Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/f9684e-09e2-49cc-851d-af4c06f31aff/1/PIoWQUa2Y_DnetLPUTX-01SExHk.roa
File: PIoWQUa2Y_DnetLPUTX-01SExHk.roa (raw, json)
Hash identifier: BUSflwnRVw+rrDsV9ft73wbKIbVBdBPITvgVrdPvsOU=
Subject key identifier: 3C:8A:16:41:46:B6:63:F0:E7:7A:D2:CF:51:35:FE:D3:54:84:C4:79
Certificate issuer: /CN=2cb4291df97963c5a9b732b1396f0f1c887504d6
Certificate serial: 018CC9BB3BC949F316E46D77E69D813A9E26
Authority key identifier: 2C:B4:29:1D:F9:79:63:C5:A9:B7:32:B1:39:6F:0F:1C:88:75:04:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LLQpHfl5Y8WptzKxOW8PHIh1BNY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/f9684e-09e2-49cc-851d-af4c06f31aff/1/PIoWQUa2Y_DnetLPUTX-01SExHk.roa
Signing time: Tue 02 Jan 2024 10:32:20 +0000
ROA not before: Tue 02 Jan 2024 10:32:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8829
IP address blocks: 109.204.128.0/19 maxlen: 19
109.204.160.0/20 maxlen: 20
109.204.192.0/18 maxlen: 18
2a00:8780::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 11 Jun 2024 07:48:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:3b:c9:49:f3:16:e4:6d:77:e6:9d:81:3a:9e:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2cb4291df97963c5a9b732b1396f0f1c887504d6
Validity
Not Before: Jan 2 10:32:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3c8a164146b663f0e77ad2cf5135fed35484c479
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:d7:2c:38:b0:08:f0:1c:0e:7e:bc:94:d5:98:
b1:c4:db:87:90:96:da:e7:94:49:fa:08:8e:02:a3:
8e:c0:23:bb:7a:dd:2d:5f:19:8b:e4:e1:0f:b5:69:
ad:0a:c9:9d:8b:d8:53:f4:c8:4c:30:f2:b8:4d:35:
74:91:cb:2f:ff:6c:56:d3:49:2f:ba:84:ec:a0:28:
10:ea:4b:dd:cb:b2:29:66:fe:dd:55:62:81:1a:74:
ee:00:f6:d1:74:c2:b0:5a:a0:10:e2:48:75:d3:60:
0b:d6:1f:a8:17:25:6d:82:d9:75:82:e5:55:c4:5c:
2a:3c:45:cd:69:03:50:14:c0:e4:a1:b5:14:a6:b8:
4b:88:c5:89:f9:25:bb:41:75:72:de:6e:3e:5e:79:
53:ea:0e:a4:7e:fd:d6:00:58:ee:31:ea:24:87:65:
2f:6c:cb:ca:51:e1:81:f1:90:a9:28:52:9a:3c:69:
97:c5:f9:6a:01:63:2d:12:ee:f7:9f:f2:d9:b9:e9:
36:0b:be:7d:25:31:c1:a6:1e:01:90:ee:19:df:6f:
a6:c2:ce:31:9f:b0:82:bd:7e:3d:b8:06:e7:e7:9c:
73:9f:56:16:74:25:a0:b2:54:85:9f:cc:cb:03:f2:
50:0c:08:5f:b0:28:e0:53:69:c9:ca:58:22:e6:86:
3a:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:8A:16:41:46:B6:63:F0:E7:7A:D2:CF:51:35:FE:D3:54:84:C4:79
X509v3 Authority Key Identifier:
keyid:2C:B4:29:1D:F9:79:63:C5:A9:B7:32:B1:39:6F:0F:1C:88:75:04:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LLQpHfl5Y8WptzKxOW8PHIh1BNY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/f9684e-09e2-49cc-851d-af4c06f31aff/1/PIoWQUa2Y_DnetLPUTX-01SExHk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/f9684e-09e2-49cc-851d-af4c06f31aff/1/LLQpHfl5Y8WptzKxOW8PHIh1BNY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.204.128.0-109.204.175.255
109.204.192.0/18
IPv6:
2a00:8780::/32
Signature Algorithm: sha256WithRSAEncryption
71:c4:8a:cc:86:c8:09:e9:27:10:60:e7:65:bb:06:fb:06:b1:
d9:5f:7a:f0:76:fe:95:ce:ed:ef:54:dd:76:10:9e:13:33:a6:
b4:21:2c:e4:f1:a0:9a:1b:e4:b2:24:98:4d:ae:f0:a8:a1:ff:
3f:6b:33:58:cf:e6:cc:39:78:ac:eb:69:06:25:a2:59:cb:35:
2c:b4:55:06:ff:74:92:c4:9b:f7:30:89:4f:c0:e2:3b:7e:ef:
27:ac:56:8f:29:a2:eb:a3:4b:d4:e0:3d:db:9e:fb:91:19:62:
ac:10:85:b5:68:e9:cc:ca:be:6e:8d:91:ca:0b:3c:ec:c7:30:
eb:9b:db:d1:d4:76:85:3d:b1:01:2d:9f:44:37:1c:73:61:a9:
b5:84:02:a9:f8:32:83:05:40:e3:d5:18:94:43:bf:1c:ba:2a:
0f:3c:e8:3f:a5:82:b7:14:27:d6:df:50:25:c4:e6:dd:a7:af:
c0:6a:ad:c1:24:89:3e:bc:97:c2:b1:97:ae:c7:23:cd:19:14:
57:0e:9d:a0:5d:98:e1:e1:97:b4:e4:ac:67:07:d2:04:77:f5:
cd:83:0d:4b:e0:2c:d1:42:de:8c:78:bc:7e:94:4f:3d:2b:3f:
c9:ad:d4:6b:36:5b:c1:c1:37:34:60:cd:ff:1b:04:b3:30:fb:
a2:ee:a6:f6
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzJuzvJSfMW5G135p2BOp4mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjYjQyOTFkZjk3OTYzYzVhOWI3MzJiMTM5NmYwZjFjODg3
NTA0ZDYwHhcNMjQwMTAyMTAzMjIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzhhMTY0MTQ2YjY2M2YwZTc3YWQyY2Y1MTM1ZmVkMzU0ODRjNDc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotcsOLAI8BwOfryU1ZixxNuHkJba
55RJ+giOAqOOwCO7et0tXxmL5OEPtWmtCsmdi9hT9MhMMPK4TTV0kcsv/2xW00kv
uoTsoCgQ6kvdy7IpZv7dVWKBGnTuAPbRdMKwWqAQ4kh102AL1h+oFyVtgtl1guVV
xFwqPEXNaQNQFMDkobUUprhLiMWJ+SW7QXVy3m4+XnlT6g6kfv3WAFjuMeokh2Uv
bMvKUeGB8ZCpKFKaPGmXxflqAWMtEu73n/LZuek2C759JTHBph4BkO4Z32+mws4x
n7CCvX49uAbn55xzn1YWdCWgslSFn8zLA/JQDAhfsCjgU2nJylgi5oY6rQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFDyKFkFGtmPw53rSz1E1/tNUhMR5MB8GA1UdIwQY
MBaAFCy0KR35eWPFqbcysTlvDxyIdQTWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTExRcEhmbDVZOFdwdHpLeE9XOFBISWgxQk5ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9mOTY4NGUtMDllMi00OWNjLTg1MWQt
YWY0YzA2ZjMxYWZmLzEvUElvV1FVYTJZX0RuZXRMUFVUWC0wMVNFeEhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9mOTY4NGUtMDllMi00OWNjLTg1MWQtYWY0YzA2ZjMxYWZm
LzEvTExRcEhmbDVZOFdwdHpLeE9XOFBISWgxQk5ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUMAwDBAdtzIAD
BARtzKADBAZtzMAwDQQCAAIwBwMFACoAh4AwDQYJKoZIhvcNAQELBQADggEBAHHE
isyGyAnpJxBg52W7BvsGsdlfevB2/pXO7e9U3XYQnhMzprQhLOTxoJob5LIkmE2u
8Kih/z9rM1jP5sw5eKzraQYlolnLNSy0VQb/dJLEm/cwiU/A4jt+7yesVo8pouuj
S9TgPdue+5EZYqwQhbVo6czKvm6NkcoLPOzHMOub29HUdoU9sQEtn0Q3HHNhqbWE
Aqn4MoMFQOPVGJRDvxy6Kg886D+lgrcUJ9bfUCXE5t2nr8BqrcEkiT68l8Kxl67H
I80ZFFcOnaBdmOHhl7TkrGcH0gR39c2DDUvgLNFC3ox4vH6UTz0rP8mt1Gs2W8HB
NzRgzf8bBLMw+6LupvY=
-----END CERTIFICATE-----
Generated at Tue Jun 11 10:55:57 2024 by rpki-client on console-fra.rpki-client.org