Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/PMXz9W3FtoHSkAE_lEarzgXbsMs.roa
File: PMXz9W3FtoHSkAE_lEarzgXbsMs.roa (raw, json)
Hash identifier: Usx2cRAKwcJNqIcuC0bA87ggfbban68Pcn6oYD+w+hk=
Subject key identifier: 3C:C5:F3:F5:6D:C5:B6:81:D2:90:01:3F:94:46:AB:CE:05:DB:B0:CB
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 018C50C86B17E1AC9E1F9BA46B9120F61B99
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/PMXz9W3FtoHSkAE_lEarzgXbsMs.roa
Signing time: Sat 09 Dec 2023 22:52:41 +0000
ROA not before: Sat 09 Dec 2023 22:52:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212685
IP address blocks: 85.202.163.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:50:c8:6b:17:e1:ac:9e:1f:9b:a4:6b:91:20:f6:1b:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Dec 9 22:52:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3cc5f3f56dc5b681d290013f9446abce05dbb0cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:51:98:66:c1:ed:5b:2e:91:05:25:9d:22:49:
2d:f0:b4:c6:f8:e1:67:31:1b:a3:cb:40:83:00:27:
1d:0a:88:07:98:39:0e:24:b3:13:51:e3:7c:ab:6a:
38:5d:26:e8:e5:b1:eb:4e:a6:7a:fe:e2:75:9d:d0:
29:43:45:f0:74:68:c3:c0:c2:73:d2:f2:2a:c9:a3:
f3:fb:6e:8c:69:98:cf:22:00:ee:12:76:40:33:47:
13:65:cc:80:f1:94:00:96:32:9d:43:c9:26:77:a9:
a7:03:d6:26:36:35:ca:02:f2:0c:49:ab:0d:97:53:
c7:16:61:85:07:68:88:b7:e6:46:66:db:91:04:6d:
b4:7d:4a:75:a9:5a:5a:79:12:23:30:c4:17:5d:cd:
c3:d2:33:d1:01:f1:3e:7c:a8:c1:0e:07:22:71:f9:
b6:83:54:08:c1:9f:b5:c2:69:83:c1:28:26:d7:6c:
07:61:9f:3c:84:0f:64:b3:86:6a:c6:76:7a:5e:e7:
32:eb:48:6d:c2:7a:0e:9c:47:d1:8a:28:cb:35:0b:
0f:4e:84:25:0b:51:b1:83:5b:9f:34:52:43:c2:ce:
53:a8:09:3a:69:47:0e:3f:89:99:77:ac:8d:42:1e:
da:69:85:8a:c4:ac:88:b2:c3:2b:6b:69:48:0f:8f:
8e:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:C5:F3:F5:6D:C5:B6:81:D2:90:01:3F:94:46:AB:CE:05:DB:B0:CB
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/PMXz9W3FtoHSkAE_lEarzgXbsMs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.202.163.0/24
Signature Algorithm: sha256WithRSAEncryption
85:59:be:6a:17:c4:b8:12:89:c3:f4:f6:3e:63:dd:59:e7:22:
82:aa:74:24:53:7d:31:6a:33:61:02:8b:d9:82:58:b3:6e:af:
a1:cd:a0:f8:42:72:ba:9f:8a:f6:5f:4f:e9:46:e5:e4:a6:43:
fa:1e:b1:00:8f:de:0d:32:3d:ac:70:cf:88:7b:de:81:7d:9e:
1e:0d:13:5a:5e:d6:45:b4:4d:08:d9:c6:69:da:6c:74:06:37:
e9:71:68:f4:ba:99:96:e4:3b:5d:ff:f8:75:c8:8d:4a:6c:09:
f2:5d:c3:c3:f4:ff:e0:d8:53:3b:f9:06:51:19:18:3e:70:89:
fa:a3:52:6b:d4:5f:0d:f3:31:b1:11:b7:c6:08:42:a5:bb:25:
bc:c5:f7:13:ed:94:a5:c8:3f:30:4c:f6:0f:96:6a:2e:13:4f:
f1:8d:03:ec:ba:68:ed:e0:c4:2d:db:d7:d9:31:12:18:c8:d8:
4d:3c:94:61:5b:25:dc:ec:b9:5e:84:8b:5e:25:21:9e:17:77:
cc:e2:d8:3c:66:69:09:f2:4b:9d:4f:be:61:6a:0b:cb:c4:b3:
2f:ba:f0:69:e6:61:23:b5:ab:e6:56:ec:f7:a3:0a:19:7c:1d:
cd:af:69:ef:07:d5:c4:c3:8b:c9:7e:dc:6d:d3:22:2c:74:8a:
d0:1e:b8:4c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxQyGsX4ayeH5uka5Eg9huZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMxMjA5MjI1MjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2M1ZjNmNTZkYzViNjgxZDI5MDAxM2Y5NDQ2YWJjZTA1ZGJiMGNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnFGYZsHtWy6RBSWdIkkt8LTG+OFn
MRujy0CDACcdCogHmDkOJLMTUeN8q2o4XSbo5bHrTqZ6/uJ1ndApQ0XwdGjDwMJz
0vIqyaPz+26MaZjPIgDuEnZAM0cTZcyA8ZQAljKdQ8kmd6mnA9YmNjXKAvIMSasN
l1PHFmGFB2iIt+ZGZtuRBG20fUp1qVpaeRIjMMQXXc3D0jPRAfE+fKjBDgcicfm2
g1QIwZ+1wmmDwSgm12wHYZ88hA9ks4ZqxnZ6Xucy60htwnoOnEfRiijLNQsPToQl
C1Gxg1ufNFJDws5TqAk6aUcOP4mZd6yNQh7aaYWKxKyIssMra2lID4+O9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDzF8/VtxbaB0pABP5RGq84F27DLMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvUE1YejlXM0Z0b0hTa0FFX2xFYXJ6Z1hic01zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVcqjMA0G
CSqGSIb3DQEBCwUAA4IBAQCFWb5qF8S4EonD9PY+Y91Z5yKCqnQkU30xajNhAovZ
glizbq+hzaD4QnK6n4r2X0/pRuXkpkP6HrEAj94NMj2scM+Ie96BfZ4eDRNaXtZF
tE0I2cZp2mx0BjfpcWj0upmW5Dtd//h1yI1KbAnyXcPD9P/g2FM7+QZRGRg+cIn6
o1Jr1F8N8zGxEbfGCEKluyW8xfcT7ZSlyD8wTPYPlmouE0/xjQPsumjt4MQt29fZ
MRIYyNhNPJRhWyXc7LlehIteJSGeF3fM4tg8ZmkJ8kudT75hagvLxLMvuvBp5mEj
tavmVuz3owoZfB3Nr2nvB9XEw4vJftxt0yIsdIrQHrhM
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:39:20 2024 by rpki-client on console-fra.rpki-client.org