Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/67c21d-0e92-4242-994e-fb40d6da2468/1/PwrUlRs1E046D0YRfrJr-3Ns9YU.roa
File: PwrUlRs1E046D0YRfrJr-3Ns9YU.roa (raw, json)
Hash identifier: hFtgxKMqhfwdA/bed21s3dbJk2meC+rCkMKeQ8wO46o=
Subject key identifier: 3F:0A:D4:95:1B:35:13:4E:3A:0F:46:11:7E:B2:6B:FB:73:6C:F5:85
Certificate issuer: /CN=21cb2ac377fc603f95faecc54ac7d590f2cc319d
Certificate serial: 01856C0139D1E3217BCA085484E623775AE5
Authority key identifier: 21:CB:2A:C3:77:FC:60:3F:95:FA:EC:C5:4A:C7:D5:90:F2:CC:31:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Icsqw3f8YD-V-uzFSsfVkPLMMZ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/67c21d-0e92-4242-994e-fb40d6da2468/1/PwrUlRs1E046D0YRfrJr-3Ns9YU.roa
Signing time: Sun 01 Jan 2023 06:24:57 +0000
ROA not before: Sun 01 Jan 2023 06:24:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47891
IP address blocks: 91.212.26.0/24 maxlen: 24
185.177.44.0/24 maxlen: 24
2a0a:2f81::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:01:39:d1:e3:21:7b:ca:08:54:84:e6:23:77:5a:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21cb2ac377fc603f95faecc54ac7d590f2cc319d
Validity
Not Before: Jan 1 06:24:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3f0ad4951b35134e3a0f46117eb26bfb736cf585
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:86:da:63:1b:eb:32:74:55:d5:fd:16:d5:bd:
25:3a:7c:5d:48:94:59:7b:f2:98:06:03:3e:4b:01:
38:98:fa:89:b0:08:58:76:52:d8:de:46:26:61:75:
3f:f2:79:1f:89:04:b6:74:ad:e6:3a:84:59:5d:62:
cd:3b:89:84:fa:29:c5:5e:13:47:22:8a:37:12:a2:
86:b8:16:fa:33:52:3e:70:27:6c:47:af:48:27:0f:
78:c6:cd:20:c5:7d:d9:76:1b:a5:33:5b:78:00:dc:
6b:27:de:6c:6f:1e:23:1f:2a:87:3d:23:f3:c5:6e:
7b:4b:62:87:5b:f6:a6:64:60:b9:f6:d6:30:f3:75:
1f:6e:71:e7:11:b3:7b:ca:a8:27:bd:81:99:49:ba:
e8:40:e0:d5:c6:50:0e:22:e2:fa:1a:7d:59:69:7a:
f3:9e:88:6c:9b:97:8c:69:a0:72:67:ea:50:be:5c:
09:9f:80:64:10:d7:d9:39:34:1d:4f:3a:dc:c0:2b:
a6:83:0d:cf:15:96:df:08:21:2b:48:a9:40:32:56:
21:38:b2:e0:fd:43:56:a1:36:cb:cb:69:ff:c7:f2:
5f:89:9e:f2:b9:bf:26:59:78:78:4a:e0:0c:2f:4d:
14:5e:59:b2:b3:7b:89:0f:1e:c6:e2:36:f7:1f:33:
c5:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:0A:D4:95:1B:35:13:4E:3A:0F:46:11:7E:B2:6B:FB:73:6C:F5:85
X509v3 Authority Key Identifier:
keyid:21:CB:2A:C3:77:FC:60:3F:95:FA:EC:C5:4A:C7:D5:90:F2:CC:31:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Icsqw3f8YD-V-uzFSsfVkPLMMZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/67c21d-0e92-4242-994e-fb40d6da2468/1/PwrUlRs1E046D0YRfrJr-3Ns9YU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/67c21d-0e92-4242-994e-fb40d6da2468/1/Icsqw3f8YD-V-uzFSsfVkPLMMZ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.212.26.0/24
185.177.44.0/24
IPv6:
2a0a:2f81::/32
Signature Algorithm: sha256WithRSAEncryption
53:73:0c:41:6e:44:77:eb:58:4f:b3:48:6c:83:73:91:1d:51:
2f:c9:78:53:e8:f6:d6:12:c8:3e:f5:de:cf:ad:5c:4b:1e:ea:
b2:e0:b8:38:a0:28:32:e4:6a:80:9d:5b:12:27:e6:f1:ed:d0:
eb:7c:37:8e:2f:11:87:b0:61:0f:ac:46:5d:61:18:4c:3c:07:
d2:fb:0c:d0:cd:dd:b5:f4:ff:12:a9:7e:08:ff:30:71:49:97:
c5:c2:eb:25:65:6c:9b:79:68:c3:2c:fe:8d:e2:d0:00:49:47:
ce:f6:d1:ec:a8:32:e3:c4:fa:86:9f:e7:29:fb:bf:7f:ff:83:
02:14:19:0c:93:12:dd:1d:cf:11:80:49:9b:a2:de:92:d4:59:
28:1f:81:dc:88:43:6f:b9:e0:0e:c4:96:b0:97:5d:24:75:ca:
70:29:80:bb:99:25:60:b9:21:bd:40:9a:ef:d9:06:9c:47:b0:
a8:85:d1:74:68:75:eb:be:ea:c2:9e:4b:91:c8:4f:06:ef:10:
67:c7:c5:c1:5b:c1:aa:47:bb:f3:b9:87:3a:56:52:0e:2d:12:
ed:d8:ab:8c:8f:7d:14:c9:b4:dd:d9:78:ac:50:cf:48:f8:22:
1e:a3:74:b9:e1:ca:23:ef:f3:cd:30:f4:fc:5a:6f:cc:14:71:
46:00:a5:f3
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVsATnR4yF7yghUhOYjd1rlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxY2IyYWMzNzdmYzYwM2Y5NWZhZWNjNTRhYzdkNTkwZjJj
YzMxOWQwHhcNMjMwMTAxMDYyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjBhZDQ5NTFiMzUxMzRlM2EwZjQ2MTE3ZWIyNmJmYjczNmNmNTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhobaYxvrMnRV1f0W1b0lOnxdSJRZ
e/KYBgM+SwE4mPqJsAhYdlLY3kYmYXU/8nkfiQS2dK3mOoRZXWLNO4mE+inFXhNH
Ioo3EqKGuBb6M1I+cCdsR69IJw94xs0gxX3ZdhulM1t4ANxrJ95sbx4jHyqHPSPz
xW57S2KHW/amZGC59tYw83UfbnHnEbN7yqgnvYGZSbroQODVxlAOIuL6Gn1ZaXrz
nohsm5eMaaByZ+pQvlwJn4BkENfZOTQdTzrcwCumgw3PFZbfCCErSKlAMlYhOLLg
/UNWoTbLy2n/x/JfiZ7yub8mWXh4SuAML00UXlmys3uJDx7G4jb3HzPFFwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFD8K1JUbNRNOOg9GEX6ya/tzbPWFMB8GA1UdIwQY
MBaAFCHLKsN3/GA/lfrsxUrH1ZDyzDGdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWNzcXczZjhZRC1WLXV6RlNzZlZrUExNTVowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy82N2MyMWQtMGU5Mi00MjQyLTk5NGUt
ZmI0MGQ2ZGEyNDY4LzEvUHdyVWxSczFFMDQ2RDBZUmZySnItM05zOVlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy82N2MyMWQtMGU5Mi00MjQyLTk5NGUtZmI0MGQ2ZGEyNDY4
LzEvSWNzcXczZjhZRC1WLXV6RlNzZlZrUExNTVowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAW9QaAwQA
ubEsMA0EAgACMAcDBQAqCi+BMA0GCSqGSIb3DQEBCwUAA4IBAQBTcwxBbkR361hP
s0hsg3ORHVEvyXhT6PbWEsg+9d7PrVxLHuqy4Lg4oCgy5GqAnVsSJ+bx7dDrfDeO
LxGHsGEPrEZdYRhMPAfS+wzQzd219P8SqX4I/zBxSZfFwuslZWybeWjDLP6N4tAA
SUfO9tHsqDLjxPqGn+cp+79//4MCFBkMkxLdHc8RgEmbot6S1FkoH4HciENvueAO
xJawl10kdcpwKYC7mSVguSG9QJrv2QacR7CohdF0aHXrvurCnkuRyE8G7xBnx8XB
W8GqR7vzuYc6VlIOLRLt2KuMj30UybTd2XisUM9I+CIeo3S54coj7/PNMPT8Wm/M
FHFGAKXz
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:10:45 2024 by rpki-client on console-ams.rpki-client.org