Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/PDNLWOL_Am7ebPsLBmPS4Kfw9y0.roa
File: PDNLWOL_Am7ebPsLBmPS4Kfw9y0.roa (raw, json)
Hash identifier: gcBusHu2idrbn9c3HO3vIH9GUQDW2TAWBy3NmK/TTww=
Subject key identifier: 3C:33:4B:58:E2:FF:02:6E:DE:6C:FB:0B:06:63:D2:E0:A7:F0:F7:2D
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01856D81DFC3D16F76676F6A161974D8D293
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/PDNLWOL_Am7ebPsLBmPS4Kfw9y0.roa
Signing time: Sun 01 Jan 2023 13:25:06 +0000
ROA not before: Sun 01 Jan 2023 13:25:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31490
IP address blocks: 87.120.66.0/24 maxlen: 24
85.217.188.0/24 maxlen: 24
93.123.23.0/24 maxlen: 24
2a00:1728:20::/48 maxlen: 48
2a00:1728:20:100::/56 maxlen: 56
2a00:1728:33::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:81:df:c3:d1:6f:76:67:6f:6a:16:19:74:d8:d2:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 1 13:25:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3c334b58e2ff026ede6cfb0b0663d2e0a7f0f72d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:a3:af:d5:d5:da:35:2e:ef:8d:ca:6e:cf:bb:
63:f9:e4:47:6e:c4:a9:cf:02:76:d7:d1:49:3b:2f:
64:17:6c:3f:85:35:d2:dc:3e:71:6b:52:fa:45:a1:
0f:94:07:db:f5:09:00:44:49:15:ee:86:8b:21:10:
4d:02:ae:9b:49:5d:45:59:1d:4a:a5:cb:58:69:91:
e5:81:00:c9:9e:d9:d5:7f:fc:20:41:e2:57:16:9a:
2d:03:dd:71:5b:69:ea:56:c7:d2:0b:ff:eb:1f:81:
b1:59:11:89:40:59:8c:b3:5f:95:3d:94:3b:6f:f7:
6d:49:50:b7:60:a0:a1:58:e7:2b:9a:53:9c:8e:18:
78:8d:8b:ea:ef:d7:22:34:7d:4e:4c:3b:36:8a:03:
dd:79:68:90:56:54:ab:46:67:0e:0e:3d:4f:f2:64:
30:b5:82:5a:ab:82:43:38:d7:8d:83:20:2c:db:fc:
9d:0c:10:18:42:87:f9:a5:eb:52:ce:9c:1d:d6:a7:
13:8e:d3:68:9e:22:42:25:0d:b1:7f:ae:95:b6:d9:
cf:06:1c:e0:56:b8:bd:c3:07:5c:3d:31:ac:ac:4b:
55:ad:55:e7:a8:35:72:7b:96:a6:c7:b3:35:9f:f0:
b1:20:fe:47:23:62:90:74:7e:1a:4e:c5:a0:90:13:
ed:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:33:4B:58:E2:FF:02:6E:DE:6C:FB:0B:06:63:D2:E0:A7:F0:F7:2D
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/PDNLWOL_Am7ebPsLBmPS4Kfw9y0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.217.188.0/24
87.120.66.0/24
93.123.23.0/24
IPv6:
2a00:1728:20::/48
2a00:1728:33::/48
Signature Algorithm: sha256WithRSAEncryption
a1:0f:a5:cc:5a:83:72:34:07:45:db:20:ab:4e:16:b0:02:58:
8a:33:f0:89:96:49:51:4a:e2:4c:5c:cf:93:eb:f8:0c:ac:c6:
03:7a:1b:67:14:46:2e:fc:8e:56:ad:c6:8c:11:44:ee:4c:4e:
a1:67:b0:11:f2:cd:b3:06:08:d0:3c:3f:79:bd:89:16:29:cd:
53:e7:ad:02:98:7e:e1:05:b1:c1:9a:ec:8d:c1:ff:b1:9e:5b:
7c:57:2d:96:d3:f1:43:d3:d2:a3:1b:e7:64:27:be:50:81:63:
f2:f1:69:52:96:48:d3:4d:4d:d9:d5:e6:0c:f2:ae:2c:7e:62:
5e:9e:93:da:07:a3:bb:7a:fe:a2:51:2b:a7:df:32:fa:93:42:
ac:5d:d3:02:41:b2:df:a0:a9:02:e8:5f:a7:91:4d:f0:9c:8e:
e7:3e:ac:40:a0:17:c5:ec:5d:ec:18:f8:de:ed:2f:a1:88:ef:
29:ad:1a:b4:d6:06:17:2d:1b:65:5d:ea:a2:1e:aa:92:cb:ab:
1b:41:a4:0b:25:0e:3b:7f:5c:81:5a:b1:f7:a2:d8:1d:0b:e9:
65:9b:91:58:fe:73:5f:8a:f9:fe:68:3c:5a:89:e5:b5:dc:4d:
d0:ed:bc:6c:5d:0b:fd:c6:7a:a2:0e:c6:05:1b:8e:bd:80:61:
f0:3c:e5:36
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYVtgd/D0W92Z29qFhl02NKTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMTAxMTMyNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzMzNGI1OGUyZmYwMjZlZGU2Y2ZiMGIwNjYzZDJlMGE3ZjBmNzJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl6Ov1dXaNS7vjcpuz7tj+eRHbsSp
zwJ219FJOy9kF2w/hTXS3D5xa1L6RaEPlAfb9QkAREkV7oaLIRBNAq6bSV1FWR1K
pctYaZHlgQDJntnVf/wgQeJXFpotA91xW2nqVsfSC//rH4GxWRGJQFmMs1+VPZQ7
b/dtSVC3YKChWOcrmlOcjhh4jYvq79ciNH1OTDs2igPdeWiQVlSrRmcODj1P8mQw
tYJaq4JDONeNgyAs2/ydDBAYQof5petSzpwd1qcTjtNoniJCJQ2xf66VttnPBhzg
Vri9wwdcPTGsrEtVrVXnqDVye5amx7M1n/CxIP5HI2KQdH4aTsWgkBPtHQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFDwzS1ji/wJu3mz7CwZj0uCn8PctMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvUEROTFdPTF9BbTdlYlBzTEJtUFM0S2Z3OXkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAYBAIAATASAwQAVdm8AwQA
V3hCAwQAXXsXMBgEAgACMBIDBwAqABcoACADBwAqABcoADMwDQYJKoZIhvcNAQEL
BQADggEBAKEPpcxag3I0B0XbIKtOFrACWIoz8ImWSVFK4kxcz5Pr+AysxgN6G2cU
Ri78jlatxowRRO5MTqFnsBHyzbMGCNA8P3m9iRYpzVPnrQKYfuEFscGa7I3B/7Ge
W3xXLZbT8UPT0qMb52QnvlCBY/LxaVKWSNNNTdnV5gzyrix+Yl6ek9oHo7t6/qJR
K6ffMvqTQqxd0wJBst+gqQLoX6eRTfCcjuc+rECgF8XsXewY+N7tL6GI7ymtGrTW
BhctG2Vd6qIeqpLLqxtBpAslDjt/XIFasfei2B0L6WWbkVj+c1+K+f5oPFqJ5bXc
TdDtvGxdC/3GeqIOxgUbjr2AYfA85TY=
-----END CERTIFICATE-----
Generated at Tue Jan 2 08:59:10 2024 by rpki-client on console-ams.rpki-client.org