Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/PgnJ87hfw1YL14XQLTRbCc1qYxQ.roa
File: PgnJ87hfw1YL14XQLTRbCc1qYxQ.roa (raw, json)
Hash identifier: 6AFGW8OdyhCd8QbSqvdg00DTUbzZJuVSgid1slE9/VY=
Subject key identifier: 3E:09:C9:F3:B8:5F:C3:56:0B:D7:85:D0:2D:34:5B:09:CD:6A:63:14
Certificate issuer: /CN=30c409613fea0a2b442ce112e9cbdb485e01188f
Certificate serial: 0185E0B0BDD2685AC626451AF9512E8088E1
Authority key identifier: 30:C4:09:61:3F:EA:0A:2B:44:2C:E1:12:E9:CB:DB:48:5E:01:18:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MMQJYT_qCitELOES6cvbSF4BGI8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/PgnJ87hfw1YL14XQLTRbCc1qYxQ.roa
Signing time: Mon 23 Jan 2023 22:12:37 +0000
ROA not before: Mon 23 Jan 2023 22:12:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60877
IP address blocks: 195.187.41.0/24 maxlen: 24
193.59.93.0/24 maxlen: 24
194.181.125.0/24 maxlen: 24
194.181.31.0/24 maxlen: 26
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:32:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e0:b0:bd:d2:68:5a:c6:26:45:1a:f9:51:2e:80:88:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30c409613fea0a2b442ce112e9cbdb485e01188f
Validity
Not Before: Jan 23 22:12:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3e09c9f3b85fc3560bd785d02d345b09cd6a6314
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:33:dd:74:7c:4d:5c:6c:67:89:cf:36:9b:4e:
64:4b:97:aa:b6:28:b9:30:ae:89:bd:e4:24:f1:10:
b7:e3:f0:53:d7:d6:12:b1:d3:3a:58:13:45:c4:98:
f7:4f:03:cf:94:7b:b6:52:67:d8:e2:dd:af:64:f3:
ee:29:74:38:41:60:5f:d9:c1:fb:d0:0d:ce:a5:64:
73:82:45:b0:40:35:e0:ae:4a:3e:70:48:da:ca:5d:
4e:28:39:1b:2b:79:89:d2:67:10:ea:57:3f:b4:07:
fc:e1:0a:05:cb:ec:74:3c:f5:93:38:ca:52:6b:0a:
fa:47:98:3d:c8:fe:bf:9d:37:14:6a:c2:d6:7b:bb:
cb:85:b5:20:36:b9:e2:b7:ff:1e:ed:90:1c:a0:0d:
09:66:f8:c3:1c:8e:83:db:b2:32:ef:9b:65:b0:9e:
de:f9:af:ab:00:f3:04:9f:72:c5:51:ca:91:8c:3f:
0d:fe:a2:a5:d0:66:4e:53:d4:ca:58:c5:a4:18:bd:
89:bf:be:bd:d5:d4:50:9b:f0:1f:14:72:56:27:18:
67:92:c6:c7:15:2e:c3:40:24:40:69:3a:2e:45:b9:
a3:03:8f:9a:70:46:f0:39:1a:d6:7e:43:b6:ce:71:
f7:64:10:de:87:ec:bc:dc:3c:a0:25:ee:15:c7:4e:
20:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:09:C9:F3:B8:5F:C3:56:0B:D7:85:D0:2D:34:5B:09:CD:6A:63:14
X509v3 Authority Key Identifier:
keyid:30:C4:09:61:3F:EA:0A:2B:44:2C:E1:12:E9:CB:DB:48:5E:01:18:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MMQJYT_qCitELOES6cvbSF4BGI8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/PgnJ87hfw1YL14XQLTRbCc1qYxQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/MMQJYT_qCitELOES6cvbSF4BGI8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.59.93.0/24
194.181.31.0/24
194.181.125.0/24
195.187.41.0/24
Signature Algorithm: sha256WithRSAEncryption
65:e1:74:3c:6a:09:cb:ab:1b:7d:df:93:87:de:b9:43:c9:bb:
64:29:3b:ff:63:8e:ba:99:14:69:a7:cd:19:b4:bd:b8:f5:a7:
d1:9b:db:51:75:f5:c8:cf:76:46:da:8b:8a:db:70:3f:6b:b6:
9a:ed:b4:1d:18:42:c4:7f:cd:9d:28:4a:98:48:92:58:74:da:
73:69:4b:9b:f6:e2:9f:f5:60:bd:dc:1c:aa:cf:3a:98:d8:43:
76:c5:dd:ad:7e:df:56:b1:03:9e:b9:9a:8d:4d:58:b1:9d:f2:
f0:cc:13:54:5c:4d:7b:d6:5d:8b:1a:32:ea:e4:16:e0:85:cc:
12:58:ee:b3:8b:d2:08:09:ba:4f:c4:a4:98:ac:3b:7e:a5:de:
55:bc:fc:ab:22:20:6d:1e:83:53:40:93:9d:91:f0:32:ea:9f:
ff:17:cf:59:5d:69:a6:9a:e0:c5:a2:77:9b:5f:52:30:11:cd:
5d:57:32:61:da:48:87:ee:7c:58:ad:04:d7:23:d0:b0:7a:72:
16:e8:ae:a8:a0:99:c3:50:a7:0b:9e:07:7b:bf:ef:d3:2b:ca:
b0:cb:6d:28:af:09:ae:33:b9:c9:39:95:f1:77:91:78:2a:55:
85:67:19:cf:ce:bf:db:91:0c:0a:d2:b9:d7:17:07:2a:0d:c2:
53:6e:63:a4
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYXgsL3SaFrGJkUa+VEugIjhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwYzQwOTYxM2ZlYTBhMmI0NDJjZTExMmU5Y2JkYjQ4NWUw
MTE4OGYwHhcNMjMwMTIzMjIxMjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTA5YzlmM2I4NWZjMzU2MGJkNzg1ZDAyZDM0NWIwOWNkNmE2MzE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnjPddHxNXGxnic82m05kS5eqtii5
MK6JveQk8RC34/BT19YSsdM6WBNFxJj3TwPPlHu2UmfY4t2vZPPuKXQ4QWBf2cH7
0A3OpWRzgkWwQDXgrko+cEjayl1OKDkbK3mJ0mcQ6lc/tAf84QoFy+x0PPWTOMpS
awr6R5g9yP6/nTcUasLWe7vLhbUgNrnit/8e7ZAcoA0JZvjDHI6D27Iy75tlsJ7e
+a+rAPMEn3LFUcqRjD8N/qKl0GZOU9TKWMWkGL2Jv7691dRQm/AfFHJWJxhnksbH
FS7DQCRAaTouRbmjA4+acEbwORrWfkO2znH3ZBDeh+y83DygJe4Vx04gNwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFD4JyfO4X8NWC9eF0C00WwnNamMUMB8GA1UdIwQY
MBaAFDDECWE/6gorRCzhEunL20heARiPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTU1RSllUX3FDaXRFTE9FUzZjdmJTRjRCR0k4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9iNzhmYjUtYWZjYS00ZGI3LTg4ODYt
YzA2NzFiZjRjZjNlLzEvUGduSjg3aGZ3MVlMMTRYUUxUUmJDYzFxWXhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9iNzhmYjUtYWZjYS00ZGI3LTg4ODYtYzA2NzFiZjRjZjNl
LzEvTU1RSllUX3FDaXRFTE9FUzZjdmJTRjRCR0k4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwTtdAwQA
wrUfAwQAwrV9AwQAw7spMA0GCSqGSIb3DQEBCwUAA4IBAQBl4XQ8agnLqxt935OH
3rlDybtkKTv/Y466mRRpp80ZtL249afRm9tRdfXIz3ZG2ouK23A/a7aa7bQdGELE
f82dKEqYSJJYdNpzaUub9uKf9WC93ByqzzqY2EN2xd2tft9WsQOeuZqNTVixnfLw
zBNUXE171l2LGjLq5BbghcwSWO6zi9IICbpPxKSYrDt+pd5VvPyrIiBtHoNTQJOd
kfAy6p//F89ZXWmmmuDFonebX1IwEc1dVzJh2kiH7nxYrQTXI9CwenIW6K6ooJnD
UKcLngd7v+/TK8qwy20orwmuM7nJOZXxd5F4KlWFZxnPzr/bkQwK0rnXFwcqDcJT
bmOk
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:05 2024 by rpki-client on console-ams.rpki-client.org