Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/67c21d-0e92-4242-994e-fb40d6da2468/1/PFnshXc1eextenf6-eGx2dic304.roa
File: PFnshXc1eextenf6-eGx2dic304.roa (raw, json)
Hash identifier: 4KDgg/2PklMIWTSqs1zSfegCOuQxNJnH1A7wBxoJGCI=
Subject key identifier: 3C:59:EC:85:77:35:79:EC:6D:7A:77:FA:F9:E1:B1:D9:D8:9C:DF:4E
Certificate issuer: /CN=21cb2ac377fc603f95faecc54ac7d590f2cc319d
Certificate serial: 018FA6479EDA6943DD9D4F53E5B44231F47B
Authority key identifier: 21:CB:2A:C3:77:FC:60:3F:95:FA:EC:C5:4A:C7:D5:90:F2:CC:31:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Icsqw3f8YD-V-uzFSsfVkPLMMZ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/67c21d-0e92-4242-994e-fb40d6da2468/1/PFnshXc1eextenf6-eGx2dic304.roa
Signing time: Thu 23 May 2024 16:27:42 +0000
ROA not before: Thu 23 May 2024 16:27:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16347
IP address blocks: 2a0a:2f81::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:a6:47:9e:da:69:43:dd:9d:4f:53:e5:b4:42:31:f4:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21cb2ac377fc603f95faecc54ac7d590f2cc319d
Validity
Not Before: May 23 16:27:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3c59ec85773579ec6d7a77faf9e1b1d9d89cdf4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:ed:7f:03:e1:ff:e1:3b:8a:da:81:3f:f3:c1:
58:b3:15:0f:21:54:da:61:ae:7b:62:f1:a2:5b:24:
4e:1d:28:2c:6e:1f:f3:28:7f:94:68:b9:6c:26:2e:
16:3d:00:55:83:18:4d:a5:6a:df:f7:ea:8a:0a:5d:
48:d1:6c:0e:c8:59:10:b1:07:45:76:e8:ad:39:9b:
96:15:44:6f:ee:7d:39:ec:71:49:e0:a5:f3:c9:08:
3f:d8:dc:d4:8a:ed:3d:06:e7:61:5c:4c:56:ec:1e:
d4:39:b8:9b:7a:29:7b:18:ce:df:16:4f:92:04:aa:
54:1c:15:ec:41:7c:db:22:3c:d9:42:c6:8c:03:53:
4f:76:5f:d2:ae:22:15:54:ad:d6:09:1b:24:81:73:
da:5e:9a:2c:67:85:e7:6c:af:e0:85:73:34:6c:75:
88:96:2f:12:c8:f6:dd:bd:81:72:ef:a0:88:3f:b5:
3c:56:f2:56:f1:4d:e8:87:c6:b7:a3:33:4c:8f:a2:
2a:e0:fe:1c:a2:6d:42:6e:a1:a1:f8:ac:9c:fd:2f:
05:d5:de:fe:9a:db:60:97:d6:d7:91:d3:9b:4f:51:
b9:a4:f1:0f:9a:a6:bc:ab:e1:70:41:39:d7:7d:2a:
72:98:5e:f8:09:e5:a7:ea:4d:09:17:40:1e:da:c3:
53:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:59:EC:85:77:35:79:EC:6D:7A:77:FA:F9:E1:B1:D9:D8:9C:DF:4E
X509v3 Authority Key Identifier:
keyid:21:CB:2A:C3:77:FC:60:3F:95:FA:EC:C5:4A:C7:D5:90:F2:CC:31:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Icsqw3f8YD-V-uzFSsfVkPLMMZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/67c21d-0e92-4242-994e-fb40d6da2468/1/PFnshXc1eextenf6-eGx2dic304.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/67c21d-0e92-4242-994e-fb40d6da2468/1/Icsqw3f8YD-V-uzFSsfVkPLMMZ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:2f81::/32
Signature Algorithm: sha256WithRSAEncryption
30:24:a0:ed:77:56:0a:8b:37:e7:d2:09:1c:7d:0a:31:d4:c2:
d2:75:ac:c2:29:50:e2:25:ba:0b:e6:9d:eb:6b:59:27:de:23:
ac:42:8d:9d:0e:28:e6:f8:5d:09:96:47:15:07:31:a6:75:df:
f6:34:cc:73:9e:47:60:0f:b1:be:27:cb:c7:88:63:19:49:ae:
bd:51:8d:bc:b7:f9:40:97:fa:84:bf:8a:db:c0:53:51:ac:da:
eb:41:27:d6:ed:cb:e4:14:39:00:2e:ef:25:ae:84:76:7d:ad:
3e:6f:91:1e:18:f3:b3:ac:19:62:10:60:99:c2:ff:f5:3e:ad:
dc:b8:9f:df:74:15:f6:6d:eb:26:22:d3:73:0c:58:f7:57:39:
91:dc:db:fb:54:15:27:bc:96:7e:f8:52:27:0b:5b:33:3a:9f:
ca:30:de:87:b4:85:f6:2a:6f:80:c0:33:7c:eb:a0:62:26:5e:
b4:ae:d6:1e:e5:24:fe:9d:66:28:44:f1:b3:4e:84:48:e8:64:
5e:6a:92:49:b3:81:ae:fe:b7:a7:53:ed:69:77:95:07:20:aa:
a2:7e:84:8f:6b:c7:14:c7:bc:3d:c9:98:a4:dc:72:6c:65:9b:
36:d3:5a:19:76:1b:74:93:a4:02:9b:28:96:eb:d6:82:da:73:
3b:73:d2:36
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY+mR57aaUPdnU9T5bRCMfR7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxY2IyYWMzNzdmYzYwM2Y5NWZhZWNjNTRhYzdkNTkwZjJj
YzMxOWQwHhcNMjQwNTIzMTYyNzQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzU5ZWM4NTc3MzU3OWVjNmQ3YTc3ZmFmOWUxYjFkOWQ4OWNkZjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoe1/A+H/4TuK2oE/88FYsxUPIVTa
Ya57YvGiWyROHSgsbh/zKH+UaLlsJi4WPQBVgxhNpWrf9+qKCl1I0WwOyFkQsQdF
duitOZuWFURv7n057HFJ4KXzyQg/2NzUiu09BudhXExW7B7UObibeil7GM7fFk+S
BKpUHBXsQXzbIjzZQsaMA1NPdl/SriIVVK3WCRskgXPaXposZ4XnbK/ghXM0bHWI
li8SyPbdvYFy76CIP7U8VvJW8U3oh8a3ozNMj6Iq4P4com1CbqGh+Kyc/S8F1d7+
mttgl9bXkdObT1G5pPEPmqa8q+FwQTnXfSpymF74CeWn6k0JF0Ae2sNTcwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDxZ7IV3NXnsbXp3+vnhsdnYnN9OMB8GA1UdIwQY
MBaAFCHLKsN3/GA/lfrsxUrH1ZDyzDGdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWNzcXczZjhZRC1WLXV6RlNzZlZrUExNTVowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy82N2MyMWQtMGU5Mi00MjQyLTk5NGUt
ZmI0MGQ2ZGEyNDY4LzEvUEZuc2hYYzFlZXh0ZW5mNi1lR3gyZGljMzA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy82N2MyMWQtMGU5Mi00MjQyLTk5NGUtZmI0MGQ2ZGEyNDY4
LzEvSWNzcXczZjhZRC1WLXV6RlNzZlZrUExNTVowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgovgTAN
BgkqhkiG9w0BAQsFAAOCAQEAMCSg7XdWCos359IJHH0KMdTC0nWswilQ4iW6C+ad
62tZJ94jrEKNnQ4o5vhdCZZHFQcxpnXf9jTMc55HYA+xvifLx4hjGUmuvVGNvLf5
QJf6hL+K28BTUaza60En1u3L5BQ5AC7vJa6Edn2tPm+RHhjzs6wZYhBgmcL/9T6t
3Lif33QV9m3rJiLTcwxY91c5kdzb+1QVJ7yWfvhSJwtbMzqfyjDeh7SF9ipvgMAz
fOugYiZetK7WHuUk/p1mKETxs06ESOhkXmqSSbOBrv63p1PtaXeVByCqon6Ej2vH
FMe8PcmYpNxybGWbNtNaGXYbdJOkApsoluvWgtpzO3PSNg==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:45:50 2025 by rpki-client