Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/PnnVT4n50XWKxyNL0_wOBw73Hnw.roa
File: PnnVT4n50XWKxyNL0_wOBw73Hnw.roa (raw, json)
Hash identifier: fRLBIEsdd1wugYiXYR8wvoaKiFawfj9H/TZKQ3pjU2c=
Subject key identifier: 3E:79:D5:4F:89:F9:D1:75:8A:C7:23:4B:D3:FC:0E:07:0E:F7:1E:7C
Certificate issuer: /CN=d0299cf12b38ff12d95ffc0d13ac12c69fe2c1ca
Certificate serial: 018760C0373DD0ECB9C45D6A6D85D7DBFB97
Authority key identifier: D0:29:9C:F1:2B:38:FF:12:D9:5F:FC:0D:13:AC:12:C6:9F:E2:C1:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Cmc8Ss4_xLZX_wNE6wSxp_iwco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/PnnVT4n50XWKxyNL0_wOBw73Hnw.roa
Signing time: Sat 08 Apr 2023 12:03:42 +0000
ROA not before: Sat 08 Apr 2023 12:03:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 18811
IP address blocks: 176.117.88.0/21 maxlen: 21
176.117.64.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 21 Apr 2023 10:49:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:60:c0:37:3d:d0:ec:b9:c4:5d:6a:6d:85:d7:db:fb:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0299cf12b38ff12d95ffc0d13ac12c69fe2c1ca
Validity
Not Before: Apr 8 12:03:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3e79d54f89f9d1758ac7234bd3fc0e070ef71e7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:ea:9c:01:db:76:30:93:1f:d5:86:d6:64:78:
74:b4:1b:42:09:d6:80:9a:c4:1d:5b:25:c4:2c:3b:
66:3e:8e:69:7c:51:10:e7:29:b4:90:1b:56:ed:9c:
da:4b:f8:85:8a:f7:e9:e7:c4:a1:96:42:31:c3:31:
a3:b8:d6:99:f2:99:73:e2:5b:b9:62:ff:ac:f7:2a:
91:0d:71:ec:65:ac:4b:c5:86:4e:0b:55:36:e4:52:
50:35:37:87:36:ee:36:17:52:5f:07:3f:01:f2:51:
0f:19:95:96:6c:b3:d8:ab:03:14:e7:9b:b6:42:8c:
c5:6d:68:97:13:b9:ae:e9:6b:1d:dc:0f:3e:6f:14:
23:0e:64:15:69:75:6d:d1:9f:ab:1f:a3:36:7c:4f:
02:cd:45:58:b6:4b:da:7c:a7:48:66:c6:93:9a:03:
b1:7f:b3:35:9b:ef:97:55:26:a8:70:d1:bc:6e:84:
55:95:b3:28:38:80:b0:c2:fa:a4:77:23:f1:43:37:
a1:30:f4:87:de:cc:32:8d:6c:7e:46:61:99:42:0d:
c1:7f:e9:3b:4d:9b:c9:24:dc:c0:c3:b4:1f:3f:fc:
03:ed:94:3b:e2:89:b8:f9:59:65:67:0b:65:8b:bc:
22:82:d9:ef:c3:30:f1:8c:95:c7:4d:49:b9:18:f4:
ba:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:79:D5:4F:89:F9:D1:75:8A:C7:23:4B:D3:FC:0E:07:0E:F7:1E:7C
X509v3 Authority Key Identifier:
keyid:D0:29:9C:F1:2B:38:FF:12:D9:5F:FC:0D:13:AC:12:C6:9F:E2:C1:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Cmc8Ss4_xLZX_wNE6wSxp_iwco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/PnnVT4n50XWKxyNL0_wOBw73Hnw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/0Cmc8Ss4_xLZX_wNE6wSxp_iwco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.117.64.0/22
176.117.88.0/21
Signature Algorithm: sha256WithRSAEncryption
52:fd:6d:57:27:b5:5d:5d:ab:9d:7a:9d:de:93:e3:65:7e:b0:
68:14:28:a6:48:95:39:e3:7a:2b:fb:80:49:95:9c:9d:6c:2e:
ff:eb:8d:6a:b4:7f:66:9a:57:f7:45:bf:bb:31:5d:19:af:6e:
bb:06:0c:a6:c7:93:f2:b8:8e:fc:b5:54:7c:af:b8:4b:30:05:
52:39:c3:6a:11:2e:3b:91:69:4e:f1:21:22:1d:32:d7:c5:b5:
f9:65:a4:b2:15:6a:38:04:d1:67:73:10:76:7e:34:46:17:41:
41:96:dd:0c:92:00:e6:ab:ff:3e:f5:ae:f5:f7:ca:81:76:7c:
ca:30:52:4f:bf:fd:97:7d:13:9a:31:51:6f:d7:24:10:cb:55:
cf:72:31:7b:d6:8e:c6:31:c0:bb:9e:9a:a2:1e:14:a3:e9:b1:
3d:4a:a3:c7:88:02:27:3f:26:56:b6:89:cf:f4:f7:f2:0b:66:
bc:e0:49:7c:e4:ee:4d:c1:f9:98:9e:44:98:e4:43:a9:38:db:
61:e5:07:17:6d:7e:f3:d8:3e:83:fc:58:fd:ce:c3:4f:4a:ab:
05:62:a9:b1:a4:73:1b:9f:8e:aa:d8:8e:9d:6b:ce:8f:80:50:
9a:c2:23:e8:22:45:51:62:1e:0c:60:18:51:55:46:89:15:b8:
0a:f7:16:6f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYdgwDc90Oy5xF1qbYXX2/uXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMjk5Y2YxMmIzOGZmMTJkOTVmZmMwZDEzYWMxMmM2OWZl
MmMxY2EwHhcNMjMwNDA4MTIwMzQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTc5ZDU0Zjg5ZjlkMTc1OGFjNzIzNGJkM2ZjMGUwNzBlZjcxZTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAteqcAdt2MJMf1YbWZHh0tBtCCdaA
msQdWyXELDtmPo5pfFEQ5ym0kBtW7ZzaS/iFivfp58ShlkIxwzGjuNaZ8plz4lu5
Yv+s9yqRDXHsZaxLxYZOC1U25FJQNTeHNu42F1JfBz8B8lEPGZWWbLPYqwMU55u2
QozFbWiXE7mu6Wsd3A8+bxQjDmQVaXVt0Z+rH6M2fE8CzUVYtkvafKdIZsaTmgOx
f7M1m++XVSaocNG8boRVlbMoOICwwvqkdyPxQzehMPSH3swyjWx+RmGZQg3Bf+k7
TZvJJNzAw7QfP/wD7ZQ74om4+VllZwtli7wigtnvwzDxjJXHTUm5GPS6lQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFD551U+J+dF1iscjS9P8DgcO9x58MB8GA1UdIwQY
MBaAFNApnPErOP8S2V/8DROsEsaf4sHKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMENtYzhTczRfeExaWF93TkU2d1N4cF9pd2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9kNTgyYzQtMzZlMy00YTU3LTg3NTIt
ZTY0MWU3MTNkMWZhLzEvUG5uVlQ0bjUwWFdLeHlOTDBfd09CdzczSG53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9kNTgyYzQtMzZlMy00YTU3LTg3NTItZTY0MWU3MTNkMWZh
LzEvMENtYzhTczRfeExaWF93TkU2d1N4cF9pd2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCsHVAAwQD
sHVYMA0GCSqGSIb3DQEBCwUAA4IBAQBS/W1XJ7VdXaudep3ek+NlfrBoFCimSJU5
43or+4BJlZydbC7/641qtH9mmlf3Rb+7MV0Zr267Bgymx5PyuI78tVR8r7hLMAVS
OcNqES47kWlO8SEiHTLXxbX5ZaSyFWo4BNFncxB2fjRGF0FBlt0MkgDmq/8+9a71
98qBdnzKMFJPv/2XfROaMVFv1yQQy1XPcjF71o7GMcC7npqiHhSj6bE9SqPHiAIn
PyZWtonP9PfyC2a84El85O5NwfmYnkSY5EOpONth5QcXbX7z2D6D/Fj9zsNPSqsF
YqmxpHMbn46q2I6da86PgFCawiPoIkVRYh4MYBhRVUaJFbgK9xZv
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:06 2024 by rpki-client on console-fra.rpki-client.org