Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/a21c9e-87f1-4983-8394-de37673c409c/1/PbVSxGD-gc88_Z0nlq1_0XdF99c.roa
File: PbVSxGD-gc88_Z0nlq1_0XdF99c.roa (raw, json)
Hash identifier: sAFFLbYABYLlm4wBuTVPDtrGrw/iy1JVYQPQHfs1a34=
Subject key identifier: 3D:B5:52:C4:60:FE:81:CF:3C:FD:9D:27:96:AD:7F:D1:77:45:F7:D7
Certificate issuer: /CN=aa54c4763ea018c3dc70203d04efe71fd4b1b066
Certificate serial: 018BDC7957DB62266E5B8A7ABE57DA70DBFE
Authority key identifier: AA:54:C4:76:3E:A0:18:C3:DC:70:20:3D:04:EF:E7:1F:D4:B1:B0:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qlTEdj6gGMPccCA9BO_nH9SxsGY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/a21c9e-87f1-4983-8394-de37673c409c/1/PbVSxGD-gc88_Z0nlq1_0XdF99c.roa
Signing time: Fri 17 Nov 2023 08:50:21 +0000
ROA not before: Fri 17 Nov 2023 08:50:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16353
IP address blocks: 185.136.72.0/24 maxlen: 24
185.136.72.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:29:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:dc:79:57:db:62:26:6e:5b:8a:7a:be:57:da:70:db:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa54c4763ea018c3dc70203d04efe71fd4b1b066
Validity
Not Before: Nov 17 08:50:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3db552c460fe81cf3cfd9d2796ad7fd17745f7d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:df:87:92:be:b1:47:2b:ee:0c:7e:93:c7:3d:
ff:6a:8b:a1:e1:8e:27:9f:15:fe:e5:a7:39:72:b3:
cb:36:d7:23:78:71:0e:ed:29:64:29:8e:e3:bc:76:
fb:e1:db:38:c1:89:c2:b9:8a:0e:a2:42:a7:3a:2f:
43:4b:bf:6f:ba:21:72:d5:d9:c2:0f:6a:83:29:41:
55:81:08:17:5b:3e:7e:6b:48:d5:13:a8:10:cb:45:
a3:7e:40:a7:0a:86:d2:cd:53:14:08:b4:93:4b:89:
39:b8:81:ed:25:6d:23:7b:84:95:70:b1:e1:5e:b7:
19:06:01:e2:00:14:e6:79:e4:00:d9:e6:4d:71:75:
a3:7c:8e:d2:d6:9e:e1:1c:03:b9:a7:67:6e:26:cd:
1e:c7:1e:ac:03:da:a5:95:28:12:64:c6:a1:f1:3e:
87:25:20:a9:91:f1:a6:24:4b:5e:06:d7:a3:fc:02:
74:1a:c2:45:26:09:b3:06:67:96:14:88:e8:c4:83:
45:cc:e2:6c:d4:a3:d5:72:ce:fa:7d:47:6a:57:23:
c3:5a:68:25:9f:94:6e:8b:2d:32:10:db:39:b9:3e:
49:99:b6:77:b8:8f:8e:f3:b6:ab:48:1f:04:65:48:
44:e7:45:cc:a0:b1:b7:ab:9f:fa:9a:84:3c:8a:df:
57:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:B5:52:C4:60:FE:81:CF:3C:FD:9D:27:96:AD:7F:D1:77:45:F7:D7
X509v3 Authority Key Identifier:
keyid:AA:54:C4:76:3E:A0:18:C3:DC:70:20:3D:04:EF:E7:1F:D4:B1:B0:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qlTEdj6gGMPccCA9BO_nH9SxsGY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/a21c9e-87f1-4983-8394-de37673c409c/1/PbVSxGD-gc88_Z0nlq1_0XdF99c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/a21c9e-87f1-4983-8394-de37673c409c/1/qlTEdj6gGMPccCA9BO_nH9SxsGY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.136.72.0/22
Signature Algorithm: sha256WithRSAEncryption
2f:bd:02:96:4e:cb:89:f7:b6:5d:99:b1:48:e1:46:af:db:e8:
2c:35:fa:27:c9:61:a8:27:56:b8:24:a2:f9:57:51:53:29:ea:
cc:49:83:54:e5:37:e8:78:e2:5a:c7:51:6a:96:09:9c:21:81:
9a:22:9d:56:de:53:f1:d5:35:b4:b1:3d:3d:83:60:1f:b8:70:
b9:f8:4c:76:86:50:5c:58:2f:0b:3b:8a:92:49:08:32:ec:7f:
97:be:86:26:e0:74:91:19:61:40:28:dd:67:cd:44:aa:dc:92:
43:b7:43:87:08:2c:8e:fa:b6:7a:75:07:94:42:5a:a4:a6:6a:
9a:d7:a3:36:f0:7c:f4:1e:22:4b:d8:b1:24:86:d5:b7:36:bb:
35:1b:27:8c:99:71:90:67:7a:00:83:17:8c:53:aa:ec:25:83:
d4:23:a9:ee:70:56:71:04:f3:ad:2b:95:68:ee:9a:f4:fa:cb:
eb:24:c1:c7:fc:b5:e9:c7:7c:cc:c9:c6:a7:07:99:47:0f:3c:
f5:e5:cc:54:82:38:6d:99:43:e0:38:61:e4:8a:1c:b6:be:03:
04:0a:83:bb:f2:43:47:bd:37:d8:9e:0c:1c:b6:d7:f1:da:2f:
ca:e5:30:eb:77:cb:03:ad:46:6f:a8:f9:b3:92:c7:07:36:87:
69:db:22:2e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYvceVfbYiZuW4p6vlfacNv+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhNTRjNDc2M2VhMDE4YzNkYzcwMjAzZDA0ZWZlNzFmZDRi
MWIwNjYwHhcNMjMxMTE3MDg1MDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGI1NTJjNDYwZmU4MWNmM2NmZDlkMjc5NmFkN2ZkMTc3NDVmN2Q3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArN+Hkr6xRyvuDH6Txz3/aouh4Y4n
nxX+5ac5crPLNtcjeHEO7SlkKY7jvHb74ds4wYnCuYoOokKnOi9DS79vuiFy1dnC
D2qDKUFVgQgXWz5+a0jVE6gQy0WjfkCnCobSzVMUCLSTS4k5uIHtJW0je4SVcLHh
XrcZBgHiABTmeeQA2eZNcXWjfI7S1p7hHAO5p2duJs0exx6sA9qllSgSZMah8T6H
JSCpkfGmJEteBtej/AJ0GsJFJgmzBmeWFIjoxINFzOJs1KPVcs76fUdqVyPDWmgl
n5Ruiy0yENs5uT5JmbZ3uI+O87arSB8EZUhE50XMoLG3q5/6moQ8it9X1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD21UsRg/oHPPP2dJ5atf9F3RffXMB8GA1UdIwQY
MBaAFKpUxHY+oBjD3HAgPQTv5x/UsbBmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWxURWRqNmdHTVBjY0NBOUJPX25IOVN4c0dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9hMjFjOWUtODdmMS00OTgzLTgzOTQt
ZGUzNzY3M2M0MDljLzEvUGJWU3hHRC1nYzg4X1owbmxxMV8wWGRGOTljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9hMjFjOWUtODdmMS00OTgzLTgzOTQtZGUzNzY3M2M0MDlj
LzEvcWxURWRqNmdHTVBjY0NBOUJPX25IOVN4c0dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYhIMA0G
CSqGSIb3DQEBCwUAA4IBAQAvvQKWTsuJ97ZdmbFI4Uav2+gsNfonyWGoJ1a4JKL5
V1FTKerMSYNU5TfoeOJax1FqlgmcIYGaIp1W3lPx1TW0sT09g2AfuHC5+Ex2hlBc
WC8LO4qSSQgy7H+XvoYm4HSRGWFAKN1nzUSq3JJDt0OHCCyO+rZ6dQeUQlqkpmqa
16M28Hz0HiJL2LEkhtW3Nrs1GyeMmXGQZ3oAgxeMU6rsJYPUI6nucFZxBPOtK5Vo
7pr0+svrJMHH/LXpx3zMycanB5lHDzz15cxUgjhtmUPgOGHkihy2vgMECoO78kNH
vTfYngwcttfx2i/K5TDrd8sDrUZvqPmzkscHNodp2yIu
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:56 2024 by rpki-client on console-fra.rpki-client.org