Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/PDGBOFLBeVOS41C3pNgkV_fEYyM.roa
File: PDGBOFLBeVOS41C3pNgkV_fEYyM.roa (raw, json)
Hash identifier: YR20PKZxcVXIRxCElY2BLBSjpptT9rzuWSQTeMVBktY=
Subject key identifier: 3C:31:81:38:52:C1:79:53:92:E3:50:B7:A4:D8:24:57:F7:C4:63:23
Certificate issuer: /CN=c44db8b0983acf97a3255152c2ea592adae7735b
Certificate serial: 01856D53E8750FCBB40EFF437F020BF70080
Authority key identifier: C4:4D:B8:B0:98:3A:CF:97:A3:25:51:52:C2:EA:59:2A:DA:E7:73:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xE24sJg6z5ejJVFSwupZKtrnc1s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/PDGBOFLBeVOS41C3pNgkV_fEYyM.roa
Signing time: Sun 01 Jan 2023 12:34:53 +0000
ROA not before: Sun 01 Jan 2023 12:34:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204287
IP address blocks: 94.176.172.0/22 maxlen: 32
89.38.155.0/24 maxlen: 32
86.104.76.0/22 maxlen: 32
93.114.236.0/22 maxlen: 32
89.32.132.0/22 maxlen: 32
176.223.68.0/22 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:29:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:53:e8:75:0f:cb:b4:0e:ff:43:7f:02:0b:f7:00:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c44db8b0983acf97a3255152c2ea592adae7735b
Validity
Not Before: Jan 1 12:34:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3c31813852c1795392e350b7a4d82457f7c46323
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:f9:1b:78:1b:e3:d2:3b:fe:aa:7a:91:cd:e8:
44:5a:92:d3:90:b5:93:59:c0:9a:37:99:d6:4e:ad:
ba:05:66:5c:4c:d8:08:af:f1:c5:11:7d:f1:44:5a:
46:76:8b:e6:64:d7:77:c5:e6:c2:17:c3:07:df:c5:
1e:a3:81:84:e4:d1:f6:63:05:e8:83:d4:02:ab:9e:
5b:38:2a:30:20:9f:23:37:c6:a0:ed:26:36:63:d5:
9d:e5:71:2b:b8:9d:cf:da:68:4b:b2:e2:1c:d2:0b:
89:23:bb:8f:b3:2d:81:e6:db:c9:46:9b:d8:bb:58:
a2:cf:67:01:69:7a:27:81:5f:02:62:4d:35:71:a0:
52:2d:6b:fa:98:b5:d5:a0:18:65:b8:3c:f2:47:94:
62:31:a7:89:99:a0:77:8b:d1:08:79:1e:ff:b9:7e:
f0:46:80:63:21:e2:37:7e:8c:93:eb:94:b7:9b:5f:
f7:60:90:31:55:05:c6:6c:a3:5a:1b:d7:b6:48:70:
09:bf:d7:6c:33:f4:51:80:c6:01:06:8e:1c:4a:54:
9b:6b:22:93:86:f5:bf:c0:61:bd:df:38:45:89:97:
f8:90:5f:a1:fd:de:f0:84:ee:07:8f:ef:1e:e9:9e:
97:30:ec:10:0a:81:3f:cc:38:55:47:d0:e9:63:4c:
1a:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:31:81:38:52:C1:79:53:92:E3:50:B7:A4:D8:24:57:F7:C4:63:23
X509v3 Authority Key Identifier:
keyid:C4:4D:B8:B0:98:3A:CF:97:A3:25:51:52:C2:EA:59:2A:DA:E7:73:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xE24sJg6z5ejJVFSwupZKtrnc1s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/PDGBOFLBeVOS41C3pNgkV_fEYyM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/xE24sJg6z5ejJVFSwupZKtrnc1s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.104.76.0/22
89.32.132.0/22
89.38.155.0/24
93.114.236.0/22
94.176.172.0/22
176.223.68.0/22
Signature Algorithm: sha256WithRSAEncryption
7a:77:73:3b:bb:65:ae:65:86:8e:05:ad:60:dd:a3:d5:3c:9f:
81:13:5d:fa:63:2d:bf:26:98:05:7b:e3:20:b2:3b:1f:c7:78:
62:15:f9:26:4a:d9:18:d9:0d:f8:d2:b9:02:9a:ed:f0:57:ed:
87:73:35:65:7d:9d:8e:77:73:40:db:d6:5e:4f:a7:eb:32:57:
78:2a:ae:78:e7:47:4c:47:cd:d6:4b:2d:49:87:66:84:e5:44:
f1:09:62:0d:df:ff:46:f7:1e:66:6e:4c:f4:dd:d7:9a:cd:56:
da:4b:5f:6d:f4:ad:36:59:3e:4e:b7:fc:fe:c5:81:f0:3c:ad:
67:ca:0f:d6:de:b9:d2:4b:3a:41:32:7f:06:47:25:d0:68:5a:
4b:89:62:3f:6d:f1:4c:2f:8d:3a:7d:84:57:23:80:b0:2c:f0:
31:24:ff:9a:4e:ad:9a:19:c2:89:63:bd:6b:ae:52:e2:e6:26:
01:46:ed:94:56:96:52:c3:47:02:fe:76:4b:4d:72:76:eb:cb:
07:8b:47:aa:77:ea:d5:81:11:58:e6:e9:e2:e3:64:8d:a5:4f:
26:09:12:6f:ac:60:d1:46:d7:be:9d:32:c1:65:07:43:62:f3:
77:61:2a:db:09:ca:95:cf:c2:dd:0f:9e:98:c0:3c:25:da:2e:
6c:56:df:9a
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVtU+h1D8u0Dv9DfwIL9wCAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0NGRiOGIwOTgzYWNmOTdhMzI1NTE1MmMyZWE1OTJhZGFl
NzczNWIwHhcNMjMwMTAxMTIzNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzMxODEzODUyYzE3OTUzOTJlMzUwYjdhNGQ4MjQ1N2Y3YzQ2MzIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAofkbeBvj0jv+qnqRzehEWpLTkLWT
WcCaN5nWTq26BWZcTNgIr/HFEX3xRFpGdovmZNd3xebCF8MH38Ueo4GE5NH2YwXo
g9QCq55bOCowIJ8jN8ag7SY2Y9Wd5XEruJ3P2mhLsuIc0guJI7uPsy2B5tvJRpvY
u1iiz2cBaXongV8CYk01caBSLWv6mLXVoBhluDzyR5RiMaeJmaB3i9EIeR7/uX7w
RoBjIeI3foyT65S3m1/3YJAxVQXGbKNaG9e2SHAJv9dsM/RRgMYBBo4cSlSbayKT
hvW/wGG93zhFiZf4kF+h/d7whO4Hj+8e6Z6XMOwQCoE/zDhVR9DpY0wa3QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFDwxgThSwXlTkuNQt6TYJFf3xGMjMB8GA1UdIwQY
MBaAFMRNuLCYOs+XoyVRUsLqWSra53NbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEUyNHNKZzZ6NWVqSlZGU3d1cFpLdHJuYzFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC80Mzc4OTctYWY1OC00OTU5LThlNzYt
ZWVkZDk0ZWMxMjhjLzEvUERHQk9GTEJlVk9TNDFDM3BOZ2tWX2ZFWXlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC80Mzc4OTctYWY1OC00OTU5LThlNzYtZWVkZDk0ZWMxMjhj
LzEveEUyNHNKZzZ6NWVqSlZGU3d1cFpLdHJuYzFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCVmhMAwQC
WSCEAwQAWSabAwQCXXLsAwQCXrCsAwQCsN9EMA0GCSqGSIb3DQEBCwUAA4IBAQB6
d3M7u2WuZYaOBa1g3aPVPJ+BE136Yy2/JpgFe+Mgsjsfx3hiFfkmStkY2Q340rkC
mu3wV+2HczVlfZ2Od3NA29ZeT6frMld4Kq5450dMR83WSy1Jh2aE5UTxCWIN3/9G
9x5mbkz03deazVbaS19t9K02WT5Ot/z+xYHwPK1nyg/W3rnSSzpBMn8GRyXQaFpL
iWI/bfFML406fYRXI4CwLPAxJP+aTq2aGcKJY71rrlLi5iYBRu2UVpZSw0cC/nZL
TXJ268sHi0eqd+rVgRFY5uni42SNpU8mCRJvrGDRRte+nTLBZQdDYvN3YSrbCcqV
z8LdD56YwDwl2i5sVt+a
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:45 2024 by rpki-client on console-ams.rpki-client.org