Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/be6819-83bb-40e0-9d74-cfb0d0493c3a/1/PMPZeJBwcTJZDgkcalTXBLUUeUw.roa
File: PMPZeJBwcTJZDgkcalTXBLUUeUw.roa (raw, json)
Hash identifier: Y1PH4efzC496vQpHaj8E+FXKPDp4F00AOVwNEdvF3nY=
Subject key identifier: 3C:C3:D9:78:90:70:71:32:59:0E:09:1C:6A:54:D7:04:B5:14:79:4C
Certificate issuer: /CN=540c4f742fd329a36fcd29c4eb984e5f49515d99
Certificate serial: 018CC94CA404CD7014ED0E37EC6E9004FD38
Authority key identifier: 54:0C:4F:74:2F:D3:29:A3:6F:CD:29:C4:EB:98:4E:5F:49:51:5D:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VAxPdC_TKaNvzSnE65hOX0lRXZk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/be6819-83bb-40e0-9d74-cfb0d0493c3a/1/PMPZeJBwcTJZDgkcalTXBLUUeUw.roa
Signing time: Tue 02 Jan 2024 08:31:32 +0000
ROA not before: Tue 02 Jan 2024 08:31:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62163
IP address blocks: 185.99.165.0/24 maxlen: 24
185.99.166.0/24 maxlen: 24
185.99.164.0/24 maxlen: 24
185.99.167.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:48:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4c:a4:04:cd:70:14:ed:0e:37:ec:6e:90:04:fd:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=540c4f742fd329a36fcd29c4eb984e5f49515d99
Validity
Not Before: Jan 2 08:31:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3cc3d97890707132590e091c6a54d704b514794c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:a2:f3:69:e9:f0:fe:68:b6:94:d4:5e:09:be:
a4:2a:30:72:b2:7a:55:2c:f6:0e:b9:54:4d:53:1e:
d1:06:4a:23:46:42:90:11:d9:f7:08:84:c8:68:cf:
f5:d7:79:ea:da:ef:8b:c5:3e:5a:e9:8f:6e:a9:ee:
de:5d:06:fd:21:83:06:66:f2:0d:8e:c3:82:21:31:
14:a9:74:9b:60:97:3b:1a:50:e1:3f:4a:44:95:80:
52:16:32:83:49:14:c2:6f:82:db:41:04:a1:f5:54:
a2:ef:ef:42:6c:a5:64:ff:f9:75:00:60:ba:8f:68:
f0:89:d9:eb:9e:0f:e2:f0:7f:1c:2a:21:74:d1:d7:
c0:3d:a1:f5:66:22:c6:c8:40:75:3d:59:93:d3:bb:
55:86:bf:f4:65:86:33:87:60:26:12:8e:2c:a0:66:
48:ad:71:2e:cf:a8:1c:28:46:57:a6:9c:8d:7c:56:
8d:94:85:c5:e9:b2:89:b9:ef:9a:b4:ef:fe:23:39:
ad:ad:b8:97:d5:6f:33:fa:04:ae:1d:ef:76:1a:1b:
e9:7c:75:52:94:5a:6c:40:46:cc:77:80:4d:3e:36:
84:b1:55:1c:82:e3:29:89:49:42:1e:ec:b0:60:e3:
d7:0e:a3:d8:a5:b7:73:02:79:a5:23:b2:64:7e:fc:
5a:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:C3:D9:78:90:70:71:32:59:0E:09:1C:6A:54:D7:04:B5:14:79:4C
X509v3 Authority Key Identifier:
keyid:54:0C:4F:74:2F:D3:29:A3:6F:CD:29:C4:EB:98:4E:5F:49:51:5D:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VAxPdC_TKaNvzSnE65hOX0lRXZk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/be6819-83bb-40e0-9d74-cfb0d0493c3a/1/PMPZeJBwcTJZDgkcalTXBLUUeUw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/be6819-83bb-40e0-9d74-cfb0d0493c3a/1/VAxPdC_TKaNvzSnE65hOX0lRXZk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.99.164.0/22
Signature Algorithm: sha256WithRSAEncryption
6b:9b:53:93:88:09:cb:b8:77:7a:f8:19:1f:64:ec:21:e0:85:
e0:75:f9:77:1e:a3:37:17:39:96:e3:1f:ea:17:91:d7:1b:a9:
74:b9:cd:f8:b8:79:d0:29:38:e2:a2:95:76:ef:5b:65:21:29:
f0:09:3b:71:c7:36:3a:1a:aa:7e:8d:5b:91:f3:2f:53:fb:74:
f1:1f:19:f0:5b:9d:2e:ba:72:2f:ad:13:14:ea:7e:38:d5:2a:
ed:03:72:85:b7:de:21:fc:37:ab:b9:cf:d6:0b:17:72:7e:32:
3c:36:4f:d5:ba:48:e7:ce:a4:c7:42:e2:78:15:e6:f0:0b:b8:
3b:6a:e6:59:21:b0:31:c1:4c:b4:f6:fb:91:c3:29:3e:0f:48:
d2:5e:fe:17:9b:76:61:da:d5:ed:a6:a4:1e:6a:1b:3f:70:ee:
c9:6b:22:18:c4:5b:5c:26:c2:5a:2b:a7:80:45:f7:0a:0b:e4:
6f:a0:9c:81:2e:da:e3:77:1f:2b:3f:04:fe:c3:69:e3:74:de:
c0:e9:58:ca:42:c5:bd:1d:ff:f1:2e:42:90:18:8c:4b:39:70:
3d:4d:65:e5:da:93:e6:9d:a3:8c:6a:3a:e3:62:93:f1:3f:ab:
83:50:10:1c:ca:5e:80:2b:60:63:74:6c:40:80:ea:b0:ff:26:
a7:b8:48:6b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTKQEzXAU7Q437G6QBP04MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0MGM0Zjc0MmZkMzI5YTM2ZmNkMjljNGViOTg0ZTVmNDk1
MTVkOTkwHhcNMjQwMTAyMDgzMTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2MzZDk3ODkwNzA3MTMyNTkwZTA5MWM2YTU0ZDcwNGI1MTQ3OTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh6Lzaenw/mi2lNReCb6kKjBysnpV
LPYOuVRNUx7RBkojRkKQEdn3CITIaM/113nq2u+LxT5a6Y9uqe7eXQb9IYMGZvIN
jsOCITEUqXSbYJc7GlDhP0pElYBSFjKDSRTCb4LbQQSh9VSi7+9CbKVk//l1AGC6
j2jwidnrng/i8H8cKiF00dfAPaH1ZiLGyEB1PVmT07tVhr/0ZYYzh2AmEo4soGZI
rXEuz6gcKEZXppyNfFaNlIXF6bKJue+atO/+IzmtrbiX1W8z+gSuHe92GhvpfHVS
lFpsQEbMd4BNPjaEsVUcguMpiUlCHuywYOPXDqPYpbdzAnmlI7JkfvxaNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDzD2XiQcHEyWQ4JHGpU1wS1FHlMMB8GA1UdIwQY
MBaAFFQMT3Qv0ymjb80pxOuYTl9JUV2ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkF4UGRDX1RLYU52elNuRTY1aE9YMGxSWFprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9iZTY4MTktODNiYi00MGUwLTlkNzQt
Y2ZiMGQwNDkzYzNhLzEvUE1QWmVKQndjVEpaRGdrY2FsVFhCTFVVZVV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9iZTY4MTktODNiYi00MGUwLTlkNzQtY2ZiMGQwNDkzYzNh
LzEvVkF4UGRDX1RLYU52elNuRTY1aE9YMGxSWFprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuWOkMA0G
CSqGSIb3DQEBCwUAA4IBAQBrm1OTiAnLuHd6+BkfZOwh4IXgdfl3HqM3FzmW4x/q
F5HXG6l0uc34uHnQKTjiopV271tlISnwCTtxxzY6Gqp+jVuR8y9T+3TxHxnwW50u
unIvrRMU6n441SrtA3KFt94h/Deruc/WCxdyfjI8Nk/VukjnzqTHQuJ4FebwC7g7
auZZIbAxwUy09vuRwyk+D0jSXv4Xm3Zh2tXtpqQeahs/cO7JayIYxFtcJsJaK6eA
RfcKC+RvoJyBLtrjdx8rPwT+w2njdN7A6VjKQsW9Hf/xLkKQGIxLOXA9TWXl2pPm
naOMajrjYpPxP6uDUBAcyl6AK2BjdGxAgOqw/yanuEhr
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:08:28 2025 by rpki-client