Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/80d9df-eaf3-48b6-8fd5-0acc892b11d2/1/PHagR0DOa0zYgY-4Hw75k9I5aiE.roa
File: PHagR0DOa0zYgY-4Hw75k9I5aiE.roa (raw, json)
Hash identifier: DnvbLj1N+O9H8PQQEYrWxRsYSLgr2dcgivH9+GT6Jbg=
Subject key identifier: 3C:76:A0:47:40:CE:6B:4C:D8:81:8F:B8:1F:0E:F9:93:D2:39:6A:21
Certificate issuer: /CN=4f36103344fcd3b5759f2db3f3c7071376f9e233
Certificate serial: 01856C6EF770283D026C4897DF736F857145
Authority key identifier: 4F:36:10:33:44:FC:D3:B5:75:9F:2D:B3:F3:C7:07:13:76:F9:E2:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TzYQM0T807V1ny2z88cHE3b54jM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/80d9df-eaf3-48b6-8fd5-0acc892b11d2/1/PHagR0DOa0zYgY-4Hw75k9I5aiE.roa
Signing time: Sun 01 Jan 2023 08:24:49 +0000
ROA not before: Sun 01 Jan 2023 08:24:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29278
IP address blocks: 212.92.23.0/24 maxlen: 24
82.150.63.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:6e:f7:70:28:3d:02:6c:48:97:df:73:6f:85:71:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f36103344fcd3b5759f2db3f3c7071376f9e233
Validity
Not Before: Jan 1 08:24:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3c76a04740ce6b4cd8818fb81f0ef993d2396a21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:f9:a5:c6:e9:18:5a:e3:fc:70:79:31:c6:75:
62:2d:b1:5a:9e:e7:4d:28:79:94:ef:a3:b1:20:ae:
1b:56:f7:bb:78:34:dc:0c:e9:93:d2:1a:23:90:ce:
a0:fe:c9:7f:e6:a0:b0:c7:eb:97:58:e3:ab:06:75:
bb:c9:50:47:19:13:9d:c6:01:2d:4a:0d:fe:20:36:
e2:b8:af:dc:56:76:4d:f1:a7:ca:0e:96:c9:86:37:
59:d0:0a:5d:71:70:f1:78:cf:01:61:90:16:5e:61:
3c:a4:e0:f4:3d:0d:ba:2e:52:7d:14:75:a5:0e:77:
54:f0:45:f2:39:5e:c0:71:14:ce:0e:67:2b:54:4e:
5a:76:9b:8f:ad:5c:39:ae:6e:58:78:46:fd:f2:e7:
79:ab:54:02:35:32:be:6a:c8:59:fc:9f:df:60:56:
e8:a9:5e:39:a0:de:7f:62:65:ad:0f:9c:65:0e:dc:
fb:fd:84:50:b3:36:5d:88:52:3e:68:55:32:ac:77:
1f:1c:2c:e3:60:26:7d:25:23:b0:15:ed:0e:ae:5f:
e4:4a:3c:d7:dd:b6:b4:bc:d5:72:f3:04:19:7f:38:
95:a3:fe:81:81:f7:9e:e4:15:48:67:38:1e:76:e5:
56:2c:3d:a5:b0:b4:aa:9c:37:4b:47:e5:94:07:29:
13:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:76:A0:47:40:CE:6B:4C:D8:81:8F:B8:1F:0E:F9:93:D2:39:6A:21
X509v3 Authority Key Identifier:
keyid:4F:36:10:33:44:FC:D3:B5:75:9F:2D:B3:F3:C7:07:13:76:F9:E2:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TzYQM0T807V1ny2z88cHE3b54jM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/80d9df-eaf3-48b6-8fd5-0acc892b11d2/1/PHagR0DOa0zYgY-4Hw75k9I5aiE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/80d9df-eaf3-48b6-8fd5-0acc892b11d2/1/TzYQM0T807V1ny2z88cHE3b54jM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.150.63.0/24
212.92.23.0/24
Signature Algorithm: sha256WithRSAEncryption
10:ab:0d:7d:42:dd:66:4d:14:0e:61:a9:fc:bc:3e:66:d0:8a:
bc:b6:30:63:3c:b6:7e:7c:0c:35:fc:7f:93:d7:31:bc:b6:42:
27:1e:0e:9e:2b:3b:6f:2e:b8:0c:5b:c3:c2:1c:8c:66:a8:c2:
c4:26:7c:47:b6:37:18:d1:a1:78:3a:43:e2:ad:62:46:15:47:
f8:e2:ff:40:86:6b:83:e6:f0:d7:25:b5:79:8f:d8:5b:1c:53:
67:cf:8a:c3:5b:a1:cb:e4:90:e6:1c:2a:eb:78:22:6a:a3:2f:
78:05:26:df:64:25:9c:49:c2:ff:2d:3c:25:da:13:2b:d3:bb:
ac:fd:77:15:cb:c7:d8:1c:b2:72:df:4f:70:55:b9:1d:c2:cf:
84:50:d8:35:98:87:61:c1:10:d9:cc:e2:4d:c9:7a:5e:c4:33:
e2:1b:7c:c1:4d:2f:c5:0f:b4:1e:2f:99:10:fa:6f:72:86:61:
b1:91:ae:a4:18:34:07:c3:8e:c3:71:3b:a6:e3:22:62:f1:f8:
eb:4d:9b:93:44:90:7a:f8:ba:c9:89:1c:c0:9c:97:19:53:62:
23:15:51:90:51:1b:94:c3:e4:e3:d0:6e:6b:08:fe:31:41:cc:
d2:94:f8:6c:a0:a9:53:10:1a:da:54:1b:db:55:96:d8:98:2e:
27:9f:7c:7c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVsbvdwKD0CbEiX33NvhXFFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMzYxMDMzNDRmY2QzYjU3NTlmMmRiM2YzYzcwNzEzNzZm
OWUyMzMwHhcNMjMwMTAxMDgyNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzc2YTA0NzQwY2U2YjRjZDg4MThmYjgxZjBlZjk5M2QyMzk2YTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwfmlxukYWuP8cHkxxnViLbFanudN
KHmU76OxIK4bVve7eDTcDOmT0hojkM6g/sl/5qCwx+uXWOOrBnW7yVBHGROdxgEt
Sg3+IDbiuK/cVnZN8afKDpbJhjdZ0ApdcXDxeM8BYZAWXmE8pOD0PQ26LlJ9FHWl
DndU8EXyOV7AcRTODmcrVE5adpuPrVw5rm5YeEb98ud5q1QCNTK+ashZ/J/fYFbo
qV45oN5/YmWtD5xlDtz7/YRQszZdiFI+aFUyrHcfHCzjYCZ9JSOwFe0Orl/kSjzX
3ba0vNVy8wQZfziVo/6Bgfee5BVIZzgeduVWLD2lsLSqnDdLR+WUBykTFQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDx2oEdAzmtM2IGPuB8O+ZPSOWohMB8GA1UdIwQY
MBaAFE82EDNE/NO1dZ8ts/PHBxN2+eIzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHpZUU0wVDgwN1Yxbnkyejg4Y0hFM2I1NGpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy84MGQ5ZGYtZWFmMy00OGI2LThmZDUt
MGFjYzg5MmIxMWQyLzEvUEhhZ1IwRE9hMHpZZ1ktNEh3NzVrOUk1YWlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy84MGQ5ZGYtZWFmMy00OGI2LThmZDUtMGFjYzg5MmIxMWQy
LzEvVHpZUU0wVDgwN1Yxbnkyejg4Y0hFM2I1NGpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUpY/AwQA
1FwXMA0GCSqGSIb3DQEBCwUAA4IBAQAQqw19Qt1mTRQOYan8vD5m0Iq8tjBjPLZ+
fAw1/H+T1zG8tkInHg6eKztvLrgMW8PCHIxmqMLEJnxHtjcY0aF4OkPirWJGFUf4
4v9AhmuD5vDXJbV5j9hbHFNnz4rDW6HL5JDmHCrreCJqoy94BSbfZCWcScL/LTwl
2hMr07us/XcVy8fYHLJy309wVbkdws+EUNg1mIdhwRDZzOJNyXpexDPiG3zBTS/F
D7QeL5kQ+m9yhmGxka6kGDQHw47DcTum4yJi8fjrTZuTRJB6+LrJiRzAnJcZU2Ij
FVGQURuUw+Tj0G5rCP4xQczSlPhsoKlTEBraVBvbVZbYmC4nn3x8
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:51:25 2024 by rpki-client on console-fra.rpki-client.org