Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/pnq9LrsKi1Utop_XTUrJU604RbY.roa
File: pnq9LrsKi1Utop_XTUrJU604RbY.roa (raw, json)
Hash identifier: sXttmxSHKsvkk6ckhTMxe4m+BdDNIYZrLUxjhY+t/Y4=
Subject key identifier: A6:7A:BD:2E:BB:0A:8B:55:2D:A2:9F:D7:4D:4A:C9:53:AD:38:45:B6
Certificate issuer: /CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Certificate serial: 018CC8DF33127EE7643145961C0110E284D8
Authority key identifier: 21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/pnq9LrsKi1Utop_XTUrJU604RbY.roa
Signing time: Tue 02 Jan 2024 06:31:59 +0000
ROA not before: Tue 02 Jan 2024 06:31:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207106
IP address blocks: 147.234.8.0/24 maxlen: 24
147.234.10.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 May 2024 07:24:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:33:12:7e:e7:64:31:45:96:1c:01:10:e2:84:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Validity
Not Before: Jan 2 06:31:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a67abd2ebb0a8b552da29fd74d4ac953ad3845b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:89:b5:af:d8:57:4e:cf:53:08:24:04:33:02:
da:a4:44:33:e6:3e:7b:28:fb:0a:50:ad:28:40:1d:
4e:d0:bb:b0:19:93:ce:ca:d6:b2:37:d9:09:c4:da:
e7:c7:5b:49:4c:72:54:0f:91:22:2f:d2:70:4c:d2:
a6:dd:06:85:38:56:dc:e1:04:9e:d9:5f:7d:0d:47:
be:cf:ea:41:2c:70:a2:71:37:d6:18:3a:93:fe:ad:
28:6a:1a:fb:28:c6:7c:64:5d:5e:f3:62:ca:a0:5d:
cc:f8:85:c6:9d:46:fd:d8:6a:18:5b:56:dc:e0:2d:
cf:7a:c0:27:a5:6d:53:23:e7:95:ff:d1:c5:54:b7:
29:78:6d:a3:e3:15:fc:08:a7:ef:15:66:52:ab:66:
cf:96:e8:a1:c9:c4:3a:a4:b5:e4:98:29:e2:52:b5:
19:9f:ff:0e:c7:a6:4c:71:60:cb:73:36:2c:1e:9b:
97:e2:59:2d:85:ea:d2:f0:b6:f4:25:09:74:31:e1:
98:bb:8f:7c:7b:3f:a7:95:47:65:86:85:2a:80:1a:
29:54:eb:ce:50:bc:1e:ac:c6:b4:65:4a:2b:06:ef:
3a:ec:f8:86:d4:bf:b6:23:e7:4b:79:f3:f5:0e:a0:
29:13:f8:77:1f:6a:d2:19:98:6a:1c:c7:c4:ef:59:
2f:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:7A:BD:2E:BB:0A:8B:55:2D:A2:9F:D7:4D:4A:C9:53:AD:38:45:B6
X509v3 Authority Key Identifier:
keyid:21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/pnq9LrsKi1Utop_XTUrJU604RbY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/IbrXTn9sCUmic2pXR4SW19i0UOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.234.8.0/24
147.234.10.0/23
Signature Algorithm: sha256WithRSAEncryption
23:5c:7c:72:8d:c1:3e:89:23:e5:a6:d0:48:66:33:d1:1c:62:
c3:7b:09:15:12:ed:56:16:75:19:24:44:18:99:28:0e:11:f2:
34:70:ec:17:df:8e:f3:c6:2d:38:3b:a4:d5:14:8d:d0:df:db:
c2:49:43:01:4d:73:51:33:0b:20:29:61:83:60:0b:d1:9c:2b:
b4:c2:f5:98:14:84:f2:d4:7a:f7:d6:34:1f:74:e7:fd:4a:58:
7e:2e:c9:ca:9c:d8:eb:b2:ac:5b:db:93:3a:23:83:8d:bd:48:
9f:67:0a:70:8e:51:e1:78:9e:44:36:aa:c6:52:7e:47:f2:14:
af:3d:c7:ff:a3:47:9a:0a:14:64:53:e1:02:c2:82:59:1a:ad:
ee:69:fd:db:3b:b3:39:70:da:7d:86:42:4c:c1:35:6a:64:8c:
1f:70:ca:e3:83:96:57:84:72:33:c2:ee:49:cd:74:8d:11:92:
62:4a:ec:d2:7a:d7:df:4a:2f:37:e3:ce:f8:14:3c:61:bc:48:
ee:c5:04:72:ad:2a:8b:df:21:08:47:0f:c3:62:d5:0b:6f:43:
07:8d:2d:77:d4:a7:44:f8:f1:e7:6c:5d:fd:ec:d5:2f:35:e6:
67:45:0b:59:bb:65:2a:1b:ee:9d:06:5c:c8:bb:58:9d:2d:b5:
15:3f:0e:05
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzI3zMSfudkMUWWHAEQ4oTYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYmFkNzRlN2Y2YzA5NDlhMjczNmE1NzQ3ODQ5NmQ3ZDhi
NDUwZTYwHhcNMjQwMTAyMDYzMTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjdhYmQyZWJiMGE4YjU1MmRhMjlmZDc0ZDRhYzk1M2FkMzg0NWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArIm1r9hXTs9TCCQEMwLapEQz5j57
KPsKUK0oQB1O0LuwGZPOytayN9kJxNrnx1tJTHJUD5EiL9JwTNKm3QaFOFbc4QSe
2V99DUe+z+pBLHCicTfWGDqT/q0oahr7KMZ8ZF1e82LKoF3M+IXGnUb92GoYW1bc
4C3PesAnpW1TI+eV/9HFVLcpeG2j4xX8CKfvFWZSq2bPluihycQ6pLXkmCniUrUZ
n/8Ox6ZMcWDLczYsHpuX4lktherS8Lb0JQl0MeGYu498ez+nlUdlhoUqgBopVOvO
ULwerMa0ZUorBu867PiG1L+2I+dLefP1DqApE/h3H2rSGZhqHMfE71kvKwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKZ6vS67CotVLaKf101KyVOtOEW2MB8GA1UdIwQY
MBaAFCG6105/bAlJonNqV0eEltfYtFDmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQt
NDQzMzIyOWE4NDczLzEvcG5xOUxyc0tpMVV0b3BfWFRVckpVNjA0UmJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQtNDQzMzIyOWE4NDcz
LzEvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAk+oIAwQB
k+oKMA0GCSqGSIb3DQEBCwUAA4IBAQAjXHxyjcE+iSPlptBIZjPRHGLDewkVEu1W
FnUZJEQYmSgOEfI0cOwX347zxi04O6TVFI3Q39vCSUMBTXNRMwsgKWGDYAvRnCu0
wvWYFITy1Hr31jQfdOf9Slh+LsnKnNjrsqxb25M6I4ONvUifZwpwjlHheJ5ENqrG
Un5H8hSvPcf/o0eaChRkU+ECwoJZGq3uaf3bO7M5cNp9hkJMwTVqZIwfcMrjg5ZX
hHIzwu5JzXSNEZJiSuzSetffSi834874FDxhvEjuxQRyrSqL3yEIRw/DYtULb0MH
jS131KdE+PHnbF397NUvNeZnRQtZu2UqG+6dBlzIu1idLbUVPw4F
-----END CERTIFICATE-----
Generated at Wed May 1 09:52:57 2024 by rpki-client on console-fra.rpki-client.org