Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/P3qigfKX0iPTKXqfgyO5PUKXv9g.roa
File: P3qigfKX0iPTKXqfgyO5PUKXv9g.roa (raw, json)
Hash identifier: wfMkyTNtluQcxJl8jqYcEoi65r4Xj1BDqCasDcg/jGY=
Subject key identifier: 3F:7A:A2:81:F2:97:D2:23:D3:29:7A:9F:83:23:B9:3D:42:97:BF:D8
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 01866FD64173B52D3F046AC3B7782ACBAA49
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/P3qigfKX0iPTKXqfgyO5PUKXv9g.roa
Signing time: Mon 20 Feb 2023 17:19:17 +0000
ROA not before: Mon 20 Feb 2023 17:19:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.90.19.0/24 maxlen: 24
185.218.20.0/24 maxlen: 24
45.147.224.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 27 Mar 2023 12:28:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:6f:d6:41:73:b5:2d:3f:04:6a:c3:b7:78:2a:cb:aa:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Feb 20 17:19:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3f7aa281f297d223d3297a9f8323b93d4297bfd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:0e:4b:33:48:04:4f:df:8a:99:a1:d5:80:30:
8c:cc:21:d0:6f:96:8b:d2:42:33:4c:f4:2d:93:1a:
f4:8b:23:0f:f1:c5:0d:0f:69:9f:72:16:a5:0c:f2:
47:24:20:21:6b:9e:27:13:0a:8d:9a:e9:fd:db:19:
3e:84:69:7d:76:56:0f:c3:b4:89:2b:88:d5:2e:b5:
fc:9f:94:4e:76:6f:9a:32:43:1f:7d:c3:0b:e4:6d:
59:2f:37:c3:c4:67:e5:f1:72:50:a7:78:f9:ff:97:
33:09:ac:99:b4:fd:cd:5d:bc:83:de:d9:8c:2e:9d:
54:10:89:52:de:1c:13:85:6a:a4:64:c2:06:9d:c2:
8f:bf:aa:ce:14:62:b9:eb:bd:a7:b4:0f:19:f3:6f:
8f:1a:e5:0d:36:99:f8:6e:a1:f7:55:8d:89:3d:d4:
5b:25:90:80:48:8f:f0:6e:22:25:95:2a:94:63:59:
02:7f:93:8c:80:b6:a5:31:76:56:fa:10:d9:67:cb:
45:a5:ef:ed:30:4e:51:e7:f7:2c:42:5a:87:f0:11:
b4:a7:3c:26:bf:f8:9e:ce:8e:f7:46:9e:34:16:ae:
27:73:b3:bf:da:e0:e0:41:7a:0a:8f:2f:e6:d3:be:
fe:aa:bd:c9:ed:4f:19:7e:b2:1f:a9:40:9e:d9:d8:
56:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:7A:A2:81:F2:97:D2:23:D3:29:7A:9F:83:23:B9:3D:42:97:BF:D8
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/P3qigfKX0iPTKXqfgyO5PUKXv9g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.19.0/24
45.147.224.0/24
185.218.20.0/24
185.225.0.0/23
Signature Algorithm: sha256WithRSAEncryption
9a:f5:31:20:ad:ba:7b:a3:8a:09:09:43:fd:2c:7a:1a:ac:70:
1d:fd:56:32:89:b7:cf:6c:51:b3:a4:c9:44:3b:0f:b0:57:81:
9b:3d:3b:e4:67:a9:09:c4:56:f6:1e:59:d4:51:bb:77:44:3b:
15:04:ec:a3:29:7c:63:fa:d0:bc:49:ae:70:d6:83:d8:d5:38:
29:2e:e3:98:6b:f4:3c:f4:41:30:a4:55:0d:b7:4b:25:15:0d:
3f:56:5b:28:37:38:93:a5:e9:ef:23:59:b6:8b:92:e4:57:67:
f9:9a:5e:50:f3:aa:1a:5d:d3:43:bb:df:7a:54:74:79:76:0b:
8c:43:c2:f7:c1:f8:20:f7:e5:d1:35:8f:3a:4d:36:0e:66:21:
2e:9b:b9:30:9d:36:e7:27:82:f2:c2:3f:86:e7:e1:54:e9:da:
39:0b:62:2b:e1:7d:f7:81:98:45:0a:f2:db:e1:b8:f0:bb:f9:
8f:48:8a:cf:77:31:87:88:f0:62:47:4e:5b:64:db:10:fb:55:
a6:97:ec:44:ec:e5:59:00:f9:f4:11:f3:bb:8e:32:58:8a:96:
62:e2:85:f3:d7:21:05:df:1b:9e:c2:c8:1e:22:06:5a:30:46:
bc:c1:e4:b6:0c:31:38:70:fd:3e:cf:c6:e1:b6:83:64:13:e6:
53:cb:53:25
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYZv1kFztS0/BGrDt3gqy6pJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwMjIwMTcxOTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjdhYTI4MWYyOTdkMjIzZDMyOTdhOWY4MzIzYjkzZDQyOTdiZmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxA5LM0gET9+KmaHVgDCMzCHQb5aL
0kIzTPQtkxr0iyMP8cUND2mfchalDPJHJCAha54nEwqNmun92xk+hGl9dlYPw7SJ
K4jVLrX8n5ROdm+aMkMffcML5G1ZLzfDxGfl8XJQp3j5/5czCayZtP3NXbyD3tmM
Lp1UEIlS3hwThWqkZMIGncKPv6rOFGK5672ntA8Z82+PGuUNNpn4bqH3VY2JPdRb
JZCASI/wbiIllSqUY1kCf5OMgLalMXZW+hDZZ8tFpe/tME5R5/csQlqH8BG0pzwm
v/iezo73Rp40Fq4nc7O/2uDgQXoKjy/m077+qr3J7U8ZfrIfqUCe2dhW3wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFD96ooHyl9Ij0yl6n4MjuT1Cl7/YMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvUDNxaWdmS1gwaVBUS1hxZmd5TzVQVUtYdjlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALVoTAwQA
LZPgAwQAudoUAwQBueEAMA0GCSqGSIb3DQEBCwUAA4IBAQCa9TEgrbp7o4oJCUP9
LHoarHAd/VYyibfPbFGzpMlEOw+wV4GbPTvkZ6kJxFb2HlnUUbt3RDsVBOyjKXxj
+tC8Sa5w1oPY1TgpLuOYa/Q89EEwpFUNt0slFQ0/VlsoNziTpenvI1m2i5LkV2f5
ml5Q86oaXdNDu996VHR5dguMQ8L3wfgg9+XRNY86TTYOZiEum7kwnTbnJ4Lywj+G
5+FU6do5C2Ir4X33gZhFCvLb4bjwu/mPSIrPdzGHiPBiR05bZNsQ+1Wml+xE7OVZ
APn0EfO7jjJYipZi4oXz1yEF3xuewsgeIgZaMEa8weS2DDE4cP0+z8bhtoNkE+ZT
y1Ml
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:41 2024 by rpki-client on console-fra.rpki-client.org