Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/PFNZGD9JsVzKVCu3KPwFtP8sKjQ.roa
File: PFNZGD9JsVzKVCu3KPwFtP8sKjQ.roa (raw, json)
Hash identifier: P3iSFiHleDhlx5Wu7VMnXUUmpjLHMgNnQpXd4loWvPs=
Subject key identifier: 3C:53:59:18:3F:49:B1:5C:CA:54:2B:B7:28:FC:05:B4:FF:2C:2A:34
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018719E7030F072D43A36503428DCBAD474B
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/PFNZGD9JsVzKVCu3KPwFtP8sKjQ.roa
Signing time: Sat 25 Mar 2023 17:53:02 +0000
ROA not before: Sat 25 Mar 2023 17:53:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 4134
IP address blocks: 2a0e:b107:1fb0::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:19:e7:03:0f:07:2d:43:a3:65:03:42:8d:cb:ad:47:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Mar 25 17:53:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3c5359183f49b15cca542bb728fc05b4ff2c2a34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:9e:69:f0:6a:57:d1:c8:fd:d0:f0:1f:60:9b:
c4:1c:91:81:eb:15:9f:3b:2b:06:f8:81:d7:0e:30:
b1:e1:09:46:20:fb:73:5b:40:09:de:5d:28:30:1f:
c0:74:0b:6b:10:00:e3:c2:a6:d0:65:87:19:99:2d:
13:bd:4b:dc:02:40:9a:9c:b3:b9:3a:fc:a0:5a:ba:
1f:5b:9b:6a:e3:bb:82:5b:03:da:33:9f:3b:83:0a:
71:f9:13:df:76:4b:52:08:2e:36:e2:78:1f:44:e0:
52:d4:7c:8a:05:a5:ff:0f:5e:17:31:09:94:d1:d8:
bf:e2:7a:7c:5f:f8:4b:a6:5a:e7:7b:3e:67:91:68:
8d:08:4d:9d:2e:29:6c:0e:58:2b:75:82:2a:75:37:
8e:7d:75:12:d8:46:52:cd:e3:78:e5:98:48:b3:be:
19:ee:32:fd:3d:fe:76:ee:5a:f6:4b:6b:28:bc:a0:
7d:24:aa:ef:a9:02:a7:3a:b2:4e:b6:5e:7a:5b:94:
41:c7:4d:5d:ca:b3:32:11:45:2f:1d:64:ca:14:45:
04:2f:54:43:d7:95:a6:2e:8e:e7:04:81:05:5a:d0:
83:f7:4d:9b:c2:05:44:2d:72:2e:64:65:4b:f8:13:
2d:48:35:21:68:f2:cd:1e:98:be:da:f1:b9:c9:2c:
8c:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:53:59:18:3F:49:B1:5C:CA:54:2B:B7:28:FC:05:B4:FF:2C:2A:34
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/PFNZGD9JsVzKVCu3KPwFtP8sKjQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:1fb0::/48
Signature Algorithm: sha256WithRSAEncryption
77:37:6a:9e:73:d2:45:b6:5c:6f:9d:33:c0:c0:64:4a:29:4a:
c7:e1:3f:fc:cd:a3:64:bd:ce:d4:3e:97:e1:8b:55:54:a6:52:
66:30:a7:17:51:f5:d0:6e:ce:3c:a8:d7:95:a5:69:f2:6b:0d:
97:19:0d:96:35:4e:ee:df:ad:6f:10:38:72:8d:a0:ab:6d:5c:
b6:c4:cc:a8:95:c3:4f:91:fd:30:97:d6:d1:87:73:d0:97:b8:
ec:db:dc:a4:59:8e:e7:15:94:d5:82:69:fc:06:45:9f:bf:cf:
f7:46:f5:1f:6a:11:8f:4f:b7:64:5f:99:a8:40:71:08:b7:34:
fe:8e:29:53:95:c3:0e:8d:a2:66:d3:bc:81:72:d3:26:91:38:
54:5e:06:08:af:76:65:a5:26:3b:bf:d0:71:01:fc:97:66:84:
f0:6c:16:a1:78:08:16:59:2c:b7:08:b2:ab:a6:d8:cf:23:7b:
f0:d3:67:82:ef:d5:7a:59:ab:22:6f:af:79:75:67:8a:dc:74:
39:ee:1e:d0:f9:71:3f:ac:f2:fb:09:c8:8e:8f:8f:52:74:de:
c4:17:ee:b5:23:27:23:b0:a2:83:1a:4b:ef:4b:d8:fc:c8:42:
cd:20:74:f1:79:e3:2b:8c:e7:02:c6:77:8b:2b:7c:43:29:a1:
80:28:94:e2
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYcZ5wMPBy1Do2UDQo3LrUdLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMzI1MTc1MzAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzUzNTkxODNmNDliMTVjY2E1NDJiYjcyOGZjMDViNGZmMmMyYTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArp5p8GpX0cj90PAfYJvEHJGB6xWf
OysG+IHXDjCx4QlGIPtzW0AJ3l0oMB/AdAtrEADjwqbQZYcZmS0TvUvcAkCanLO5
OvygWrofW5tq47uCWwPaM587gwpx+RPfdktSCC424ngfROBS1HyKBaX/D14XMQmU
0di/4np8X/hLplrnez5nkWiNCE2dLilsDlgrdYIqdTeOfXUS2EZSzeN45ZhIs74Z
7jL9Pf527lr2S2sovKB9JKrvqQKnOrJOtl56W5RBx01dyrMyEUUvHWTKFEUEL1RD
15WmLo7nBIEFWtCD902bwgVELXIuZGVL+BMtSDUhaPLNHpi+2vG5ySyMvQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDxTWRg/SbFcylQrtyj8BbT/LCo0MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvUEZOWkdEOUpzVnpLVkN1M0tQd0Z0UDhzS2pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6xBx+w
MA0GCSqGSIb3DQEBCwUAA4IBAQB3N2qec9JFtlxvnTPAwGRKKUrH4T/8zaNkvc7U
Ppfhi1VUplJmMKcXUfXQbs48qNeVpWnyaw2XGQ2WNU7u361vEDhyjaCrbVy2xMyo
lcNPkf0wl9bRh3PQl7js29ykWY7nFZTVgmn8BkWfv8/3RvUfahGPT7dkX5moQHEI
tzT+jilTlcMOjaJm07yBctMmkThUXgYIr3ZlpSY7v9BxAfyXZoTwbBaheAgWWSy3
CLKrptjPI3vw02eC79V6Wasib695dWeK3HQ57h7Q+XE/rPL7CciOj49SdN7EF+61
IycjsKKDGkvvS9j8yELNIHTxeeMrjOcCxneLK3xDKaGAKJTi
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:15 2023 by rpki-client on console-fra.rpki-client.org