Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/PCzHG4502qrHnqv641RVcKRTsK8.roa
File: PCzHG4502qrHnqv641RVcKRTsK8.roa (raw, json)
Hash identifier: oPGHbSKtotytmepc+KkHhVNWTO5eainJrZq10QyUP5E=
Subject key identifier: 3C:2C:C7:1B:8E:74:DA:AA:C7:9E:AB:FA:E3:54:55:70:A4:53:B0:AF
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 0188928731D30E4AABFEF98965857839B3E5
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/PCzHG4502qrHnqv641RVcKRTsK8.roa
Signing time: Tue 06 Jun 2023 21:05:13 +0000
ROA not before: Tue 06 Jun 2023 21:05:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 399471
IP address blocks: 5.105.21.0/24 maxlen: 24
5.105.138.0/24 maxlen: 24
5.105.164.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 21 Jun 2023 12:11:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:92:87:31:d3:0e:4a:ab:fe:f9:89:65:85:78:39:b3:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Jun 6 21:05:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3c2cc71b8e74daaac79eabfae3545570a453b0af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:49:04:ff:c7:0d:3c:ab:af:04:2e:39:73:73:
6c:db:ef:ff:16:d4:fc:cb:01:ff:99:8e:31:a1:17:
ef:6d:7c:0f:2c:90:a5:5b:cc:6a:15:a3:1a:82:0d:
ff:b1:9b:b5:44:98:00:5e:34:09:bf:62:a1:f1:1f:
bd:d8:bd:fe:e0:9e:21:ff:61:ce:34:81:ec:9f:82:
6e:ae:0d:e4:2b:b9:35:b1:4d:f5:a4:60:f6:8d:23:
ab:b3:c8:3e:f8:98:d2:56:29:f5:18:52:0d:87:09:
4b:09:2a:e4:8d:0e:e6:03:57:1d:52:dd:35:15:00:
ba:a1:e7:67:48:2d:e6:f5:84:76:fa:e1:26:be:6c:
54:c3:94:81:19:fa:40:69:0b:94:7d:01:11:94:38:
c2:2e:5d:cd:42:2d:0e:a3:4a:c8:8b:3d:05:79:9d:
be:b0:31:22:5e:7a:0e:01:c7:7f:c9:d2:fe:4a:74:
19:dc:aa:79:12:b4:48:1b:fc:af:6b:dd:b3:01:bd:
3a:3b:59:e7:e8:32:72:1d:c7:26:5e:8a:8d:9a:c6:
05:3a:91:b4:e9:d8:a1:90:95:56:12:a7:91:5a:ae:
8b:48:b8:47:a0:12:ae:cf:c0:05:3b:53:1b:ce:c7:
ad:21:ea:86:a1:3f:9c:ef:40:cb:41:70:57:5a:72:
bf:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:2C:C7:1B:8E:74:DA:AA:C7:9E:AB:FA:E3:54:55:70:A4:53:B0:AF
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/PCzHG4502qrHnqv641RVcKRTsK8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.21.0/24
5.105.138.0/24
5.105.164.0/23
Signature Algorithm: sha256WithRSAEncryption
45:51:80:76:b3:4a:05:ac:45:6a:b1:85:55:53:35:5f:4f:e1:
51:31:a6:2b:a0:7c:c3:62:9c:f4:0e:12:d2:69:2b:b1:b7:c4:
13:35:3d:1a:e2:48:2c:7d:fe:ac:86:6c:78:2b:eb:4d:50:f7:
70:c7:f0:c9:fa:a0:a8:04:de:9c:fa:73:df:fa:14:ac:3b:07:
43:d0:2d:fa:bc:28:4a:40:ae:f0:92:6e:36:ca:96:0e:77:ad:
7a:17:64:44:6d:d9:47:18:06:30:f7:da:9f:56:7b:0d:94:4d:
e4:4d:85:44:72:c2:e3:4b:e6:56:8b:a8:50:14:62:34:ac:a3:
b3:9e:4c:1b:0f:d3:b7:cb:4e:44:00:45:49:d8:0c:d1:d3:96:
9e:9e:06:de:00:9d:02:05:1d:3c:6a:b6:95:e4:d6:94:32:2c:
52:46:d9:35:a7:f0:cd:06:df:8e:c8:f1:d0:8e:b6:b2:e6:b9:
68:56:16:37:62:9e:53:d1:83:18:32:5a:60:e2:4f:50:e5:54:
ce:cb:21:e6:1b:80:2b:b6:8e:b6:cd:f2:f1:22:29:32:cd:0d:
0c:7a:55:2b:92:e4:03:65:2d:b8:98:ba:91:91:85:8b:72:b6:
02:4e:91:ac:3e:98:62:ae:c0:9e:5f:ed:89:cd:53:f6:2c:b0:
2b:ac:6b:b6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYiShzHTDkqr/vmJZYV4ObPlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwNjA2MjEwNTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzJjYzcxYjhlNzRkYWFhYzc5ZWFiZmFlMzU0NTU3MGE0NTNiMGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkUkE/8cNPKuvBC45c3Ns2+//FtT8
ywH/mY4xoRfvbXwPLJClW8xqFaMagg3/sZu1RJgAXjQJv2Kh8R+92L3+4J4h/2HO
NIHsn4Jurg3kK7k1sU31pGD2jSOrs8g++JjSVin1GFINhwlLCSrkjQ7mA1cdUt01
FQC6oednSC3m9YR2+uEmvmxUw5SBGfpAaQuUfQERlDjCLl3NQi0Oo0rIiz0FeZ2+
sDEiXnoOAcd/ydL+SnQZ3Kp5ErRIG/yva92zAb06O1nn6DJyHccmXoqNmsYFOpG0
6dihkJVWEqeRWq6LSLhHoBKuz8AFO1MbzsetIeqGoT+c70DLQXBXWnK/FQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDwsxxuOdNqqx56r+uNUVXCkU7CvMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvUEN6SEc0NTAycXJIbnF2NjQxUlZjS1JUc0s4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABWkVAwQA
BWmKAwQBBWmkMA0GCSqGSIb3DQEBCwUAA4IBAQBFUYB2s0oFrEVqsYVVUzVfT+FR
MaYroHzDYpz0DhLSaSuxt8QTNT0a4kgsff6shmx4K+tNUPdwx/DJ+qCoBN6c+nPf
+hSsOwdD0C36vChKQK7wkm42ypYOd616F2REbdlHGAYw99qfVnsNlE3kTYVEcsLj
S+ZWi6hQFGI0rKOznkwbD9O3y05EAEVJ2AzR05aengbeAJ0CBR08araV5NaUMixS
Rtk1p/DNBt+OyPHQjray5rloVhY3Yp5T0YMYMlpg4k9Q5VTOyyHmG4Arto62zfLx
IikyzQ0MelUrkuQDZS24mLqRkYWLcrYCTpGsPphirsCeX+2JzVP2LLArrGu2
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:56 2024 by rpki-client on console-ams.rpki-client.org