Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/da8cb1-1bfc-43fd-a0d2-d624496ddcc8/1/PDxVeZUYFmXciIQ_UvQXloijBOY.roa
File: PDxVeZUYFmXciIQ_UvQXloijBOY.roa (raw, json)
Hash identifier: G/spu7dNSfD1eQTMax1t/XchaOZO1Gz5oPXSi4/vZUs=
Subject key identifier: 3C:3C:55:79:95:18:16:65:DC:88:84:3F:52:F4:17:96:88:A3:04:E6
Certificate issuer: /CN=a647893fb5b348e68a66d55a28f278cbf3931df4
Certificate serial: 018C3A51698EACB96C74E0A0E503ACC90EC9
Authority key identifier: A6:47:89:3F:B5:B3:48:E6:8A:66:D5:5A:28:F2:78:CB:F3:93:1D:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pkeJP7WzSOaKZtVaKPJ4y_OTHfQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/da8cb1-1bfc-43fd-a0d2-d624496ddcc8/1/PDxVeZUYFmXciIQ_UvQXloijBOY.roa
Signing time: Tue 05 Dec 2023 14:11:03 +0000
ROA not before: Tue 05 Dec 2023 14:11:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31727
IP address blocks: 185.207.132.0/23 maxlen: 23
185.170.152.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 05 Dec 2023 14:11:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3a:51:69:8e:ac:b9:6c:74:e0:a0:e5:03:ac:c9:0e:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a647893fb5b348e68a66d55a28f278cbf3931df4
Validity
Not Before: Dec 5 14:11:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3c3c557995181665dc88843f52f4179688a304e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:8a:3c:39:a2:7e:e4:75:a1:c7:0c:f8:37:85:
db:ed:0c:15:1c:4c:2e:5e:ec:0f:d8:de:7b:66:e6:
ed:26:3c:86:b7:2b:d4:54:a4:99:bb:d9:50:2a:38:
ae:26:ba:7a:5c:83:a6:1a:49:57:36:0e:49:03:ea:
ef:60:31:08:40:08:bd:c2:a1:3b:00:81:16:64:47:
0d:5d:c2:c0:2d:77:75:80:64:38:af:9b:34:d9:28:
e4:46:3f:e7:93:26:5b:26:a1:69:d3:0b:9f:35:ef:
d6:5b:c5:aa:e1:e5:1d:e7:dd:e3:e6:f8:73:31:90:
b2:1e:bc:52:e3:8d:3a:e3:0a:5c:1c:9d:b7:1d:cb:
57:a1:18:dc:14:01:3d:d6:a7:25:94:e6:ff:3c:22:
1b:aa:57:80:1f:e3:10:a8:b4:4d:21:1e:75:91:d8:
05:ef:d1:7a:db:e6:d2:b6:44:bf:5f:31:a8:98:ba:
ad:7e:ed:80:bb:85:b3:44:17:18:f0:d7:ff:9e:c8:
39:d5:ad:3e:39:aa:ac:58:97:a2:ff:b7:0c:f7:50:
17:7c:69:ad:a6:e5:17:94:2e:37:bc:7a:7c:82:ee:
f7:87:ef:8d:61:cb:c6:30:ee:93:b1:73:b8:f8:c9:
c8:78:2a:67:15:b6:b9:83:b7:9b:eb:42:5e:af:2d:
ed:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:3C:55:79:95:18:16:65:DC:88:84:3F:52:F4:17:96:88:A3:04:E6
X509v3 Authority Key Identifier:
keyid:A6:47:89:3F:B5:B3:48:E6:8A:66:D5:5A:28:F2:78:CB:F3:93:1D:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pkeJP7WzSOaKZtVaKPJ4y_OTHfQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/da8cb1-1bfc-43fd-a0d2-d624496ddcc8/1/PDxVeZUYFmXciIQ_UvQXloijBOY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/da8cb1-1bfc-43fd-a0d2-d624496ddcc8/1/pkeJP7WzSOaKZtVaKPJ4y_OTHfQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.170.152.0/22
185.207.132.0/23
Signature Algorithm: sha256WithRSAEncryption
43:f3:6b:dc:93:3e:81:88:8a:42:4e:bd:76:dd:15:10:b0:f3:
37:5b:42:4b:5b:27:32:95:f7:e6:9d:ae:17:40:21:6c:8d:66:
bb:5f:d9:68:c2:16:ce:78:a3:b0:05:fc:87:10:fd:91:02:ca:
27:8a:39:00:1e:5b:fa:f5:1d:75:3c:a0:f1:42:ad:aa:47:b5:
bc:60:53:7a:40:11:fd:70:ce:ba:12:89:23:85:2e:86:38:6e:
39:e7:f6:f1:0b:16:66:7c:3f:91:62:4a:87:50:97:ba:5d:7f:
d2:b8:4c:4d:8b:43:41:79:0c:95:fc:1a:a2:14:29:cd:7c:9b:
26:8a:d9:54:8e:ad:be:c9:8c:66:ab:d1:c4:b3:71:57:ab:94:
8c:77:45:d8:8c:ea:5f:35:85:91:81:6b:eb:53:9d:e5:f5:d2:
3a:c0:9e:ff:8b:66:d2:2e:18:d6:2d:bb:c5:cb:68:94:cb:d3:
f3:88:6f:e1:c4:2f:b0:a3:cd:89:e4:60:2b:91:c7:89:83:91:
a1:ac:76:d6:bd:65:87:12:1d:9b:bc:ef:05:96:87:e9:54:bd:
f7:67:65:f1:0c:41:c3:90:34:a9:e6:c6:b7:28:3a:7f:d9:ef:
ad:3c:61:82:70:93:71:37:ef:b1:ea:5c:df:b8:ec:c8:9c:ab:
1e:41:d6:e1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYw6UWmOrLlsdOCg5QOsyQ7JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2NDc4OTNmYjViMzQ4ZTY4YTY2ZDU1YTI4ZjI3OGNiZjM5
MzFkZjQwHhcNMjMxMjA1MTQxMTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzNjNTU3OTk1MTgxNjY1ZGM4ODg0M2Y1MmY0MTc5Njg4YTMwNGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkYo8OaJ+5HWhxwz4N4Xb7QwVHEwu
XuwP2N57ZubtJjyGtyvUVKSZu9lQKjiuJrp6XIOmGklXNg5JA+rvYDEIQAi9wqE7
AIEWZEcNXcLALXd1gGQ4r5s02SjkRj/nkyZbJqFp0wufNe/WW8Wq4eUd593j5vhz
MZCyHrxS44064wpcHJ23HctXoRjcFAE91qcllOb/PCIbqleAH+MQqLRNIR51kdgF
79F62+bStkS/XzGomLqtfu2Au4WzRBcY8Nf/nsg51a0+OaqsWJei/7cM91AXfGmt
puUXlC43vHp8gu73h++NYcvGMO6TsXO4+MnIeCpnFba5g7eb60Jery3t6wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDw8VXmVGBZl3IiEP1L0F5aIowTmMB8GA1UdIwQY
MBaAFKZHiT+1s0jmimbVWijyeMvzkx30MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGtlSlA3V3pTT2FLWnRWYUtQSjR5X09USGZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9kYThjYjEtMWJmYy00M2ZkLWEwZDIt
ZDYyNDQ5NmRkY2M4LzEvUER4VmVaVVlGbVhjaUlRX1V2UVhsb2lqQk9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My9kYThjYjEtMWJmYy00M2ZkLWEwZDItZDYyNDQ5NmRkY2M4
LzEvcGtlSlA3V3pTT2FLWnRWYUtQSjR5X09USGZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuaqYAwQB
uc+EMA0GCSqGSIb3DQEBCwUAA4IBAQBD82vckz6BiIpCTr123RUQsPM3W0JLWycy
lffmna4XQCFsjWa7X9lowhbOeKOwBfyHEP2RAsonijkAHlv69R11PKDxQq2qR7W8
YFN6QBH9cM66EokjhS6GOG455/bxCxZmfD+RYkqHUJe6XX/SuExNi0NBeQyV/Bqi
FCnNfJsmitlUjq2+yYxmq9HEs3FXq5SMd0XYjOpfNYWRgWvrU53l9dI6wJ7/i2bS
LhjWLbvFy2iUy9PziG/hxC+wo82J5GArkceJg5GhrHbWvWWHEh2bvO8FlofpVL33
Z2XxDEHDkDSp5sa3KDp/2e+tPGGCcJNxN++x6lzfuOzInKseQdbh
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:43 2024 by rpki-client on console-fra.rpki-client.org