Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/7709e7-8372-4824-a81c-6ad0b69b208f/1/PPDHeoZvhM_okNt0boEFs18S6ME.roa
File: PPDHeoZvhM_okNt0boEFs18S6ME.roa (raw, json)
Hash identifier: pV0Dw21XNCpizD3k0Ee/Xv+h5Fu50AnvdqQuSb/+ko0=
Subject key identifier: 3C:F0:C7:7A:86:6F:84:CF:E8:90:DB:74:6E:81:05:B3:5F:12:E8:C1
Certificate issuer: /CN=5bf63362fedee1c89135d5434d37b7375ed5a108
Certificate serial: 018CC5DC645D245E4A8A244918A840C1643D
Authority key identifier: 5B:F6:33:62:FE:DE:E1:C8:91:35:D5:43:4D:37:B7:37:5E:D5:A1:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W_YzYv7e4ciRNdVDTTe3N17VoQg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/7709e7-8372-4824-a81c-6ad0b69b208f/1/PPDHeoZvhM_okNt0boEFs18S6ME.roa
Signing time: Mon 01 Jan 2024 16:30:04 +0000
ROA not before: Mon 01 Jan 2024 16:30:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43623
IP address blocks: 2001:67c:4a0::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 14 Mar 2024 18:02:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:64:5d:24:5e:4a:8a:24:49:18:a8:40:c1:64:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5bf63362fedee1c89135d5434d37b7375ed5a108
Validity
Not Before: Jan 1 16:30:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3cf0c77a866f84cfe890db746e8105b35f12e8c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:5c:86:74:23:1e:e7:74:28:a0:4c:6d:98:c0:
4f:38:fa:e9:22:03:02:1d:8e:6c:18:ad:d8:19:7e:
72:67:dd:b6:07:8a:86:b6:0c:90:69:62:39:8a:af:
bc:bb:97:a1:e5:f9:31:fd:43:eb:7a:ab:09:8a:7f:
20:5d:5f:5e:93:36:ed:35:29:00:ae:be:f0:8c:0c:
c7:d5:8f:54:6b:4e:6c:b2:72:ae:0e:cc:ef:a9:f3:
33:b2:f4:36:04:b9:25:f9:24:4b:ff:31:fd:43:51:
a9:d6:ce:2d:4d:2c:c5:d4:d3:c0:7a:50:02:59:d9:
c8:60:05:19:c9:58:60:b2:8c:54:00:6c:84:5f:65:
59:a0:fd:48:2d:49:2c:78:f3:21:6a:a6:36:69:1b:
1e:38:2a:ea:a3:13:b6:5b:d0:e4:9c:5a:90:9d:f2:
88:ed:6d:b1:aa:80:e3:84:22:be:9e:32:42:44:06:
db:b2:39:1f:a4:1c:27:be:da:8c:e0:c0:ec:99:a3:
4e:5b:d5:4b:98:47:ab:dc:1b:c5:85:5b:39:15:09:
95:af:96:53:80:90:52:4b:ab:5c:c3:b2:5b:2f:72:
47:07:8a:06:cc:43:46:26:28:39:9e:74:77:84:3f:
6a:93:e4:ef:a9:d0:fd:02:3c:f1:a8:c8:5d:55:85:
74:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:F0:C7:7A:86:6F:84:CF:E8:90:DB:74:6E:81:05:B3:5F:12:E8:C1
X509v3 Authority Key Identifier:
keyid:5B:F6:33:62:FE:DE:E1:C8:91:35:D5:43:4D:37:B7:37:5E:D5:A1:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W_YzYv7e4ciRNdVDTTe3N17VoQg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/7709e7-8372-4824-a81c-6ad0b69b208f/1/PPDHeoZvhM_okNt0boEFs18S6ME.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/7709e7-8372-4824-a81c-6ad0b69b208f/1/W_YzYv7e4ciRNdVDTTe3N17VoQg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:4a0::/48
Signature Algorithm: sha256WithRSAEncryption
31:6e:36:23:2e:26:e8:97:7f:e5:a5:07:3a:53:aa:34:f6:33:
f0:ed:09:f6:05:a5:46:9e:f2:30:64:d5:51:e8:30:e3:5f:ec:
6f:2e:ba:74:05:ad:08:ee:bf:f4:9e:0b:e9:92:c1:15:3d:7b:
8b:46:6a:a3:71:99:d5:c0:16:76:36:b1:7a:a0:36:2e:52:46:
9f:eb:cb:37:5e:ea:7d:ee:ce:c6:37:05:26:23:bc:cf:a5:6a:
8a:59:7d:30:a0:34:04:99:9e:2b:e6:97:0b:b4:e1:81:91:01:
5b:46:8b:97:02:58:2e:1f:b1:b0:f7:35:2e:02:4d:54:b6:fa:
39:85:08:5e:bf:56:2a:c5:cb:83:b4:30:02:d8:14:ef:d7:c7:
f5:e6:da:55:f4:c5:5e:f9:cd:ce:1a:82:4d:68:4a:ac:e1:9d:
ac:14:ad:5d:9e:d3:84:5a:1a:79:0b:a5:23:bc:93:76:d3:ca:
7b:83:8b:63:c2:93:2c:35:7c:5a:62:66:a8:3c:35:0a:45:29:
63:40:c0:33:b6:6a:9a:9c:ef:af:75:ce:16:40:d1:e1:11:88:
87:8d:b2:d2:94:90:1c:5c:3d:18:6c:ec:dc:07:6b:56:32:72:
74:41:76:a4:e1:22:92:a8:16:e0:54:dd:fe:13:34:1f:b1:0d:
6b:cc:24:10
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzF3GRdJF5KiiRJGKhAwWQ9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViZjYzMzYyZmVkZWUxYzg5MTM1ZDU0MzRkMzdiNzM3NWVk
NWExMDgwHhcNMjQwMTAxMTYzMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2YwYzc3YTg2NmY4NGNmZTg5MGRiNzQ2ZTgxMDViMzVmMTJlOGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhVyGdCMe53QooExtmMBPOPrpIgMC
HY5sGK3YGX5yZ922B4qGtgyQaWI5iq+8u5eh5fkx/UPreqsJin8gXV9ekzbtNSkA
rr7wjAzH1Y9Ua05ssnKuDszvqfMzsvQ2BLkl+SRL/zH9Q1Gp1s4tTSzF1NPAelAC
WdnIYAUZyVhgsoxUAGyEX2VZoP1ILUksePMhaqY2aRseOCrqoxO2W9DknFqQnfKI
7W2xqoDjhCK+njJCRAbbsjkfpBwnvtqM4MDsmaNOW9VLmEer3BvFhVs5FQmVr5ZT
gJBSS6tcw7JbL3JHB4oGzENGJig5nnR3hD9qk+TvqdD9AjzxqMhdVYV0oQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDzwx3qGb4TP6JDbdG6BBbNfEujBMB8GA1UdIwQY
MBaAFFv2M2L+3uHIkTXVQ003tzde1aEIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV19Zell2N2U0Y2lSTmRWRFRUZTNOMTdWb1FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy83NzA5ZTctODM3Mi00ODI0LWE4MWMt
NmFkMGI2OWIyMDhmLzEvUFBESGVvWnZoTV9va050MGJvRUZzMThTNk1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy83NzA5ZTctODM3Mi00ODI0LWE4MWMtNmFkMGI2OWIyMDhm
LzEvV19Zell2N2U0Y2lSTmRWRFRUZTNOMTdWb1FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfASg
MA0GCSqGSIb3DQEBCwUAA4IBAQAxbjYjLibol3/lpQc6U6o09jPw7Qn2BaVGnvIw
ZNVR6DDjX+xvLrp0Ba0I7r/0ngvpksEVPXuLRmqjcZnVwBZ2NrF6oDYuUkaf68s3
Xup97s7GNwUmI7zPpWqKWX0woDQEmZ4r5pcLtOGBkQFbRouXAlguH7Gw9zUuAk1U
tvo5hQhev1YqxcuDtDAC2BTv18f15tpV9MVe+c3OGoJNaEqs4Z2sFK1dntOEWhp5
C6UjvJN208p7g4tjwpMsNXxaYmaoPDUKRSljQMAztmqanO+vdc4WQNHhEYiHjbLS
lJAcXD0YbOzcB2tWMnJ0QXak4SKSqBbgVN3+EzQfsQ1rzCQQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:50 2024 by rpki-client on console-fra.rpki-client.org