Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/PBLDXCAtY3JybFN5CGvhquE7saA.roa
File: PBLDXCAtY3JybFN5CGvhquE7saA.roa (raw, json)
Hash identifier: vJv01UzCoaadlfvzpms6WDQ85aqcYyhbJDJHekL8iTA=
Subject key identifier: 3C:12:C3:5C:20:2D:63:72:72:6C:53:79:08:6B:E1:AA:E1:3B:B1:A0
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 018F9BC62357899709599C379C4C21BCDE4E
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/PBLDXCAtY3JybFN5CGvhquE7saA.roa
Signing time: Tue 21 May 2024 15:30:04 +0000
ROA not before: Tue 21 May 2024 15:30:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49217
IP address blocks: 43.225.91.0/24 maxlen: 24
82.115.9.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 04 Jun 2024 09:26:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:9b:c6:23:57:89:97:09:59:9c:37:9c:4c:21:bc:de:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: May 21 15:30:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3c12c35c202d6372726c5379086be1aae13bb1a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:a0:36:3e:99:e9:e7:7b:be:16:ec:ac:e6:f6:
95:fe:84:c5:e6:f2:9d:46:6c:59:29:5b:3d:91:fd:
af:42:d8:f3:6e:e7:ca:b0:cb:da:68:26:1c:fb:d6:
e7:84:76:d3:bc:e0:e8:aa:87:48:6a:0c:37:87:88:
d1:88:14:1d:f7:ca:77:7e:f2:e3:91:d8:13:cc:1c:
16:8a:8e:37:d2:4d:ed:14:f0:da:37:40:2a:77:20:
49:4c:38:79:c6:57:e9:b9:e1:10:67:19:70:56:bf:
96:e8:77:31:8e:d3:17:3c:28:62:98:fd:32:9e:c8:
0e:2d:2b:b9:27:8c:2c:9e:01:72:7e:ac:a4:0b:74:
d0:2e:96:d7:6e:a8:9f:72:38:71:51:3b:c2:ba:d7:
51:e0:91:91:2c:47:ff:97:c7:1d:90:ac:f6:44:fe:
46:ab:55:3f:e3:b9:98:ed:98:ae:e6:80:60:f4:6e:
ef:80:ce:32:7e:9d:a5:05:1d:93:b7:bc:af:3e:a2:
83:4c:5d:d1:56:3b:d3:28:6c:eb:b4:91:80:43:15:
e5:93:a9:4e:89:6e:8b:f2:50:34:c9:f6:43:6c:dd:
6b:0d:b2:29:e1:b2:cb:45:89:54:6f:21:e8:a0:6f:
e4:59:c6:09:1e:d9:01:7c:1d:e2:69:52:da:04:50:
8c:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:12:C3:5C:20:2D:63:72:72:6C:53:79:08:6B:E1:AA:E1:3B:B1:A0
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/PBLDXCAtY3JybFN5CGvhquE7saA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.225.91.0/24
82.115.9.0/24
Signature Algorithm: sha256WithRSAEncryption
c7:61:01:95:0a:10:03:5d:05:08:43:40:75:29:46:98:59:df:
d3:f4:76:e4:07:2c:a5:29:dc:d2:86:2e:e7:c8:53:17:1f:af:
53:f0:c5:78:f6:d1:4d:e8:34:89:ea:01:c2:b3:7e:2e:f4:e0:
20:22:6c:ef:7c:a2:0f:89:d2:f9:56:d4:3c:ae:e2:03:41:19:
73:a8:0a:b9:a1:3c:cb:11:70:55:b0:b5:94:95:51:48:36:8e:
d5:90:fa:8c:23:47:49:00:3e:8b:2b:45:e4:fa:28:ec:4a:88:
27:29:c9:c2:03:84:69:3f:fc:b2:1a:97:00:54:2a:5c:5f:4d:
a2:84:fe:d7:d5:bb:8b:0c:da:c1:c1:94:8a:24:f2:ab:dd:9b:
ee:25:c7:3f:70:69:56:b4:4f:a8:fe:de:f3:64:44:86:d2:fd:
71:f0:fe:fb:f6:19:fd:ad:05:f6:f2:4e:53:bf:0d:6d:c9:95:
c3:b2:ac:8d:f7:e7:ad:71:76:35:60:c7:97:a7:15:4e:e4:ff:
15:b4:3c:6c:2c:b3:26:f0:4e:6c:aa:54:5f:90:b7:cd:55:20:
7e:20:e3:57:3d:ec:44:95:7b:8b:b6:0d:00:be:cc:35:ec:f9:
e2:46:66:90:ca:14:15:80:60:e9:a5:ba:81:70:09:b7:88:a6:
87:b7:eb:1b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY+bxiNXiZcJWZw3nEwhvN5OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjQwNTIxMTUzMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzEyYzM1YzIwMmQ2MzcyNzI2YzUzNzkwODZiZTFhYWUxM2JiMWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuKA2Ppnp53u+Fuys5vaV/oTF5vKd
RmxZKVs9kf2vQtjzbufKsMvaaCYc+9bnhHbTvODoqodIagw3h4jRiBQd98p3fvLj
kdgTzBwWio430k3tFPDaN0AqdyBJTDh5xlfpueEQZxlwVr+W6HcxjtMXPChimP0y
nsgOLSu5J4wsngFyfqykC3TQLpbXbqifcjhxUTvCutdR4JGRLEf/l8cdkKz2RP5G
q1U/47mY7Ziu5oBg9G7vgM4yfp2lBR2Tt7yvPqKDTF3RVjvTKGzrtJGAQxXlk6lO
iW6L8lA0yfZDbN1rDbIp4bLLRYlUbyHooG/kWcYJHtkBfB3iaVLaBFCMjQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDwSw1wgLWNycmxTeQhr4arhO7GgMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvUEJMRFhDQXRZM0p5YkZONUNHdmhxdUU3c2FBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAK+FbAwQA
UnMJMA0GCSqGSIb3DQEBCwUAA4IBAQDHYQGVChADXQUIQ0B1KUaYWd/T9HbkByyl
KdzShi7nyFMXH69T8MV49tFN6DSJ6gHCs34u9OAgImzvfKIPidL5VtQ8ruIDQRlz
qAq5oTzLEXBVsLWUlVFINo7VkPqMI0dJAD6LK0Xk+ijsSognKcnCA4RpP/yyGpcA
VCpcX02ihP7X1buLDNrBwZSKJPKr3ZvuJcc/cGlWtE+o/t7zZESG0v1x8P779hn9
rQX28k5Tvw1tyZXDsqyN9+etcXY1YMeXpxVO5P8VtDxsLLMm8E5sqlRfkLfNVSB+
IONXPexElXuLtg0Avsw17PniRmaQyhQVgGDppbqBcAm3iKaHt+sb
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:16 2024 by rpki-client on console-ams.rpki-client.org