Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/a14020-1bfb-4133-afce-d5e45f2ca879/1/_PjA_qBuys_gcMKJxohdaO9y60M.roa
File: _PjA_qBuys_gcMKJxohdaO9y60M.roa (raw, json)
Hash identifier: VYHO/ckFd7T4nG2+KUohNo2W4BCC+u8RfSm2KZa1eJM=
Subject key identifier: FC:F8:C0:FE:A0:6E:CA:CF:E0:70:C2:89:C6:88:5D:68:EF:72:EB:43
Certificate issuer: /CN=e08e17a781b64119a3a6357000254f5b795b0da8
Certificate serial: 01856FE704F5BEBB1CFE30F9C824EA046466
Authority key identifier: E0:8E:17:A7:81:B6:41:19:A3:A6:35:70:00:25:4F:5B:79:5B:0D:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4I4Xp4G2QRmjpjVwACVPW3lbDag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/a14020-1bfb-4133-afce-d5e45f2ca879/1/_PjA_qBuys_gcMKJxohdaO9y60M.roa
Signing time: Mon 02 Jan 2023 00:34:49 +0000
ROA not before: Mon 02 Jan 2023 00:34:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61343
IP address blocks: 185.27.84.0/22 maxlen: 22
192.76.166.0/24 maxlen: 24
192.76.168.0/24 maxlen: 24
185.10.36.0/22 maxlen: 22
192.76.167.0/24 maxlen: 24
192.76.169.0/24 maxlen: 24
2a03:5540::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:e7:04:f5:be:bb:1c:fe:30:f9:c8:24:ea:04:64:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e08e17a781b64119a3a6357000254f5b795b0da8
Validity
Not Before: Jan 2 00:34:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fcf8c0fea06ecacfe070c289c6885d68ef72eb43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:e0:3d:b0:29:72:ac:93:ef:d2:12:1c:7f:30:
77:bc:10:b4:ff:d4:b3:9a:e3:73:59:ab:1f:20:3e:
30:ec:d4:ae:00:a0:8d:a2:eb:63:4f:0a:93:b2:d4:
e2:28:de:41:0a:4d:59:d2:bc:b3:29:9a:fa:29:a4:
41:b6:ec:31:01:29:c9:92:7d:bf:88:ac:32:6a:54:
5d:6d:51:da:92:98:00:7e:84:de:54:0f:a6:27:7b:
98:40:46:64:0a:0c:86:9e:42:73:72:51:89:6f:8b:
9a:77:ca:93:c4:0e:9e:2e:f4:69:4c:e4:bd:a9:46:
e0:5a:45:49:52:56:8f:39:63:f0:0a:a2:fa:43:05:
2e:a4:ce:db:38:7d:8e:c9:ca:10:ae:28:ef:12:0b:
35:f0:e0:fa:a7:5b:ef:d9:3c:87:db:fa:c2:a0:e0:
aa:18:31:dd:91:17:e9:88:85:9a:b9:97:12:ef:c3:
2c:dc:4e:a9:fe:38:6a:c0:23:e9:01:25:75:5a:1b:
f4:79:c9:09:df:09:93:6d:4b:9d:dd:d9:73:49:7c:
db:03:84:a4:a7:71:dd:e8:4e:f8:80:ee:82:6c:e7:
90:a8:4a:4d:40:a9:43:9f:ba:a4:12:f0:61:0b:3d:
3b:6e:72:a8:8a:7c:cc:d3:1f:ed:ce:ca:dd:be:ef:
6c:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:F8:C0:FE:A0:6E:CA:CF:E0:70:C2:89:C6:88:5D:68:EF:72:EB:43
X509v3 Authority Key Identifier:
keyid:E0:8E:17:A7:81:B6:41:19:A3:A6:35:70:00:25:4F:5B:79:5B:0D:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4I4Xp4G2QRmjpjVwACVPW3lbDag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/a14020-1bfb-4133-afce-d5e45f2ca879/1/_PjA_qBuys_gcMKJxohdaO9y60M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/a14020-1bfb-4133-afce-d5e45f2ca879/1/4I4Xp4G2QRmjpjVwACVPW3lbDag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.10.36.0/22
185.27.84.0/22
192.76.166.0-192.76.169.255
IPv6:
2a03:5540::/32
Signature Algorithm: sha256WithRSAEncryption
3a:88:93:0e:4c:8e:03:53:ba:10:06:f6:2e:a5:e4:19:cb:e2:
81:b5:98:62:b0:69:36:d2:e8:32:fe:5c:88:48:24:58:24:38:
aa:8d:ac:dd:28:da:70:78:33:0b:5b:08:bd:2e:2e:04:ae:73:
53:30:19:80:67:dd:a5:4d:63:56:36:99:2b:98:3a:02:cc:c8:
06:51:20:6e:ad:28:02:15:9d:ca:5a:ca:85:bc:44:d9:3f:e6:
3b:07:d7:2d:dd:5a:a7:a3:05:a5:66:95:14:3d:d4:f1:32:67:
82:13:cf:30:75:d4:61:08:77:bf:cc:4d:af:79:9e:52:4e:24:
35:5c:1a:db:23:33:6c:e4:f9:df:ad:36:d6:ac:e8:f0:18:96:
0d:77:70:62:ee:9c:00:aa:d7:52:e6:94:d0:e2:75:94:ea:dd:
a6:90:28:7d:db:2e:80:89:dc:8f:1b:24:20:a3:e1:13:5b:0a:
39:b8:b1:63:62:1e:3d:9a:69:a5:36:2f:1e:58:dc:ee:8c:1d:
03:db:84:6b:0a:e2:3c:c5:07:28:ff:27:65:88:79:c7:48:16:
1b:9b:f2:32:3d:8e:9e:ab:84:89:5a:e5:9d:02:c7:36:6f:ae:
67:8c:13:7f:93:8f:71:8a:2d:3e:58:c7:97:a2:b8:c4:82:95:
61:f5:85:ba
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYVv5wT1vrsc/jD5yCTqBGRmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwOGUxN2E3ODFiNjQxMTlhM2E2MzU3MDAwMjU0ZjViNzk1
YjBkYTgwHhcNMjMwMTAyMDAzNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2Y4YzBmZWEwNmVjYWNmZTA3MGMyODljNjg4NWQ2OGVmNzJlYjQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAluA9sClyrJPv0hIcfzB3vBC0/9Sz
muNzWasfID4w7NSuAKCNoutjTwqTstTiKN5BCk1Z0ryzKZr6KaRBtuwxASnJkn2/
iKwyalRdbVHakpgAfoTeVA+mJ3uYQEZkCgyGnkJzclGJb4uad8qTxA6eLvRpTOS9
qUbgWkVJUlaPOWPwCqL6QwUupM7bOH2OycoQrijvEgs18OD6p1vv2TyH2/rCoOCq
GDHdkRfpiIWauZcS78Ms3E6p/jhqwCPpASV1Whv0eckJ3wmTbUud3dlzSXzbA4Sk
p3Hd6E74gO6CbOeQqEpNQKlDn7qkEvBhCz07bnKoinzM0x/tzsrdvu9sswIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFPz4wP6gbsrP4HDCicaIXWjvcutDMB8GA1UdIwQY
MBaAFOCOF6eBtkEZo6Y1cAAlT1t5Ww2oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEk0WHA0RzJRUm1qcGpWd0FDVlBXM2xiRGFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9hMTQwMjAtMWJmYi00MTMzLWFmY2Ut
ZDVlNDVmMmNhODc5LzEvX1BqQV9xQnV5c19nY01LSnhvaGRhTzl5NjBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9hMTQwMjAtMWJmYi00MTMzLWFmY2UtZDVlNDVmMmNhODc5
LzEvNEk0WHA0RzJRUm1qcGpWd0FDVlBXM2xiRGFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQCuQokAwQC
uRtUMAwDBAHATKYDBAHATKgwDQQCAAIwBwMFACoDVUAwDQYJKoZIhvcNAQELBQAD
ggEBADqIkw5MjgNTuhAG9i6l5BnL4oG1mGKwaTbS6DL+XIhIJFgkOKqNrN0o2nB4
MwtbCL0uLgSuc1MwGYBn3aVNY1Y2mSuYOgLMyAZRIG6tKAIVncpayoW8RNk/5jsH
1y3dWqejBaVmlRQ91PEyZ4ITzzB11GEId7/MTa95nlJOJDVcGtsjM2zk+d+tNtas
6PAYlg13cGLunACq11LmlNDidZTq3aaQKH3bLoCJ3I8bJCCj4RNbCjm4sWNiHj2a
aaU2Lx5Y3O6MHQPbhGsK4jzFByj/J2WIecdIFhub8jI9jp6rhIla5Z0CxzZvrmeM
E3+Tj3GKLT5Yx5eiuMSClWH1hbo=
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:26:59 2024 by rpki-client on console-fra.rpki-client.org