Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/3e259b-b6dc-4cf4-ac19-5033f8d79be7/1/PmSyuwVmNAUQJItX_sfTsuGcQGE.roa
File: PmSyuwVmNAUQJItX_sfTsuGcQGE.roa (raw, json)
Hash identifier: KdmsmsufNTbJrd4p43Ki+05TBi16Em37zrFalP0Ie+Y=
Subject key identifier: 3E:64:B2:BB:05:66:34:05:10:24:8B:57:FE:C7:D3:B2:E1:9C:40:61
Certificate issuer: /CN=3aeeb9e692ba9e93d8b95a6488d5c875609d4aec
Certificate serial: 018CCA997ACB383B8FD329B26109CE36F1CD
Authority key identifier: 3A:EE:B9:E6:92:BA:9E:93:D8:B9:5A:64:88:D5:C8:75:60:9D:4A:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ou655pK6npPYuVpkiNXIdWCdSuw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/3e259b-b6dc-4cf4-ac19-5033f8d79be7/1/PmSyuwVmNAUQJItX_sfTsuGcQGE.roa
Signing time: Tue 02 Jan 2024 14:35:05 +0000
ROA not before: Tue 02 Jan 2024 14:35:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2860
IP address blocks: 81.20.240.0/20 maxlen: 20
185.218.12.0/22 maxlen: 22
78.29.128.0/18 maxlen: 18
128.65.224.0/19 maxlen: 19
2a0b:c1c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 04 Nov 2024 16:16:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:7a:cb:38:3b:8f:d3:29:b2:61:09:ce:36:f1:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3aeeb9e692ba9e93d8b95a6488d5c875609d4aec
Validity
Not Before: Jan 2 14:35:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3e64b2bb0566340510248b57fec7d3b2e19c4061
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:57:9d:01:36:8e:5b:8e:18:6a:80:49:03:f5:
54:1f:06:3a:63:6a:56:32:05:9e:f2:20:4d:41:d6:
3f:10:3b:28:af:75:79:3f:79:0b:5f:8b:b4:5d:c5:
94:c2:b1:f0:ce:e2:d0:34:c3:6a:f9:bf:2d:18:2c:
4e:20:a1:45:df:5e:6f:da:14:94:7e:80:a1:ca:91:
89:71:d1:93:98:3d:25:f9:d0:18:9b:4e:c4:c6:e8:
82:48:58:7b:8e:80:b3:e6:fc:58:6b:66:e4:97:4c:
dd:2d:b2:66:47:d4:a1:31:b1:42:62:9a:aa:0a:8e:
8c:59:0e:e5:68:6d:91:88:93:e7:e4:0d:9a:03:d9:
00:2e:ab:af:fc:24:52:ad:7e:d2:e4:64:8e:73:06:
2e:aa:e2:0f:57:23:4a:70:41:4d:4d:f3:ea:50:81:
bf:2c:9d:ba:d7:7d:1b:a7:74:3e:a4:7a:3c:31:cc:
ce:4a:26:94:a8:2b:7e:9b:ee:d9:54:8a:5c:df:30:
30:6e:ec:91:f8:23:1c:33:29:5d:3b:aa:b0:8e:94:
5d:a7:9a:55:89:7b:93:fc:d4:c4:ae:c2:3b:45:5e:
92:65:ae:5e:4a:18:19:cf:7f:c6:53:92:f5:f9:7c:
31:91:d5:c7:b0:fe:f5:76:e5:10:a6:92:5c:85:97:
be:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:64:B2:BB:05:66:34:05:10:24:8B:57:FE:C7:D3:B2:E1:9C:40:61
X509v3 Authority Key Identifier:
keyid:3A:EE:B9:E6:92:BA:9E:93:D8:B9:5A:64:88:D5:C8:75:60:9D:4A:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ou655pK6npPYuVpkiNXIdWCdSuw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/3e259b-b6dc-4cf4-ac19-5033f8d79be7/1/PmSyuwVmNAUQJItX_sfTsuGcQGE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/3e259b-b6dc-4cf4-ac19-5033f8d79be7/1/Ou655pK6npPYuVpkiNXIdWCdSuw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.29.128.0/18
81.20.240.0/20
128.65.224.0/19
185.218.12.0/22
IPv6:
2a0b:c1c0::/29
Signature Algorithm: sha256WithRSAEncryption
11:dc:49:e1:79:7b:7f:12:30:80:d0:a2:ae:99:02:ef:5c:2d:
0a:07:73:96:cf:16:3a:d6:ee:c2:4d:77:c4:12:2d:f4:9b:26:
c2:a4:56:ea:0e:b2:a6:64:8a:e4:1c:cd:3e:bd:ed:84:ee:a6:
e2:7e:23:6f:f4:db:46:aa:11:49:c7:6e:12:d4:89:6a:5e:5b:
ac:5e:98:dc:52:fc:56:e7:0f:43:4e:e6:cb:81:a5:36:d7:51:
70:e7:ae:a4:c8:7f:fd:3c:b9:16:60:03:7e:f7:19:98:9c:28:
36:db:f2:1e:3f:ba:84:20:95:39:2e:f4:a2:20:c2:e6:f0:e5:
85:88:70:ed:34:4d:dc:95:f5:11:9e:c0:b1:a7:65:e2:c5:4a:
97:45:00:f3:45:c5:10:35:41:8b:3d:d9:c9:07:f8:12:bc:18:
c2:78:d6:3e:2d:29:dd:d1:83:2b:db:66:f6:98:6c:10:93:3e:
9a:86:d0:c7:dd:b1:c7:f4:3f:08:19:bd:b7:5c:6f:69:7a:52:
dd:eb:30:1a:21:aa:a2:f4:ac:da:b7:cc:33:54:17:3c:68:3f:
e9:bd:d5:8e:88:8a:c7:37:38:1b:73:fb:d7:26:99:87:86:d2:
aa:6b:bf:0e:8f:50:ed:68:9e:c2:ea:7e:88:49:24:76:1e:b2:
33:33:3d:01
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzKmXrLODuP0ymyYQnONvHNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZWViOWU2OTJiYTllOTNkOGI5NWE2NDg4ZDVjODc1NjA5
ZDRhZWMwHhcNMjQwMTAyMTQzNTA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTY0YjJiYjA1NjYzNDA1MTAyNDhiNTdmZWM3ZDNiMmUxOWM0MDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtVedATaOW44YaoBJA/VUHwY6Y2pW
MgWe8iBNQdY/EDsor3V5P3kLX4u0XcWUwrHwzuLQNMNq+b8tGCxOIKFF315v2hSU
foChypGJcdGTmD0l+dAYm07ExuiCSFh7joCz5vxYa2bkl0zdLbJmR9ShMbFCYpqq
Co6MWQ7laG2RiJPn5A2aA9kALquv/CRSrX7S5GSOcwYuquIPVyNKcEFNTfPqUIG/
LJ26130bp3Q+pHo8MczOSiaUqCt+m+7ZVIpc3zAwbuyR+CMcMyldO6qwjpRdp5pV
iXuT/NTErsI7RV6SZa5eShgZz3/GU5L1+XwxkdXHsP71duUQppJchZe+IwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFD5ksrsFZjQFECSLV/7H07LhnEBhMB8GA1UdIwQY
MBaAFDruueaSup6T2LlaZIjVyHVgnUrsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3U2NTVwSzZucFBZdVZwa2lOWElkV0NkU3V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi8zZTI1OWItYjZkYy00Y2Y0LWFjMTkt
NTAzM2Y4ZDc5YmU3LzEvUG1TeXV3Vm1OQVVRSkl0WF9zZlRzdUdjUUdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi8zZTI1OWItYjZkYy00Y2Y0LWFjMTktNTAzM2Y4ZDc5YmU3
LzEvT3U2NTVwSzZucFBZdVZwa2lOWElkV0NkU3V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQGTh2AAwQE
URTwAwQFgEHgAwQCudoMMA0EAgACMAcDBQMqC8HAMA0GCSqGSIb3DQEBCwUAA4IB
AQAR3EnheXt/EjCA0KKumQLvXC0KB3OWzxY61u7CTXfEEi30mybCpFbqDrKmZIrk
HM0+ve2E7qbifiNv9NtGqhFJx24S1IlqXlusXpjcUvxW5w9DTubLgaU211Fw566k
yH/9PLkWYAN+9xmYnCg22/IeP7qEIJU5LvSiIMLm8OWFiHDtNE3clfURnsCxp2Xi
xUqXRQDzRcUQNUGLPdnJB/gSvBjCeNY+LSnd0YMr22b2mGwQkz6ahtDH3bHH9D8I
Gb23XG9pelLd6zAaIaqi9Kzat8wzVBc8aD/pvdWOiIrHNzgbc/vXJpmHhtKqa78O
j1DtaJ7C6n6ISSR2HrIzMz0B
-----END CERTIFICATE-----
Generated at Mon Nov 4 21:00:43 2024 by rpki-client on console-ams.rpki-client.org