Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/PaCz0Fgpwn6jBCxzAElDkHSeSko.roa
File: PaCz0Fgpwn6jBCxzAElDkHSeSko.roa (raw, json)
Hash identifier: OkLjYR7Ui2rGLHFHDodebm8PyeKkoE36BNKa3BDT9ek=
Subject key identifier: 3D:A0:B3:D0:58:29:C2:7E:A3:04:2C:73:00:49:43:90:74:9E:4A:4A
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018B1928562AD8633F732EAD5515E86D1E4D
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/PaCz0Fgpwn6jBCxzAElDkHSeSko.roa
Signing time: Tue 10 Oct 2023 10:35:55 +0000
ROA not before: Tue 10 Oct 2023 10:35:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 109.72.116.0/22 maxlen: 24
109.72.113.0/24 maxlen: 24
89.185.0.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 11 Oct 2023 09:52:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:19:28:56:2a:d8:63:3f:73:2e:ad:55:15:e8:6d:1e:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Oct 10 10:35:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3da0b3d05829c27ea3042c7300494390749e4a4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:87:7c:a5:15:a0:02:b8:23:ba:73:d9:61:26:
4b:bc:95:ca:b5:7a:76:0a:16:e2:1d:45:1d:ec:cb:
50:de:39:6f:7c:68:af:97:ad:30:7a:f3:5a:41:95:
b9:98:74:1d:bf:77:a4:39:9e:92:32:37:21:79:ff:
72:92:f1:ee:24:c8:22:61:41:9f:4c:04:c7:08:de:
45:b2:88:88:18:76:04:f0:75:f7:f6:d5:e9:bd:d5:
de:85:c8:b4:5b:09:9a:22:9a:f2:a6:f8:ff:6a:b1:
8f:ba:0e:08:95:53:30:d3:c0:9c:cc:73:a7:4c:8c:
39:50:88:85:b9:e9:01:65:fa:69:24:cc:ec:3f:51:
b0:2b:0e:b3:bd:33:02:55:b4:a1:b4:76:65:b2:8e:
f3:ea:a2:67:32:63:b6:bb:29:17:50:81:84:0e:86:
0a:26:39:47:8c:a6:41:2e:ac:0e:24:00:18:6c:9c:
5b:07:98:a1:7a:3a:25:f1:ec:f3:bd:4e:56:63:55:
14:62:c6:68:6a:5a:16:c7:a6:80:8f:24:75:eb:a3:
5c:05:90:43:f5:76:26:b6:89:a8:24:31:17:4f:e9:
41:48:78:18:ec:3d:3d:17:63:00:e4:26:ed:0f:13:
63:0c:11:dc:9a:1c:8c:20:c6:33:7b:b1:3e:a4:6b:
eb:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:A0:B3:D0:58:29:C2:7E:A3:04:2C:73:00:49:43:90:74:9E:4A:4A
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/PaCz0Fgpwn6jBCxzAElDkHSeSko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.185.0.0/22
109.72.113.0/24
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
1e:c9:0f:ef:6b:30:74:44:6e:96:df:59:c6:9e:21:af:7d:34:
ee:34:4e:3a:a8:6a:2a:82:62:d5:ea:24:2e:f5:50:61:e0:b5:
e7:fc:ea:84:da:62:b8:88:02:c3:1d:dd:14:04:72:f6:b6:11:
ba:8b:7f:dd:19:db:73:6c:46:be:25:2d:4d:b2:25:cd:c8:f6:
45:65:d9:7c:50:46:62:3b:f7:c4:a4:92:65:b1:3c:8a:f1:ae:
8a:33:e7:83:8a:27:61:65:f6:41:e1:bc:69:6c:f0:3e:e4:36:
dc:f3:80:63:0a:0a:f3:5b:85:0f:0f:16:9e:1d:9e:8c:47:ea:
94:ae:da:67:e9:fc:fd:1e:2d:44:5d:0c:38:22:cd:5e:43:f2:
24:98:86:9a:6c:04:ea:ac:e9:b6:75:c2:09:de:ba:fc:cd:f1:
cc:70:e9:d4:0a:63:7a:f8:08:45:ce:8d:f0:36:1e:d8:dc:c2:
dc:c7:ac:23:9b:45:c6:33:23:3b:2b:29:94:c2:53:33:9f:a4:
b4:4f:bd:ec:57:ba:cb:b5:98:c5:ab:ab:fe:9b:20:86:37:cb:
b6:fa:04:a1:89:33:eb:82:f9:a2:17:ae:91:97:09:1b:f9:94:
e4:d7:01:40:d3:4f:35:61:77:f6:e7:bd:e3:56:25:da:0e:a0:
10:58:ac:37
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYsZKFYq2GM/cy6tVRXobR5NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMxMDEwMTAzNTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGEwYjNkMDU4MjljMjdlYTMwNDJjNzMwMDQ5NDM5MDc0OWU0YTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuId8pRWgArgjunPZYSZLvJXKtXp2
ChbiHUUd7MtQ3jlvfGivl60wevNaQZW5mHQdv3ekOZ6SMjchef9ykvHuJMgiYUGf
TATHCN5FsoiIGHYE8HX39tXpvdXehci0WwmaIprypvj/arGPug4IlVMw08CczHOn
TIw5UIiFuekBZfppJMzsP1GwKw6zvTMCVbShtHZlso7z6qJnMmO2uykXUIGEDoYK
JjlHjKZBLqwOJAAYbJxbB5ihejol8ezzvU5WY1UUYsZoaloWx6aAjyR166NcBZBD
9XYmtomoJDEXT+lBSHgY7D09F2MA5CbtDxNjDBHcmhyMIMYze7E+pGvrmQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFD2gs9BYKcJ+owQscwBJQ5B0nkpKMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvUGFDejBGZ3B3bjZqQkN4ekFFbERrSFNlU2tvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCWbkAAwQA
bUhxAwQCbUh0MA0GCSqGSIb3DQEBCwUAA4IBAQAeyQ/vazB0RG6W31nGniGvfTTu
NE46qGoqgmLV6iQu9VBh4LXn/OqE2mK4iALDHd0UBHL2thG6i3/dGdtzbEa+JS1N
siXNyPZFZdl8UEZiO/fEpJJlsTyK8a6KM+eDiidhZfZB4bxpbPA+5Dbc84BjCgrz
W4UPDxaeHZ6MR+qUrtpn6fz9Hi1EXQw4Is1eQ/IkmIaabATqrOm2dcIJ3rr8zfHM
cOnUCmN6+AhFzo3wNh7Y3MLcx6wjm0XGMyM7KymUwlMzn6S0T73sV7rLtZjFq6v+
myCGN8u2+gShiTPrgvmiF66Rlwkb+ZTk1wFA0081YXf2573jViXaDqAQWKw3
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:46 2024 by rpki-client on console-ams.rpki-client.org