Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/PQZwjXvpC7gQPvTviNLbhpDYGVM.roa
File: PQZwjXvpC7gQPvTviNLbhpDYGVM.roa (raw, json)
Hash identifier: 5M78wwxVKIHwqRZrNuNwZrho9aEbIpSQvzz8ClmTuno=
Subject key identifier: 3D:06:70:8D:7B:E9:0B:B8:10:3E:F4:EF:88:D2:DB:86:90:D8:19:53
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 0185724706381562F94D6B8E0561B5F3B4C1
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/PQZwjXvpC7gQPvTviNLbhpDYGVM.roa
Signing time: Mon 02 Jan 2023 11:38:55 +0000
ROA not before: Mon 02 Jan 2023 11:38:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44068
IP address blocks: 94.26.128.0/18 maxlen: 24
2a02:2510::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:47:06:38:15:62:f9:4d:6b:8e:05:61:b5:f3:b4:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Jan 2 11:38:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3d06708d7be90bb8103ef4ef88d2db8690d81953
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:13:9c:c1:af:8d:fe:c7:c4:ba:36:f4:a9:1f:
5e:1d:01:0e:14:b4:7f:ba:c9:dd:ff:bd:ca:3e:9f:
19:75:a6:a7:91:64:f1:52:5d:17:01:bc:f3:5e:02:
56:01:8c:7b:e1:7e:ec:b0:13:b2:40:db:83:59:ba:
0b:fb:4b:95:37:fd:16:03:83:01:aa:9c:5a:15:0a:
78:77:c1:b6:11:07:4a:99:c1:32:e5:ce:98:cb:e8:
5a:7a:ef:42:08:b0:54:3a:95:1b:cc:24:31:ce:e3:
24:d7:a9:e2:49:aa:d0:f6:74:c2:9c:72:78:79:ab:
6e:6c:a9:1e:82:74:b8:6a:90:ad:e5:74:cc:66:c0:
1c:11:05:7c:e4:30:ec:ed:56:76:d1:27:59:cd:82:
54:57:3b:13:61:20:a5:3b:9a:27:14:54:09:32:65:
3f:92:91:c2:61:4f:6d:22:51:72:4a:b2:65:63:10:
8d:27:d5:f5:54:67:90:99:ee:2d:ba:ff:6b:c3:a5:
3f:c5:f3:2f:fe:ed:2e:93:8b:20:60:93:c5:a8:37:
09:51:b8:86:af:0e:e7:9e:2a:ec:c0:8a:56:6b:f0:
4f:05:fb:b9:6a:13:11:88:c4:80:cb:24:8c:86:ea:
86:48:09:51:c8:6e:30:68:e4:1b:c2:f9:00:db:31:
9a:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:06:70:8D:7B:E9:0B:B8:10:3E:F4:EF:88:D2:DB:86:90:D8:19:53
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/PQZwjXvpC7gQPvTviNLbhpDYGVM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.26.128.0/18
IPv6:
2a02:2510::/32
Signature Algorithm: sha256WithRSAEncryption
74:0d:e0:78:94:d3:d6:e6:01:9f:0a:96:e0:ce:55:65:92:30:
af:88:7e:a4:aa:3d:7c:00:43:c2:a4:64:f9:3c:23:49:ae:42:
1c:d5:da:a6:8f:9f:e2:90:5b:de:16:0c:a8:64:f3:97:78:bd:
c2:18:ad:a1:7a:11:6e:a0:02:7e:58:af:06:27:4c:26:14:8f:
2a:aa:55:07:61:a1:bf:68:d0:4f:0f:aa:0d:f7:a1:30:54:0a:
a0:43:c3:ea:ef:95:7f:68:d7:55:61:06:9b:4a:41:5d:c8:77:
77:85:f6:38:1f:3e:26:84:76:66:01:4d:3a:84:7d:b0:54:96:
81:5e:8c:ff:b2:cf:b0:b3:ab:27:13:2c:ca:7c:e1:ae:7f:44:
4b:32:14:43:4c:2b:09:3b:fe:a8:a5:58:46:31:b5:b2:37:df:
11:d1:f6:d6:74:12:8f:e6:a7:8c:f2:f3:31:a4:d5:37:51:42:
8e:19:e0:83:49:6a:73:25:dc:17:d5:d8:e1:90:a6:28:04:7a:
18:49:dd:3f:57:dd:6d:b8:1a:de:2b:60:1d:1b:6d:8e:fe:ba:
31:c4:bc:6e:31:07:8a:87:43:13:c7:3d:26:30:f6:f0:5f:85:
94:63:36:c0:a0:a8:46:8a:fc:92:12:1f:5f:00:81:ed:92:39:
45:f9:07:01
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVyRwY4FWL5TWuOBWG187TBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjMwMTAyMTEzODU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDA2NzA4ZDdiZTkwYmI4MTAzZWY0ZWY4OGQyZGI4NjkwZDgxOTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyhOcwa+N/sfEujb0qR9eHQEOFLR/
usnd/73KPp8ZdaankWTxUl0XAbzzXgJWAYx74X7ssBOyQNuDWboL+0uVN/0WA4MB
qpxaFQp4d8G2EQdKmcEy5c6Yy+haeu9CCLBUOpUbzCQxzuMk16niSarQ9nTCnHJ4
eatubKkegnS4apCt5XTMZsAcEQV85DDs7VZ20SdZzYJUVzsTYSClO5onFFQJMmU/
kpHCYU9tIlFySrJlYxCNJ9X1VGeQme4tuv9rw6U/xfMv/u0uk4sgYJPFqDcJUbiG
rw7nnirswIpWa/BPBfu5ahMRiMSAyySMhuqGSAlRyG4waOQbwvkA2zGayQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFD0GcI176Qu4ED7074jS24aQ2BlTMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvUFFad2pYdnBDN2dRUHZUdmlOTGJocERZR1ZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQGXhqAMA0E
AgACMAcDBQAqAiUQMA0GCSqGSIb3DQEBCwUAA4IBAQB0DeB4lNPW5gGfCpbgzlVl
kjCviH6kqj18AEPCpGT5PCNJrkIc1dqmj5/ikFveFgyoZPOXeL3CGK2hehFuoAJ+
WK8GJ0wmFI8qqlUHYaG/aNBPD6oN96EwVAqgQ8Pq75V/aNdVYQabSkFdyHd3hfY4
Hz4mhHZmAU06hH2wVJaBXoz/ss+ws6snEyzKfOGuf0RLMhRDTCsJO/6opVhGMbWy
N98R0fbWdBKP5qeM8vMxpNU3UUKOGeCDSWpzJdwX1djhkKYoBHoYSd0/V91tuBre
K2AdG22O/roxxLxuMQeKh0MTxz0mMPbwX4WUYzbAoKhGivySEh9fAIHtkjlF+QcB
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:13:47 2024 by rpki-client on console-ams.rpki-client.org