Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/PUK3TUXYsKRvKcwrqj1lMDEq5HI.roa
File: PUK3TUXYsKRvKcwrqj1lMDEq5HI.roa (raw, json)
Hash identifier: A9L2cXZ+p1tj9cVY467ioLCBDBwRCuSZ/0amsflLJ6Q=
Subject key identifier: 3D:42:B7:4D:45:D8:B0:A4:6F:29:CC:2B:AA:3D:65:30:31:2A:E4:72
Certificate issuer: /CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Certificate serial: 0191E520A9A44630899CB6D9C0A3418E57FE
Authority key identifier: AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/PUK3TUXYsKRvKcwrqj1lMDEq5HI.roa
Signing time: Thu 12 Sep 2024 07:26:48 +0000
ROA not before: Thu 12 Sep 2024 07:26:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34984
IP address blocks: 185.174.22.0/24 maxlen: 24
185.174.23.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 12 Sep 2024 11:16:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:e5:20:a9:a4:46:30:89:9c:b6:d9:c0:a3:41:8e:57:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Validity
Not Before: Sep 12 07:26:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3d42b74d45d8b0a46f29cc2baa3d6530312ae472
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:b8:90:3f:f2:f9:fe:5b:fb:98:26:55:ef:4a:
55:84:34:a8:5f:7c:99:c4:42:25:6f:75:e2:68:be:
2c:4c:ef:27:23:fb:c0:58:28:e8:79:38:c9:84:60:
1c:e6:01:fc:67:dc:84:3a:d8:6c:9b:19:93:39:3e:
bc:d0:fb:2b:3a:e1:99:13:c5:79:92:66:0f:40:2a:
82:ef:39:54:93:94:d8:b6:a9:34:da:b1:a1:df:5f:
e0:23:09:a9:1b:42:0c:d3:28:55:10:09:93:f7:1a:
a8:51:4b:b2:6b:51:a8:9c:b9:7c:3e:c2:8f:9a:07:
eb:0b:0d:78:ae:de:c1:77:e6:07:08:4e:d8:94:0c:
87:22:1c:ed:44:1a:1b:bf:1d:ca:0b:ff:b5:36:71:
23:89:8e:0a:07:a7:22:54:c9:ae:e4:fe:a1:f8:15:
38:2c:4d:5f:b3:b0:ec:e3:23:65:de:b1:d4:e0:35:
41:a9:54:6f:be:9f:f6:c4:c7:f2:5d:4c:e3:a2:a5:
4b:80:8b:27:fa:77:5c:94:56:a7:f6:03:cc:af:87:
83:77:bf:67:84:e3:78:96:e9:b7:c7:49:c2:51:3e:
38:73:b7:f9:26:e7:32:7a:c7:3a:0d:90:92:21:0b:
88:76:40:a7:0d:d6:b5:5b:e6:0e:92:e2:88:9b:da:
d0:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:42:B7:4D:45:D8:B0:A4:6F:29:CC:2B:AA:3D:65:30:31:2A:E4:72
X509v3 Authority Key Identifier:
keyid:AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/PUK3TUXYsKRvKcwrqj1lMDEq5HI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.174.22.0/23
Signature Algorithm: sha256WithRSAEncryption
a1:d8:47:62:18:95:5f:86:18:ae:31:6a:4f:ed:d5:5f:d2:a3:
10:1d:f3:b1:ff:e3:d0:c9:f8:4d:0d:48:61:89:43:3d:19:6f:
0e:9e:ed:56:e6:d1:c3:51:ec:69:b5:46:99:e1:8f:e4:dd:03:
59:c3:f5:a0:d0:33:d2:2c:36:9d:3d:cc:fa:9a:52:d8:73:81:
61:99:f6:2d:9c:ac:f8:b7:60:3b:74:5f:bf:79:5f:8b:43:38:
7a:94:ab:8b:bb:e2:1c:57:ad:54:36:db:5a:78:7d:c6:b8:47:
69:ee:93:f4:2a:b5:96:5e:e5:6e:b5:7c:d9:de:97:16:23:43:
e4:83:96:f9:15:c4:cd:c3:62:f2:a8:28:21:8a:77:ce:ec:2c:
5c:a8:cc:b1:27:7b:ab:94:1e:9d:36:2e:c7:05:6d:68:47:d7:
f6:36:bf:88:c1:7f:9b:0f:e3:73:00:14:96:94:bc:ea:1a:6c:
cb:75:15:17:5b:cc:49:7f:eb:6b:40:b6:16:8b:df:09:bc:a9:
b1:94:0e:2e:5b:72:20:b6:a8:7a:46:0a:40:59:a0:42:02:17:
4e:a2:25:e5:48:1c:df:74:79:fb:c9:0a:16:f7:dd:37:dc:e1:
13:b5:44:cc:aa:00:3d:bf:bd:18:c8:38:e1:11:6c:f3:84:53:
00:1a:e4:ef
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZHlIKmkRjCJnLbZwKNBjlf+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMGRhNDNiNGE1ZDNkYjc4YmEzZjc3NGU1YjMxYjc3MDM3
MjAyZDUwHhcNMjQwOTEyMDcyNjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDQyYjc0ZDQ1ZDhiMGE0NmYyOWNjMmJhYTNkNjUzMDMxMmFlNDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs7iQP/L5/lv7mCZV70pVhDSoX3yZ
xEIlb3XiaL4sTO8nI/vAWCjoeTjJhGAc5gH8Z9yEOthsmxmTOT680PsrOuGZE8V5
kmYPQCqC7zlUk5TYtqk02rGh31/gIwmpG0IM0yhVEAmT9xqoUUuya1GonLl8PsKP
mgfrCw14rt7Bd+YHCE7YlAyHIhztRBobvx3KC/+1NnEjiY4KB6ciVMmu5P6h+BU4
LE1fs7Ds4yNl3rHU4DVBqVRvvp/2xMfyXUzjoqVLgIsn+ndclFan9gPMr4eDd79n
hON4lum3x0nCUT44c7f5Jucyesc6DZCSIQuIdkCnDda1W+YOkuKIm9rQ3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD1Ct01F2LCkbynMK6o9ZTAxKuRyMB8GA1UdIwQY
MBaAFK0NpDtKXT23i6P3dOWzG3cDcgLVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTct
YzUxNWYzNTRjYzVhLzEvUFVLM1RVWFlzS1J2S2N3cnFqMWxNREVxNUhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTctYzUxNWYzNTRjYzVh
LzEvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBua4WMA0G
CSqGSIb3DQEBCwUAA4IBAQCh2EdiGJVfhhiuMWpP7dVf0qMQHfOx/+PQyfhNDUhh
iUM9GW8Onu1W5tHDUexptUaZ4Y/k3QNZw/Wg0DPSLDadPcz6mlLYc4FhmfYtnKz4
t2A7dF+/eV+LQzh6lKuLu+IcV61UNttaeH3GuEdp7pP0KrWWXuVutXzZ3pcWI0Pk
g5b5FcTNw2LyqCghinfO7CxcqMyxJ3urlB6dNi7HBW1oR9f2Nr+IwX+bD+NzABSW
lLzqGmzLdRUXW8xJf+trQLYWi98JvKmxlA4uW3Igtqh6RgpAWaBCAhdOoiXlSBzf
dHn7yQoW99033OETtUTMqgA9v70YyDjhEWzzhFMAGuTv
-----END CERTIFICATE-----
Generated at Thu Sep 12 14:04:23 2024 by rpki-client on console-ams.rpki-client.org