Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/a322ba-c964-465b-8989-b32d974c210e/1/PIrUZ2Ls2bx5lxu4Zqfwh3RpJts.roa
File: PIrUZ2Ls2bx5lxu4Zqfwh3RpJts.roa (raw, json)
Hash identifier: nxumLXSmkhrTuszyUMgvKk5zSVIlpluAgvHvq+PLyVg=
Subject key identifier: 3C:8A:D4:67:62:EC:D9:BC:79:97:1B:B8:66:A7:F0:87:74:69:26:DB
Certificate issuer: /CN=67ea698abcdee10dca9d6703a56e87a6b359bfcc
Certificate serial: 0185AAC1401EFE8C6F614C616572BCA3C825
Authority key identifier: 67:EA:69:8A:BC:DE:E1:0D:CA:9D:67:03:A5:6E:87:A6:B3:59:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z-ppirze4Q3KnWcDpW6HprNZv8w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/a322ba-c964-465b-8989-b32d974c210e/1/PIrUZ2Ls2bx5lxu4Zqfwh3RpJts.roa
Signing time: Fri 13 Jan 2023 10:51:09 +0000
ROA not before: Fri 13 Jan 2023 10:51:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205999
IP address blocks: 45.14.1.0/24 maxlen: 24
45.14.0.0/22 maxlen: 22
45.14.0.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:aa:c1:40:1e:fe:8c:6f:61:4c:61:65:72:bc:a3:c8:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67ea698abcdee10dca9d6703a56e87a6b359bfcc
Validity
Not Before: Jan 13 10:51:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3c8ad46762ecd9bc79971bb866a7f087746926db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:ef:81:38:65:ca:c4:b3:c9:f0:89:f9:15:f3:
1f:50:b8:1f:92:f8:2b:55:18:da:7a:76:83:5d:aa:
7d:95:77:67:85:9c:f6:8c:d0:45:4e:b7:7d:3d:2d:
96:fd:4e:74:01:97:e9:03:0a:c7:4e:10:43:21:5f:
f6:30:a0:86:6a:3b:31:aa:ab:92:98:0e:5a:84:5e:
d4:6b:e5:56:aa:3e:d3:a4:0f:5c:99:94:d3:03:0e:
27:b2:16:c5:79:72:f3:c0:92:67:e2:95:21:04:89:
a7:66:00:27:49:58:ac:61:78:2c:6f:8d:1f:36:d0:
44:a2:7c:c8:ca:23:e8:e5:e9:39:f6:d5:b3:1a:16:
35:6d:72:24:70:6a:79:8f:d1:aa:40:6f:77:0c:bf:
95:9f:f2:64:da:fb:17:8a:fe:d3:a3:91:7f:f5:66:
1d:cf:de:24:65:e8:34:82:95:d4:fa:64:68:9f:17:
f2:7b:3c:6d:28:6f:a7:83:11:00:3e:bb:43:a6:ce:
cd:c4:01:f6:c3:7a:f1:f2:c5:4e:bc:31:05:9c:47:
6d:1a:36:10:78:83:2b:a2:10:74:97:80:38:54:b1:
c7:34:5c:e0:6b:31:32:09:0b:f7:51:a2:11:3a:f6:
ec:6d:0b:94:06:ed:6c:d8:94:f7:fc:bd:70:a7:a2:
fa:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:8A:D4:67:62:EC:D9:BC:79:97:1B:B8:66:A7:F0:87:74:69:26:DB
X509v3 Authority Key Identifier:
keyid:67:EA:69:8A:BC:DE:E1:0D:CA:9D:67:03:A5:6E:87:A6:B3:59:BF:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z-ppirze4Q3KnWcDpW6HprNZv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/a322ba-c964-465b-8989-b32d974c210e/1/PIrUZ2Ls2bx5lxu4Zqfwh3RpJts.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/a322ba-c964-465b-8989-b32d974c210e/1/Z-ppirze4Q3KnWcDpW6HprNZv8w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.0.0/22
Signature Algorithm: sha256WithRSAEncryption
78:c9:50:0a:a9:10:29:6e:5b:58:d3:f0:2d:49:93:76:eb:4e:
4a:a9:9a:6b:24:43:24:22:84:13:37:f9:87:dd:a5:99:c9:46:
e5:1a:0b:f2:de:85:c5:a8:03:2d:0e:5e:35:04:c8:51:89:1c:
19:9d:d8:d5:35:57:cf:c3:ca:73:9d:e6:47:55:3b:ed:65:b7:
c0:e9:4e:38:6a:6e:93:de:5d:57:90:67:31:85:6a:b8:1d:9b:
4b:a1:fe:c8:a9:03:ef:c6:0b:ec:90:ae:25:4a:4f:92:be:0d:
d3:dd:cf:be:cf:ea:eb:83:66:78:e0:63:b4:0e:80:3a:76:11:
e6:24:15:87:c5:8e:81:df:58:d8:98:ab:f9:58:6f:99:75:e7:
dd:28:3a:d2:6a:02:1b:3e:fc:65:12:4c:ef:12:be:b8:6f:7a:
0d:90:0a:19:32:97:8f:b2:da:9c:ba:a3:64:bc:91:2c:47:bf:
57:18:cb:b9:0d:01:72:91:02:1a:a4:7c:39:23:26:46:89:4d:
26:82:49:3a:89:02:28:4c:d0:6f:6f:0b:b3:d1:ff:a7:c9:47:
fe:2d:b4:f8:09:66:b9:e3:45:be:d9:d3:ad:e2:93:36:eb:2e:
90:23:35:cc:2f:b1:1e:8a:e2:d5:38:07:b3:1a:49:9d:c4:bf:
a5:87:63:e9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYWqwUAe/oxvYUxhZXK8o8glMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3ZWE2OThhYmNkZWUxMGRjYTlkNjcwM2E1NmU4N2E2YjM1
OWJmY2MwHhcNMjMwMTEzMTA1MTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzhhZDQ2NzYyZWNkOWJjNzk5NzFiYjg2NmE3ZjA4Nzc0NjkyNmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo++BOGXKxLPJ8In5FfMfULgfkvgr
VRjaenaDXap9lXdnhZz2jNBFTrd9PS2W/U50AZfpAwrHThBDIV/2MKCGajsxqquS
mA5ahF7Ua+VWqj7TpA9cmZTTAw4nshbFeXLzwJJn4pUhBImnZgAnSVisYXgsb40f
NtBEonzIyiPo5ek59tWzGhY1bXIkcGp5j9GqQG93DL+Vn/Jk2vsXiv7To5F/9WYd
z94kZeg0gpXU+mRonxfyezxtKG+ngxEAPrtDps7NxAH2w3rx8sVOvDEFnEdtGjYQ
eIMrohB0l4A4VLHHNFzgazEyCQv3UaIROvbsbQuUBu1s2JT3/L1wp6L6DQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDyK1Gdi7Nm8eZcbuGan8Id0aSbbMB8GA1UdIwQY
MBaAFGfqaYq83uENyp1nA6Vuh6azWb/MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWi1wcGlyemU0UTNLbldjRHBXNkhwck5adjh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9hMzIyYmEtYzk2NC00NjViLTg5ODkt
YjMyZDk3NGMyMTBlLzEvUElyVVoyTHMyYng1bHh1NFpxZndoM1JwSnRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9hMzIyYmEtYzk2NC00NjViLTg5ODktYjMyZDk3NGMyMTBl
LzEvWi1wcGlyemU0UTNLbldjRHBXNkhwck5adjh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLQ4AMA0G
CSqGSIb3DQEBCwUAA4IBAQB4yVAKqRApbltY0/AtSZN2605KqZprJEMkIoQTN/mH
3aWZyUblGgvy3oXFqAMtDl41BMhRiRwZndjVNVfPw8pzneZHVTvtZbfA6U44am6T
3l1XkGcxhWq4HZtLof7IqQPvxgvskK4lSk+Svg3T3c++z+rrg2Z44GO0DoA6dhHm
JBWHxY6B31jYmKv5WG+ZdefdKDrSagIbPvxlEkzvEr64b3oNkAoZMpePstqcuqNk
vJEsR79XGMu5DQFykQIapHw5IyZGiU0mgkk6iQIoTNBvbwuz0f+nyUf+LbT4CWa5
40W+2dOt4pM26y6QIzXML7EeiuLVOAezGkmdxL+lh2Pp
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:24 2024 by rpki-client on console-ams.rpki-client.org