Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/c771c3-ca90-4fd2-99ac-04c82ed6ed4c/1/PONCB9mRj9QR7rNMm8moXj3midE.roa
File: PONCB9mRj9QR7rNMm8moXj3midE.roa (raw, json)
Hash identifier: +RiGxKRnXa9uQTKlkgHuAyTj5LMcqYUyx/OZuL0QfmM=
Subject key identifier: 3C:E3:42:07:D9:91:8F:D4:11:EE:B3:4C:9B:C9:A8:5E:3D:E6:89:D1
Certificate issuer: /CN=41fb6b1708335006b0a6aac650bfaff3fc8d292c
Certificate serial: 01856E6FC7ED5F25F99289301B57336F886E
Authority key identifier: 41:FB:6B:17:08:33:50:06:B0:A6:AA:C6:50:BF:AF:F3:FC:8D:29:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QftrFwgzUAawpqrGUL-v8_yNKSw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/c771c3-ca90-4fd2-99ac-04c82ed6ed4c/1/PONCB9mRj9QR7rNMm8moXj3midE.roa
Signing time: Sun 01 Jan 2023 17:44:57 +0000
ROA not before: Sun 01 Jan 2023 17:44:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41296
IP address blocks: 193.32.57.0/24 maxlen: 24
194.24.168.0/23 maxlen: 24
5.159.252.0/24 maxlen: 24
5.159.248.0/21 maxlen: 21
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:6f:c7:ed:5f:25:f9:92:89:30:1b:57:33:6f:88:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41fb6b1708335006b0a6aac650bfaff3fc8d292c
Validity
Not Before: Jan 1 17:44:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3ce34207d9918fd411eeb34c9bc9a85e3de689d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:9b:b7:71:4e:45:64:93:62:96:c1:c2:e7:a2:
d5:56:5f:7c:1f:73:a3:90:a6:dd:b0:ff:54:88:d0:
ca:28:ce:73:83:f5:5e:e8:47:a4:6e:ca:4f:93:93:
53:52:3c:ad:d7:54:c5:79:5c:cb:5b:ad:8e:d5:96:
81:f5:3e:b4:e6:17:a7:91:3a:87:20:8b:0c:f5:9c:
88:02:8c:8d:c1:a2:46:48:b0:58:51:78:34:fa:b2:
b4:ec:6e:a9:f6:6c:33:cb:08:53:3d:2a:5c:b8:75:
93:07:0d:8c:9f:ca:1d:3f:86:c9:0d:5a:b6:d2:f8:
4b:fc:3c:49:0d:d8:54:ff:01:ac:b7:68:de:67:39:
da:ce:2a:95:17:97:ff:13:38:85:38:8d:31:ec:c9:
9d:e8:ca:ad:15:20:be:73:b3:2a:b0:ea:61:77:c9:
92:47:71:f0:a4:b6:12:82:81:1d:ef:f0:da:16:4e:
40:2f:68:ec:4f:5b:a7:de:14:fa:a4:23:03:ad:4e:
a7:fe:94:fb:ae:b5:ff:51:f5:1a:ff:9b:bf:12:da:
28:7a:cc:8a:81:27:79:a9:20:a6:7a:a6:41:78:45:
80:d1:65:34:47:62:9b:01:d7:cd:25:12:d2:72:0a:
10:4f:a4:1c:6d:93:59:7f:46:ae:6c:13:67:c4:78:
b3:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:E3:42:07:D9:91:8F:D4:11:EE:B3:4C:9B:C9:A8:5E:3D:E6:89:D1
X509v3 Authority Key Identifier:
keyid:41:FB:6B:17:08:33:50:06:B0:A6:AA:C6:50:BF:AF:F3:FC:8D:29:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QftrFwgzUAawpqrGUL-v8_yNKSw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/c771c3-ca90-4fd2-99ac-04c82ed6ed4c/1/PONCB9mRj9QR7rNMm8moXj3midE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/c771c3-ca90-4fd2-99ac-04c82ed6ed4c/1/QftrFwgzUAawpqrGUL-v8_yNKSw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.159.248.0/21
193.32.57.0/24
194.24.168.0/23
Signature Algorithm: sha256WithRSAEncryption
38:d8:ae:66:d2:97:c4:05:f6:25:92:e0:8e:fd:13:f7:05:d4:
f2:23:89:db:82:b6:8b:b0:30:0d:85:ad:ad:63:70:98:87:16:
3c:53:83:2d:4d:f2:9c:9f:c5:8d:5a:df:33:d8:c5:9b:ed:db:
f4:8e:2c:97:04:12:e2:7f:73:41:e1:e5:f3:78:c5:00:0a:1f:
77:90:d9:f4:3e:6e:92:78:97:09:47:5e:c1:f1:86:4b:49:e3:
8c:4a:71:4e:4e:cf:eb:5e:7d:5c:ed:79:21:db:44:81:75:6e:
66:37:12:26:e7:8b:00:ec:65:c6:10:17:7f:51:d9:9d:f4:3d:
8e:11:c2:95:78:87:ed:60:94:4a:6f:8d:13:60:98:5e:eb:6f:
a3:c7:77:15:00:d7:22:4f:ea:a4:6c:1b:3e:d2:ae:84:8d:93:
1c:2b:27:b9:3f:85:f1:cc:87:76:70:5e:a7:e4:3c:1e:f9:24:
31:c4:95:df:7b:b8:3c:4c:a2:af:2d:35:f3:69:3b:27:9c:31:
7c:ed:35:2b:c2:a1:20:44:4d:82:e5:65:54:92:26:a9:bc:30:
ee:ac:a3:f8:28:b4:a3:31:87:34:53:b1:68:63:ac:c1:ac:00:
40:29:9b:64:63:64:3a:8b:e4:d5:e4:3b:bd:45:1a:da:c5:e8:
ea:83:99:8b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVub8ftXyX5kokwG1czb4huMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxZmI2YjE3MDgzMzUwMDZiMGE2YWFjNjUwYmZhZmYzZmM4
ZDI5MmMwHhcNMjMwMTAxMTc0NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2UzNDIwN2Q5OTE4ZmQ0MTFlZWIzNGM5YmM5YTg1ZTNkZTY4OWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZu3cU5FZJNilsHC56LVVl98H3Oj
kKbdsP9UiNDKKM5zg/Ve6EekbspPk5NTUjyt11TFeVzLW62O1ZaB9T605henkTqH
IIsM9ZyIAoyNwaJGSLBYUXg0+rK07G6p9mwzywhTPSpcuHWTBw2Mn8odP4bJDVq2
0vhL/DxJDdhU/wGst2jeZznaziqVF5f/EziFOI0x7Mmd6MqtFSC+c7MqsOphd8mS
R3HwpLYSgoEd7/DaFk5AL2jsT1un3hT6pCMDrU6n/pT7rrX/UfUa/5u/EtooesyK
gSd5qSCmeqZBeEWA0WU0R2KbAdfNJRLScgoQT6QcbZNZf0aubBNnxHiz1QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDzjQgfZkY/UEe6zTJvJqF495onRMB8GA1UdIwQY
MBaAFEH7axcIM1AGsKaqxlC/r/P8jSksMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWZ0ckZ3Z3pVQWF3cHFyR1VMLXY4X3lOS1N3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS9jNzcxYzMtY2E5MC00ZmQyLTk5YWMt
MDRjODJlZDZlZDRjLzEvUE9OQ0I5bVJqOVFSN3JOTW04bW9YajNtaWRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS9jNzcxYzMtY2E5MC00ZmQyLTk5YWMtMDRjODJlZDZlZDRj
LzEvUWZ0ckZ3Z3pVQWF3cHFyR1VMLXY4X3lOS1N3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDBZ/4AwQA
wSA5AwQBwhioMA0GCSqGSIb3DQEBCwUAA4IBAQA42K5m0pfEBfYlkuCO/RP3BdTy
I4nbgraLsDANha2tY3CYhxY8U4MtTfKcn8WNWt8z2MWb7dv0jiyXBBLif3NB4eXz
eMUACh93kNn0Pm6SeJcJR17B8YZLSeOMSnFOTs/rXn1c7Xkh20SBdW5mNxIm54sA
7GXGEBd/Udmd9D2OEcKVeIftYJRKb40TYJhe62+jx3cVANciT+qkbBs+0q6EjZMc
Kye5P4XxzId2cF6n5Dwe+SQxxJXfe7g8TKKvLTXzaTsnnDF87TUrwqEgRE2C5WVU
kiapvDDurKP4KLSjMYc0U7FoY6zBrABAKZtkY2Q6i+TV5Du9RRraxejqg5mL
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:31:56 2024 by rpki-client on console-ams.rpki-client.org