Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/PqqPAKy88T1NU_RSEW2O3dXFb-U.roa
File: PqqPAKy88T1NU_RSEW2O3dXFb-U.roa (raw, json)
Hash identifier: VxSSGsqdlD2wkM8D67gGYjc3vfNU/yrASWY8sC9VXV4=
Subject key identifier: 3E:AA:8F:00:AC:BC:F1:3D:4D:53:F4:52:11:6D:8E:DD:D5:C5:6F:E5
Certificate issuer: /CN=746365355b665564a210c358c68a0117b7fbeb9a
Certificate serial: 01869BACE8EF33BE50652C35EF870C040852
Authority key identifier: 74:63:65:35:5B:66:55:64:A2:10:C3:58:C6:8A:01:17:B7:FB:EB:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/PqqPAKy88T1NU_RSEW2O3dXFb-U.roa
Signing time: Wed 01 Mar 2023 05:37:25 +0000
ROA not before: Wed 01 Mar 2023 05:37:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 212.22.70.0/24 maxlen: 24
212.22.81.0/24 maxlen: 24
212.22.87.0/24 maxlen: 24
185.65.202.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Mar 2023 05:53:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:9b:ac:e8:ef:33:be:50:65:2c:35:ef:87:0c:04:08:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=746365355b665564a210c358c68a0117b7fbeb9a
Validity
Not Before: Mar 1 05:37:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3eaa8f00acbcf13d4d53f452116d8eddd5c56fe5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:7d:c7:95:b4:b4:6a:d4:b6:8d:88:d9:4d:44:
47:88:7c:45:84:42:1b:92:6f:81:00:09:af:2e:90:
bb:1f:55:10:cf:2a:37:aa:6b:f7:35:c3:bf:9e:8a:
09:f5:03:43:ae:62:ef:63:f9:aa:71:3e:be:3f:0d:
4e:78:7c:be:c0:23:6f:df:dc:19:0a:db:e6:a5:9e:
51:74:b9:ff:33:90:fc:31:4b:58:03:52:ae:13:ec:
5a:d1:b0:79:1f:f8:bf:d7:bc:11:7c:38:6c:e7:80:
88:fb:3a:0c:bb:cb:90:36:ad:26:50:7d:31:44:08:
81:9e:42:3f:85:a8:35:b4:bb:47:2b:e0:42:dd:06:
0e:20:b4:6b:03:a2:7a:9a:a5:15:05:95:41:49:8f:
c8:7d:14:23:9e:bb:25:b9:11:00:f4:96:a5:65:d5:
d6:46:d4:aa:00:c7:d3:e6:38:04:95:b6:d1:f0:24:
ac:ff:cd:11:58:51:b1:7a:a2:98:7d:51:5d:ce:a0:
7b:8a:b9:ad:d0:1f:68:88:f6:e9:24:d4:27:b5:7f:
b0:e3:1a:45:67:2d:7b:7c:22:85:93:4d:a2:a4:eb:
20:98:94:37:82:0c:80:65:1e:c3:21:c6:b2:f6:c5:
d5:06:be:15:d7:bb:b3:24:a8:0b:29:43:32:3d:22:
c1:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:AA:8F:00:AC:BC:F1:3D:4D:53:F4:52:11:6D:8E:DD:D5:C5:6F:E5
X509v3 Authority Key Identifier:
keyid:74:63:65:35:5B:66:55:64:A2:10:C3:58:C6:8A:01:17:B7:FB:EB:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/PqqPAKy88T1NU_RSEW2O3dXFb-U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/dGNlNVtmVWSiEMNYxooBF7f765o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.65.202.0/24
212.22.70.0/24
212.22.81.0/24
212.22.87.0/24
Signature Algorithm: sha256WithRSAEncryption
68:95:3e:25:21:b0:87:d1:d4:e5:ac:c3:8a:a9:3a:ae:8f:80:
4a:35:9e:3d:ab:90:6e:66:dd:a3:be:86:c3:0c:36:0e:ba:b5:
a7:c2:17:b9:f1:be:e4:50:d5:dc:1d:a5:71:c7:06:db:e1:5f:
76:c2:ed:ed:84:ba:ec:df:2a:eb:ce:ec:aa:09:46:bb:26:f7:
2b:e2:76:1c:ae:78:8b:5e:d7:46:cd:51:6f:90:42:b9:1c:d3:
e6:c2:64:b1:6f:45:84:7b:ea:31:16:91:cf:bf:be:91:ea:75:
9b:6a:67:66:2f:e2:04:54:e9:01:8e:e4:09:63:bd:f8:f6:46:
bc:36:13:20:6f:7a:35:3b:b0:f1:43:62:b9:a1:6d:e3:88:10:
67:db:09:37:ec:3f:53:1b:62:a3:7c:c3:4a:e9:bb:79:45:dc:
27:27:d2:aa:07:79:f8:22:8d:8c:6f:34:3c:43:4a:27:35:7a:
dd:c4:d8:cd:d4:9a:68:65:49:0e:2c:b6:b3:e2:b3:bc:d4:bc:
bb:74:7f:9a:30:49:cc:ed:e8:71:ae:94:d5:a7:cc:5e:a2:c3:
5d:8e:cd:07:5d:5c:82:d9:7b:7d:c1:fc:b5:8d:ed:85:5b:d3:
7e:60:2d:37:bb:db:6d:9e:66:7c:29:70:b9:d2:e0:bf:2d:4d:
c5:c4:19:4a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYabrOjvM75QZSw174cMBAhSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NjM2NTM1NWI2NjU1NjRhMjEwYzM1OGM2OGEwMTE3Yjdm
YmViOWEwHhcNMjMwMzAxMDUzNzI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWFhOGYwMGFjYmNmMTNkNGQ1M2Y0NTIxMTZkOGVkZGQ1YzU2ZmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp33HlbS0atS2jYjZTURHiHxFhEIb
km+BAAmvLpC7H1UQzyo3qmv3NcO/nooJ9QNDrmLvY/mqcT6+Pw1OeHy+wCNv39wZ
CtvmpZ5RdLn/M5D8MUtYA1KuE+xa0bB5H/i/17wRfDhs54CI+zoMu8uQNq0mUH0x
RAiBnkI/hag1tLtHK+BC3QYOILRrA6J6mqUVBZVBSY/IfRQjnrsluREA9JalZdXW
RtSqAMfT5jgElbbR8CSs/80RWFGxeqKYfVFdzqB7irmt0B9oiPbpJNQntX+w4xpF
Zy17fCKFk02ipOsgmJQ3ggyAZR7DIcay9sXVBr4V17uzJKgLKUMyPSLBsQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFD6qjwCsvPE9TVP0UhFtjt3VxW/lMB8GA1UdIwQY
MBaAFHRjZTVbZlVkohDDWMaKARe3++uaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEdObE5WdG1WV1NpRU1OWXhvb0JGN2Y3NjVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi9hZWEzNmQtYmFiZi00NDc0LWE3OGIt
NmE0ZWNhZjhiM2IxLzEvUHFxUEFLeTg4VDFOVV9SU0VXMk8zZFhGYi1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi9hZWEzNmQtYmFiZi00NDc0LWE3OGItNmE0ZWNhZjhiM2Ix
LzEvZEdObE5WdG1WV1NpRU1OWXhvb0JGN2Y3NjVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAuUHKAwQA
1BZGAwQA1BZRAwQA1BZXMA0GCSqGSIb3DQEBCwUAA4IBAQBolT4lIbCH0dTlrMOK
qTquj4BKNZ49q5BuZt2jvobDDDYOurWnwhe58b7kUNXcHaVxxwbb4V92wu3thLrs
3yrrzuyqCUa7Jvcr4nYcrniLXtdGzVFvkEK5HNPmwmSxb0WEe+oxFpHPv76R6nWb
amdmL+IEVOkBjuQJY7349ka8NhMgb3o1O7DxQ2K5oW3jiBBn2wk37D9TG2KjfMNK
6bt5RdwnJ9KqB3n4Io2MbzQ8Q0onNXrdxNjN1JpoZUkOLLaz4rO81Ly7dH+aMEnM
7ehxrpTVp8xeosNdjs0HXVyC2Xt9wfy1je2FW9N+YC03u9ttnmZ8KXC50uC/LU3F
xBlK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:35 2024 by rpki-client on console-fra.rpki-client.org