Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/PyuLeaZW7V5pjvbad-3laNVYZl8.roa
File: PyuLeaZW7V5pjvbad-3laNVYZl8.roa (raw, json)
Hash identifier: ykNrZQLy0RIniUW4qrukP+oS1MQNDH/CmZi3GJyxlP4=
Subject key identifier: 3F:2B:8B:79:A6:56:ED:5E:69:8E:F6:DA:77:ED:E5:68:D5:58:66:5F
Certificate issuer: /CN=dd97c7ca05bcc3d6a2ad1ba235bed8feab694550
Certificate serial: 018CC94E1D03E65825F79D878DF7473EF938
Authority key identifier: DD:97:C7:CA:05:BC:C3:D6:A2:AD:1B:A2:35:BE:D8:FE:AB:69:45:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3ZfHygW8w9airRuiNb7Y_qtpRVA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/PyuLeaZW7V5pjvbad-3laNVYZl8.roa
Signing time: Tue 02 Jan 2024 08:33:08 +0000
ROA not before: Tue 02 Jan 2024 08:33:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1239
IP address blocks: 46.253.80.0/21 maxlen: 21
Validation: Failed, certificate revoked on Tue 09 Jan 2024 11:54:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:1d:03:e6:58:25:f7:9d:87:8d:f7:47:3e:f9:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd97c7ca05bcc3d6a2ad1ba235bed8feab694550
Validity
Not Before: Jan 2 08:33:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3f2b8b79a656ed5e698ef6da77ede568d558665f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:ad:d9:bc:77:c3:62:24:09:47:2f:6c:b1:43:
49:fe:ff:11:8a:71:aa:e5:ad:dc:1a:6f:f9:ce:08:
66:2e:24:ef:36:49:6e:c2:00:a9:e8:87:6e:33:f6:
66:2b:3b:d0:e1:26:df:eb:b0:34:35:c4:b7:a4:34:
c9:3a:cd:6d:89:e7:42:52:8b:32:8e:0a:ef:64:34:
08:57:ed:f3:b1:ec:3b:f8:81:e0:d3:4f:b8:24:a4:
c7:59:52:71:80:6e:63:51:13:77:61:03:a7:85:c6:
34:f6:2a:61:57:2a:35:a3:ec:c3:df:b9:1f:c3:9b:
a2:c1:b6:ab:67:aa:6c:f5:da:42:fc:ea:43:a1:3f:
7f:68:f5:df:54:cf:bc:13:d9:f3:d4:d9:4e:b4:12:
61:e8:e0:ca:e2:3d:09:1e:5a:d0:3b:e4:eb:2c:fc:
00:a3:65:13:d5:87:54:b9:9c:80:73:4d:4b:dd:11:
53:57:b8:5a:9c:4b:1f:44:bd:97:cf:65:2a:6d:c5:
65:d6:af:28:26:be:22:d9:38:2d:53:bd:84:45:0f:
4f:58:4a:ad:67:7c:87:d8:51:d2:ce:38:3e:0f:5d:
88:7b:d8:23:72:da:d9:17:2e:d2:c9:0f:39:3d:0b:
17:09:10:0f:00:30:9f:30:c4:42:d2:16:c9:bc:2a:
0d:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:2B:8B:79:A6:56:ED:5E:69:8E:F6:DA:77:ED:E5:68:D5:58:66:5F
X509v3 Authority Key Identifier:
keyid:DD:97:C7:CA:05:BC:C3:D6:A2:AD:1B:A2:35:BE:D8:FE:AB:69:45:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ZfHygW8w9airRuiNb7Y_qtpRVA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/PyuLeaZW7V5pjvbad-3laNVYZl8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/3ZfHygW8w9airRuiNb7Y_qtpRVA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.253.80.0/21
Signature Algorithm: sha256WithRSAEncryption
40:10:63:05:19:0c:cd:85:9a:ed:94:28:50:8b:0e:69:f0:65:
ab:c8:b1:37:db:54:f6:62:4e:b3:e2:db:a5:eb:72:a0:e3:e0:
a3:fa:e1:a6:10:c7:ea:9a:54:77:5a:f5:65:1d:b7:ad:70:dc:
a1:72:68:e9:a9:eb:b8:7c:06:07:9d:0e:97:26:5c:bb:92:c7:
37:eb:d0:29:d8:82:dd:71:96:3b:e8:ed:9c:d9:a3:01:1b:a3:
96:64:50:c0:34:b4:d0:91:c9:f2:47:b3:ae:ff:48:fc:13:ca:
0a:52:42:12:6d:51:40:c7:8b:fe:26:2b:82:6d:b5:0d:54:ce:
ac:b2:32:38:6b:86:fc:3c:3e:1c:fd:66:0c:fe:f3:3c:e9:62:
73:77:f1:7d:a6:93:9b:69:b0:f2:96:06:33:e9:0d:93:0c:31:
6c:0c:a0:53:a9:d6:1c:30:e2:d4:0d:b4:c4:76:7a:36:2c:c3:
42:2b:fd:07:61:d6:bc:f6:fe:a5:5a:0b:7d:9e:53:b3:18:99:
a2:a5:20:31:b8:63:67:ab:74:70:c4:b9:1d:f8:89:fd:cc:42:
e0:ff:80:f6:be:22:c3:33:7b:95:87:71:68:68:71:fc:25:38:
42:24:b5:0e:f2:30:11:20:f1:75:a6:de:56:2d:ef:0e:59:57:
be:55:bf:17
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTh0D5lgl952HjfdHPvk4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkOTdjN2NhMDViY2MzZDZhMmFkMWJhMjM1YmVkOGZlYWI2
OTQ1NTAwHhcNMjQwMTAyMDgzMzA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjJiOGI3OWE2NTZlZDVlNjk4ZWY2ZGE3N2VkZTU2OGQ1NTg2NjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsa3ZvHfDYiQJRy9ssUNJ/v8RinGq
5a3cGm/5zghmLiTvNkluwgCp6IduM/ZmKzvQ4Sbf67A0NcS3pDTJOs1tiedCUosy
jgrvZDQIV+3zsew7+IHg00+4JKTHWVJxgG5jURN3YQOnhcY09iphVyo1o+zD37kf
w5uiwbarZ6ps9dpC/OpDoT9/aPXfVM+8E9nz1NlOtBJh6ODK4j0JHlrQO+TrLPwA
o2UT1YdUuZyAc01L3RFTV7hanEsfRL2Xz2UqbcVl1q8oJr4i2TgtU72ERQ9PWEqt
Z3yH2FHSzjg+D12Ie9gjctrZFy7SyQ85PQsXCRAPADCfMMRC0hbJvCoN7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD8ri3mmVu1eaY722nft5WjVWGZfMB8GA1UdIwQY
MBaAFN2Xx8oFvMPWoq0bojW+2P6raUVQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1pmSHlnVzh3OWFpclJ1aU5iN1lfcXRwUlZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9lMzJhOWEtODNlMC00ZmI5LWFjNzEt
NGQ0YjE2MTQ0ZDY4LzEvUHl1TGVhWlc3VjVwanZiYWQtM2xhTlZZWmw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9lMzJhOWEtODNlMC00ZmI5LWFjNzEtNGQ0YjE2MTQ0ZDY4
LzEvM1pmSHlnVzh3OWFpclJ1aU5iN1lfcXRwUlZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDLv1QMA0G
CSqGSIb3DQEBCwUAA4IBAQBAEGMFGQzNhZrtlChQiw5p8GWryLE321T2Yk6z4tul
63Kg4+Cj+uGmEMfqmlR3WvVlHbetcNyhcmjpqeu4fAYHnQ6XJly7ksc369Ap2ILd
cZY76O2c2aMBG6OWZFDANLTQkcnyR7Ou/0j8E8oKUkISbVFAx4v+JiuCbbUNVM6s
sjI4a4b8PD4c/WYM/vM86WJzd/F9ppObabDylgYz6Q2TDDFsDKBTqdYcMOLUDbTE
dno2LMNCK/0HYda89v6lWgt9nlOzGJmipSAxuGNnq3RwxLkd+In9zELg/4D2viLD
M3uVh3FoaHH8JThCJLUO8jARIPF1pt5WLe8OWVe+Vb8X
-----END CERTIFICATE-----
Generated at Tue Jan 9 15:36:43 2024 by rpki-client on console-fra.rpki-client.org