Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/e9487f-fdc7-40a7-8a67-1be69ca393ba/1/Pj7qgWBBShDt7OPQ1DQS-IX7w0w.roa
File: Pj7qgWBBShDt7OPQ1DQS-IX7w0w.roa (raw, json)
Hash identifier: k0msi+8XIKHYB2/MwvRQ9595mR2LsasvDpzilH2kuGY=
Subject key identifier: 3E:3E:EA:81:60:41:4A:10:ED:EC:E3:D0:D4:34:12:F8:85:FB:C3:4C
Certificate issuer: /CN=84b0cac838f282e042948f9d2b2cd5754d2e8c47
Certificate serial: 01856F94B4957DEB01F8760D99757AED1236
Authority key identifier: 84:B0:CA:C8:38:F2:82:E0:42:94:8F:9D:2B:2C:D5:75:4D:2E:8C:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLDKyDjyguBClI-dKyzVdU0ujEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/e9487f-fdc7-40a7-8a67-1be69ca393ba/1/Pj7qgWBBShDt7OPQ1DQS-IX7w0w.roa
Signing time: Sun 01 Jan 2023 23:04:54 +0000
ROA not before: Sun 01 Jan 2023 23:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35046
IP address blocks: 213.226.208.0/20 maxlen: 20
94.143.232.0/21 maxlen: 21
185.133.100.0/22 maxlen: 22
2a00:5100::/32 maxlen: 34
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:32:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:94:b4:95:7d:eb:01:f8:76:0d:99:75:7a:ed:12:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b0cac838f282e042948f9d2b2cd5754d2e8c47
Validity
Not Before: Jan 1 23:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3e3eea8160414a10edece3d0d43412f885fbc34c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:b2:1c:24:fa:6e:8b:5a:3a:eb:2c:07:d4:92:
78:30:0b:bc:95:d3:c1:47:bb:e8:9b:a5:cc:72:77:
ec:f2:cb:83:1a:3b:cc:7a:00:92:ad:e9:1a:90:91:
67:9d:e1:e5:9f:2c:20:5d:77:c9:c5:cb:7d:ff:fb:
92:39:6b:4e:17:ce:42:f1:4c:22:a2:f8:57:52:a5:
06:f7:f0:7d:45:5f:6c:b2:3e:92:5a:0f:76:e6:bb:
58:ec:41:c9:04:5b:5b:1e:12:96:01:55:2b:5a:47:
aa:0a:68:77:7c:12:ee:46:5e:7c:9c:1b:22:2e:56:
cc:cb:5c:3a:a2:94:ef:20:81:0d:bf:85:58:70:ba:
45:99:8d:fb:32:96:6b:7c:e6:a5:8e:62:85:63:05:
6e:ac:a1:ef:1a:66:19:0d:37:d5:80:53:46:2e:e4:
89:83:41:00:0b:f0:42:60:7b:2e:42:2a:48:1f:d6:
51:5d:d2:58:d7:33:dd:0d:0e:97:fb:22:bc:18:86:
b9:ed:d2:02:8d:3a:64:4c:87:36:a6:1d:2b:b3:9d:
bf:99:b9:d9:da:ca:e0:0e:44:bb:00:d3:ba:b6:f7:
41:6f:fa:9a:f6:e9:21:34:23:4e:ac:b0:3c:56:1d:
0b:90:36:b6:98:56:36:dd:8a:bc:2c:73:42:e5:21:
cd:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:3E:EA:81:60:41:4A:10:ED:EC:E3:D0:D4:34:12:F8:85:FB:C3:4C
X509v3 Authority Key Identifier:
keyid:84:B0:CA:C8:38:F2:82:E0:42:94:8F:9D:2B:2C:D5:75:4D:2E:8C:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLDKyDjyguBClI-dKyzVdU0ujEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/e9487f-fdc7-40a7-8a67-1be69ca393ba/1/Pj7qgWBBShDt7OPQ1DQS-IX7w0w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/e9487f-fdc7-40a7-8a67-1be69ca393ba/1/hLDKyDjyguBClI-dKyzVdU0ujEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.143.232.0/21
185.133.100.0/22
213.226.208.0/20
IPv6:
2a00:5100::/32
Signature Algorithm: sha256WithRSAEncryption
04:ff:24:42:07:5f:f1:a0:82:e1:c4:aa:a8:83:55:66:a0:64:
b6:18:2c:5d:f4:08:82:fd:c3:7a:30:44:ac:53:d7:df:bb:18:
77:de:0d:18:04:e6:67:08:72:f6:21:44:81:6a:c9:2a:d9:97:
f1:7b:c3:5c:d9:ae:cf:7b:41:02:08:90:7f:7c:23:a2:93:e9:
78:fc:2c:53:c2:86:58:ae:e8:5a:ff:7e:97:ec:fc:57:d3:51:
62:30:63:45:fe:ed:a1:bf:22:4f:2e:94:97:94:11:d8:ce:c9:
7b:bf:f1:6d:07:f4:ee:36:e4:e1:bf:78:e9:a5:be:d2:96:f7:
d2:f3:84:4d:95:41:9a:f2:44:53:3c:20:3d:6f:b4:1c:7d:c8:
8a:60:e3:ad:fa:10:0e:a1:00:8b:35:5d:f7:16:d1:2c:c8:13:
dc:46:d4:d2:49:03:83:57:c1:3f:a8:b0:e5:79:7f:02:5f:ed:
0b:e8:2a:26:7b:88:f7:57:90:d0:73:d7:72:63:02:ba:b7:d2:
36:e7:40:66:25:cc:ea:fb:c9:37:71:a0:7d:c7:af:ca:48:8a:
88:8d:cd:01:c9:f5:f6:c9:84:fe:c2:60:65:30:96:07:f2:49:
28:b6:d9:91:dd:6a:be:f2:d0:ae:40:ca:be:c2:78:2a:fd:c3:
12:5c:47:d5
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVvlLSVfesB+HYNmXV67RI2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjBjYWM4MzhmMjgyZTA0Mjk0OGY5ZDJiMmNkNTc1NGQy
ZThjNDcwHhcNMjMwMTAxMjMwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTNlZWE4MTYwNDE0YTEwZWRlY2UzZDBkNDM0MTJmODg1ZmJjMzRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA27IcJPpui1o66ywH1JJ4MAu8ldPB
R7vom6XMcnfs8suDGjvMegCSrekakJFnneHlnywgXXfJxct9//uSOWtOF85C8Uwi
ovhXUqUG9/B9RV9ssj6SWg925rtY7EHJBFtbHhKWAVUrWkeqCmh3fBLuRl58nBsi
LlbMy1w6opTvIIENv4VYcLpFmY37MpZrfOaljmKFYwVurKHvGmYZDTfVgFNGLuSJ
g0EAC/BCYHsuQipIH9ZRXdJY1zPdDQ6X+yK8GIa57dICjTpkTIc2ph0rs52/mbnZ
2srgDkS7ANO6tvdBb/qa9ukhNCNOrLA8Vh0LkDa2mFY23Yq8LHNC5SHNxwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFD4+6oFgQUoQ7ezj0NQ0EviF+8NMMB8GA1UdIwQY
MBaAFISwysg48oLgQpSPnSss1XVNLoxHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExES3lEanlndUJDbEktZEt5elZkVTB1akVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9lOTQ4N2YtZmRjNy00MGE3LThhNjct
MWJlNjljYTM5M2JhLzEvUGo3cWdXQkJTaER0N09QUTFEUVMtSVg3dzB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9lOTQ4N2YtZmRjNy00MGE3LThhNjctMWJlNjljYTM5M2Jh
LzEvaExES3lEanlndUJDbEktZEt5elZkVTB1akVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDXo/oAwQC
uYVkAwQE1eLQMA0EAgACMAcDBQAqAFEAMA0GCSqGSIb3DQEBCwUAA4IBAQAE/yRC
B1/xoILhxKqog1VmoGS2GCxd9AiC/cN6MESsU9ffuxh33g0YBOZnCHL2IUSBaskq
2Zfxe8Nc2a7Pe0ECCJB/fCOik+l4/CxTwoZYruha/36X7PxX01FiMGNF/u2hvyJP
LpSXlBHYzsl7v/FtB/TuNuThv3jppb7SlvfS84RNlUGa8kRTPCA9b7QcfciKYOOt
+hAOoQCLNV33FtEsyBPcRtTSSQODV8E/qLDleX8CX+0L6Come4j3V5DQc9dyYwK6
t9I250BmJczq+8k3caB9x6/KSIqIjc0ByfX2yYT+wmBlMJYH8kkottmR3Wq+8tCu
QMq+wngq/cMSXEfV
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:17 2024 by rpki-client on console-ams.rpki-client.org