Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/2d5bc8-5d93-4b0a-a8b6-f8d65c983744/1/PqqXTmCv3DDOhEXpKHasTQ0E82g.roa
File: PqqXTmCv3DDOhEXpKHasTQ0E82g.roa (raw, json)
Hash identifier: 8QtNlJvlJlYZKxZivC/jEq6XgDMsYfxw15eSFBtFCfo=
Subject key identifier: 3E:AA:97:4E:60:AF:DC:30:CE:84:45:E9:28:76:AC:4D:0D:04:F3:68
Certificate issuer: /CN=de2e917315f0a878b21fc139d49a821aaddc3c97
Certificate serial: 0187433BA2D41B0EBF5F6A2B65B556AA41CF
Authority key identifier: DE:2E:91:73:15:F0:A8:78:B2:1F:C1:39:D4:9A:82:1A:AD:DC:3C:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3i6RcxXwqHiyH8E51JqCGq3cPJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/2d5bc8-5d93-4b0a-a8b6-f8d65c983744/1/PqqXTmCv3DDOhEXpKHasTQ0E82g.roa
Signing time: Sun 02 Apr 2023 18:29:54 +0000
ROA not before: Sun 02 Apr 2023 18:29:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204068
IP address blocks: 45.129.58.0/24 maxlen: 24
45.129.57.0/24 maxlen: 24
2a03:1b20:beed::/48 maxlen: 48
2a03:1b20:beee::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:43:3b:a2:d4:1b:0e:bf:5f:6a:2b:65:b5:56:aa:41:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de2e917315f0a878b21fc139d49a821aaddc3c97
Validity
Not Before: Apr 2 18:29:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3eaa974e60afdc30ce8445e92876ac4d0d04f368
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:06:5d:79:8e:07:2b:77:dd:1b:be:9c:9f:cb:
cc:21:7b:9a:c7:34:a1:db:76:93:29:45:e6:6f:b0:
54:bc:82:e0:8f:a6:c1:0b:b5:8d:7a:42:ee:de:bc:
a3:26:63:9f:6f:11:b9:12:71:91:5b:cf:00:d2:78:
45:82:7f:95:ef:08:06:67:4c:f1:af:de:35:64:44:
03:5d:49:84:0d:38:05:ce:d9:70:7e:d2:01:4a:d7:
76:6f:5e:e8:5d:b2:7f:34:29:0d:1c:d6:5c:43:d0:
5a:61:20:9a:79:c2:9c:aa:45:7e:ca:5b:ac:58:89:
f6:43:d3:75:64:65:65:5e:c1:b5:ac:d6:c5:57:5f:
72:0c:aa:38:3b:a5:fc:e6:1a:26:d0:4a:09:9c:78:
29:5d:1d:39:8b:fa:f3:fd:31:6b:af:24:6f:4e:61:
63:f3:8a:ec:66:dc:fb:e7:2d:17:22:65:12:e1:03:
61:aa:ff:f2:4e:3e:0b:d6:79:ee:51:7d:76:14:cd:
c9:06:fc:e5:67:28:3f:d5:1b:2a:1b:d6:a4:15:03:
b1:ec:98:bd:9b:48:0b:ff:8b:da:f6:2f:de:9f:36:
ad:37:bc:98:6f:2b:9f:3a:21:1e:6d:64:2b:59:e7:
fa:91:18:b5:95:f7:8b:bc:56:db:41:2b:0c:44:c5:
52:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:AA:97:4E:60:AF:DC:30:CE:84:45:E9:28:76:AC:4D:0D:04:F3:68
X509v3 Authority Key Identifier:
keyid:DE:2E:91:73:15:F0:A8:78:B2:1F:C1:39:D4:9A:82:1A:AD:DC:3C:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3i6RcxXwqHiyH8E51JqCGq3cPJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/2d5bc8-5d93-4b0a-a8b6-f8d65c983744/1/PqqXTmCv3DDOhEXpKHasTQ0E82g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/2d5bc8-5d93-4b0a-a8b6-f8d65c983744/1/3i6RcxXwqHiyH8E51JqCGq3cPJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.57.0-45.129.58.255
IPv6:
2a03:1b20:beed::-2a03:1b20:beee:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
1f:14:6e:6d:82:ec:12:48:92:69:29:36:5c:d9:6f:ae:50:d5:
d6:1b:00:b0:87:d1:6e:54:d1:ac:59:70:23:5f:4f:e0:54:ca:
29:23:da:96:2e:f6:07:c3:9d:18:f2:e1:9e:99:60:2a:52:64:
dd:1d:d8:3b:fe:73:9c:b5:7a:d0:65:25:f1:95:7c:5b:98:2e:
59:31:d2:92:9e:08:45:9b:89:ac:c6:24:01:33:26:13:20:36:
40:ec:39:a7:5a:91:ec:74:81:b5:54:e1:81:6d:bc:76:d3:f4:
52:80:97:8d:97:55:d4:38:45:6b:d5:fa:5b:b3:8b:e6:f0:0c:
f3:56:98:d7:ac:5c:8d:4d:65:91:5f:ff:44:90:e8:4b:ea:70:
f2:72:00:96:a5:2a:8d:bd:07:8d:4a:78:72:a7:cf:53:d3:c1:
8e:55:cf:99:1a:e4:bf:1a:ec:30:e0:a2:de:17:be:a9:53:a3:
db:e0:70:fd:cd:4a:ca:87:11:ff:21:f4:0e:b3:4a:87:1f:95:
5c:51:48:48:e9:4f:fc:49:dd:4e:2c:29:39:32:e1:38:60:04:
3c:10:f7:6d:d0:7a:e5:22:7c:bc:d3:f6:74:0d:c7:ee:ac:59:
d8:f2:9a:61:d5:da:cf:74:9a:24:f2:0d:8d:70:38:ee:8d:93:
9a:d0:50:b6
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYdDO6LUGw6/X2orZbVWqkHPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMmU5MTczMTVmMGE4NzhiMjFmYzEzOWQ0OWE4MjFhYWRk
YzNjOTcwHhcNMjMwNDAyMTgyOTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWFhOTc0ZTYwYWZkYzMwY2U4NDQ1ZTkyODc2YWM0ZDBkMDRmMzY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApwZdeY4HK3fdG76cn8vMIXuaxzSh
23aTKUXmb7BUvILgj6bBC7WNekLu3ryjJmOfbxG5EnGRW88A0nhFgn+V7wgGZ0zx
r941ZEQDXUmEDTgFztlwftIBStd2b17oXbJ/NCkNHNZcQ9BaYSCaecKcqkV+ylus
WIn2Q9N1ZGVlXsG1rNbFV19yDKo4O6X85hom0EoJnHgpXR05i/rz/TFrryRvTmFj
84rsZtz75y0XImUS4QNhqv/yTj4L1nnuUX12FM3JBvzlZyg/1RsqG9akFQOx7Ji9
m0gL/4va9i/enzatN7yYbyufOiEebWQrWef6kRi1lfeLvFbbQSsMRMVS8QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFD6ql05gr9wwzoRF6Sh2rE0NBPNoMB8GA1UdIwQY
MBaAFN4ukXMV8Kh4sh/BOdSaghqt3DyXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2k2UmN4WHdxSGl5SDhFNTFKcUNHcTNjUEpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy8yZDViYzgtNWQ5My00YjBhLWE4YjYt
ZjhkNjVjOTgzNzQ0LzEvUHFxWFRtQ3YzRERPaEVYcEtIYXNUUTBFODJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy8yZDViYzgtNWQ5My00YjBhLWE4YjYtZjhkNjVjOTgzNzQ0
LzEvM2k2UmN4WHdxSGl5SDhFNTFKcUNHcTNjUEpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAUBAIAATAOMAwDBAAtgTkD
BAAtgTowGgQCAAIwFDASAwcAKgMbIL7tAwcAKgMbIL7uMA0GCSqGSIb3DQEBCwUA
A4IBAQAfFG5tguwSSJJpKTZc2W+uUNXWGwCwh9FuVNGsWXAjX0/gVMopI9qWLvYH
w50Y8uGemWAqUmTdHdg7/nOctXrQZSXxlXxbmC5ZMdKSnghFm4msxiQBMyYTIDZA
7DmnWpHsdIG1VOGBbbx20/RSgJeNl1XUOEVr1fpbs4vm8AzzVpjXrFyNTWWRX/9E
kOhL6nDycgCWpSqNvQeNSnhyp89T08GOVc+ZGuS/Guww4KLeF76pU6Pb4HD9zUrK
hxH/IfQOs0qHH5VcUUhI6U/8Sd1OLCk5MuE4YAQ8EPdt0HrlIny80/Z0DcfurFnY
8pph1drPdJok8g2NcDjujZOa0FC2
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:20 2024 by rpki-client on console-fra.rpki-client.org