Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/PirplDo92HBUri-g7G1G3UKAS1Y.roa
File: PirplDo92HBUri-g7G1G3UKAS1Y.roa (raw, json)
Hash identifier: mxxZqiy1lPJsxhC5Y+9S67LAM09PCLTUTIgLEllTAlQ=
Subject key identifier: 3E:2A:E9:94:3A:3D:D8:70:54:AE:2F:A0:EC:6D:46:DD:42:80:4B:56
Certificate issuer: /CN=e2d0c49a0e97e0d5f3ced3b7b6b9f72ca0cb53d6
Certificate serial: 018AA4D5CF60F156C302E75F7FA067631227
Authority key identifier: E2:D0:C4:9A:0E:97:E0:D5:F3:CE:D3:B7:B6:B9:F7:2C:A0:CB:53:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4tDEmg6X4NXzztO3trn3LKDLU9Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/PirplDo92HBUri-g7G1G3UKAS1Y.roa
Signing time: Sun 17 Sep 2023 20:29:50 +0000
ROA not before: Sun 17 Sep 2023 20:29:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199959
IP address blocks: 45.86.162.0/24 maxlen: 24
2.58.14.0/23 maxlen: 23
46.30.188.0/24 maxlen: 24
46.30.191.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a4:d5:cf:60:f1:56:c3:02:e7:5f:7f:a0:67:63:12:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2d0c49a0e97e0d5f3ced3b7b6b9f72ca0cb53d6
Validity
Not Before: Sep 17 20:29:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3e2ae9943a3dd87054ae2fa0ec6d46dd42804b56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:ff:d8:d9:68:ab:ad:80:9d:64:1d:b7:d4:bf:
36:1e:48:0f:42:d6:33:ad:a8:9f:09:cc:2d:b0:cd:
45:e2:34:d1:07:c5:a5:b3:3a:11:d5:0e:cb:19:bd:
d3:fe:54:b9:35:70:ce:bf:08:fc:15:07:46:5a:92:
23:5b:f2:b9:7d:34:c6:54:16:cd:71:56:a4:97:ef:
2f:7c:e6:e3:6e:12:f8:6e:8c:28:51:31:22:7b:dc:
fe:b4:33:ba:03:a4:76:84:82:29:e8:90:96:7f:db:
56:88:c3:1d:b8:c4:dc:47:33:09:56:4a:c8:60:36:
f1:2d:65:38:55:31:6d:83:e2:0e:8c:1a:e6:ba:a5:
34:24:63:9c:14:8a:c2:b7:7f:70:83:c8:50:a3:8c:
8d:0c:cc:71:c6:1c:2b:98:33:17:54:8a:23:d9:c5:
50:87:04:b0:99:62:a7:5d:2d:59:7f:db:b3:07:2f:
46:3f:81:45:8a:71:a2:b4:a2:28:e8:bb:13:97:8e:
ea:34:69:40:28:18:99:4e:74:8c:da:bd:90:79:d4:
68:5c:1b:bb:50:88:5c:d1:ee:ad:28:b0:e3:50:11:
7e:74:17:5e:a7:d8:94:cb:78:34:a0:95:07:2d:22:
88:9c:38:db:25:51:8a:6c:db:c2:38:6b:e0:60:5c:
72:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:2A:E9:94:3A:3D:D8:70:54:AE:2F:A0:EC:6D:46:DD:42:80:4B:56
X509v3 Authority Key Identifier:
keyid:E2:D0:C4:9A:0E:97:E0:D5:F3:CE:D3:B7:B6:B9:F7:2C:A0:CB:53:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tDEmg6X4NXzztO3trn3LKDLU9Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/PirplDo92HBUri-g7G1G3UKAS1Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/4tDEmg6X4NXzztO3trn3LKDLU9Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.14.0/23
45.86.162.0/24
46.30.188.0/24
46.30.191.0/24
Signature Algorithm: sha256WithRSAEncryption
13:ea:3d:cd:86:4e:a6:0f:b3:1f:d8:47:9c:e1:8b:ba:c7:16:
54:32:e0:c0:46:e8:4a:3a:7d:eb:22:ac:81:fd:1a:79:06:21:
e1:35:98:1b:37:5f:c1:39:f6:f1:a9:74:3e:41:e4:d2:ec:b7:
54:df:96:2a:79:af:33:4e:0e:fc:42:2d:ae:4b:ce:f2:96:4f:
2d:94:53:4c:13:13:57:1b:0d:e1:30:62:45:9c:19:46:48:e5:
e6:05:ab:93:3e:3e:49:44:ba:18:27:be:da:94:17:85:5d:d4:
64:32:71:f3:8c:c7:30:3e:f1:c5:98:91:57:5b:84:54:57:d5:
28:b4:14:b4:2b:cd:86:c4:51:b1:28:24:10:ef:72:99:21:17:
91:57:f7:d2:16:7c:bb:eb:55:35:aa:cf:1b:96:89:05:19:ac:
44:7a:75:5c:c1:13:1e:fd:20:ad:f0:59:55:1a:7a:20:d7:8d:
24:fb:b9:ad:9f:ae:95:90:78:43:6a:a5:3e:b7:59:4f:7d:eb:
78:93:3e:8d:96:c8:70:49:be:53:df:19:02:44:93:8d:45:b9:
d7:81:ed:ce:50:8b:08:a3:51:a4:4c:be:de:5f:57:19:b2:f3:
c8:87:74:c1:04:e4:50:15:68:9e:1e:a9:07:dd:58:83:52:d9:
18:f2:ad:a7
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYqk1c9g8VbDAudff6BnYxInMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDBjNDlhMGU5N2UwZDVmM2NlZDNiN2I2YjlmNzJjYTBj
YjUzZDYwHhcNMjMwOTE3MjAyOTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTJhZTk5NDNhM2RkODcwNTRhZTJmYTBlYzZkNDZkZDQyODA0YjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApP/Y2WirrYCdZB231L82HkgPQtYz
raifCcwtsM1F4jTRB8WlszoR1Q7LGb3T/lS5NXDOvwj8FQdGWpIjW/K5fTTGVBbN
cVakl+8vfObjbhL4bowoUTEie9z+tDO6A6R2hIIp6JCWf9tWiMMduMTcRzMJVkrI
YDbxLWU4VTFtg+IOjBrmuqU0JGOcFIrCt39wg8hQo4yNDMxxxhwrmDMXVIoj2cVQ
hwSwmWKnXS1Zf9uzBy9GP4FFinGitKIo6LsTl47qNGlAKBiZTnSM2r2QedRoXBu7
UIhc0e6tKLDjUBF+dBdep9iUy3g0oJUHLSKInDjbJVGKbNvCOGvgYFxy8QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFD4q6ZQ6PdhwVK4voOxtRt1CgEtWMB8GA1UdIwQY
MBaAFOLQxJoOl+DV887Tt7a59yygy1PWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHRERW1nNlg0Tlh6enRPM3RybjNMS0RMVTlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC85ZjBmN2EtMTFlYi00MzgzLWJjNmEt
NDY5MGEwMDcxNDFmLzEvUGlycGxEbzkySEJVcmktZzdHMUczVUtBUzFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC85ZjBmN2EtMTFlYi00MzgzLWJjNmEtNDY5MGEwMDcxNDFm
LzEvNHRERW1nNlg0Tlh6enRPM3RybjNMS0RMVTlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBAjoOAwQA
LVaiAwQALh68AwQALh6/MA0GCSqGSIb3DQEBCwUAA4IBAQAT6j3Nhk6mD7Mf2Eec
4Yu6xxZUMuDARuhKOn3rIqyB/Rp5BiHhNZgbN1/BOfbxqXQ+QeTS7LdU35Yqea8z
Tg78Qi2uS87ylk8tlFNMExNXGw3hMGJFnBlGSOXmBauTPj5JRLoYJ77alBeFXdRk
MnHzjMcwPvHFmJFXW4RUV9UotBS0K82GxFGxKCQQ73KZIReRV/fSFny761U1qs8b
lokFGaxEenVcwRMe/SCt8FlVGnog140k+7mtn66VkHhDaqU+t1lPfet4kz6Nlshw
Sb5T3xkCRJONRbnXge3OUIsIo1GkTL7eX1cZsvPIh3TBBORQFWieHqkH3ViDUtkY
8q2n
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:10:42 2024 by rpki-client on console-ams.rpki-client.org