Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/PGUd63X4s-hilXx44Z7pYlDDuSg.roa
File: PGUd63X4s-hilXx44Z7pYlDDuSg.roa (raw, json)
Hash identifier: moE1ATOFsZsH4iKii6DXm0O3WeQIBnKGPyRCsXNGQ/o=
Subject key identifier: 3C:65:1D:EB:75:F8:B3:E8:62:95:7C:78:E1:9E:E9:62:50:C3:B9:28
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 018FB6AF24E50910416E52EA9B3291F6AF5A
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/PGUd63X4s-hilXx44Z7pYlDDuSg.roa
Signing time: Sun 26 May 2024 20:54:42 +0000
ROA not before: Sun 26 May 2024 20:54:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 174
IP address blocks: 188.209.135.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 01 Oct 2024 06:08:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:b6:af:24:e5:09:10:41:6e:52:ea:9b:32:91:f6:af:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: May 26 20:54:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3c651deb75f8b3e862957c78e19ee96250c3b928
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:de:04:92:ad:9d:e0:08:69:81:7e:01:00:05:
62:f5:a6:2d:b4:ce:12:40:62:8c:0f:55:62:e8:e2:
6c:97:85:38:1c:d4:38:82:56:9c:92:10:4c:38:4b:
6a:5b:28:89:2e:14:99:ab:cc:db:fc:17:9d:d6:5e:
91:17:55:42:15:84:86:7b:0b:0d:22:89:1e:99:af:
fa:83:af:16:fe:51:e1:6b:a4:bb:3b:e7:b0:e4:db:
f7:bf:2b:e6:5e:95:46:11:b8:f1:9d:17:38:4b:f5:
03:e7:a2:25:6e:2a:78:72:f4:a9:2f:e5:e1:e0:62:
94:9b:82:8b:2c:f5:c4:22:d7:74:3a:90:06:f3:d3:
91:48:5d:57:12:72:28:e6:cd:bc:78:ff:0a:49:25:
3f:72:aa:01:75:bf:ef:99:f4:37:1c:36:53:4b:99:
b5:c5:2a:b0:37:a8:44:0d:25:4d:35:d1:92:17:b1:
fa:23:73:fc:fc:53:ef:00:ee:60:99:69:4d:20:e2:
96:9c:dc:d3:2a:00:b4:6e:6d:ee:38:25:d1:cd:17:
2b:b0:af:56:56:82:31:e8:82:90:51:c4:80:a5:31:
35:f6:b6:de:13:67:6e:14:9e:25:e0:78:c2:0c:56:
91:74:9f:81:ad:3c:c5:54:c9:08:23:a5:3a:24:69:
5d:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:65:1D:EB:75:F8:B3:E8:62:95:7C:78:E1:9E:E9:62:50:C3:B9:28
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/PGUd63X4s-hilXx44Z7pYlDDuSg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.209.135.0/24
Signature Algorithm: sha256WithRSAEncryption
06:2d:b7:2c:07:a9:ed:72:ee:eb:60:b6:f9:38:b1:07:4c:e0:
07:6c:f2:37:d0:01:12:16:53:e3:24:5b:03:6a:e8:7d:39:0a:
6f:aa:c5:f0:b2:96:e9:e0:5d:db:ce:b5:ea:85:01:71:7f:ee:
69:30:07:88:41:7e:95:59:9b:e1:59:41:f9:d6:29:b4:b7:6c:
9e:10:f1:5a:32:13:bc:e4:92:48:f6:4d:a6:a4:e2:18:6f:89:
0a:1e:aa:6b:9d:3b:d5:c3:9b:b2:e9:df:75:79:5b:18:95:c0:
64:7b:79:55:24:f7:42:4e:2b:1c:99:69:a9:73:74:3a:9a:63:
de:ca:11:5a:b6:11:a7:55:77:e2:8a:f4:c4:4d:da:07:59:f9:
cb:9d:7c:10:a4:66:57:b6:5c:4d:98:83:10:6b:2d:38:e6:16:
16:0c:6e:db:88:ef:a0:00:9e:d9:8b:d6:75:08:12:9d:a5:c4:
f5:a5:df:0b:4d:68:45:b2:d7:54:98:57:af:c0:c0:38:b4:09:
a1:21:2c:68:58:eb:9f:a9:d2:08:18:a9:22:2a:72:5a:c4:59:
18:82:49:d9:91:7e:e1:51:fa:40:20:3e:6a:29:37:cd:80:d6:
27:cc:9e:07:49:27:22:cd:ad:6c:37:e6:b8:d0:01:59:81:1a:
99:24:f1:df
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY+2ryTlCRBBblLqmzKR9q9aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjQwNTI2MjA1NDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzY1MWRlYjc1ZjhiM2U4NjI5NTdjNzhlMTllZTk2MjUwYzNiOTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsN4Ekq2d4AhpgX4BAAVi9aYttM4S
QGKMD1Vi6OJsl4U4HNQ4glackhBMOEtqWyiJLhSZq8zb/Bed1l6RF1VCFYSGewsN
Iokema/6g68W/lHha6S7O+ew5Nv3vyvmXpVGEbjxnRc4S/UD56Ilbip4cvSpL+Xh
4GKUm4KLLPXEItd0OpAG89ORSF1XEnIo5s28eP8KSSU/cqoBdb/vmfQ3HDZTS5m1
xSqwN6hEDSVNNdGSF7H6I3P8/FPvAO5gmWlNIOKWnNzTKgC0bm3uOCXRzRcrsK9W
VoIx6IKQUcSApTE19rbeE2duFJ4l4HjCDFaRdJ+BrTzFVMkII6U6JGldCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDxlHet1+LPoYpV8eOGe6WJQw7koMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvUEdVZDYzWDRzLWhpbFh4NDRaN3BZbEREdVNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvNGHMA0G
CSqGSIb3DQEBCwUAA4IBAQAGLbcsB6ntcu7rYLb5OLEHTOAHbPI30AESFlPjJFsD
auh9OQpvqsXwspbp4F3bzrXqhQFxf+5pMAeIQX6VWZvhWUH51im0t2yeEPFaMhO8
5JJI9k2mpOIYb4kKHqprnTvVw5uy6d91eVsYlcBke3lVJPdCTiscmWmpc3Q6mmPe
yhFathGnVXfiivTETdoHWfnLnXwQpGZXtlxNmIMQay045hYWDG7biO+gAJ7Zi9Z1
CBKdpcT1pd8LTWhFstdUmFevwMA4tAmhISxoWOufqdIIGKkiKnJaxFkYgknZkX7h
UfpAID5qKTfNgNYnzJ4HSSciza1sN+a40AFZgRqZJPHf
-----END CERTIFICATE-----
Generated at Tue Oct 1 09:28:06 2024 by rpki-client on console-ams.rpki-client.org