Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/36362a-d91c-4ad4-92c7-1d2513308d21/1/PAI40CCd6UyWX8OjbzWPrqbcDJI.roa
File: PAI40CCd6UyWX8OjbzWPrqbcDJI.roa (raw, json)
Hash identifier: nPd9Q6bp4ZvgThfsMTZtL4bwalHtVYeJ4It6271z6vA=
Subject key identifier: 3C:02:38:D0:20:9D:E9:4C:96:5F:C3:A3:6F:35:8F:AE:A6:DC:0C:92
Certificate issuer: /CN=fc9be4ed4e54b601e6b6a42d0ba04cfb7ab2c3bf
Certificate serial: 0192EDE99659087FCED97BF533B35D736357
Authority key identifier: FC:9B:E4:ED:4E:54:B6:01:E6:B6:A4:2D:0B:A0:4C:FB:7A:B2:C3:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_Jvk7U5UtgHmtqQtC6BM-3qyw78.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/36362a-d91c-4ad4-92c7-1d2513308d21/1/PAI40CCd6UyWX8OjbzWPrqbcDJI.roa
Signing time: Sat 02 Nov 2024 17:26:01 +0000
ROA not before: Sat 02 Nov 2024 17:26:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49801
IP address blocks: 185.166.105.0/24 maxlen: 24
185.166.107.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:47:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:ed:e9:96:59:08:7f:ce:d9:7b:f5:33:b3:5d:73:63:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc9be4ed4e54b601e6b6a42d0ba04cfb7ab2c3bf
Validity
Not Before: Nov 2 17:26:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3c0238d0209de94c965fc3a36f358faea6dc0c92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:c7:ca:80:28:85:66:03:fb:f1:eb:04:0f:ee:
20:43:a3:da:eb:d2:0b:30:f5:92:59:ad:7b:87:c8:
67:f2:c1:b9:7b:3c:8c:66:aa:a8:93:14:ac:96:99:
73:8f:9f:00:e2:3e:e7:d0:39:2e:62:d1:b6:f8:e8:
60:af:ae:c9:2f:73:07:ad:35:4a:c1:d4:ac:61:05:
8a:2b:30:c3:15:5e:f7:f8:27:a0:95:71:d7:39:bb:
41:ed:31:c1:65:58:e6:91:eb:44:84:12:68:e5:5c:
96:7d:67:05:b1:17:5a:3c:27:99:d0:a7:7a:b2:1b:
dd:97:f4:22:47:6f:4d:c0:fa:bc:d6:21:8f:ee:dc:
af:80:e7:67:41:b4:c6:52:54:cf:92:52:45:0c:0e:
3a:b8:08:3c:b9:97:82:bb:fa:38:bf:d1:e2:95:24:
bb:20:27:1e:40:bb:64:e9:a0:90:39:dd:ee:46:84:
61:70:e3:06:42:91:00:58:0e:37:71:99:cc:7c:fc:
1a:68:0d:04:54:9d:38:2a:60:d0:15:63:99:b1:35:
f1:f1:f3:11:c8:7f:e2:fb:79:d8:f0:87:cc:04:1d:
aa:82:52:1c:de:02:e6:aa:87:50:3f:54:28:60:cd:
56:74:6c:89:8f:b3:ee:ba:78:7a:57:8d:a9:e7:85:
38:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:02:38:D0:20:9D:E9:4C:96:5F:C3:A3:6F:35:8F:AE:A6:DC:0C:92
X509v3 Authority Key Identifier:
keyid:FC:9B:E4:ED:4E:54:B6:01:E6:B6:A4:2D:0B:A0:4C:FB:7A:B2:C3:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_Jvk7U5UtgHmtqQtC6BM-3qyw78.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/36362a-d91c-4ad4-92c7-1d2513308d21/1/PAI40CCd6UyWX8OjbzWPrqbcDJI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/36362a-d91c-4ad4-92c7-1d2513308d21/1/_Jvk7U5UtgHmtqQtC6BM-3qyw78.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.166.105.0/24
185.166.107.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:c7:66:0e:18:5c:d4:5d:cb:0b:6e:49:55:0c:83:48:71:f4:
94:84:5c:8b:13:29:6a:ae:37:1e:53:65:4b:4e:92:dc:9c:8f:
80:48:5c:8b:06:0c:4a:86:29:58:9c:89:03:c0:0d:1a:25:99:
72:e4:ed:14:80:64:d5:f0:d7:8a:0e:05:38:ad:20:1f:25:e1:
c1:3d:1a:61:cf:f2:0e:ab:24:3f:16:2c:39:cd:c2:11:75:01:
cc:80:4d:d4:1a:24:ef:e9:fe:3f:74:78:86:df:fc:8c:b1:12:
c2:5d:91:0d:26:6b:fb:13:9c:96:c3:7f:17:96:47:c6:b2:be:
b5:e4:c0:81:54:af:2a:85:eb:b9:04:82:be:22:ea:99:82:eb:
3a:01:84:c4:a7:b8:a6:19:16:2d:f6:5e:d4:19:60:7f:5f:5c:
65:3a:d7:ad:ff:36:c3:cf:cf:20:af:d7:a5:1f:d5:73:43:d9:
af:03:8e:6b:7f:50:c9:51:d9:84:e3:18:93:c6:a3:c4:b5:02:
60:02:c3:7d:68:b2:af:9c:9a:01:ea:17:78:e6:a6:c4:82:6c:
2a:a8:4c:b0:3d:94:f0:ec:20:42:b1:8f:62:30:45:fb:a5:d0:
33:5d:22:e5:14:87:f1:ae:96:83:21:c2:1d:17:09:0b:f7:09:
90:1d:f7:9f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZLt6ZZZCH/O2Xv1M7Ndc2NXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjOWJlNGVkNGU1NGI2MDFlNmI2YTQyZDBiYTA0Y2ZiN2Fi
MmMzYmYwHhcNMjQxMTAyMTcyNjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzAyMzhkMDIwOWRlOTRjOTY1ZmMzYTM2ZjM1OGZhZWE2ZGMwYzkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtMfKgCiFZgP78esED+4gQ6Pa69IL
MPWSWa17h8hn8sG5ezyMZqqokxSslplzj58A4j7n0DkuYtG2+Ohgr67JL3MHrTVK
wdSsYQWKKzDDFV73+CeglXHXObtB7THBZVjmketEhBJo5VyWfWcFsRdaPCeZ0Kd6
shvdl/QiR29NwPq81iGP7tyvgOdnQbTGUlTPklJFDA46uAg8uZeCu/o4v9HilSS7
ICceQLtk6aCQOd3uRoRhcOMGQpEAWA43cZnMfPwaaA0EVJ04KmDQFWOZsTXx8fMR
yH/i+3nY8IfMBB2qglIc3gLmqodQP1QoYM1WdGyJj7Puunh6V42p54U4CwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDwCONAgnelMll/Do281j66m3AySMB8GA1UdIwQY
MBaAFPyb5O1OVLYB5rakLQugTPt6ssO/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0p2azdVNVV0Z0htdHFRdEM2Qk0tM3F5dzc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS8zNjM2MmEtZDkxYy00YWQ0LTkyYzct
MWQyNTEzMzA4ZDIxLzEvUEFJNDBDQ2Q2VXlXWDhPamJ6V1BycWJjREpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS8zNjM2MmEtZDkxYy00YWQ0LTkyYzctMWQyNTEzMzA4ZDIx
LzEvX0p2azdVNVV0Z0htdHFRdEM2Qk0tM3F5dzc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuaZpAwQA
uaZrMA0GCSqGSIb3DQEBCwUAA4IBAQCyx2YOGFzUXcsLbklVDINIcfSUhFyLEylq
rjceU2VLTpLcnI+ASFyLBgxKhilYnIkDwA0aJZly5O0UgGTV8NeKDgU4rSAfJeHB
PRphz/IOqyQ/Fiw5zcIRdQHMgE3UGiTv6f4/dHiG3/yMsRLCXZENJmv7E5yWw38X
lkfGsr615MCBVK8qheu5BIK+IuqZgus6AYTEp7imGRYt9l7UGWB/X1xlOtet/zbD
z88gr9elH9VzQ9mvA45rf1DJUdmE4xiTxqPEtQJgAsN9aLKvnJoB6hd45qbEgmwq
qEywPZTw7CBCsY9iMEX7pdAzXSLlFIfxrpaDIcIdFwkL9wmQHfef
-----END CERTIFICATE-----
Generated at Wed Jan 1 09:42:15 2025 by rpki-client on console-ams.rpki-client.org