Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/PyIanA6Q52-AdUuB4UygDO7wNnU.roa
File: PyIanA6Q52-AdUuB4UygDO7wNnU.roa (raw, json)
Hash identifier: Zy/dIVK/ezll+d3hhJHCtQTt6P0hqR2wvMR4kecD0fQ=
Subject key identifier: 3F:22:1A:9C:0E:90:E7:6F:80:75:4B:81:E1:4C:A0:0C:EE:F0:36:75
Certificate issuer: /CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Certificate serial: 018ADBCA5DA22CF65CAFEB422004A3111ADA
Authority key identifier: 29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/PyIanA6Q52-AdUuB4UygDO7wNnU.roa
Signing time: Thu 28 Sep 2023 12:36:27 +0000
ROA not before: Thu 28 Sep 2023 12:36:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205320
IP address blocks: 85.239.144.0/24 maxlen: 24
85.239.146.0/24 maxlen: 24
85.239.147.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 29 Sep 2023 19:30:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:db:ca:5d:a2:2c:f6:5c:af:eb:42:20:04:a3:11:1a:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Validity
Not Before: Sep 28 12:36:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3f221a9c0e90e76f80754b81e14ca00ceef03675
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:0f:85:b1:50:7d:06:10:66:d6:1a:bc:01:51:
67:ed:5a:0f:25:68:85:d1:01:7e:ac:65:79:8a:0a:
f8:40:71:da:06:60:64:f7:b4:db:c6:a5:1c:f1:48:
f7:6b:d0:b4:77:35:d6:e8:5f:36:4c:37:a7:e7:b9:
60:61:af:a3:36:ec:4b:03:98:4d:bd:62:2a:1a:3c:
4a:88:e4:a0:f9:1a:3d:9c:69:ca:eb:66:4c:34:77:
07:01:38:59:88:62:b1:ac:b0:34:f0:0a:b6:29:c8:
e4:be:27:3b:72:53:ea:59:ff:6c:c1:73:92:68:18:
9a:57:60:5e:0f:81:f4:47:77:3d:b0:f8:4d:62:f1:
e8:a3:44:9e:77:52:df:5c:d0:93:3d:6a:10:d2:0e:
f6:b5:84:9b:58:24:9e:e9:18:ff:e9:77:5d:df:a3:
ab:ea:94:cb:62:2c:91:99:5e:77:48:4b:c3:40:46:
5f:87:87:f3:05:fa:c6:57:9f:9f:fb:55:07:43:65:
4b:ae:8c:ec:6d:57:97:8d:a4:eb:1e:a1:a8:44:20:
ea:26:c4:01:72:0d:62:2c:ed:79:5a:a4:df:a0:bd:
ea:7e:0f:bf:e6:05:3a:2c:62:92:5d:ee:1a:eb:25:
39:cf:40:31:03:63:ce:04:f1:0b:f6:5d:8b:2d:7b:
75:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:22:1A:9C:0E:90:E7:6F:80:75:4B:81:E1:4C:A0:0C:EE:F0:36:75
X509v3 Authority Key Identifier:
keyid:29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/PyIanA6Q52-AdUuB4UygDO7wNnU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.144.0/24
85.239.146.0/23
Signature Algorithm: sha256WithRSAEncryption
c0:26:35:9c:85:24:9f:f1:58:30:d6:70:6a:20:15:41:e2:9f:
de:3c:34:67:af:36:8b:ca:17:0c:c0:77:25:9f:6a:c1:0c:9d:
d5:79:41:0e:5c:ba:0d:57:bd:b5:17:0e:b4:ac:6c:aa:f3:08:
2d:1c:21:59:e7:96:5a:39:93:9c:f5:c0:3e:b1:db:6a:10:97:
0c:55:a5:f7:0f:66:81:10:3d:09:64:cc:08:af:47:f3:ab:1f:
6f:43:d7:17:8f:11:9d:95:ae:16:0f:a6:79:05:7b:38:cd:5e:
b1:34:8e:a6:63:0f:24:6d:ab:cf:15:86:93:a1:af:7d:d6:1a:
81:e9:95:9e:88:b3:f1:68:a5:e6:26:ad:f5:0c:01:c4:a7:9f:
a1:d7:45:07:6a:b1:aa:f3:24:c3:ea:73:82:cc:83:f8:8d:3f:
95:39:83:cb:a4:41:73:54:63:05:e1:86:77:23:79:99:38:51:
eb:55:8b:5c:f6:4a:c9:5e:79:1f:fe:ea:a3:21:e0:ff:d8:4c:
0c:a6:3b:e3:8d:5a:66:a6:ad:ed:9e:b6:92:de:2f:98:6a:76:
11:43:92:0e:91:00:ca:69:8d:88:ae:86:44:8c:fc:13:c6:b6:
89:ff:14:d4:ec:d8:6d:93:e1:af:f3:e4:eb:13:7a:14:46:56:
3c:f7:24:b9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYrbyl2iLPZcr+tCIASjERraMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDJkYWZmMWM1YmI2MWEwYWM4YjNjYWVhZDRiOGExZmEy
ODRkMGYwHhcNMjMwOTI4MTIzNjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjIyMWE5YzBlOTBlNzZmODA3NTRiODFlMTRjYTAwY2VlZjAzNjc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgw+FsVB9BhBm1hq8AVFn7VoPJWiF
0QF+rGV5igr4QHHaBmBk97TbxqUc8Uj3a9C0dzXW6F82TDen57lgYa+jNuxLA5hN
vWIqGjxKiOSg+Ro9nGnK62ZMNHcHAThZiGKxrLA08Aq2Kcjkvic7clPqWf9swXOS
aBiaV2BeD4H0R3c9sPhNYvHoo0Sed1LfXNCTPWoQ0g72tYSbWCSe6Rj/6Xdd36Or
6pTLYiyRmV53SEvDQEZfh4fzBfrGV5+f+1UHQ2VLrozsbVeXjaTrHqGoRCDqJsQB
cg1iLO15WqTfoL3qfg+/5gU6LGKSXe4a6yU5z0AxA2POBPEL9l2LLXt1RQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFD8iGpwOkOdvgHVLgeFMoAzu8DZ1MB8GA1UdIwQY
MBaAFCnS2v8cW7YaCsizyurUuKH6KE0PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3Zjgt
NGY1N2Q5Y2Y1Y2FhLzEvUHlJYW5BNlE1Mi1BZFV1QjRVeWdETzd3Tm5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3ZjgtNGY1N2Q5Y2Y1Y2Fh
LzEvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVe+QAwQB
Ve+SMA0GCSqGSIb3DQEBCwUAA4IBAQDAJjWchSSf8Vgw1nBqIBVB4p/ePDRnrzaL
yhcMwHcln2rBDJ3VeUEOXLoNV721Fw60rGyq8wgtHCFZ55ZaOZOc9cA+sdtqEJcM
VaX3D2aBED0JZMwIr0fzqx9vQ9cXjxGdla4WD6Z5BXs4zV6xNI6mYw8kbavPFYaT
oa991hqB6ZWeiLPxaKXmJq31DAHEp5+h10UHarGq8yTD6nOCzIP4jT+VOYPLpEFz
VGMF4YZ3I3mZOFHrVYtc9krJXnkf/uqjIeD/2EwMpjvjjVpmpq3tnraS3i+YanYR
Q5IOkQDKaY2IroZEjPwTxraJ/xTU7Nhtk+Gv8+TrE3oURlY89yS5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:53 2024 by rpki-client on console-fra.rpki-client.org