Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/85a208-1ab6-46f7-b1a5-a26d25bc7654/1/PInk2WGUgJCd_7iW9GitxtHbHAM.roa
File: PInk2WGUgJCd_7iW9GitxtHbHAM.roa (raw, json)
Hash identifier: 4bKRjIXIDDdQ2ZB/FJcvG9ZrbenuHnkwQ4Tov/LdtMw=
Subject key identifier: 3C:89:E4:D9:61:94:80:90:9D:FF:B8:96:F4:68:AD:C6:D1:DB:1C:03
Certificate issuer: /CN=09c50efe13aadf5423b04f0ddca8b3288395823e
Certificate serial: 01856F0B719EE9A56804274FF571E0BD3798
Authority key identifier: 09:C5:0E:FE:13:AA:DF:54:23:B0:4F:0D:DC:A8:B3:28:83:95:82:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CcUO_hOq31QjsE8N3KizKIOVgj4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/85a208-1ab6-46f7-b1a5-a26d25bc7654/1/PInk2WGUgJCd_7iW9GitxtHbHAM.roa
Signing time: Sun 01 Jan 2023 20:34:58 +0000
ROA not before: Sun 01 Jan 2023 20:34:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49865
IP address blocks: 194.24.0.0/21 maxlen: 21
194.24.1.0/24 maxlen: 24
194.24.4.0/22 maxlen: 22
2a0a:5080::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:34:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:0b:71:9e:e9:a5:68:04:27:4f:f5:71:e0:bd:37:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09c50efe13aadf5423b04f0ddca8b3288395823e
Validity
Not Before: Jan 1 20:34:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3c89e4d9619480909dffb896f468adc6d1db1c03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:19:d1:c9:58:ff:5d:0b:26:8e:45:af:f5:5c:
c0:16:45:35:3e:82:c2:ab:82:fa:b7:f0:ab:25:92:
af:9f:84:6b:e9:d2:08:21:5c:ff:47:d5:fe:5b:80:
50:34:2e:e7:20:55:d1:20:11:e0:57:07:cd:1d:98:
cd:e6:4b:08:64:c1:9a:4a:c8:ef:76:29:9c:b0:11:
1e:6b:97:a2:eb:47:27:24:f9:e1:65:d9:8f:92:8c:
c1:84:5b:29:5c:e4:8e:6a:9e:16:ce:21:0c:12:3f:
8b:b5:e2:9a:c8:cb:cd:ee:cd:b2:0e:ff:18:a9:65:
a2:bd:6c:bc:c9:cf:86:28:33:bd:0d:20:01:81:e6:
76:98:a6:bb:f5:54:d3:29:74:7b:a4:d4:44:ed:ab:
95:bc:da:61:a2:77:75:1e:ce:69:b0:71:1f:98:9c:
0f:d3:7a:96:0e:37:f8:8d:53:f8:c3:11:c1:2b:2f:
17:4a:fd:d8:33:bc:43:20:ce:77:64:f7:94:58:ab:
3f:77:73:01:5f:ef:c8:24:c8:56:b5:a1:a7:ad:42:
18:4e:df:57:45:95:9f:5d:98:ff:10:68:cc:e9:f3:
21:be:48:38:5d:1f:e6:6d:1d:c4:19:c6:93:8a:ac:
53:76:53:82:a0:ad:46:b0:26:79:2a:ee:09:e0:33:
97:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:89:E4:D9:61:94:80:90:9D:FF:B8:96:F4:68:AD:C6:D1:DB:1C:03
X509v3 Authority Key Identifier:
keyid:09:C5:0E:FE:13:AA:DF:54:23:B0:4F:0D:DC:A8:B3:28:83:95:82:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CcUO_hOq31QjsE8N3KizKIOVgj4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/85a208-1ab6-46f7-b1a5-a26d25bc7654/1/PInk2WGUgJCd_7iW9GitxtHbHAM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/85a208-1ab6-46f7-b1a5-a26d25bc7654/1/CcUO_hOq31QjsE8N3KizKIOVgj4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.24.0.0/21
IPv6:
2a0a:5080::/29
Signature Algorithm: sha256WithRSAEncryption
8d:ce:2e:e9:ed:a3:e4:4a:c7:36:fb:45:18:f1:3e:e6:e1:75:
a8:5a:76:0d:aa:a6:14:02:70:a3:78:8c:d1:dc:77:44:e7:cd:
82:00:95:51:41:e2:45:8f:6e:5a:6b:2b:e4:dd:ee:1a:ac:d3:
fb:9c:1d:28:ce:ec:18:ba:a0:bc:32:55:9f:b0:db:72:f3:4c:
eb:f1:f7:b7:02:d5:7f:de:6d:17:22:9a:64:bc:4a:94:4b:51:
37:7d:a6:e2:e2:e8:6c:02:d7:c4:7a:10:46:4f:d5:0f:34:4a:
2b:ef:68:cb:71:c0:ae:44:45:23:f8:d3:a8:e1:e2:01:45:a6:
c8:b7:f5:e0:c9:02:dc:b8:e1:8f:78:0a:a4:2f:e9:19:05:0d:
68:61:94:68:38:13:51:71:ea:8a:a1:14:c1:81:5e:21:89:5d:
c3:8f:e6:a5:e8:11:09:81:dd:a6:df:6c:a2:dc:2d:9b:e1:36:
4e:2c:65:7f:89:a4:44:3a:89:d0:78:c4:d4:30:d4:b8:45:9f:
43:9b:9f:5f:2a:7c:91:33:17:1c:63:6c:6d:0f:10:6f:e7:2d:
b4:59:f1:3b:1f:dd:fc:4d:fa:39:5d:ab:32:ef:79:92:36:aa:
cc:ca:f1:08:b5:f9:b0:32:65:46:71:21:f9:62:49:55:47:61:
e4:70:14:ee
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvC3Ge6aVoBCdP9XHgvTeYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5YzUwZWZlMTNhYWRmNTQyM2IwNGYwZGRjYThiMzI4ODM5
NTgyM2UwHhcNMjMwMTAxMjAzNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzg5ZTRkOTYxOTQ4MDkwOWRmZmI4OTZmNDY4YWRjNmQxZGIxYzAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApBnRyVj/XQsmjkWv9VzAFkU1PoLC
q4L6t/CrJZKvn4Rr6dIIIVz/R9X+W4BQNC7nIFXRIBHgVwfNHZjN5ksIZMGaSsjv
dimcsBEea5ei60cnJPnhZdmPkozBhFspXOSOap4WziEMEj+LteKayMvN7s2yDv8Y
qWWivWy8yc+GKDO9DSABgeZ2mKa79VTTKXR7pNRE7auVvNphond1Hs5psHEfmJwP
03qWDjf4jVP4wxHBKy8XSv3YM7xDIM53ZPeUWKs/d3MBX+/IJMhWtaGnrUIYTt9X
RZWfXZj/EGjM6fMhvkg4XR/mbR3EGcaTiqxTdlOCoK1GsCZ5Ku4J4DOXpQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDyJ5NlhlICQnf+4lvRorcbR2xwDMB8GA1UdIwQY
MBaAFAnFDv4Tqt9UI7BPDdyosyiDlYI+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2NVT19oT3EzMVFqc0U4TjNLaXpLSU9WZ2o0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS84NWEyMDgtMWFiNi00NmY3LWIxYTUt
YTI2ZDI1YmM3NjU0LzEvUEluazJXR1VnSkNkXzdpVzlHaXR4dEhiSEFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS84NWEyMDgtMWFiNi00NmY3LWIxYTUtYTI2ZDI1YmM3NjU0
LzEvQ2NVT19oT3EzMVFqc0U4TjNLaXpLSU9WZ2o0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDwhgAMA0E
AgACMAcDBQMqClCAMA0GCSqGSIb3DQEBCwUAA4IBAQCNzi7p7aPkSsc2+0UY8T7m
4XWoWnYNqqYUAnCjeIzR3HdE582CAJVRQeJFj25aayvk3e4arNP7nB0ozuwYuqC8
MlWfsNty80zr8fe3AtV/3m0XIppkvEqUS1E3fabi4uhsAtfEehBGT9UPNEor72jL
ccCuREUj+NOo4eIBRabIt/XgyQLcuOGPeAqkL+kZBQ1oYZRoOBNRceqKoRTBgV4h
iV3Dj+al6BEJgd2m32yi3C2b4TZOLGV/iaREOonQeMTUMNS4RZ9Dm59fKnyRMxcc
Y2xtDxBv5y20WfE7H938Tfo5Xasy73mSNqrMyvEItfmwMmVGcSH5YklVR2HkcBTu
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:54 2024 by rpki-client on console-fra.rpki-client.org