Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/c97898-5e72-454a-be2f-548e7b7fa4e1/1/_PiiTV807jRZ0ukH9F0O-QGqZ1k.roa
File: _PiiTV807jRZ0ukH9F0O-QGqZ1k.roa (raw, json)
Hash identifier: /Xc214x23sRD1tp3ryobBWgqsaV9Gr6BcTNVN1B8Wsk=
Subject key identifier: FC:F8:A2:4D:5F:34:EE:34:59:D2:E9:07:F4:5D:0E:F9:01:AA:67:59
Certificate issuer: /CN=60a851d59356ca95d4ae78fa6936ba1b8a2b1c7a
Certificate serial: 018571B0B3D0021C1B5B62F22ACB6F652C89
Authority key identifier: 60:A8:51:D5:93:56:CA:95:D4:AE:78:FA:69:36:BA:1B:8A:2B:1C:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YKhR1ZNWypXUrnj6aTa6G4orHHo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/c97898-5e72-454a-be2f-548e7b7fa4e1/1/_PiiTV807jRZ0ukH9F0O-QGqZ1k.roa
Signing time: Mon 02 Jan 2023 08:54:43 +0000
ROA not before: Mon 02 Jan 2023 08:54:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44973
IP address blocks: 185.130.8.0/22 maxlen: 22
93.88.224.0/22 maxlen: 22
2a02:218::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b0:b3:d0:02:1c:1b:5b:62:f2:2a:cb:6f:65:2c:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60a851d59356ca95d4ae78fa6936ba1b8a2b1c7a
Validity
Not Before: Jan 2 08:54:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fcf8a24d5f34ee3459d2e907f45d0ef901aa6759
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:31:bf:57:bd:0e:26:52:b6:38:12:5c:fa:db:
36:39:be:35:a3:92:a5:47:82:29:ef:4d:7f:43:e9:
55:68:8c:b0:88:69:55:53:65:a3:56:cc:6a:2f:2a:
84:7c:50:f0:d4:01:8d:01:7b:02:db:e0:42:99:1e:
96:44:b0:5c:e1:92:5e:93:30:f5:ff:11:ad:39:29:
44:e0:04:3e:ea:1a:73:45:18:5c:cf:0a:cc:8f:c3:
c6:52:de:df:45:80:54:9e:5a:4f:71:5f:88:70:da:
08:b0:5c:46:8c:0a:52:28:d5:90:c8:f9:2f:9d:3b:
b2:1d:5d:df:76:68:15:50:32:61:c5:a2:83:c2:35:
5f:bb:d1:3b:de:8c:c5:9d:9d:3b:9d:9d:4d:21:80:
0e:42:e5:f4:60:06:60:94:e1:90:a7:ac:a6:a9:59:
e9:fa:4f:f6:e3:ff:19:ca:6c:51:98:63:df:63:ae:
9e:46:1f:f1:cd:e0:52:a9:54:69:7d:6c:9f:02:81:
a5:a8:f2:e7:3f:2d:e9:be:54:38:4d:2e:13:3f:18:
48:80:c6:20:e8:d5:f1:ad:04:8d:f9:de:f7:9f:3f:
ec:65:46:27:f9:5d:a4:13:47:45:36:3f:12:48:9b:
8c:99:98:c5:e5:29:ad:7f:63:2d:8e:8c:59:05:b6:
4b:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:F8:A2:4D:5F:34:EE:34:59:D2:E9:07:F4:5D:0E:F9:01:AA:67:59
X509v3 Authority Key Identifier:
keyid:60:A8:51:D5:93:56:CA:95:D4:AE:78:FA:69:36:BA:1B:8A:2B:1C:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YKhR1ZNWypXUrnj6aTa6G4orHHo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/c97898-5e72-454a-be2f-548e7b7fa4e1/1/_PiiTV807jRZ0ukH9F0O-QGqZ1k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/c97898-5e72-454a-be2f-548e7b7fa4e1/1/YKhR1ZNWypXUrnj6aTa6G4orHHo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.88.224.0/22
185.130.8.0/22
IPv6:
2a02:218::/29
Signature Algorithm: sha256WithRSAEncryption
1e:d1:05:1b:a0:57:2d:21:95:0c:24:56:cc:63:97:79:eb:08:
db:8e:dd:9a:df:06:1d:27:ed:37:d9:ce:69:8e:91:50:79:c2:
9f:4d:de:ef:9a:fc:96:ab:09:b9:71:b1:ec:2d:c1:aa:4c:3e:
2e:9c:29:e8:a2:9e:7b:26:db:04:5e:63:7c:c6:0d:12:79:90:
87:2b:dc:0d:c2:71:12:f0:0a:cb:b7:7b:e2:da:3c:eb:35:e8:
f7:51:a0:05:75:f0:f4:a4:ce:2d:b6:cb:64:e2:d1:4f:8a:50:
05:b3:76:15:1e:ad:44:a1:9d:d1:40:be:f8:ab:0e:c0:35:0c:
a1:d3:7f:4c:c5:24:e8:09:02:dd:88:ea:fa:fa:ba:96:b4:55:
e6:cb:fa:2e:33:cb:6e:4c:4b:1c:98:ae:57:16:ba:a6:27:c8:
1f:0f:31:ac:6b:e5:f6:23:88:66:e3:53:d1:e0:55:35:ae:50:
f5:0e:ff:93:ab:bf:20:51:03:7e:6b:81:67:c0:1c:5c:23:7c:
a3:e7:01:8e:02:6b:66:66:e4:f9:23:9d:08:1b:5e:4d:1e:a8:
e7:ef:12:89:ed:3a:df:15:4a:49:32:1b:1e:cb:2d:4e:ff:f4:
f8:b9:a2:9a:a7:0c:44:3e:b9:40:02:0f:55:b8:2b:98:93:45:
4d:db:0b:b2
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVxsLPQAhwbW2LyKstvZSyJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwYTg1MWQ1OTM1NmNhOTVkNGFlNzhmYTY5MzZiYTFiOGEy
YjFjN2EwHhcNMjMwMTAyMDg1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2Y4YTI0ZDVmMzRlZTM0NTlkMmU5MDdmNDVkMGVmOTAxYWE2NzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjzG/V70OJlK2OBJc+ts2Ob41o5Kl
R4Ip701/Q+lVaIywiGlVU2WjVsxqLyqEfFDw1AGNAXsC2+BCmR6WRLBc4ZJekzD1
/xGtOSlE4AQ+6hpzRRhczwrMj8PGUt7fRYBUnlpPcV+IcNoIsFxGjApSKNWQyPkv
nTuyHV3fdmgVUDJhxaKDwjVfu9E73ozFnZ07nZ1NIYAOQuX0YAZglOGQp6ymqVnp
+k/24/8ZymxRmGPfY66eRh/xzeBSqVRpfWyfAoGlqPLnPy3pvlQ4TS4TPxhIgMYg
6NXxrQSN+d73nz/sZUYn+V2kE0dFNj8SSJuMmZjF5Smtf2MtjoxZBbZLvwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFPz4ok1fNO40WdLpB/RdDvkBqmdZMB8GA1UdIwQY
MBaAFGCoUdWTVsqV1K54+mk2uhuKKxx6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUtoUjFaTld5cFhVcm5qNmFUYTZHNG9ySEhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9jOTc4OTgtNWU3Mi00NTRhLWJlMmYt
NTQ4ZTdiN2ZhNGUxLzEvX1BpaVRWODA3alJaMHVrSDlGME8tUUdxWjFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9jOTc4OTgtNWU3Mi00NTRhLWJlMmYtNTQ4ZTdiN2ZhNGUx
LzEvWUtoUjFaTld5cFhVcm5qNmFUYTZHNG9ySEhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCXVjgAwQC
uYIIMA0EAgACMAcDBQMqAgIYMA0GCSqGSIb3DQEBCwUAA4IBAQAe0QUboFctIZUM
JFbMY5d56wjbjt2a3wYdJ+032c5pjpFQecKfTd7vmvyWqwm5cbHsLcGqTD4unCno
op57JtsEXmN8xg0SeZCHK9wNwnES8ArLt3vi2jzrNej3UaAFdfD0pM4ttstk4tFP
ilAFs3YVHq1EoZ3RQL74qw7ANQyh039MxSToCQLdiOr6+rqWtFXmy/ouM8tuTEsc
mK5XFrqmJ8gfDzGsa+X2I4hm41PR4FU1rlD1Dv+Tq78gUQN+a4FnwBxcI3yj5wGO
AmtmZuT5I50IG15NHqjn7xKJ7TrfFUpJMhseyy1O//T4uaKapwxEPrlAAg9VuCuY
k0VN2wuy
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:39 2024 by rpki-client on console-ams.rpki-client.org