:e5:5d:62:37:b2:23:84:1c:46:6f:e2:
eb:83:a2:72:30:02:b2:91:dd:09:56:03:70:7b:2f:0a:f6:22:
95:cc:dd:08
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY0T1/KJq44z17ZaL7X1ASygMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYmJmMzE3ZTVmYWY1ZWYwMmM5Y2NlNzk1MjdkNWU3NGI4
YWJjYzUwHhcNMjQwMTE2MTk1NTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjg4ZWFkNzljZTAyNDUxYzBkZDk3NDg5NGU0NWYzZmQxMTRhZjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmn/uT+6O8UsXTlWUFaD8WG+qgzvd
3qOGGhk92FyjhyqdyhMou0e7hBSOwu6eXXIAz69JpiSHSfJ5IjYH4OIH2MyyQKP1
WlVVEijLvSqQGH/xlMPPS/oHLtQIFaTel0dG3GHDGHzltjtiDF2NbtTkHVoDhqH1
sAkOWNz8sh67/p5PvI3CtGEiYwgtFtg2jUYbjCxtpyMADG3rxRzhYtzm2Fl/lobb
Mgjwi2GE6HuAiCfO4UKkJCK+uzuDYbFEp4Eph1JrChintvIn9eOPpj4XyctrHx13
zzVrmZk5OcCNPwsk4BI4ZvxKuk7WD/+xtXRQTGru63PUoZjc90TiO8mSNQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFKaI6tec4CRRwN2XSJTkXz/RFK9vMB8GA1UdIwQY
MBaAFO678xfl+vXvAsnM55Un1edLirzFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMt
NmZlOWJmNjA1NjFjLzEvcG9qcTE1emdKRkhBM1pkSWxPUmZQOUVVcjI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMtNmZlOWJmNjA1NjFj
LzEvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALQptAwQA
LVjQAwQALVjTAwQAsDW7AwQAwiB8AwQAwiB+MA0GCSqGSIb3DQEBCwUAA4IBAQAa
To9ndwgFoD+cyAn+RuAa8sVlDgBxz2gtsZRVRrMZo6OGCU5o6Lp6jsOsrtw64WTw
ZHPK18IZRcIgC2zuvvUELS/hh/vV3IkRi2hOiHqcZCxRk++h2RfXLdk5KKdWoFkJ
4G7EmlIXzCch7YvmIUsb0QsnH4CMJua+pyTyQnphX2YZdEcbdIajDog+tCRUAzOZ
N70n4q8kKh2IOONg/5gYfYEgjVu+2mSr68oPMw6x3jhlAFzn7S6QMnxvkecnpZfm
6a1mSj9pogc7nTv/7BbTs9G/Y3JCF8cnmj+ZGnBx5V1iN7IjhBxGb+Lrg6JyMAKy
kd0JVgNwey8K9iKVzN0I
-----END CERTIFICATE-----
Generated at Sun Jan 21 19:56:23 2024 by rpki-client on console-ams.rpki-client.org