Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/pcQF006YME-XXHy67dUg5blKWmc.roa
File: pcQF006YME-XXHy67dUg5blKWmc.roa (raw, json)
Hash identifier: dqGn5ikGz43qglRyBrqMTxX34bgKti572/kOmV+OZkc=
Subject key identifier: A5:C4:05:D3:4E:98:30:4F:97:5C:7C:BA:ED:D5:20:E5:B9:4A:5A:67
Certificate issuer: /CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Certificate serial: 01919C2D565EB94ADF741EF0C1193DA8FB99
Authority key identifier: 3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/pcQF006YME-XXHy67dUg5blKWmc.roa
Signing time: Thu 29 Aug 2024 03:28:22 +0000
ROA not before: Thu 29 Aug 2024 03:28:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 212.116.228.0/22 maxlen: 24
212.116.241.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 30 Aug 2024 00:23:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:9c:2d:56:5e:b9:4a:df:74:1e:f0:c1:19:3d:a8:fb:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Validity
Not Before: Aug 29 03:28:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a5c405d34e98304f975c7cbaedd520e5b94a5a67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:d6:31:d9:60:ce:c9:13:2d:ce:a7:07:9c:23:
0f:79:46:c6:68:2f:a2:04:0e:fd:ce:15:67:0f:6c:
b0:66:2e:d1:2d:ed:3d:fd:6a:7e:4d:25:b0:68:c7:
2c:b7:0b:6a:cb:21:73:28:cc:56:40:3b:ca:a0:48:
87:10:db:5f:97:c8:5d:42:cd:16:84:ec:18:de:6e:
67:cc:b2:53:d6:34:9b:ab:f3:b8:06:da:96:84:36:
d3:d8:c3:af:42:d8:b3:4c:b2:c2:44:3b:b4:94:4d:
c2:08:f4:d9:8a:9b:f0:31:a9:5d:d6:94:7e:4e:7c:
97:40:a0:26:34:47:0a:83:5c:49:50:25:94:32:98:
b7:82:4f:d8:ca:9b:e4:d5:ad:9b:11:d6:53:f4:da:
db:5c:bc:d3:b5:8b:3d:40:b4:d8:ee:9b:c0:ae:83:
84:ea:dd:6b:63:81:9f:b7:c6:15:75:d3:be:96:0e:
97:05:17:ae:71:07:20:17:28:ba:04:95:8b:ef:9a:
f9:3f:10:bb:32:68:09:70:74:b1:53:1f:ed:fa:69:
ca:dd:a6:44:71:fc:95:fc:e9:37:ef:f7:b1:be:76:
88:df:85:97:8d:55:8f:e7:d6:ec:d7:62:e3:f5:30:
9c:dc:e1:38:1a:21:7e:ee:1b:a9:0c:9a:a5:88:04:
fa:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:C4:05:D3:4E:98:30:4F:97:5C:7C:BA:ED:D5:20:E5:B9:4A:5A:67
X509v3 Authority Key Identifier:
keyid:3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/pcQF006YME-XXHy67dUg5blKWmc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/OwmORe9LtdGNvIbFoTX1fry-AF0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.116.228.0/22
212.116.241.0/24
Signature Algorithm: sha256WithRSAEncryption
44:06:4a:25:d5:24:b1:52:e6:0a:93:d4:a4:5b:ec:a9:37:95:
68:74:d9:51:84:ac:5e:96:fb:a2:f0:f0:f1:36:e2:49:4a:aa:
f0:2b:5d:41:35:cc:7f:40:25:22:b4:10:9b:00:27:01:e5:4a:
42:59:79:2c:7f:4c:0e:99:21:21:b2:3b:6c:06:15:21:40:69:
16:61:9b:6a:c9:6d:8b:51:2d:cb:0c:e4:6e:bc:0b:ec:51:e9:
ca:51:33:f4:cd:7c:a1:8c:b1:8c:44:5b:71:a8:22:26:2b:35:
02:58:2f:1d:29:2a:ff:ea:2b:17:b5:12:00:a3:4c:20:f4:ff:
d7:0b:3d:6a:05:25:5a:7e:91:7d:c7:33:c2:31:ed:fe:4c:30:
2a:a2:02:a3:e0:53:50:f5:28:d9:72:8f:df:51:b2:c8:8f:fb:
a1:56:9b:db:0a:ab:c1:a2:2d:ff:37:90:a0:6a:6d:71:87:69:
4b:5b:70:8d:2d:d8:4f:9a:f2:0f:73:7f:6c:0a:ca:70:84:72:
a4:33:6c:c0:f2:f7:9f:65:c6:02:ba:f2:74:b6:a4:47:ef:5d:
93:de:95:a4:83:ee:a1:31:fd:01:c5:b2:b3:65:20:f2:10:68:
8e:34:fa:39:7c:50:ea:5c:df:ac:84:aa:70:9d:0a:2d:a6:4d:
ea:3d:d4:ce
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZGcLVZeuUrfdB7wwRk9qPuZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiMDk4ZTQ1ZWY0YmI1ZDE4ZGJjODZjNWExMzVmNTdlYmNi
ZTAwNWQwHhcNMjQwODI5MDMyODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWM0MDVkMzRlOTgzMDRmOTc1YzdjYmFlZGQ1MjBlNWI5NGE1YTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxNYx2WDOyRMtzqcHnCMPeUbGaC+i
BA79zhVnD2ywZi7RLe09/Wp+TSWwaMcstwtqyyFzKMxWQDvKoEiHENtfl8hdQs0W
hOwY3m5nzLJT1jSbq/O4BtqWhDbT2MOvQtizTLLCRDu0lE3CCPTZipvwMald1pR+
TnyXQKAmNEcKg1xJUCWUMpi3gk/Yypvk1a2bEdZT9NrbXLzTtYs9QLTY7pvAroOE
6t1rY4Gft8YVddO+lg6XBReucQcgFyi6BJWL75r5PxC7MmgJcHSxUx/t+mnK3aZE
cfyV/Ok37/exvnaI34WXjVWP59bs12Lj9TCc3OE4GiF+7hupDJqliAT6OwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKXEBdNOmDBPl1x8uu3VIOW5SlpnMB8GA1UdIwQY
MBaAFDsJjkXvS7XRjbyGxaE19X68vgBdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMt
ZTEyYjE2NDIxNWI5LzEvcGNRRjAwNllNRS1YWEh5NjdkVWc1YmxLV21jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMtZTEyYjE2NDIxNWI5
LzEvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQC1HTkAwQA
1HTxMA0GCSqGSIb3DQEBCwUAA4IBAQBEBkol1SSxUuYKk9SkW+ypN5VodNlRhKxe
lvui8PDxNuJJSqrwK11BNcx/QCUitBCbACcB5UpCWXksf0wOmSEhsjtsBhUhQGkW
YZtqyW2LUS3LDORuvAvsUenKUTP0zXyhjLGMRFtxqCImKzUCWC8dKSr/6isXtRIA
o0wg9P/XCz1qBSVafpF9xzPCMe3+TDAqogKj4FNQ9SjZco/fUbLIj/uhVpvbCqvB
oi3/N5Cgam1xh2lLW3CNLdhPmvIPc39sCspwhHKkM2zA8vefZcYCuvJ0tqRH712T
3pWkg+6hMf0BxbKzZSDyEGiONPo5fFDqXN+shKpwnQotpk3qPdTO
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:07:18 2025 by rpki-client