Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/PnBZ8UNsi7l3Y7jrD8_HlAjxxXw.roa
File: PnBZ8UNsi7l3Y7jrD8_HlAjxxXw.roa (raw, json)
Hash identifier: DUQltA2ho5ZY0AJI0mjnnvc3Y+6Iu93i2DuO39MGoDE=
Subject key identifier: 3E:70:59:F1:43:6C:8B:B9:77:63:B8:EB:0F:CF:C7:94:08:F1:C5:7C
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 0185966B174F1D8C1BF0893A22EDC04356EC
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/PnBZ8UNsi7l3Y7jrD8_HlAjxxXw.roa
Signing time: Mon 09 Jan 2023 12:04:38 +0000
ROA not before: Mon 09 Jan 2023 12:04:38 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 150698
IP address blocks: 2a0c:fe01::/32 maxlen: 48
2a0b:3c40:38::/48 maxlen: 48
2a0b:3c40:56::/48 maxlen: 48
2a0e:a942::/32 maxlen: 48
2a0b:3c40:19::/48 maxlen: 64
Validation: Failed, certificate revoked on Mon 24 Apr 2023 08:50:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:96:6b:17:4f:1d:8c:1b:f0:89:3a:22:ed:c0:43:56:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Jan 9 12:04:38 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3e7059f1436c8bb97763b8eb0fcfc79408f1c57c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:25:5a:d5:bd:ea:84:83:e4:5d:f5:a4:ab:37:
16:9c:4f:9f:b8:64:d3:b7:e4:14:ab:55:0d:96:dc:
7a:8c:37:68:ab:2c:44:fb:5d:cc:9b:eb:04:d5:b9:
fa:cf:bc:6a:69:87:35:05:26:1d:17:f0:56:62:08:
5c:c1:5b:50:ec:1a:51:41:aa:33:08:47:e4:27:f7:
be:75:e5:00:fe:e1:da:24:6c:d5:97:79:0e:2a:6f:
93:95:f3:f2:c7:9c:02:8b:0d:fc:3b:9c:9b:2c:c5:
f2:74:c6:97:12:0b:04:d5:3e:cc:9b:aa:2d:d0:c9:
98:b2:3c:be:9d:99:21:7a:a8:87:40:18:0e:fe:13:
2d:bc:ba:5f:da:38:f0:65:22:f2:2d:a5:1e:19:f1:
3d:48:bf:17:f3:56:1d:f9:42:e5:48:51:d9:cd:b7:
1c:78:54:e1:07:2b:08:f2:6c:9d:c2:cf:c5:b1:6a:
db:8e:89:ab:61:83:69:18:4c:84:84:bb:dd:a4:aa:
e0:78:c3:c3:e4:7b:c1:85:0c:12:3e:75:84:b8:0c:
25:e4:4b:17:93:52:d8:d5:5b:c9:50:16:82:f6:26:
72:8f:dc:f1:be:a2:26:7d:dd:eb:45:d0:9f:48:0e:
0f:be:a6:d2:4b:e2:0e:44:ac:a4:7d:3c:6a:b8:b8:
a9:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:70:59:F1:43:6C:8B:B9:77:63:B8:EB:0F:CF:C7:94:08:F1:C5:7C
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/PnBZ8UNsi7l3Y7jrD8_HlAjxxXw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:3c40:19::/48
2a0b:3c40:38::/48
2a0b:3c40:56::/48
2a0c:fe01::/32
2a0e:a942::/32
Signature Algorithm: sha256WithRSAEncryption
30:41:4d:52:91:28:3c:9b:90:5e:9a:dd:53:62:b7:cb:01:44:
32:1f:5b:58:91:a6:ae:ea:91:ee:1d:75:e6:5d:59:51:2a:0e:
ec:77:59:3b:93:bc:f9:ea:88:e4:70:65:08:5d:e5:0a:89:c3:
06:0d:b8:2d:97:4e:4d:13:07:95:a3:76:04:00:da:ac:cd:87:
4f:5a:b3:9d:7d:91:44:e1:22:a6:b6:50:bb:a4:7e:53:32:66:
ad:22:16:19:23:90:bf:eb:69:31:2a:87:37:07:99:c4:6e:5f:
e8:46:0d:19:99:f7:c4:f2:52:ee:35:6e:6a:c8:a8:03:a7:17:
e8:b2:5d:9f:15:77:a3:68:60:93:7b:03:dd:c6:2e:e8:b8:92:
07:ae:eb:17:a9:1c:11:7c:75:96:c4:cb:79:88:30:d8:be:bd:
95:18:ff:c7:43:18:e2:ed:4c:d3:28:82:33:bf:bd:be:35:f0:
90:c1:d4:1d:bb:04:c9:07:29:57:01:fe:f1:1a:73:64:96:1f:
50:ed:97:5a:1c:ef:48:56:69:95:b5:84:52:7c:a1:08:bc:2c:
6d:a7:91:47:4b:c3:fc:d7:f5:1a:a9:58:b1:53:a3:d6:c2:f1:
24:43:1e:79:67:c2:1d:d3:16:82:ed:b5:33:63:07:00:56:8d:
c4:53:0b:47
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYWWaxdPHYwb8Ik6Iu3AQ1bsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjMwMTA5MTIwNDM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTcwNTlmMTQzNmM4YmI5Nzc2M2I4ZWIwZmNmYzc5NDA4ZjFjNTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnyVa1b3qhIPkXfWkqzcWnE+fuGTT
t+QUq1UNltx6jDdoqyxE+13Mm+sE1bn6z7xqaYc1BSYdF/BWYghcwVtQ7BpRQaoz
CEfkJ/e+deUA/uHaJGzVl3kOKm+TlfPyx5wCiw38O5ybLMXydMaXEgsE1T7Mm6ot
0MmYsjy+nZkheqiHQBgO/hMtvLpf2jjwZSLyLaUeGfE9SL8X81Yd+ULlSFHZzbcc
eFThBysI8mydws/FsWrbjomrYYNpGEyEhLvdpKrgeMPD5HvBhQwSPnWEuAwl5EsX
k1LY1VvJUBaC9iZyj9zxvqImfd3rRdCfSA4PvqbSS+IORKykfTxquLipXwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFD5wWfFDbIu5d2O46w/Px5QI8cV8MB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvUG5CWjhVTnNpN2wzWTdqckQ4X0hsQWp4eFh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAvBAIAAjApAwcAKgs8QAAZ
AwcAKgs8QAA4AwcAKgs8QABWAwUAKgz+AQMFACoOqUIwDQYJKoZIhvcNAQELBQAD
ggEBADBBTVKRKDybkF6a3VNit8sBRDIfW1iRpq7qke4ddeZdWVEqDux3WTuTvPnq
iORwZQhd5QqJwwYNuC2XTk0TB5WjdgQA2qzNh09as519kUThIqa2ULukflMyZq0i
FhkjkL/raTEqhzcHmcRuX+hGDRmZ98TyUu41bmrIqAOnF+iyXZ8Vd6NoYJN7A93G
Lui4kgeu6xepHBF8dZbEy3mIMNi+vZUY/8dDGOLtTNMogjO/vb418JDB1B27BMkH
KVcB/vEac2SWH1Dtl1oc70hWaZW1hFJ8oQi8LG2nkUdLw/zX9RqpWLFTo9bC8SRD
Hnlnwh3TFoLttTNjBwBWjcRTC0c=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:25 2024 by rpki-client on console-fra.rpki-client.org