Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/3d56f6-9410-4844-a472-5615513fdcf4/1/PzTDSELNWJk4OG4k3czPxIDDrzM.roa
File: PzTDSELNWJk4OG4k3czPxIDDrzM.roa (raw, json)
Hash identifier: fnvRfzPk7n8WTHDpBqpNK9SDvUOmfPqSiJGMyi9YEgA=
Subject key identifier: 3F:34:C3:48:42:CD:58:99:38:38:6E:24:DD:CC:CF:C4:80:C3:AF:33
Certificate issuer: /CN=6029b1a08139e1da9643dd0424f5cd64507e3771
Certificate serial: 018CC3494007A140298497EB8CC38F73367A
Authority key identifier: 60:29:B1:A0:81:39:E1:DA:96:43:DD:04:24:F5:CD:64:50:7E:37:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YCmxoIE54dqWQ90EJPXNZFB-N3E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/3d56f6-9410-4844-a472-5615513fdcf4/1/PzTDSELNWJk4OG4k3czPxIDDrzM.roa
Signing time: Mon 01 Jan 2024 04:30:06 +0000
ROA not before: Mon 01 Jan 2024 04:30:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204002
IP address blocks: 185.43.89.0/24 maxlen: 24
185.43.90.0/24 maxlen: 24
185.43.91.0/24 maxlen: 24
185.43.88.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:40:07:a1:40:29:84:97:eb:8c:c3:8f:73:36:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6029b1a08139e1da9643dd0424f5cd64507e3771
Validity
Not Before: Jan 1 04:30:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3f34c34842cd589938386e24ddcccfc480c3af33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:8b:ea:12:a2:41:a0:49:d1:a5:0a:90:c6:c9:
f6:8f:80:d5:e2:28:b1:e9:63:f2:3b:ea:de:0b:c1:
a8:7c:e4:4d:7a:31:fc:50:06:78:c2:c6:8e:0a:eb:
a3:af:46:49:3e:c1:d1:9f:28:af:d7:a2:ff:2a:7a:
c5:f5:08:02:20:d4:5f:ca:5b:e0:67:78:f1:4c:56:
83:b4:fe:09:cd:8f:75:fa:09:e2:d4:ba:f7:ad:62:
b3:d3:6d:77:b8:8e:70:df:a9:9d:78:46:2b:9c:95:
6b:a0:84:c9:71:cc:63:bc:dd:84:f7:63:6b:eb:f1:
da:98:cf:5d:7e:6e:11:8f:e6:33:eb:44:73:2f:03:
4c:ca:7b:f7:bb:44:b6:79:33:eb:eb:1c:6f:ba:d8:
ec:38:bc:d2:bf:7f:f1:06:2a:c8:aa:a1:f5:fd:0d:
fb:04:8f:75:71:33:ef:0f:96:05:45:f2:72:b7:b9:
e5:a4:a7:95:97:9f:f4:d9:69:3b:aa:b7:95:a3:38:
7b:56:40:2f:47:78:e0:9f:df:d8:f2:ae:cf:26:ab:
10:27:b8:4d:e2:28:1f:f9:2f:01:a7:d7:96:5c:f2:
28:ce:01:57:14:48:9a:d8:eb:68:d9:1a:c2:15:ba:
d5:8d:44:38:5c:61:20:0b:9a:96:83:95:2c:c1:38:
1d:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:34:C3:48:42:CD:58:99:38:38:6E:24:DD:CC:CF:C4:80:C3:AF:33
X509v3 Authority Key Identifier:
keyid:60:29:B1:A0:81:39:E1:DA:96:43:DD:04:24:F5:CD:64:50:7E:37:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YCmxoIE54dqWQ90EJPXNZFB-N3E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/3d56f6-9410-4844-a472-5615513fdcf4/1/PzTDSELNWJk4OG4k3czPxIDDrzM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/3d56f6-9410-4844-a472-5615513fdcf4/1/YCmxoIE54dqWQ90EJPXNZFB-N3E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.43.88.0/22
Signature Algorithm: sha256WithRSAEncryption
3d:8f:c7:55:c7:8d:88:d3:8b:31:39:ff:fb:ba:48:ac:95:a9:
87:e0:3d:de:29:cc:c4:1b:9b:d0:34:01:66:22:88:8d:e4:52:
f3:c3:82:0d:c8:6d:f1:d7:38:50:04:21:2b:52:99:02:8f:ec:
25:bb:fc:ac:5c:81:76:ee:b5:3b:8b:dc:04:71:f2:5b:77:da:
7b:92:0a:6a:a4:66:ef:2e:e6:2d:65:1a:95:52:74:00:d9:f4:
42:2c:89:3f:b8:50:9d:fd:9a:c9:65:23:2b:42:7f:0f:5b:53:
f2:49:5f:60:10:38:df:05:2c:73:87:74:d5:86:2a:c5:8e:53:
8d:ba:a4:91:e1:57:41:42:ce:45:31:44:50:0d:df:92:ae:38:
8f:00:fa:b5:7e:91:df:fe:fb:88:90:6d:77:95:26:1a:d0:44:
1f:fb:7e:df:f7:2b:56:32:37:16:34:89:b4:eb:de:ed:fd:e0:
ed:8b:4d:a8:b8:88:b2:b2:e7:95:a4:00:c5:d9:6d:84:d9:67:
64:96:e6:3d:8e:80:36:14:05:86:62:c3:b2:b3:ef:7b:7b:bf:
6c:35:c1:2d:ef:8c:f1:df:0b:0a:a9:31:11:fa:42:8b:68:53:
75:d7:5b:d6:11:0e:3e:27:bb:91:31:b7:f3:02:3d:58:97:bf:
0d:92:2a:47
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSUAHoUAphJfrjMOPczZ6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwMjliMWEwODEzOWUxZGE5NjQzZGQwNDI0ZjVjZDY0NTA3
ZTM3NzEwHhcNMjQwMTAxMDQzMDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjM0YzM0ODQyY2Q1ODk5MzgzODZlMjRkZGNjY2ZjNDgwYzNhZjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA04vqEqJBoEnRpQqQxsn2j4DV4iix
6WPyO+reC8GofORNejH8UAZ4wsaOCuujr0ZJPsHRnyiv16L/KnrF9QgCINRfylvg
Z3jxTFaDtP4JzY91+gni1Lr3rWKz0213uI5w36mdeEYrnJVroITJccxjvN2E92Nr
6/HamM9dfm4Rj+Yz60RzLwNMynv3u0S2eTPr6xxvutjsOLzSv3/xBirIqqH1/Q37
BI91cTPvD5YFRfJyt7nlpKeVl5/02Wk7qreVozh7VkAvR3jgn9/Y8q7PJqsQJ7hN
4igf+S8Bp9eWXPIozgFXFEia2Oto2RrCFbrVjUQ4XGEgC5qWg5UswTgdIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD80w0hCzViZODhuJN3Mz8SAw68zMB8GA1UdIwQY
MBaAFGApsaCBOeHalkPdBCT1zWRQfjdxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUNteG9JRTU0ZHFXUTkwRUpQWE5aRkItTjNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8zZDU2ZjYtOTQxMC00ODQ0LWE0NzIt
NTYxNTUxM2ZkY2Y0LzEvUHpURFNFTE5XSms0T0c0azNjelB4SUREcnpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8zZDU2ZjYtOTQxMC00ODQ0LWE0NzItNTYxNTUxM2ZkY2Y0
LzEvWUNteG9JRTU0ZHFXUTkwRUpQWE5aRkItTjNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuStYMA0G
CSqGSIb3DQEBCwUAA4IBAQA9j8dVx42I04sxOf/7ukislamH4D3eKczEG5vQNAFm
IoiN5FLzw4INyG3x1zhQBCErUpkCj+wlu/ysXIF27rU7i9wEcfJbd9p7kgpqpGbv
LuYtZRqVUnQA2fRCLIk/uFCd/ZrJZSMrQn8PW1PySV9gEDjfBSxzh3TVhirFjlON
uqSR4VdBQs5FMURQDd+SrjiPAPq1fpHf/vuIkG13lSYa0EQf+37f9ytWMjcWNIm0
697t/eDti02ouIiysueVpADF2W2E2WdkluY9joA2FAWGYsOys+97e79sNcEt74zx
3wsKqTER+kKLaFN111vWEQ4+J7uRMbfzAj1Yl78NkipH
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:40:59 2025 by rpki-client