Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/4bd00a-83ce-4134-b592-7243d9347143/1/PAnXQJpU8kXo9QZfk0oraS5cZlc.roa
File: PAnXQJpU8kXo9QZfk0oraS5cZlc.roa (raw, json)
Hash identifier: utsIbKuKNxsgOM7Y1xbpMNrGtPzxRH5AVIsIIDR87xs=
Subject key identifier: 3C:09:D7:40:9A:54:F2:45:E8:F5:06:5F:93:4A:2B:69:2E:5C:66:57
Certificate issuer: /CN=304d706d759b0213114fb319cb593315d7e3409b
Certificate serial: 01856E78B406E49EFAA5E05B1C5BDFE438DA
Authority key identifier: 30:4D:70:6D:75:9B:02:13:11:4F:B3:19:CB:59:33:15:D7:E3:40:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ME1wbXWbAhMRT7MZy1kzFdfjQJs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/4bd00a-83ce-4134-b592-7243d9347143/1/PAnXQJpU8kXo9QZfk0oraS5cZlc.roa
Signing time: Sun 01 Jan 2023 17:54:42 +0000
ROA not before: Sun 01 Jan 2023 17:54:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51747
IP address blocks: 185.236.40.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:78:b4:06:e4:9e:fa:a5:e0:5b:1c:5b:df:e4:38:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=304d706d759b0213114fb319cb593315d7e3409b
Validity
Not Before: Jan 1 17:54:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3c09d7409a54f245e8f5065f934a2b692e5c6657
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:73:e2:25:92:1b:b0:08:8f:bb:c8:67:ea:54:
0d:cd:c7:98:2e:37:a3:5c:cb:34:a6:83:52:64:01:
98:f3:eb:3a:d9:01:ee:66:e9:f1:4e:d1:1c:13:65:
76:05:0f:71:0c:d6:99:49:3f:ea:d7:20:41:1a:05:
e6:e8:b4:7b:14:fb:18:37:b3:4c:b9:a7:15:3f:c3:
b7:65:fa:4f:7a:29:d3:35:cd:c7:13:85:be:99:8f:
70:04:dd:84:20:57:cc:f1:42:1e:e7:7c:91:af:0b:
d0:8d:9e:95:e8:46:3f:e2:5a:eb:f1:13:e5:ad:ad:
34:c2:46:be:6d:7e:24:db:5a:64:11:d0:47:d9:b7:
57:37:c4:b9:1c:73:63:f6:20:e1:ae:10:b7:d0:9f:
8f:20:80:36:48:8b:8d:5c:fb:0f:4f:77:f4:13:83:
0b:8c:66:b2:e4:15:a9:22:0c:ff:36:33:4b:be:ee:
f4:de:c8:6e:47:a5:e8:da:01:61:e5:c4:27:53:ce:
95:fb:ba:24:9c:4e:53:c6:36:dc:14:7c:bf:f1:bd:
ce:39:93:45:02:a0:1f:08:2f:79:7b:c2:db:f4:71:
83:96:5f:df:bb:8d:be:59:04:3b:d9:7f:6d:ae:cd:
73:83:14:fb:ac:74:c0:fd:c9:bd:a1:41:d0:d3:bf:
f8:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:09:D7:40:9A:54:F2:45:E8:F5:06:5F:93:4A:2B:69:2E:5C:66:57
X509v3 Authority Key Identifier:
keyid:30:4D:70:6D:75:9B:02:13:11:4F:B3:19:CB:59:33:15:D7:E3:40:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ME1wbXWbAhMRT7MZy1kzFdfjQJs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/4bd00a-83ce-4134-b592-7243d9347143/1/PAnXQJpU8kXo9QZfk0oraS5cZlc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/4bd00a-83ce-4134-b592-7243d9347143/1/ME1wbXWbAhMRT7MZy1kzFdfjQJs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.236.40.0/22
Signature Algorithm: sha256WithRSAEncryption
27:34:56:e4:5f:36:93:e1:fd:da:38:d2:72:49:cc:16:6c:64:
64:f3:03:4b:b0:1a:7b:b3:3e:42:53:d8:58:5d:bd:2c:26:4a:
47:88:d4:b4:dd:9b:15:7c:6a:27:e4:be:1e:9a:58:13:02:0a:
30:8a:97:4b:4e:1b:39:15:81:48:59:cd:8b:ab:c9:63:40:0b:
e9:90:7d:11:a1:17:02:1c:3a:9b:41:ee:1e:37:a9:f0:e7:bf:
f1:0e:2a:49:f3:36:8a:14:cd:d6:f6:62:61:6a:2b:f5:34:2e:
b3:08:39:d3:ce:53:8a:37:e5:12:d2:de:ba:75:6d:99:74:e8:
91:67:b5:43:20:44:21:8a:12:4e:a0:ca:65:f1:b9:87:65:b2:
91:8b:99:51:94:0f:5b:29:fa:ae:79:04:50:8e:f3:7c:d1:f7:
6c:18:3e:5b:96:e6:ee:0a:7f:d2:d4:52:f0:8c:55:a0:be:ff:
8a:a1:24:e8:49:ef:1f:d9:cf:60:5c:bf:ec:61:c5:01:b8:27:
fa:b3:de:c7:11:c7:ae:f2:d3:e9:bf:cc:21:d6:06:aa:04:7a:
24:84:85:a8:7d:82:1f:ae:6e:60:f4:c4:3f:0a:8c:3d:c8:9a:
01:ad:4b:4e:47:6c:ff:17:13:c1:b6:94:fc:be:4f:c2:9a:4f:
09:c0:61:58
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVueLQG5J76peBbHFvf5DjaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwNGQ3MDZkNzU5YjAyMTMxMTRmYjMxOWNiNTkzMzE1ZDdl
MzQwOWIwHhcNMjMwMTAxMTc1NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzA5ZDc0MDlhNTRmMjQ1ZThmNTA2NWY5MzRhMmI2OTJlNWM2NjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqnPiJZIbsAiPu8hn6lQNzceYLjej
XMs0poNSZAGY8+s62QHuZunxTtEcE2V2BQ9xDNaZST/q1yBBGgXm6LR7FPsYN7NM
uacVP8O3ZfpPeinTNc3HE4W+mY9wBN2EIFfM8UIe53yRrwvQjZ6V6EY/4lrr8RPl
ra00wka+bX4k21pkEdBH2bdXN8S5HHNj9iDhrhC30J+PIIA2SIuNXPsPT3f0E4ML
jGay5BWpIgz/NjNLvu703shuR6Xo2gFh5cQnU86V+7oknE5TxjbcFHy/8b3OOZNF
AqAfCC95e8Lb9HGDll/fu42+WQQ72X9trs1zgxT7rHTA/cm9oUHQ07/4oQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDwJ10CaVPJF6PUGX5NKK2kuXGZXMB8GA1UdIwQY
MBaAFDBNcG11mwITEU+zGctZMxXX40CbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUUxd2JYV2JBaE1SVDdNWnkxa3pGZGZqUUpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My80YmQwMGEtODNjZS00MTM0LWI1OTIt
NzI0M2Q5MzQ3MTQzLzEvUEFuWFFKcFU4a1hvOVFaZmswb3JhUzVjWmxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My80YmQwMGEtODNjZS00MTM0LWI1OTItNzI0M2Q5MzQ3MTQz
LzEvTUUxd2JYV2JBaE1SVDdNWnkxa3pGZGZqUUpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuewoMA0G
CSqGSIb3DQEBCwUAA4IBAQAnNFbkXzaT4f3aONJyScwWbGRk8wNLsBp7sz5CU9hY
Xb0sJkpHiNS03ZsVfGon5L4emlgTAgowipdLThs5FYFIWc2Lq8ljQAvpkH0RoRcC
HDqbQe4eN6nw57/xDipJ8zaKFM3W9mJhaiv1NC6zCDnTzlOKN+US0t66dW2ZdOiR
Z7VDIEQhihJOoMpl8bmHZbKRi5lRlA9bKfqueQRQjvN80fdsGD5blubuCn/S1FLw
jFWgvv+KoSToSe8f2c9gXL/sYcUBuCf6s97HEceu8tPpv8wh1gaqBHokhIWofYIf
rm5g9MQ/Cow9yJoBrUtOR2z/FxPBtpT8vk/Cmk8JwGFY
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:54 2024 by rpki-client on console-ams.rpki-client.org