Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/PcBKhrDDpbUc1awFu01pLxRR2jw.roa
File: PcBKhrDDpbUc1awFu01pLxRR2jw.roa (raw, json)
Hash identifier: MH97fhGaKQfwFZHfZ7vssV6cizkEBRjjgpLYu6MQNq4=
Subject key identifier: 3D:C0:4A:86:B0:C3:A5:B5:1C:D5:AC:05:BB:4D:69:2F:14:51:DA:3C
Certificate issuer: /CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Certificate serial: 018CC8013F69A8AB13368FC5EB44EABD9817
Authority key identifier: BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/PcBKhrDDpbUc1awFu01pLxRR2jw.roa
Signing time: Tue 02 Jan 2024 02:29:34 +0000
ROA not before: Tue 02 Jan 2024 02:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 400746
IP address blocks: 188.121.60.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:50:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:3f:69:a8:ab:13:36:8f:c5:eb:44:ea:bd:98:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Validity
Not Before: Jan 2 02:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3dc04a86b0c3a5b51cd5ac05bb4d692f1451da3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:55:ee:56:f8:7e:73:65:b5:1a:5e:2e:66:75:
42:40:46:64:d9:5b:22:8d:0c:39:64:d3:46:21:37:
36:f3:dd:47:91:61:f6:56:91:10:22:8c:42:aa:27:
1e:1d:0e:23:36:f3:9a:a2:6e:63:4d:db:ef:a4:16:
ed:ed:72:ab:e1:95:6f:fc:c9:eb:c3:64:78:30:07:
81:3c:51:5a:96:07:11:37:f0:ce:9d:31:6d:f6:c2:
57:63:1c:62:7c:fb:45:23:74:73:2a:d4:f1:6d:f7:
68:76:88:67:34:fe:9f:b6:aa:48:b6:f8:2c:02:c6:
cb:23:6d:0e:a0:aa:33:60:24:e2:ff:4a:83:e8:e2:
a9:d1:34:51:fa:53:90:84:ac:7a:9f:83:c7:21:df:
11:bb:b0:af:d0:7c:34:4a:3b:f0:a9:bb:90:20:82:
cf:1f:ef:95:9b:9d:b2:6d:4b:73:b7:be:8f:0e:24:
a4:e3:92:43:b7:42:0a:fa:fc:a0:98:f4:c7:d3:42:
71:8a:db:ae:4d:a6:01:15:f5:4f:80:b4:ac:e3:73:
e9:a3:f4:a5:ce:75:17:35:9e:c8:dd:9d:f7:56:5a:
87:b9:00:90:a5:7a:a1:ed:7a:03:6a:6b:5f:04:8e:
69:ff:7a:30:44:dc:59:3a:07:ff:8d:49:d8:6b:e7:
64:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:C0:4A:86:B0:C3:A5:B5:1C:D5:AC:05:BB:4D:69:2F:14:51:DA:3C
X509v3 Authority Key Identifier:
keyid:BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/PcBKhrDDpbUc1awFu01pLxRR2jw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/um7Q-3syCDKsFYBTTHsmPzBOmBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.121.60.0/22
Signature Algorithm: sha256WithRSAEncryption
62:a9:63:09:0a:2e:c5:85:40:3c:bc:de:89:d5:1f:54:9b:9e:
3c:c4:d7:ad:d1:40:b9:71:50:f3:61:2f:1d:6e:a0:b1:7c:4e:
0b:75:fc:02:2f:32:2d:5e:9b:8b:b4:fe:8f:a1:ed:94:cd:4a:
5c:ec:c0:ce:9e:50:25:34:59:a5:02:ce:8b:12:c7:7a:64:d7:
62:7e:08:5d:a9:4f:6e:01:0b:59:2b:55:f4:f2:5a:f7:6f:df:
6c:32:f1:7d:7b:e4:0e:df:ae:01:5d:97:47:4c:38:3b:3d:82:
90:f1:f1:1a:4e:28:42:d9:90:91:29:95:eb:3b:9a:ac:a9:a6:
7e:db:dd:e7:30:cb:80:f3:45:f7:b2:39:a1:ec:27:ca:22:21:
a9:2f:c0:39:1a:4d:ea:72:85:32:8f:a6:24:41:13:99:bf:ce:
ac:fb:6a:3b:c0:50:0f:db:39:d4:b5:e2:f4:b0:7d:42:b8:ba:
8f:52:dd:0e:cd:47:7d:a4:3d:8b:bb:03:19:9b:73:96:d4:93:
94:ee:24:2c:9b:cb:8b:47:e4:94:15:56:31:da:6c:73:40:69:
38:b4:fa:66:f0:9b:10:47:21:43:ea:09:f3:9b:40:82:d4:9a:
d0:0c:ed:87:10:8a:bf:c3:3f:47:53:4d:f4:24:10:9d:74:22:
d9:4b:80:03
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAT9pqKsTNo/F60TqvZgXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNmVkMGZiN2IzMjA4MzJhYzE1ODA1MzRjN2IyNjNmMzA0
ZTk4MWIwHhcNMjQwMTAyMDIyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGMwNGE4NmIwYzNhNWI1MWNkNWFjMDViYjRkNjkyZjE0NTFkYTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsVXuVvh+c2W1Gl4uZnVCQEZk2Vsi
jQw5ZNNGITc2891HkWH2VpEQIoxCqiceHQ4jNvOaom5jTdvvpBbt7XKr4ZVv/Mnr
w2R4MAeBPFFalgcRN/DOnTFt9sJXYxxifPtFI3RzKtTxbfdodohnNP6ftqpItvgs
AsbLI20OoKozYCTi/0qD6OKp0TRR+lOQhKx6n4PHId8Ru7Cv0Hw0SjvwqbuQIILP
H++Vm52ybUtzt76PDiSk45JDt0IK+vygmPTH00JxituuTaYBFfVPgLSs43Ppo/Sl
znUXNZ7I3Z33VlqHuQCQpXqh7XoDamtfBI5p/3owRNxZOgf/jUnYa+dkzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD3ASoaww6W1HNWsBbtNaS8UUdo8MB8GA1UdIwQY
MBaAFLpu0Pt7MggyrBWAU0x7Jj8wTpgbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW03US0zc3lDREtzRllCVFRIc21QekJPbUJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC80MjA0MWQtNTkzMS00ODI0LTkyNTQt
MTYxZjM0MjM4N2QxLzEvUGNCS2hyRERwYlVjMWF3RnUwMXBMeFJSMmp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC80MjA0MWQtNTkzMS00ODI0LTkyNTQtMTYxZjM0MjM4N2Qx
LzEvdW03US0zc3lDREtzRllCVFRIc21QekJPbUJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCvHk8MA0G
CSqGSIb3DQEBCwUAA4IBAQBiqWMJCi7FhUA8vN6J1R9Um548xNet0UC5cVDzYS8d
bqCxfE4LdfwCLzItXpuLtP6Poe2UzUpc7MDOnlAlNFmlAs6LEsd6ZNdifghdqU9u
AQtZK1X08lr3b99sMvF9e+QO364BXZdHTDg7PYKQ8fEaTihC2ZCRKZXrO5qsqaZ+
293nMMuA80X3sjmh7CfKIiGpL8A5Gk3qcoUyj6YkQROZv86s+2o7wFAP2znUteL0
sH1CuLqPUt0OzUd9pD2LuwMZm3OW1JOU7iQsm8uLR+SUFVYx2mxzQGk4tPpm8JsQ
RyFD6gnzm0CC1JrQDO2HEIq/wz9HU030JBCddCLZS4AD
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:23:23 2025 by rpki-client