Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/PBoH0B0RwKSkOB9saXDwEmMm_wU.roa
File: PBoH0B0RwKSkOB9saXDwEmMm_wU.roa (raw, json)
Hash identifier: OecuTurv/MuIm0trf7EGyFbQRhlCCRSJiiXF3bJMLVY=
Subject key identifier: 3C:1A:07:D0:1D:11:C0:A4:A4:38:1F:6C:69:70:F0:12:63:26:FF:05
Certificate issuer: /CN=5da432a4ec3b0ac4ca4e4ecec0e9f4d46b497af0
Certificate serial: 018570307112D785D1964BB86BAFE30ED840
Authority key identifier: 5D:A4:32:A4:EC:3B:0A:C4:CA:4E:4E:CE:C0:E9:F4:D4:6B:49:7A:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaQypOw7CsTKTk7OwOn01GtJevA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/PBoH0B0RwKSkOB9saXDwEmMm_wU.roa
Signing time: Mon 02 Jan 2023 01:55:00 +0000
ROA not before: Mon 02 Jan 2023 01:55:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211406
IP address blocks: 185.62.101.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:30:71:12:d7:85:d1:96:4b:b8:6b:af:e3:0e:d8:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da432a4ec3b0ac4ca4e4ecec0e9f4d46b497af0
Validity
Not Before: Jan 2 01:55:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3c1a07d01d11c0a4a4381f6c6970f0126326ff05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:e6:2e:df:4d:cf:b4:da:83:4b:40:b2:27:52:
a7:6b:b9:14:c0:2a:d3:54:3f:57:d6:56:d0:95:f9:
75:33:f3:f8:5e:87:fd:7f:9f:5d:78:d7:26:79:3d:
8a:d6:fd:09:cc:a3:84:95:33:e2:8e:4a:6b:dc:71:
fd:12:a4:0c:9f:3c:57:8e:24:ee:81:91:55:e0:84:
84:34:e3:52:f7:2f:0a:43:b1:d2:c0:ca:32:82:42:
10:5c:bf:e8:75:f1:3f:63:36:e5:18:0b:2d:d6:3f:
f8:3d:22:c2:01:8b:20:1a:8c:fa:9c:ab:44:0a:cd:
56:97:4b:d8:36:65:2d:24:2b:1c:04:44:7e:4c:4c:
c5:10:95:af:12:35:04:fc:05:57:2b:87:61:5e:75:
5d:f1:81:69:28:7d:00:8c:1b:35:41:24:7b:31:76:
8c:f5:e6:93:40:6e:71:56:05:a4:06:b2:5f:c7:2f:
9e:15:db:21:31:b7:c5:aa:93:ba:7f:fd:d4:d4:a8:
a9:2f:68:f3:1b:87:86:1f:19:7f:ed:85:01:9c:83:
36:90:80:1a:56:e6:2b:7d:2e:0f:56:a8:ec:fe:09:
41:22:13:56:a9:4a:11:d0:fe:84:8c:01:eb:f3:5f:
0a:93:61:68:1c:60:14:70:2c:ff:03:1f:10:fb:e8:
65:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:1A:07:D0:1D:11:C0:A4:A4:38:1F:6C:69:70:F0:12:63:26:FF:05
X509v3 Authority Key Identifier:
keyid:5D:A4:32:A4:EC:3B:0A:C4:CA:4E:4E:CE:C0:E9:F4:D4:6B:49:7A:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaQypOw7CsTKTk7OwOn01GtJevA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/PBoH0B0RwKSkOB9saXDwEmMm_wU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/XaQypOw7CsTKTk7OwOn01GtJevA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.62.101.0/24
Signature Algorithm: sha256WithRSAEncryption
03:8c:10:59:dd:af:36:48:cf:72:13:99:ed:60:46:4b:a4:ca:
f0:aa:d3:b3:03:b4:e8:b3:1f:f3:e2:61:f1:cb:0f:c2:59:bc:
ee:f2:8c:91:0f:f0:6b:3a:38:53:ac:ef:d0:67:49:0d:cb:f4:
1a:32:5e:6d:12:24:7f:3d:e1:ac:f2:2a:cc:aa:a9:20:02:ae:
22:66:17:5d:23:1b:04:59:66:a0:ff:ee:02:b3:58:33:c8:4b:
e4:3b:45:16:5e:77:cd:46:35:7b:91:92:f4:8c:f4:83:be:f9:
a3:8f:81:bc:63:16:82:3f:1d:5b:9e:e0:2f:5d:90:c2:2c:aa:
c7:44:61:a7:32:32:dc:8c:8f:ca:02:4d:b0:8d:3f:e6:ce:f5:
b0:14:9c:e7:9b:a4:d0:f4:fe:a2:03:28:f9:7b:57:8a:84:c9:
7e:7c:95:a3:a7:cd:8c:11:39:b3:0e:a9:7c:76:1c:20:94:0a:
d7:e7:61:ad:bc:1a:3a:52:80:fc:19:be:c7:f3:ff:ce:31:1c:
91:03:9a:a8:6f:22:8f:c5:11:04:27:dd:d7:3e:c3:51:70:71:
f7:47:3c:bc:5e:5f:bb:34:cf:79:1e:c3:e5:2c:d9:75:d0:28:
16:d6:38:ce:55:6d:d4:da:12:45:e9:64:1c:2f:69:07:41:c6:
2c:e1:1b:71
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwMHES14XRlku4a6/jDthAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTQzMmE0ZWMzYjBhYzRjYTRlNGVjZWMwZTlmNGQ0NmI0
OTdhZjAwHhcNMjMwMTAyMDE1NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzFhMDdkMDFkMTFjMGE0YTQzODFmNmM2OTcwZjAxMjYzMjZmZjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+Yu303PtNqDS0CyJ1Kna7kUwCrT
VD9X1lbQlfl1M/P4Xof9f59deNcmeT2K1v0JzKOElTPijkpr3HH9EqQMnzxXjiTu
gZFV4ISENONS9y8KQ7HSwMoygkIQXL/odfE/YzblGAst1j/4PSLCAYsgGoz6nKtE
Cs1Wl0vYNmUtJCscBER+TEzFEJWvEjUE/AVXK4dhXnVd8YFpKH0AjBs1QSR7MXaM
9eaTQG5xVgWkBrJfxy+eFdshMbfFqpO6f/3U1KipL2jzG4eGHxl/7YUBnIM2kIAa
VuYrfS4PVqjs/glBIhNWqUoR0P6EjAHr818Kk2FoHGAUcCz/Ax8Q++hlowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDwaB9AdEcCkpDgfbGlw8BJjJv8FMB8GA1UdIwQY
MBaAFF2kMqTsOwrEyk5OzsDp9NRrSXrwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFReXBPdzdDc1RLVGs3T3dPbjAxR3RKZXZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85ZTg0N2YtNDE0Ni00NTY2LThjM2Ut
MWJhNTQzZWVhZWQ3LzEvUEJvSDBCMFJ3S1NrT0I5c2FYRHdFbU1tX3dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85ZTg0N2YtNDE0Ni00NTY2LThjM2UtMWJhNTQzZWVhZWQ3
LzEvWGFReXBPdzdDc1RLVGs3T3dPbjAxR3RKZXZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuT5lMA0G
CSqGSIb3DQEBCwUAA4IBAQADjBBZ3a82SM9yE5ntYEZLpMrwqtOzA7Tosx/z4mHx
yw/CWbzu8oyRD/BrOjhTrO/QZ0kNy/QaMl5tEiR/PeGs8irMqqkgAq4iZhddIxsE
WWag/+4Cs1gzyEvkO0UWXnfNRjV7kZL0jPSDvvmjj4G8YxaCPx1bnuAvXZDCLKrH
RGGnMjLcjI/KAk2wjT/mzvWwFJznm6TQ9P6iAyj5e1eKhMl+fJWjp82METmzDql8
dhwglArX52GtvBo6UoD8Gb7H8//OMRyRA5qobyKPxREEJ93XPsNRcHH3Rzy8Xl+7
NM95HsPlLNl10CgW1jjOVW3U2hJF6WQcL2kHQcYs4Rtx
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:48 2024 by rpki-client on console-ams.rpki-client.org