Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/PRziFMXtKsnifgk5PMGYIh5_FYQ.roa
File: PRziFMXtKsnifgk5PMGYIh5_FYQ.roa (raw, json)
Hash identifier: eq1gkmLo3Rd9mnKappgBQX2Z2LK5Ejb3ukffQm0iiXw=
Subject key identifier: 3D:1C:E2:14:C5:ED:2A:C9:E2:7E:09:39:3C:C1:98:22:1E:7F:15:84
Certificate issuer: /CN=722a8c1d311895016108ffbd14575c77cc28773a
Certificate serial: 0185DE1726805B08CA6868C0D672F9BFA045
Authority key identifier: 72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/PRziFMXtKsnifgk5PMGYIh5_FYQ.roa
Signing time: Mon 23 Jan 2023 10:05:37 +0000
ROA not before: Mon 23 Jan 2023 10:05:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44525
IP address blocks: 109.160.58.0/24 maxlen: 24
109.160.57.0/24 maxlen: 24
109.160.61.0/24 maxlen: 24
109.160.60.0/24 maxlen: 24
109.160.86.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:de:17:26:80:5b:08:ca:68:68:c0:d6:72:f9:bf:a0:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=722a8c1d311895016108ffbd14575c77cc28773a
Validity
Not Before: Jan 23 10:05:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3d1ce214c5ed2ac9e27e09393cc198221e7f1584
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:b3:b4:08:a3:97:a6:9d:a8:60:47:61:fb:31:
21:dc:ec:fd:45:24:75:9e:26:92:8d:dc:cc:f4:72:
89:3d:de:4c:1f:41:47:46:9e:a2:36:f2:9f:d1:c9:
2d:89:bb:1c:5a:38:6f:00:84:83:a2:51:f3:cb:8f:
82:6d:f5:74:4e:c3:da:d2:42:eb:40:91:cb:c0:98:
5a:ed:f2:8c:b5:9c:dc:c9:ee:10:7c:71:80:ed:94:
21:a4:93:72:84:45:43:62:47:f9:59:ba:c6:f3:a5:
d3:de:41:85:44:87:d0:e4:71:b5:cb:f5:11:8e:d7:
0d:4c:51:0c:0e:cc:8b:b3:2e:9f:97:eb:f5:36:30:
88:2e:11:8d:18:c2:03:d4:b2:f9:11:e8:6a:f0:a3:
78:70:ad:01:47:63:29:3d:98:96:93:1e:72:18:9c:
2e:eb:a7:c4:b1:08:2c:5c:0d:4d:05:c0:5a:b3:af:
c0:bf:93:fe:35:f9:9e:3a:f3:c5:aa:87:e3:0d:b9:
1a:10:b7:8e:72:5c:0c:de:c2:15:2d:de:eb:d6:1e:
7f:3c:7e:00:3d:54:82:9c:a3:ff:1b:e6:65:e4:31:
3d:1f:15:cc:6b:28:99:86:d5:8d:c5:36:74:28:76:
57:00:fa:c0:27:1b:dc:d1:e3:fd:fa:c0:a5:20:8c:
1a:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:1C:E2:14:C5:ED:2A:C9:E2:7E:09:39:3C:C1:98:22:1E:7F:15:84
X509v3 Authority Key Identifier:
keyid:72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/PRziFMXtKsnifgk5PMGYIh5_FYQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.160.57.0-109.160.58.255
109.160.60.0/23
109.160.86.0/24
Signature Algorithm: sha256WithRSAEncryption
48:ca:8f:c1:39:d2:b3:a5:bf:b5:be:c5:02:a8:9e:97:73:3f:
54:79:00:ba:16:3d:a4:ec:9b:d8:29:f9:18:40:92:da:27:3d:
40:6b:34:9d:56:c5:e7:2a:d1:84:e0:d1:ae:b6:c5:0a:30:d8:
bb:80:48:7b:23:09:6c:e3:35:cc:2d:cf:63:a0:ff:73:7e:3d:
11:d0:1b:39:ee:bd:2a:28:0c:3e:7c:e7:82:98:d4:11:31:6f:
09:01:1c:ef:27:33:d2:5e:f3:1c:34:8f:d4:46:a7:35:32:91:
c7:cc:93:ce:21:fa:f9:bc:fb:9f:86:9f:97:fb:08:9d:19:8b:
ff:5c:87:39:c5:15:0b:17:f6:43:56:99:2e:5f:43:c9:f7:d7:
a0:a4:b1:95:8f:a7:f0:42:dc:b8:1c:56:98:90:05:36:11:30:
06:cb:52:5c:54:69:43:53:ee:99:2a:93:21:a3:a1:8b:61:e3:
0c:56:29:4e:9d:86:f0:fd:47:a5:78:27:2e:55:d5:16:d4:7a:
74:fa:c8:d9:99:51:66:6c:a3:29:61:d1:78:61:65:fc:5b:f1:
f8:a8:56:8d:ff:77:ce:b5:69:e9:15:c5:07:5c:99:69:69:4d:
16:4a:c5:f9:cf:07:b5:d6:d3:9a:cc:9c:5b:6f:77:07:24:ed:
e3:95:59:c3
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYXeFyaAWwjKaGjA1nL5v6BFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMmE4YzFkMzExODk1MDE2MTA4ZmZiZDE0NTc1Yzc3Y2My
ODc3M2EwHhcNMjMwMTIzMTAwNTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDFjZTIxNGM1ZWQyYWM5ZTI3ZTA5MzkzY2MxOTgyMjFlN2YxNTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqrO0CKOXpp2oYEdh+zEh3Oz9RSR1
niaSjdzM9HKJPd5MH0FHRp6iNvKf0cktibscWjhvAISDolHzy4+CbfV0TsPa0kLr
QJHLwJha7fKMtZzcye4QfHGA7ZQhpJNyhEVDYkf5WbrG86XT3kGFRIfQ5HG1y/UR
jtcNTFEMDsyLsy6fl+v1NjCILhGNGMID1LL5Eehq8KN4cK0BR2MpPZiWkx5yGJwu
66fEsQgsXA1NBcBas6/Av5P+NfmeOvPFqofjDbkaELeOclwM3sIVLd7r1h5/PH4A
PVSCnKP/G+Zl5DE9HxXMayiZhtWNxTZ0KHZXAPrAJxvc0eP9+sClIIwatwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFD0c4hTF7SrJ4n4JOTzBmCIefxWEMB8GA1UdIwQY
MBaAFHIqjB0xGJUBYQj/vRRXXHfMKHc6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYt
YTU1OGVlNjU0MzFmLzEvUFJ6aUZNWHRLc25pZmdrNVBNR1lJaDVfRllRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYtYTU1OGVlNjU0MzFm
LzEvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBABtoDkD
BABtoDoDBAFtoDwDBABtoFYwDQYJKoZIhvcNAQELBQADggEBAEjKj8E50rOlv7W+
xQKonpdzP1R5ALoWPaTsm9gp+RhAktonPUBrNJ1Wxecq0YTg0a62xQow2LuASHsj
CWzjNcwtz2Og/3N+PRHQGznuvSooDD5854KY1BExbwkBHO8nM9Je8xw0j9RGpzUy
kcfMk84h+vm8+5+Gn5f7CJ0Zi/9chznFFQsX9kNWmS5fQ8n316CksZWPp/BC3Lgc
VpiQBTYRMAbLUlxUaUNT7pkqkyGjoYth4wxWKU6dhvD9R6V4Jy5V1RbUenT6yNmZ
UWZsoylh0XhhZfxb8fioVo3/d861aekVxQdcmWlpTRZKxfnPB7XW05rMnFtvdwck
7eOVWcM=
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:15:02 2024 by rpki-client on console-ams.rpki-client.org