Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/8065d5-04d0-43e5-a2f4-041a48d2123f/1/Pk-CpzLzHDRfTdLsUWClUT_5SDs.roa
File: Pk-CpzLzHDRfTdLsUWClUT_5SDs.roa (raw, json)
Hash identifier: VzDXo3pqgb+KI8KzjcQaq/tUuPVobI3i5oUb/mQNIPk=
Subject key identifier: 3E:4F:82:A7:32:F3:1C:34:5F:4D:D2:EC:51:60:A5:51:3F:F9:48:3B
Certificate issuer: /CN=a4767bc5fbcbcefb1c1c747bb0eb5337dab691c0
Certificate serial: 018570CBEEF6D8C03E3E72C0166DC2C248D6
Authority key identifier: A4:76:7B:C5:FB:CB:CE:FB:1C:1C:74:7B:B0:EB:53:37:DA:B6:91:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pHZ7xfvLzvscHHR7sOtTN9q2kcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/8065d5-04d0-43e5-a2f4-041a48d2123f/1/Pk-CpzLzHDRfTdLsUWClUT_5SDs.roa
Signing time: Mon 02 Jan 2023 04:44:51 +0000
ROA not before: Mon 02 Jan 2023 04:44:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50827
IP address blocks: 212.63.223.0/24 maxlen: 24
193.42.215.0/24 maxlen: 24
2a01:298:fd::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:31:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:cb:ee:f6:d8:c0:3e:3e:72:c0:16:6d:c2:c2:48:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4767bc5fbcbcefb1c1c747bb0eb5337dab691c0
Validity
Not Before: Jan 2 04:44:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3e4f82a732f31c345f4dd2ec5160a5513ff9483b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:f2:43:99:cb:fe:fd:76:d9:c5:b4:5b:40:09:
a2:74:d7:5a:37:bb:1b:60:ec:c3:0e:64:7e:3a:5d:
52:b1:d9:64:98:3c:3d:59:2a:19:41:c9:7d:3e:b7:
fc:dd:e1:97:a2:16:c7:8f:a1:fb:08:f3:54:13:b3:
b0:09:f0:0d:96:b2:0c:00:fd:4c:e4:32:d0:02:0a:
46:ab:8e:ee:a9:92:86:0f:83:da:88:aa:06:08:25:
41:9b:cb:e6:9a:35:b3:26:5f:4d:02:98:37:8f:97:
4f:82:d3:76:ff:dd:7a:b7:21:85:c9:2a:e5:9a:a1:
84:03:88:61:0d:fc:d5:88:e8:23:72:23:5a:22:bc:
f2:b5:2c:30:ea:92:ba:71:53:d9:20:a9:9c:2e:01:
a9:3a:cb:79:15:2a:f2:18:98:8d:08:f9:ed:fd:0f:
66:46:75:33:11:1d:38:35:13:0a:54:99:9e:5c:d5:
98:be:d7:d2:f3:cb:61:f5:d9:e5:20:7e:72:c0:96:
75:81:38:c1:3f:25:15:84:90:8b:1a:f1:7a:fb:09:
3f:5a:a6:e7:68:45:f5:71:81:ac:cb:2c:c3:a7:74:
07:55:57:ff:35:c6:a1:d4:e3:16:2b:93:85:0a:5f:
68:0f:16:85:1e:e9:2f:2d:27:49:60:67:f4:ae:b3:
77:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:4F:82:A7:32:F3:1C:34:5F:4D:D2:EC:51:60:A5:51:3F:F9:48:3B
X509v3 Authority Key Identifier:
keyid:A4:76:7B:C5:FB:CB:CE:FB:1C:1C:74:7B:B0:EB:53:37:DA:B6:91:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pHZ7xfvLzvscHHR7sOtTN9q2kcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/8065d5-04d0-43e5-a2f4-041a48d2123f/1/Pk-CpzLzHDRfTdLsUWClUT_5SDs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/8065d5-04d0-43e5-a2f4-041a48d2123f/1/pHZ7xfvLzvscHHR7sOtTN9q2kcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.42.215.0/24
212.63.223.0/24
IPv6:
2a01:298:fd::/48
Signature Algorithm: sha256WithRSAEncryption
b0:85:3f:9b:e4:00:15:0c:d4:98:d7:f7:1b:5e:d8:06:d7:5f:
22:68:07:71:2f:55:f1:80:26:98:a9:76:a5:5a:e9:0c:aa:78:
e3:63:85:f1:77:0f:2b:23:55:12:e1:1b:fa:bd:9b:1c:59:19:
cf:37:b2:b9:55:a7:e9:c5:2f:ec:e8:d4:92:52:44:43:26:c9:
52:aa:37:de:60:b5:41:60:c6:5d:d2:15:c7:ba:3b:d0:10:f4:
9e:1e:f2:ad:3a:c3:44:21:ba:02:c6:41:22:56:9b:79:48:2f:
da:f6:c4:d2:8c:1c:36:4b:e6:3c:93:4b:d1:3f:36:55:86:75:
32:4c:89:30:74:6d:fc:42:27:f4:ad:15:83:23:41:42:d4:e9:
95:01:7f:73:ef:f7:0c:7a:3d:5c:76:78:45:df:00:0f:e9:a9:
13:31:67:fe:32:4a:7c:96:f1:b2:e5:b9:e3:31:38:ef:fe:e2:
0c:c7:57:2e:ad:06:a2:af:99:0c:ba:df:03:dc:ad:f3:63:9a:
42:37:42:45:e6:18:d6:0c:d9:03:1f:f5:f4:7f:49:8a:9f:ba:
73:69:90:32:3d:63:03:3d:97:fe:74:55:b3:70:7d:ef:ee:94:
c7:d6:08:07:32:d0:d0:68:ca:c1:92:63:41:c0:39:85:91:3f:
4f:11:76:a8
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVwy+722MA+PnLAFm3CwkjWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0NzY3YmM1ZmJjYmNlZmIxYzFjNzQ3YmIwZWI1MzM3ZGFi
NjkxYzAwHhcNMjMwMTAyMDQ0NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTRmODJhNzMyZjMxYzM0NWY0ZGQyZWM1MTYwYTU1MTNmZjk0ODNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg/JDmcv+/XbZxbRbQAmidNdaN7sb
YOzDDmR+Ol1SsdlkmDw9WSoZQcl9Prf83eGXohbHj6H7CPNUE7OwCfANlrIMAP1M
5DLQAgpGq47uqZKGD4PaiKoGCCVBm8vmmjWzJl9NApg3j5dPgtN2/916tyGFySrl
mqGEA4hhDfzViOgjciNaIrzytSww6pK6cVPZIKmcLgGpOst5FSryGJiNCPnt/Q9m
RnUzER04NRMKVJmeXNWYvtfS88th9dnlIH5ywJZ1gTjBPyUVhJCLGvF6+wk/Wqbn
aEX1cYGsyyzDp3QHVVf/Ncah1OMWK5OFCl9oDxaFHukvLSdJYGf0rrN3CwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFD5Pgqcy8xw0X03S7FFgpVE/+Ug7MB8GA1UdIwQY
MBaAFKR2e8X7y877HBx0e7DrUzfatpHAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEhaN3hmdkx6dnNjSEhSN3NPdFROOXEya2NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS84MDY1ZDUtMDRkMC00M2U1LWEyZjQt
MDQxYTQ4ZDIxMjNmLzEvUGstQ3B6THpIRFJmVGRMc1VXQ2xVVF81U0RzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS84MDY1ZDUtMDRkMC00M2U1LWEyZjQtMDQxYTQ4ZDIxMjNm
LzEvcEhaN3hmdkx6dnNjSEhSN3NPdFROOXEya2NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAwSrXAwQA
1D/fMA8EAgACMAkDBwAqAQKYAP0wDQYJKoZIhvcNAQELBQADggEBALCFP5vkABUM
1JjX9xte2AbXXyJoB3EvVfGAJpipdqVa6QyqeONjhfF3DysjVRLhG/q9mxxZGc83
srlVp+nFL+zo1JJSREMmyVKqN95gtUFgxl3SFce6O9AQ9J4e8q06w0QhugLGQSJW
m3lIL9r2xNKMHDZL5jyTS9E/NlWGdTJMiTB0bfxCJ/StFYMjQULU6ZUBf3Pv9wx6
PVx2eEXfAA/pqRMxZ/4ySnyW8bLlueMxOO/+4gzHVy6tBqKvmQy63wPcrfNjmkI3
QkXmGNYM2QMf9fR/SYqfunNpkDI9YwM9l/50VbNwfe/ulMfWCAcy0NBoysGSY0HA
OYWRP08Rdqg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:16 2024 by rpki-client on console-ams.rpki-client.org