Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/Pca0P2a8HDxFdhNpZq2yURxvU4s.roa
File: Pca0P2a8HDxFdhNpZq2yURxvU4s.roa (raw, json)
Hash identifier: /Lqe3E3yr5OlKq14v4TG1TJsb4lwBQxIJ/6PDwLZwLY=
Subject key identifier: 3D:C6:B4:3F:66:BC:1C:3C:45:76:13:69:66:AD:B2:51:1C:6F:53:8B
Certificate issuer: /CN=d3e97033a36aa9bcc0c2f167e620d7ca1493cbea
Certificate serial: 018BCDEC9A52F6A0D7077194ED404726C943
Authority key identifier: D3:E9:70:33:A3:6A:A9:BC:C0:C2:F1:67:E6:20:D7:CA:14:93:CB:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/Pca0P2a8HDxFdhNpZq2yURxvU4s.roa
Signing time: Tue 14 Nov 2023 13:01:57 +0000
ROA not before: Tue 14 Nov 2023 13:01:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57724
IP address blocks: 185.9.185.0/24 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:cd:ec:9a:52:f6:a0:d7:07:71:94:ed:40:47:26:c9:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3e97033a36aa9bcc0c2f167e620d7ca1493cbea
Validity
Not Before: Nov 14 13:01:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3dc6b43f66bc1c3c4576136966adb2511c6f538b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:2e:d6:36:f0:e1:d7:87:27:33:16:da:f1:4d:
98:fe:b7:2e:c3:f0:c1:5c:03:08:7b:e6:27:22:f6:
14:b1:f1:49:07:5c:36:43:e7:c2:5f:f2:07:4d:32:
ba:fe:bf:c2:85:e3:e3:df:fe:c9:36:85:5a:df:9c:
66:c5:ca:b3:a1:b3:63:95:43:2c:d5:f4:0e:8b:a6:
af:d0:da:2b:1e:98:6c:16:66:a5:01:7e:a2:87:ac:
c8:fd:45:34:2f:95:99:5e:f9:5e:be:ae:50:8a:65:
f1:ea:86:00:38:30:99:19:63:07:7d:ee:91:41:0f:
5d:95:29:c6:9d:e0:a5:04:0b:0a:d9:b7:1e:5b:e4:
3d:0e:2f:39:65:b3:3c:af:dd:61:92:9d:b4:3d:a6:
f8:08:f8:03:e9:97:66:74:a9:3e:f6:10:e1:ac:f7:
1c:0d:bb:da:f9:22:b7:13:75:33:ba:f4:5c:dc:34:
8c:17:5b:78:63:c8:9d:67:da:d8:6e:04:e1:7e:74:
a3:74:da:b4:b5:00:bd:1b:06:24:15:e0:41:78:02:
0c:36:71:e2:83:37:32:15:96:b5:5c:13:ad:1d:7c:
90:4d:46:72:7e:ce:d1:57:49:05:15:74:53:da:4e:
be:4b:a0:0a:44:d3:e7:61:c8:74:55:78:85:bd:df:
64:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:C6:B4:3F:66:BC:1C:3C:45:76:13:69:66:AD:B2:51:1C:6F:53:8B
X509v3 Authority Key Identifier:
keyid:D3:E9:70:33:A3:6A:A9:BC:C0:C2:F1:67:E6:20:D7:CA:14:93:CB:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/Pca0P2a8HDxFdhNpZq2yURxvU4s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/0-lwM6NqqbzAwvFn5iDXyhSTy-o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.9.185.0/24
Signature Algorithm: sha256WithRSAEncryption
77:2e:f6:53:e7:97:c1:22:48:fc:97:c7:c4:40:7e:a3:ab:5d:
81:5e:a4:84:e4:d0:10:2f:44:e5:18:e7:e3:91:a4:33:61:18:
f6:32:c3:7f:c0:db:92:2e:2a:cf:a3:4b:fa:7a:d1:83:93:d6:
59:72:f0:e4:97:e4:3d:41:1e:dc:03:4f:33:99:fc:f0:2b:8c:
96:54:b6:c4:d7:71:7b:4f:1e:3a:c4:19:41:f5:4b:35:09:59:
ba:31:90:a0:75:77:f6:04:5e:28:c2:4c:56:d2:37:88:31:91:
18:0a:ab:15:6c:d8:82:2b:4d:f2:22:0b:2f:8b:72:b0:8a:19:
fc:0d:7d:48:b0:1e:54:9c:be:0a:6e:05:ca:7e:0b:4c:ba:07:
61:34:31:28:5e:d7:16:f9:b4:7f:e9:c9:d8:43:d9:8f:1b:d2:
4a:6d:e8:c9:fd:aa:4c:43:8d:8f:5c:06:51:79:77:ad:f3:46:
05:c1:b1:65:2b:92:d7:02:9b:0e:c9:80:c2:83:fd:6f:14:ed:
6b:0b:41:79:41:6c:5d:d5:88:e5:6e:49:5a:4a:51:b5:ce:30:
e9:16:ac:ab:96:9c:f2:53:6a:be:08:e4:08:7a:86:a8:d3:8f:
2f:c4:63:89:a0:6c:6b:35:ff:f6:c0:79:3b:f8:3e:b0:91:de:
7e:5b:9a:15
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYvN7JpS9qDXB3GU7UBHJslDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzZTk3MDMzYTM2YWE5YmNjMGMyZjE2N2U2MjBkN2NhMTQ5
M2NiZWEwHhcNMjMxMTE0MTMwMTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGM2YjQzZjY2YmMxYzNjNDU3NjEzNjk2NmFkYjI1MTFjNmY1MzhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5S7WNvDh14cnMxba8U2Y/rcuw/DB
XAMIe+YnIvYUsfFJB1w2Q+fCX/IHTTK6/r/ChePj3/7JNoVa35xmxcqzobNjlUMs
1fQOi6av0NorHphsFmalAX6ih6zI/UU0L5WZXvlevq5QimXx6oYAODCZGWMHfe6R
QQ9dlSnGneClBAsK2bceW+Q9Di85ZbM8r91hkp20Pab4CPgD6ZdmdKk+9hDhrPcc
Dbva+SK3E3UzuvRc3DSMF1t4Y8idZ9rYbgThfnSjdNq0tQC9GwYkFeBBeAIMNnHi
gzcyFZa1XBOtHXyQTUZyfs7RV0kFFXRT2k6+S6AKRNPnYch0VXiFvd9kfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD3GtD9mvBw8RXYTaWatslEcb1OLMB8GA1UdIwQY
MBaAFNPpcDOjaqm8wMLxZ+Yg18oUk8vqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMC1sd002TnFxYnpBd3ZGbjVpRFh5aFNUeS1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS81YTMyMGItZTk0Zi00MWM5LTgyZjMt
ZGJmOWQ0MWYxNzk4LzEvUGNhMFAyYThIRHhGZGhOcFpxMnlVUnh2VTRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS81YTMyMGItZTk0Zi00MWM5LTgyZjMtZGJmOWQ0MWYxNzk4
LzEvMC1sd002TnFxYnpBd3ZGbjVpRFh5aFNUeS1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuQm5MA0G
CSqGSIb3DQEBCwUAA4IBAQB3LvZT55fBIkj8l8fEQH6jq12BXqSE5NAQL0TlGOfj
kaQzYRj2MsN/wNuSLirPo0v6etGDk9ZZcvDkl+Q9QR7cA08zmfzwK4yWVLbE13F7
Tx46xBlB9Us1CVm6MZCgdXf2BF4owkxW0jeIMZEYCqsVbNiCK03yIgsvi3Kwihn8
DX1IsB5UnL4KbgXKfgtMugdhNDEoXtcW+bR/6cnYQ9mPG9JKbejJ/apMQ42PXAZR
eXet80YFwbFlK5LXApsOyYDCg/1vFO1rC0F5QWxd1YjlbklaSlG1zjDpFqyrlpzy
U2q+COQIeoao048vxGOJoGxrNf/2wHk7+D6wkd5+W5oV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:44 2024 by rpki-client on console-fra.rpki-client.org