Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/85b237-d041-4497-a729-6253ad08f858/1/PEOu_4S8LIJUHEVdoI8HWeb34LM.roa
File: PEOu_4S8LIJUHEVdoI8HWeb34LM.roa (raw, json)
Hash identifier: ghmst1H4OPYZd+0SJfYks7FYzSlurkvf6gnyCrXP950=
Subject key identifier: 3C:43:AE:FF:84:BC:2C:82:54:1C:45:5D:A0:8F:07:59:E6:F7:E0:B3
Certificate issuer: /CN=3f2b4fcea4b722f2a6f6c705c5589ee1abc620ae
Certificate serial: 018570F0A64BDDC92E1174B63C8FCF7C7619
Authority key identifier: 3F:2B:4F:CE:A4:B7:22:F2:A6:F6:C7:05:C5:58:9E:E1:AB:C6:20:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PytPzqS3IvKm9scFxVie4avGIK4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/85b237-d041-4497-a729-6253ad08f858/1/PEOu_4S8LIJUHEVdoI8HWeb34LM.roa
Signing time: Mon 02 Jan 2023 05:24:57 +0000
ROA not before: Mon 02 Jan 2023 05:24:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42692
IP address blocks: 45.148.20.0/24 maxlen: 24
45.148.22.0/24 maxlen: 24
45.148.23.0/24 maxlen: 24
2a0f:2a04::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:32:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:f0:a6:4b:dd:c9:2e:11:74:b6:3c:8f:cf:7c:76:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3f2b4fcea4b722f2a6f6c705c5589ee1abc620ae
Validity
Not Before: Jan 2 05:24:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3c43aeff84bc2c82541c455da08f0759e6f7e0b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:24:62:4b:d2:95:ad:35:c5:74:23:df:32:4d:
5b:cb:c8:99:82:15:29:22:71:2d:ba:7c:0c:c2:51:
50:17:33:81:02:de:a2:50:d1:75:a6:2b:57:ee:35:
1c:01:a1:72:d1:9c:01:76:9f:d4:e2:18:3f:d0:e0:
63:24:b3:b5:09:c4:1e:30:10:04:18:0a:93:11:0c:
60:0a:35:d3:58:49:e5:6f:8e:72:2f:33:42:13:7d:
f3:ad:f2:b2:d8:bf:c5:38:ef:5a:8a:31:6a:0f:f5:
66:1f:e9:94:36:bd:98:05:66:12:f7:28:19:0d:0b:
a0:54:da:cb:d7:75:63:11:61:da:6f:3c:01:1d:1d:
c3:d7:43:0d:4e:a6:db:f5:fa:2f:77:ba:aa:ee:b9:
35:4f:94:22:9f:b3:e8:de:8d:59:98:36:af:d1:f9:
4c:76:71:c5:da:22:cc:75:cf:d4:53:8a:38:a2:be:
18:89:8a:af:d3:8e:26:70:c2:55:73:e1:83:23:46:
7d:68:d8:28:30:5a:a6:ce:79:c4:46:50:24:0a:d8:
19:96:dc:69:ca:5a:10:ad:f2:aa:2b:db:ca:a0:d6:
11:f9:0b:73:4f:69:8b:69:c6:03:11:93:90:ad:12:
f8:c2:4c:87:25:fa:06:40:fc:f2:bf:11:54:5e:90:
30:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:43:AE:FF:84:BC:2C:82:54:1C:45:5D:A0:8F:07:59:E6:F7:E0:B3
X509v3 Authority Key Identifier:
keyid:3F:2B:4F:CE:A4:B7:22:F2:A6:F6:C7:05:C5:58:9E:E1:AB:C6:20:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PytPzqS3IvKm9scFxVie4avGIK4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/85b237-d041-4497-a729-6253ad08f858/1/PEOu_4S8LIJUHEVdoI8HWeb34LM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/85b237-d041-4497-a729-6253ad08f858/1/PytPzqS3IvKm9scFxVie4avGIK4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.20.0/24
45.148.22.0/23
IPv6:
2a0f:2a04::/32
Signature Algorithm: sha256WithRSAEncryption
0d:df:57:f2:19:19:ad:d3:49:46:c4:99:64:6c:a3:df:5f:9c:
6e:c7:59:88:fb:16:60:a0:4d:7a:bd:5c:06:23:08:e0:3f:36:
9d:bf:96:10:4f:82:f6:39:f4:4e:41:4f:fe:42:99:0d:72:bb:
0e:74:95:19:29:69:77:61:62:cd:b6:2c:f4:3c:c1:b2:a2:e3:
1f:9f:aa:3f:02:e0:4c:75:e4:5e:b4:c3:c7:0a:de:af:5f:0d:
d9:0e:4e:ce:07:c6:63:3a:22:cd:c0:39:e5:5a:bb:64:23:37:
e5:d6:38:48:a5:bb:80:47:ce:79:f8:bc:9c:37:93:2f:53:e4:
1e:38:00:99:9b:99:93:e6:8a:c0:99:79:ea:71:5b:5e:cc:14:
c8:21:0a:d6:7d:bd:45:4c:41:f2:1d:97:24:50:f6:6f:14:f2:
3c:12:d2:ca:a1:0f:6b:ae:9d:4a:a0:b1:25:e6:2c:a9:fc:5d:
cd:6e:cd:e6:09:df:1e:07:e5:a5:fb:a9:c0:fa:32:88:99:69:
5a:ab:0f:1e:53:30:7d:7d:5b:d0:ca:b5:32:5e:5e:5e:e8:f6:
52:4d:a1:02:12:0b:e0:d3:14:85:43:7b:39:67:b6:01:ec:f4:
45:3c:9b:d5:9c:21:60:8f:95:20:7d:0d:bd:7a:d3:c4:f2:dd:
01:a3:52:4d
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVw8KZL3ckuEXS2PI/PfHYZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmMmI0ZmNlYTRiNzIyZjJhNmY2YzcwNWM1NTg5ZWUxYWJj
NjIwYWUwHhcNMjMwMTAyMDUyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzQzYWVmZjg0YmMyYzgyNTQxYzQ1NWRhMDhmMDc1OWU2ZjdlMGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5yRiS9KVrTXFdCPfMk1by8iZghUp
InEtunwMwlFQFzOBAt6iUNF1pitX7jUcAaFy0ZwBdp/U4hg/0OBjJLO1CcQeMBAE
GAqTEQxgCjXTWEnlb45yLzNCE33zrfKy2L/FOO9aijFqD/VmH+mUNr2YBWYS9ygZ
DQugVNrL13VjEWHabzwBHR3D10MNTqbb9fovd7qq7rk1T5Qin7Po3o1ZmDav0flM
dnHF2iLMdc/UU4o4or4YiYqv044mcMJVc+GDI0Z9aNgoMFqmznnERlAkCtgZltxp
yloQrfKqK9vKoNYR+QtzT2mLacYDEZOQrRL4wkyHJfoGQPzyvxFUXpAwtwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDxDrv+EvCyCVBxFXaCPB1nm9+CzMB8GA1UdIwQY
MBaAFD8rT86ktyLypvbHBcVYnuGrxiCuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHl0UHpxUzNJdkttOXNjRnhWaWU0YXZHSUs0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC84NWIyMzctZDA0MS00NDk3LWE3Mjkt
NjI1M2FkMDhmODU4LzEvUEVPdV80UzhMSUpVSEVWZG9JOEhXZWIzNExNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC84NWIyMzctZDA0MS00NDk3LWE3MjktNjI1M2FkMDhmODU4
LzEvUHl0UHpxUzNJdkttOXNjRnhWaWU0YXZHSUs0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQALZQUAwQB
LZQWMA0EAgACMAcDBQAqDyoEMA0GCSqGSIb3DQEBCwUAA4IBAQAN31fyGRmt00lG
xJlkbKPfX5xux1mI+xZgoE16vVwGIwjgPzadv5YQT4L2OfROQU/+QpkNcrsOdJUZ
KWl3YWLNtiz0PMGyouMfn6o/AuBMdeRetMPHCt6vXw3ZDk7OB8ZjOiLNwDnlWrtk
Izfl1jhIpbuAR855+LycN5MvU+QeOACZm5mT5orAmXnqcVtezBTIIQrWfb1FTEHy
HZckUPZvFPI8EtLKoQ9rrp1KoLEl5iyp/F3Nbs3mCd8eB+Wl+6nA+jKImWlaqw8e
UzB9fVvQyrUyXl5e6PZSTaECEgvg0xSFQ3s5Z7YB7PRFPJvVnCFgj5UgfQ29etPE
8t0Bo1JN
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:46 2024 by rpki-client on console-ams.rpki-client.org