Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/e2e95d-2cb7-46be-a228-8317a8288d10/1/PXNixqfbTuW71PLu81nhQIVUvAI.roa
File: PXNixqfbTuW71PLu81nhQIVUvAI.roa (raw, json)
Hash identifier: 0I2sGg7KhGQgjjjjEVkiOLKZH3kIha2NV8Zk9i+MxXA=
Subject key identifier: 3D:73:62:C6:A7:DB:4E:E5:BB:D4:F2:EE:F3:59:E1:40:85:54:BC:02
Certificate issuer: /CN=d98b5a5fb138683d1a8cc7019f78970bae678228
Certificate serial: 01856E0AD7D4F36936BC4C3A8B0250052896
Authority key identifier: D9:8B:5A:5F:B1:38:68:3D:1A:8C:C7:01:9F:78:97:0B:AE:67:82:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2YtaX7E4aD0ajMcBn3iXC65ngig.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/e2e95d-2cb7-46be-a228-8317a8288d10/1/PXNixqfbTuW71PLu81nhQIVUvAI.roa
Signing time: Sun 01 Jan 2023 15:54:42 +0000
ROA not before: Sun 01 Jan 2023 15:54:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39265
IP address blocks: 193.247.32.0/24 maxlen: 24
193.247.32.0/22 maxlen: 22
2001:67c:21c0::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:0a:d7:d4:f3:69:36:bc:4c:3a:8b:02:50:05:28:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d98b5a5fb138683d1a8cc7019f78970bae678228
Validity
Not Before: Jan 1 15:54:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3d7362c6a7db4ee5bbd4f2eef359e1408554bc02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:89:4f:16:c2:4d:21:da:47:8c:c7:4a:a0:05:
5d:7b:69:98:bc:e9:c1:c4:39:ef:27:92:15:e4:08:
22:55:11:d3:ef:a5:ce:95:de:97:aa:9d:13:ac:3d:
62:02:63:82:46:1e:8d:72:df:50:17:5c:fd:82:20:
11:fe:95:14:40:44:65:d2:d5:c5:99:65:9c:78:5f:
22:b0:3f:fe:4b:c6:38:33:88:b2:d4:93:cd:58:5d:
97:24:cd:8f:29:e0:f5:0f:87:30:be:1d:0e:77:6a:
d0:09:83:b9:27:9b:5f:69:64:b2:0c:09:58:01:d7:
df:42:34:68:99:8e:98:73:e4:dd:8d:ac:a2:b3:e2:
a5:6f:80:7e:8d:75:6b:1b:a5:73:6c:eb:58:df:6c:
08:7e:03:42:17:a1:10:f2:9f:0d:01:4b:0a:da:d8:
04:95:9b:77:42:78:54:78:2e:81:bd:f6:7c:93:43:
41:85:2f:f7:ea:55:3e:1a:ee:66:0d:6d:82:2f:9f:
7b:b6:fa:25:96:8b:5e:80:1c:83:32:62:2e:ef:67:
95:82:e2:6e:36:55:e3:ab:df:fe:54:ea:38:e7:df:
35:7c:be:81:94:28:0f:26:63:6b:8f:ce:ae:9c:50:
a7:62:de:c0:f2:d4:99:42:de:19:f1:e6:a6:0b:be:
cd:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:73:62:C6:A7:DB:4E:E5:BB:D4:F2:EE:F3:59:E1:40:85:54:BC:02
X509v3 Authority Key Identifier:
keyid:D9:8B:5A:5F:B1:38:68:3D:1A:8C:C7:01:9F:78:97:0B:AE:67:82:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2YtaX7E4aD0ajMcBn3iXC65ngig.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/e2e95d-2cb7-46be-a228-8317a8288d10/1/PXNixqfbTuW71PLu81nhQIVUvAI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/e2e95d-2cb7-46be-a228-8317a8288d10/1/2YtaX7E4aD0ajMcBn3iXC65ngig.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.247.32.0/22
IPv6:
2001:67c:21c0::/48
Signature Algorithm: sha256WithRSAEncryption
3f:5f:60:6e:95:04:66:9f:15:e8:bb:c4:74:a0:8d:cd:39:ff:
b3:ad:52:a8:f9:dd:6e:b8:83:c8:b1:ad:f2:40:b6:7a:e9:23:
db:35:40:30:b7:25:97:f9:3e:7c:75:7f:62:26:d3:47:d4:f5:
56:46:c8:a8:5a:42:a9:0a:73:c1:69:30:cc:80:8c:01:b0:0f:
4d:5c:a5:4a:e9:8b:8e:96:1d:43:66:b9:a7:c3:19:10:b0:bd:
01:e1:98:3f:23:84:a1:56:16:cc:ec:bd:71:f4:8d:bf:88:ec:
27:f9:6a:9a:1e:b6:a7:8a:80:01:e4:8e:42:56:ab:bb:e2:d2:
d0:e5:43:cc:8a:87:e5:67:56:89:9a:e0:84:16:7e:f7:25:f6:
a7:87:9e:f7:f6:72:07:b1:33:8d:5e:40:22:91:2b:1e:4e:ce:
95:6b:af:d3:f0:e7:7a:f0:f0:1b:b1:91:dd:04:74:70:5f:e5:
cc:34:cb:bd:0b:eb:21:b7:49:cf:3b:b2:95:e6:be:e3:cf:14:
8b:3d:35:5b:7c:d9:73:88:b6:50:7d:41:e1:1f:db:ba:9d:0e:
40:b9:4f:36:3b:91:0b:7f:57:18:2d:d8:7f:a5:6e:41:8a:f7:
33:7c:df:df:5b:d2:dc:61:99:70:1b:01:09:ed:d1:9b:3e:8d:
4e:84:d1:5c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVuCtfU82k2vEw6iwJQBSiWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5OGI1YTVmYjEzODY4M2QxYThjYzcwMTlmNzg5NzBiYWU2
NzgyMjgwHhcNMjMwMTAxMTU1NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDczNjJjNmE3ZGI0ZWU1YmJkNGYyZWVmMzU5ZTE0MDg1NTRiYzAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmIlPFsJNIdpHjMdKoAVde2mYvOnB
xDnvJ5IV5AgiVRHT76XOld6Xqp0TrD1iAmOCRh6Nct9QF1z9giAR/pUUQERl0tXF
mWWceF8isD/+S8Y4M4iy1JPNWF2XJM2PKeD1D4cwvh0Od2rQCYO5J5tfaWSyDAlY
AdffQjRomY6Yc+Tdjayis+Klb4B+jXVrG6VzbOtY32wIfgNCF6EQ8p8NAUsK2tgE
lZt3QnhUeC6BvfZ8k0NBhS/36lU+Gu5mDW2CL597tvollotegByDMmIu72eVguJu
NlXjq9/+VOo45981fL6BlCgPJmNrj86unFCnYt7A8tSZQt4Z8eamC77NRQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFD1zYsan207lu9Ty7vNZ4UCFVLwCMB8GA1UdIwQY
MBaAFNmLWl+xOGg9GozHAZ94lwuuZ4IoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMll0YVg3RTRhRDBhak1jQm4zaVhDNjVuZ2lnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9lMmU5NWQtMmNiNy00NmJlLWEyMjgt
ODMxN2E4Mjg4ZDEwLzEvUFhOaXhxZmJUdVc3MVBMdTgxbmhRSVZVdkFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9lMmU5NWQtMmNiNy00NmJlLWEyMjgtODMxN2E4Mjg4ZDEw
LzEvMll0YVg3RTRhRDBhak1jQm4zaVhDNjVuZ2lnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCwfcgMA8E
AgACMAkDBwAgAQZ8IcAwDQYJKoZIhvcNAQELBQADggEBAD9fYG6VBGafFei7xHSg
jc05/7OtUqj53W64g8ixrfJAtnrpI9s1QDC3JZf5Pnx1f2Im00fU9VZGyKhaQqkK
c8FpMMyAjAGwD01cpUrpi46WHUNmuafDGRCwvQHhmD8jhKFWFszsvXH0jb+I7Cf5
apoetqeKgAHkjkJWq7vi0tDlQ8yKh+VnVoma4IQWfvcl9qeHnvf2cgexM41eQCKR
Kx5OzpVrr9Pw53rw8Buxkd0EdHBf5cw0y70L6yG3Sc87spXmvuPPFIs9NVt82XOI
tlB9QeEf27qdDkC5TzY7kQt/Vxgt2H+lbkGK9zN8399b0txhmXAbAQnt0Zs+jU6E
0Vw=
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:31:17 2024 by rpki-client on console-fra.rpki-client.org