Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/79ebc6-617b-4ea9-b453-4360ee06a22c/1/PeS6FGZ0UrU3vC95UwK8GEK8npE.roa
File: PeS6FGZ0UrU3vC95UwK8GEK8npE.roa (raw, json)
Hash identifier: PH7l1PYUvoJ153pGmQkqlwQGJ9MXCNJ8NYMT8exmgXY=
Subject key identifier: 3D:E4:BA:14:66:74:52:B5:37:BC:2F:79:53:02:BC:18:42:BC:9E:91
Certificate issuer: /CN=324b2032c38fb17f42f8832a4c21e1f0d5f19ee0
Certificate serial: 01933022AD04D99CF35E74E4CC719D09E951
Authority key identifier: 32:4B:20:32:C3:8F:B1:7F:42:F8:83:2A:4C:21:E1:F0:D5:F1:9E:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MksgMsOPsX9C-IMqTCHh8NXxnuA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/79ebc6-617b-4ea9-b453-4360ee06a22c/1/PeS6FGZ0UrU3vC95UwK8GEK8npE.roa
Signing time: Fri 15 Nov 2024 14:03:19 +0000
ROA not before: Fri 15 Nov 2024 14:03:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197205
IP address blocks: 83.150.244.0/22 maxlen: 22
195.66.82.0/24 maxlen: 24
2a09:1f00::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:30:22:ad:04:d9:9c:f3:5e:74:e4:cc:71:9d:09:e9:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=324b2032c38fb17f42f8832a4c21e1f0d5f19ee0
Validity
Not Before: Nov 15 14:03:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3de4ba14667452b537bc2f795302bc1842bc9e91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:bc:ae:0d:12:21:11:02:65:64:2c:1f:b7:7c:
6e:1f:f4:ff:6d:d1:e9:d1:d8:05:ac:b8:ff:84:30:
bd:43:c0:1d:66:31:2f:d0:4a:18:48:69:c6:8d:e8:
16:1a:54:5d:d7:78:fb:b2:6d:90:5d:ce:58:43:41:
b8:5e:03:39:96:ab:b3:e5:2c:c7:9c:ea:4d:f3:96:
43:25:de:d3:a8:28:85:16:24:5e:42:4a:33:f9:30:
6f:e9:5f:fb:3c:c1:b9:55:c9:28:a1:20:1d:41:28:
ae:63:6c:fe:60:b6:da:06:48:5a:86:c1:66:35:04:
23:12:c3:5f:ee:75:73:13:a8:87:6c:bf:d4:51:d0:
f7:f4:92:6a:7b:c9:fa:3f:cd:f3:c5:e1:3a:2d:a4:
2a:96:1b:f5:5f:cd:ef:28:62:e3:28:06:9f:f7:1a:
29:07:49:ef:99:e6:f2:db:bb:33:ed:5d:44:99:cb:
fc:36:c1:6b:db:ed:89:31:15:f5:a6:d5:e9:b9:f4:
cd:d9:1f:2c:fa:00:e9:c4:1b:d3:86:9f:86:0e:df:
7d:57:ff:d8:e9:cd:81:63:d0:d9:e7:64:49:62:d2:
8c:72:34:f4:ac:17:6c:56:29:7b:09:d1:7a:21:e9:
8e:5e:21:a8:d7:1e:33:16:29:4f:96:7c:a0:30:76:
11:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:E4:BA:14:66:74:52:B5:37:BC:2F:79:53:02:BC:18:42:BC:9E:91
X509v3 Authority Key Identifier:
keyid:32:4B:20:32:C3:8F:B1:7F:42:F8:83:2A:4C:21:E1:F0:D5:F1:9E:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MksgMsOPsX9C-IMqTCHh8NXxnuA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/79ebc6-617b-4ea9-b453-4360ee06a22c/1/PeS6FGZ0UrU3vC95UwK8GEK8npE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/79ebc6-617b-4ea9-b453-4360ee06a22c/1/MksgMsOPsX9C-IMqTCHh8NXxnuA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.150.244.0/22
195.66.82.0/24
IPv6:
2a09:1f00::/29
Signature Algorithm: sha256WithRSAEncryption
25:16:b5:13:e0:9b:e3:1b:84:e1:02:cb:d2:da:02:53:ce:19:
91:03:50:a8:44:d4:55:ce:9b:04:8d:f7:a6:31:b1:75:24:67:
21:9c:a9:ec:ca:52:a4:5a:4c:26:84:07:96:d9:08:b2:90:38:
d8:fa:ba:6f:38:dc:86:61:41:68:77:c8:bb:30:0d:12:d2:74:
6d:78:a3:92:12:7f:fd:f8:9d:6d:fb:fb:c9:15:a6:f7:b5:dd:
0f:f7:88:b0:bc:cf:29:cd:10:d0:fb:69:0c:45:e8:cc:da:71:
f9:53:96:34:7d:6d:4e:dd:3e:49:1b:ca:b8:ff:6f:f0:bb:91:
65:e7:25:5b:de:cc:f8:39:85:7e:4d:e0:8b:6a:21:2f:9f:70:
9d:32:30:11:19:32:57:6a:9b:fb:09:4b:a6:d7:f3:71:26:89:
1c:8d:92:b4:64:86:b7:c4:84:fe:e1:89:99:54:e5:a6:d0:61:
fe:4e:6b:47:16:bd:c1:d0:12:90:b7:94:ea:b3:17:76:2f:b7:
e9:76:05:0c:09:ca:a2:f7:40:28:59:bc:8b:f1:ed:f0:09:98:
2b:a5:91:87:f8:63:3d:b5:d8:b7:d8:1c:7c:bd:02:37:2f:b3:
a6:05:68:eb:cd:c0:e8:a2:fc:bc:c2:b2:e0:1f:94:ca:4d:76:
d1:fb:13:51
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZMwIq0E2ZzzXnTkzHGdCelRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNGIyMDMyYzM4ZmIxN2Y0MmY4ODMyYTRjMjFlMWYwZDVm
MTllZTAwHhcNMjQxMTE1MTQwMzE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGU0YmExNDY2NzQ1MmI1MzdiYzJmNzk1MzAyYmMxODQyYmM5ZTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs7yuDRIhEQJlZCwft3xuH/T/bdHp
0dgFrLj/hDC9Q8AdZjEv0EoYSGnGjegWGlRd13j7sm2QXc5YQ0G4XgM5lquz5SzH
nOpN85ZDJd7TqCiFFiReQkoz+TBv6V/7PMG5VckooSAdQSiuY2z+YLbaBkhahsFm
NQQjEsNf7nVzE6iHbL/UUdD39JJqe8n6P83zxeE6LaQqlhv1X83vKGLjKAaf9xop
B0nvmeby27sz7V1Emcv8NsFr2+2JMRX1ptXpufTN2R8s+gDpxBvThp+GDt99V//Y
6c2BY9DZ52RJYtKMcjT0rBdsVil7CdF6IemOXiGo1x4zFilPlnygMHYRawIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFD3kuhRmdFK1N7wveVMCvBhCvJ6RMB8GA1UdIwQY
MBaAFDJLIDLDj7F/QviDKkwh4fDV8Z7gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWtzZ01zT1BzWDlDLUlNcVRDSGg4Tlh4bnVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC83OWViYzYtNjE3Yi00ZWE5LWI0NTMt
NDM2MGVlMDZhMjJjLzEvUGVTNkZHWjBVclUzdkM5NVV3SzhHRUs4bnBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC83OWViYzYtNjE3Yi00ZWE5LWI0NTMtNDM2MGVlMDZhMjJj
LzEvTWtzZ01zT1BzWDlDLUlNcVRDSGg4Tlh4bnVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCU5b0AwQA
w0JSMA0EAgACMAcDBQMqCR8AMA0GCSqGSIb3DQEBCwUAA4IBAQAlFrUT4JvjG4Th
AsvS2gJTzhmRA1CoRNRVzpsEjfemMbF1JGchnKnsylKkWkwmhAeW2QiykDjY+rpv
ONyGYUFod8i7MA0S0nRteKOSEn/9+J1t+/vJFab3td0P94iwvM8pzRDQ+2kMRejM
2nH5U5Y0fW1O3T5JG8q4/2/wu5Fl5yVb3sz4OYV+TeCLaiEvn3CdMjARGTJXapv7
CUum1/NxJokcjZK0ZIa3xIT+4YmZVOWm0GH+TmtHFr3B0BKQt5Tqsxd2L7fpdgUM
Ccqi90AoWbyL8e3wCZgrpZGH+GM9tdi32Bx8vQI3L7OmBWjrzcDoovy8wrLgH5TK
TXbR+xNR
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:31 2025 by rpki-client