Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/27a748-884d-4f19-b285-59199331ee09/1/PncEaSJ_ht6RgCypDFIIQlUVh_I.roa
File: PncEaSJ_ht6RgCypDFIIQlUVh_I.roa (raw, json)
Hash identifier: Fm56Qz1p6oa+ajVLZa9hyvEUio6SCOwE3pudgmHzgmc=
Subject key identifier: 3E:77:04:69:22:7F:86:DE:91:80:2C:A9:0C:52:08:42:55:15:87:F2
Certificate issuer: /CN=5aa58d5f2712ccc0044b59efa7cbc3e98c5fc25c
Certificate serial: 01932AAF465BA7F113F8FE4D6BFE2F3D94E3
Authority key identifier: 5A:A5:8D:5F:27:12:CC:C0:04:4B:59:EF:A7:CB:C3:E9:8C:5F:C2:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WqWNXycSzMAES1nvp8vD6Yxfwlw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/27a748-884d-4f19-b285-59199331ee09/1/PncEaSJ_ht6RgCypDFIIQlUVh_I.roa
Signing time: Thu 14 Nov 2024 12:39:09 +0000
ROA not before: Thu 14 Nov 2024 12:39:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39910
IP address blocks: 80.244.9.0/24 maxlen: 24
185.203.90.0/24 maxlen: 24
2a10:7a40::/29 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:49:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:2a:af:46:5b:a7:f1:13:f8:fe:4d:6b:fe:2f:3d:94:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5aa58d5f2712ccc0044b59efa7cbc3e98c5fc25c
Validity
Not Before: Nov 14 12:39:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3e770469227f86de91802ca90c520842551587f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:86:90:6e:42:cc:5c:1a:b9:95:43:ab:b2:9f:
a4:4e:ce:a1:83:66:04:ca:04:7f:06:90:2c:e6:27:
56:1e:5e:c9:fa:76:64:13:d8:30:3e:cb:7c:46:be:
4a:f4:f1:14:3e:64:54:44:19:e6:cf:2a:e2:85:48:
e0:0f:a3:f8:59:04:21:e4:4b:d7:d0:69:29:c5:98:
d0:ab:e2:7c:e0:b7:69:97:e8:e4:55:b3:78:99:ed:
eb:f7:e2:25:5a:a9:70:9b:8c:fa:c4:c9:fb:fa:8b:
b8:dc:48:21:71:bf:be:ad:f8:47:d5:2a:ef:50:83:
97:fc:db:e8:1f:c6:c7:0d:93:bd:8a:f7:16:73:3e:
fd:7c:33:d6:e1:d1:db:59:7c:29:38:aa:05:b5:f7:
8d:5a:f9:e0:83:c5:d9:28:7d:05:80:df:a1:d9:c9:
17:71:6c:fa:19:8d:fa:86:7f:94:a5:e5:0e:b7:8b:
a7:3d:d4:b5:31:52:e6:3e:3c:b6:71:18:6d:cb:da:
64:39:26:d9:d8:aa:39:18:82:b1:30:5b:10:d7:23:
b9:c6:66:1d:c8:cb:5e:a8:fe:77:be:a1:10:41:cf:
ba:4b:3d:67:25:e0:c7:61:df:f3:01:71:6f:94:8c:
98:cc:e2:aa:a8:dd:58:34:c7:5e:22:1d:41:a4:50:
84:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:77:04:69:22:7F:86:DE:91:80:2C:A9:0C:52:08:42:55:15:87:F2
X509v3 Authority Key Identifier:
keyid:5A:A5:8D:5F:27:12:CC:C0:04:4B:59:EF:A7:CB:C3:E9:8C:5F:C2:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WqWNXycSzMAES1nvp8vD6Yxfwlw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/27a748-884d-4f19-b285-59199331ee09/1/PncEaSJ_ht6RgCypDFIIQlUVh_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/27a748-884d-4f19-b285-59199331ee09/1/WqWNXycSzMAES1nvp8vD6Yxfwlw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.244.9.0/24
185.203.90.0/24
IPv6:
2a10:7a40::/29
Signature Algorithm: sha256WithRSAEncryption
7e:90:38:12:d6:b9:56:c2:d7:63:be:c3:b3:67:6e:71:04:03:
f8:0b:c2:85:0d:34:93:8d:ef:c9:8e:20:63:52:20:62:26:fd:
22:90:31:d5:d0:e3:2c:9d:bb:24:e6:9c:dd:07:90:bd:c7:ad:
24:6c:bf:bc:09:71:11:ee:25:b9:07:c3:29:dc:30:0c:0a:32:
ef:e8:25:6b:1b:93:91:94:be:f4:c3:dc:7d:bc:5e:50:ed:ef:
86:5b:59:02:a0:9d:50:0c:46:8e:e0:d4:4f:cc:1b:b3:a7:e6:
6c:60:cb:bb:e3:1b:89:b4:b4:02:89:71:d6:07:79:55:71:22:
ac:e5:5b:e4:28:34:c8:32:fe:8b:50:73:00:15:04:23:70:0f:
e7:eb:ba:b5:dc:94:fb:31:23:1b:3e:45:76:40:02:57:48:0e:
f3:4b:3d:2c:19:d2:7c:7b:3d:a1:e1:51:93:61:43:1d:80:85:
32:6f:a0:ab:78:fa:17:b3:15:4c:5b:17:79:bd:ab:22:2f:0f:
1b:9c:00:58:1b:f1:57:3c:ad:59:63:47:9f:8a:cf:9a:aa:30:
bb:0f:a4:52:bf:a4:b4:3c:ae:e5:ea:8e:a1:85:64:2c:15:97:
5f:41:05:c2:3b:2c:16:dc:74:d1:6a:89:87:1c:55:fa:8f:92:
4b:7d:87:f4
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZMqr0Zbp/ET+P5Na/4vPZTjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhYTU4ZDVmMjcxMmNjYzAwNDRiNTllZmE3Y2JjM2U5OGM1
ZmMyNWMwHhcNMjQxMTE0MTIzOTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTc3MDQ2OTIyN2Y4NmRlOTE4MDJjYTkwYzUyMDg0MjU1MTU4N2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4aQbkLMXBq5lUOrsp+kTs6hg2YE
ygR/BpAs5idWHl7J+nZkE9gwPst8Rr5K9PEUPmRURBnmzyrihUjgD6P4WQQh5EvX
0GkpxZjQq+J84Ldpl+jkVbN4me3r9+IlWqlwm4z6xMn7+ou43Eghcb++rfhH1Srv
UIOX/NvoH8bHDZO9ivcWcz79fDPW4dHbWXwpOKoFtfeNWvngg8XZKH0FgN+h2ckX
cWz6GY36hn+UpeUOt4unPdS1MVLmPjy2cRhty9pkOSbZ2Ko5GIKxMFsQ1yO5xmYd
yMteqP53vqEQQc+6Sz1nJeDHYd/zAXFvlIyYzOKqqN1YNMdeIh1BpFCErQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFD53BGkif4bekYAsqQxSCEJVFYfyMB8GA1UdIwQY
MBaAFFqljV8nEszABEtZ76fLw+mMX8JcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3FXTlh5Y1N6TUFFUzFudnA4dkQ2WXhmd2x3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS8yN2E3NDgtODg0ZC00ZjE5LWIyODUt
NTkxOTkzMzFlZTA5LzEvUG5jRWFTSl9odDZSZ0N5cERGSUlRbFVWaF9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS8yN2E3NDgtODg0ZC00ZjE5LWIyODUtNTkxOTkzMzFlZTA5
LzEvV3FXTlh5Y1N6TUFFUzFudnA4dkQ2WXhmd2x3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAUPQJAwQA
uctaMA0EAgACMAcDBQMqEHpAMA0GCSqGSIb3DQEBCwUAA4IBAQB+kDgS1rlWwtdj
vsOzZ25xBAP4C8KFDTSTje/JjiBjUiBiJv0ikDHV0OMsnbsk5pzdB5C9x60kbL+8
CXER7iW5B8Mp3DAMCjLv6CVrG5ORlL70w9x9vF5Q7e+GW1kCoJ1QDEaO4NRPzBuz
p+ZsYMu74xuJtLQCiXHWB3lVcSKs5VvkKDTIMv6LUHMAFQQjcA/n67q13JT7MSMb
PkV2QAJXSA7zSz0sGdJ8ez2h4VGTYUMdgIUyb6CrePoXsxVMWxd5vasiLw8bnABY
G/FXPK1ZY0efis+aqjC7D6RSv6S0PK7l6o6hhWQsFZdfQQXCOywW3HTRaomHHFX6
j5JLfYf0
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:25:15 2025 by rpki-client