Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/333ab1-af9b-434c-8d13-9ca98f4950cf/1/PVKNNOOVWypyzkSKzgtS0RYsXhA.roa
File: PVKNNOOVWypyzkSKzgtS0RYsXhA.roa (raw, json)
Hash identifier: LMdq6SbF0ZRWJbSvaiemys8dmbTgwRlBGqmdkO6QQrc=
Subject key identifier: 3D:52:8D:34:E3:95:5B:2A:72:CE:44:8A:CE:0B:52:D1:16:2C:5E:10
Certificate issuer: /CN=1e14eb1eef66c2d349f3f7d7bafa68e49fbfec9c
Certificate serial: 01856EC1F8D3E60815E081E80F7C94EEEB75
Authority key identifier: 1E:14:EB:1E:EF:66:C2:D3:49:F3:F7:D7:BA:FA:68:E4:9F:BF:EC:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HhTrHu9mwtNJ8_fXuvpo5J-_7Jw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/333ab1-af9b-434c-8d13-9ca98f4950cf/1/PVKNNOOVWypyzkSKzgtS0RYsXhA.roa
Signing time: Sun 01 Jan 2023 19:14:43 +0000
ROA not before: Sun 01 Jan 2023 19:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13032
IP address blocks: 185.12.8.0/23 maxlen: 23
2a03:5dc0:6::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:c1:f8:d3:e6:08:15:e0:81:e8:0f:7c:94:ee:eb:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e14eb1eef66c2d349f3f7d7bafa68e49fbfec9c
Validity
Not Before: Jan 1 19:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3d528d34e3955b2a72ce448ace0b52d1162c5e10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:22:c2:7e:c2:75:3a:44:64:07:b0:01:f4:70:
b1:cb:8e:36:73:71:0a:e5:75:e6:d4:29:3b:94:6b:
79:41:94:88:a7:b7:e4:bd:9d:b9:45:d6:20:91:94:
56:34:b9:f7:e6:64:ae:c7:d3:70:f7:ec:d9:e7:6b:
32:5f:da:f2:31:c4:bf:b0:51:3c:36:ec:71:8e:c4:
d5:04:3e:10:ec:92:3d:83:12:f3:8d:ca:7b:a8:4a:
87:00:74:2c:b1:e8:5a:23:db:08:51:d0:ca:dd:6d:
31:f1:85:c3:f4:f9:a2:98:21:8c:00:37:60:22:ef:
51:71:d5:ee:a3:64:f1:c3:3e:c5:d3:84:2e:7a:2f:
77:70:ba:1d:0e:d4:ca:ff:a9:b6:8b:26:7a:f8:3b:
c9:55:57:b3:a3:de:13:50:13:28:5b:d4:5b:c3:5b:
ef:3b:e4:c7:33:51:1f:36:59:43:c6:68:39:b1:5b:
56:9b:fe:b5:8b:9c:4a:4b:2f:5f:01:8f:cb:80:9e:
b1:7c:20:d1:c9:b1:1d:92:62:7a:2d:31:8d:dc:e4:
5e:80:d5:4f:fe:d9:f0:53:eb:af:87:b2:25:07:82:
76:37:86:af:ac:51:f5:e2:28:8e:ff:7c:e2:bb:12:
ca:10:5c:7b:9f:b1:8e:a5:77:26:3d:59:b9:7e:f7:
7c:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:52:8D:34:E3:95:5B:2A:72:CE:44:8A:CE:0B:52:D1:16:2C:5E:10
X509v3 Authority Key Identifier:
keyid:1E:14:EB:1E:EF:66:C2:D3:49:F3:F7:D7:BA:FA:68:E4:9F:BF:EC:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HhTrHu9mwtNJ8_fXuvpo5J-_7Jw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/333ab1-af9b-434c-8d13-9ca98f4950cf/1/PVKNNOOVWypyzkSKzgtS0RYsXhA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/333ab1-af9b-434c-8d13-9ca98f4950cf/1/HhTrHu9mwtNJ8_fXuvpo5J-_7Jw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.12.8.0/23
IPv6:
2a03:5dc0:6::/48
Signature Algorithm: sha256WithRSAEncryption
bb:53:b5:22:89:54:2d:eb:48:30:db:69:c6:78:66:01:e4:83:
f0:96:dd:a2:de:fc:c5:65:60:53:07:67:35:58:43:90:1f:8e:
e8:3d:d0:2e:0f:0c:a8:f1:e8:fc:72:96:a3:f0:72:03:74:42:
52:8b:8e:8f:db:b6:c3:5c:a3:20:3f:f8:f5:2b:4b:22:d6:2e:
46:da:67:be:b5:18:b7:ab:22:64:f3:ca:72:5e:8e:c2:0d:ae:
67:5e:38:e3:c9:93:2a:58:7f:c8:e3:1c:f4:13:43:28:ce:c1:
32:d6:66:e3:b1:9b:f1:fe:82:83:fc:1e:d5:ca:71:01:79:d3:
02:1a:52:66:74:c9:4d:a4:6b:69:82:aa:ee:f4:f5:85:37:85:
c5:14:de:16:78:2c:d5:04:53:27:62:fd:6b:89:92:3b:00:4e:
69:81:de:3b:c4:83:43:60:e0:5d:7d:9e:78:dc:cd:e8:de:2a:
ca:e0:6c:5c:05:4e:1a:e3:c9:7f:8e:b0:99:17:0c:8d:37:31:
6f:77:45:6c:c4:7b:ae:cf:3b:d6:3d:ea:83:e7:ec:fe:8c:17:
77:60:9e:e3:0b:10:77:23:07:fd:f7:f6:e7:1e:24:b1:1f:db:
37:73:e2:64:58:60:5d:f7:bc:8d:4b:16:f7:eb:fd:5c:82:30:
bf:49:aa:bf
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVuwfjT5ggV4IHoD3yU7ut1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMTRlYjFlZWY2NmMyZDM0OWYzZjdkN2JhZmE2OGU0OWZi
ZmVjOWMwHhcNMjMwMTAxMTkxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDUyOGQzNGUzOTU1YjJhNzJjZTQ0OGFjZTBiNTJkMTE2MmM1ZTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuCLCfsJ1OkRkB7AB9HCxy442c3EK
5XXm1Ck7lGt5QZSIp7fkvZ25RdYgkZRWNLn35mSux9Nw9+zZ52syX9ryMcS/sFE8
NuxxjsTVBD4Q7JI9gxLzjcp7qEqHAHQssehaI9sIUdDK3W0x8YXD9PmimCGMADdg
Iu9RcdXuo2Txwz7F04Quei93cLodDtTK/6m2iyZ6+DvJVVezo94TUBMoW9Rbw1vv
O+THM1EfNllDxmg5sVtWm/61i5xKSy9fAY/LgJ6xfCDRybEdkmJ6LTGN3ORegNVP
/tnwU+uvh7IlB4J2N4avrFH14iiO/3ziuxLKEFx7n7GOpXcmPVm5fvd8dQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFD1SjTTjlVsqcs5Eis4LUtEWLF4QMB8GA1UdIwQY
MBaAFB4U6x7vZsLTSfP317r6aOSfv+ycMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGhUckh1OW13dE5KOF9mWHV2cG81Si1fN0p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy8zMzNhYjEtYWY5Yi00MzRjLThkMTMt
OWNhOThmNDk1MGNmLzEvUFZLTk5PT1ZXeXB5emtTS3pndFMwUllzWGhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy8zMzNhYjEtYWY5Yi00MzRjLThkMTMtOWNhOThmNDk1MGNm
LzEvSGhUckh1OW13dE5KOF9mWHV2cG81Si1fN0p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBuQwIMA8E
AgACMAkDBwAqA13AAAYwDQYJKoZIhvcNAQELBQADggEBALtTtSKJVC3rSDDbacZ4
ZgHkg/CW3aLe/MVlYFMHZzVYQ5Afjug90C4PDKjx6PxylqPwcgN0QlKLjo/btsNc
oyA/+PUrSyLWLkbaZ761GLerImTzynJejsINrmdeOOPJkypYf8jjHPQTQyjOwTLW
ZuOxm/H+goP8HtXKcQF50wIaUmZ0yU2ka2mCqu709YU3hcUU3hZ4LNUEUydi/WuJ
kjsATmmB3jvEg0Ng4F19nnjczejeKsrgbFwFThrjyX+OsJkXDI03MW93RWzEe67P
O9Y96oPn7P6MF3dgnuMLEHcjB/339uceJLEf2zdz4mRYYF33vI1LFvfr/VyCML9J
qr8=
-----END CERTIFICATE-----
Generated at Mon Jan 1 02:53:42 2024 by rpki-client on console-ams.rpki-client.org