Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/PGQN6blULHkjnNc00yRwBUzma6w.roa
File: PGQN6blULHkjnNc00yRwBUzma6w.roa (raw, json)
Hash identifier: J3x5Z67kdszH5+5G7Da7u21YLnIezLVZP5YWl3ajFOo=
Subject key identifier: 3C:64:0D:E9:B9:54:2C:79:23:9C:D7:34:D3:24:70:05:4C:E6:6B:AC
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 0190995BE3584FBE1646AFA133DDE224CD92
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/PGQN6blULHkjnNc00yRwBUzma6w.roa
Signing time: Tue 09 Jul 2024 21:17:34 +0000
ROA not before: Tue 09 Jul 2024 21:17:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 109.111.34.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 30 Jul 2024 16:10:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:99:5b:e3:58:4f:be:16:46:af:a1:33:dd:e2:24:cd:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: Jul 9 21:17:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3c640de9b9542c79239cd734d32470054ce66bac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:7e:26:3e:0d:56:5b:95:77:21:0b:c5:a7:a0:
54:32:ec:e1:2c:d3:b8:e8:a4:42:7e:ae:f0:4d:0e:
a4:c4:fe:0e:dc:48:3c:d9:40:7c:86:13:ad:f2:13:
55:c9:73:52:86:f6:41:94:d1:dd:90:9f:8a:d2:d1:
e1:19:e0:47:36:b4:a6:27:3f:30:18:b3:fc:7e:f6:
7e:89:76:82:4a:55:9a:af:96:25:13:44:12:90:78:
22:20:a3:36:a0:69:df:b2:b2:1b:2f:37:ed:c5:52:
25:9e:4a:3f:d8:fa:a5:46:d8:e8:a1:40:6c:a8:4c:
9b:d0:57:fa:9e:63:c0:42:7d:f7:28:9a:8d:16:25:
68:68:6d:c0:e3:d5:52:0a:15:6c:76:c0:0c:93:33:
ce:03:98:9f:27:bb:ab:ae:ff:6c:51:2c:df:21:79:
46:5a:92:96:ca:c0:bf:1c:be:ee:7b:d3:d7:7d:57:
17:95:44:d2:c6:28:c9:3f:59:cf:b1:6e:be:62:4b:
2a:42:5b:ff:a2:69:7c:2e:27:ea:bf:db:4d:8b:24:
b5:35:98:92:ea:ca:5c:a1:e7:c9:ba:d5:a1:43:ff:
5c:73:fb:8e:f0:fa:42:9b:75:7d:f4:6b:90:b9:59:
fb:35:d9:e2:0b:d1:67:34:42:7e:9c:50:69:82:15:
36:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:64:0D:E9:B9:54:2C:79:23:9C:D7:34:D3:24:70:05:4C:E6:6B:AC
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/PGQN6blULHkjnNc00yRwBUzma6w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.111.34.0/23
Signature Algorithm: sha256WithRSAEncryption
73:a3:9c:7a:74:c1:3f:da:14:76:07:41:71:6c:03:6e:31:57:
00:c3:d3:ac:57:67:a6:3b:e9:1e:b0:1e:a0:81:eb:a7:b1:70:
12:c1:35:f3:8a:e6:80:d8:11:30:7a:52:83:eb:1a:36:33:e8:
05:c7:9e:dc:4f:49:28:00:ad:04:0f:29:1a:8d:52:1a:8e:7e:
e1:86:64:39:0f:39:9e:3d:a0:c8:74:48:cb:f2:b0:43:77:18:
ff:98:10:10:8d:9e:27:24:8f:0a:fa:08:69:d1:a2:4f:05:dd:
8b:f4:75:5b:53:5f:45:b6:bd:c8:8b:8d:91:ef:60:e4:da:f3:
2a:56:f6:52:b2:6f:d1:91:0a:08:8d:b9:72:45:2a:6c:d2:76:
38:e0:18:46:c7:b4:74:55:bc:95:a3:44:97:4a:60:23:56:ba:
16:2d:9c:31:fb:66:d8:5b:c5:ce:01:83:c6:da:11:2f:9b:bb:
00:fb:74:c8:ec:f1:42:67:93:75:49:4d:80:41:fb:9f:70:f3:
e9:fc:07:13:64:aa:c4:b0:70:c5:93:69:77:a8:34:e2:c4:a2:
f1:54:bb:9a:23:19:b4:9d:53:71:bb:d7:7c:73:f1:17:8a:b1:
6e:46:56:15:87:22:db:60:71:3d:05:50:72:89:ed:f2:9f:ad:
96:7a:93:62
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZCZW+NYT74WRq+hM93iJM2SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjQwNzA5MjExNzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzY0MGRlOWI5NTQyYzc5MjM5Y2Q3MzRkMzI0NzAwNTRjZTY2YmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnH4mPg1WW5V3IQvFp6BUMuzhLNO4
6KRCfq7wTQ6kxP4O3Eg82UB8hhOt8hNVyXNShvZBlNHdkJ+K0tHhGeBHNrSmJz8w
GLP8fvZ+iXaCSlWar5YlE0QSkHgiIKM2oGnfsrIbLzftxVIlnko/2PqlRtjooUBs
qEyb0Ff6nmPAQn33KJqNFiVoaG3A49VSChVsdsAMkzPOA5ifJ7urrv9sUSzfIXlG
WpKWysC/HL7ue9PXfVcXlUTSxijJP1nPsW6+YksqQlv/oml8Lifqv9tNiyS1NZiS
6spcoefJutWhQ/9cc/uO8PpCm3V99GuQuVn7NdniC9FnNEJ+nFBpghU2CwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDxkDem5VCx5I5zXNNMkcAVM5musMB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvUEdRTjZibFVMSGtqbk5jMDB5UndCVXptYTZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBbW8iMA0G
CSqGSIb3DQEBCwUAA4IBAQBzo5x6dME/2hR2B0FxbANuMVcAw9OsV2emO+kesB6g
geunsXASwTXziuaA2BEwelKD6xo2M+gFx57cT0koAK0EDykajVIajn7hhmQ5Dzme
PaDIdEjL8rBDdxj/mBAQjZ4nJI8K+ghp0aJPBd2L9HVbU19Ftr3Ii42R72Dk2vMq
VvZSsm/RkQoIjblyRSps0nY44BhGx7R0VbyVo0SXSmAjVroWLZwx+2bYW8XOAYPG
2hEvm7sA+3TI7PFCZ5N1SU2AQfufcPPp/AcTZKrEsHDFk2l3qDTixKLxVLuaIxm0
nVNxu9d8c/EXirFuRlYVhyLbYHE9BVByie3yn62WepNi
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:26:33 2025 by rpki-client