Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/PP38J-1jsb5Vp4GzRFlw9MArF5c.roa
File: PP38J-1jsb5Vp4GzRFlw9MArF5c.roa (raw, json)
Hash identifier: nz6YrGzgzHT3+n06U3S4zFsI4N2vFUTVBtHQlKKtPQw=
Subject key identifier: 3C:FD:FC:27:ED:63:B1:BE:55:A7:81:B3:44:59:70:F4:C0:2B:17:97
Certificate issuer: /CN=73c69d04583500c5ef81136831237593e0bb86ce
Certificate serial: 018C43E33D07121A2B1957934ED28B492E7E
Authority key identifier: 73:C6:9D:04:58:35:00:C5:EF:81:13:68:31:23:75:93:E0:BB:86:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c8adBFg1AMXvgRNoMSN1k-C7hs4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/PP38J-1jsb5Vp4GzRFlw9MArF5c.roa
Signing time: Thu 07 Dec 2023 10:46:54 +0000
ROA not before: Thu 07 Dec 2023 10:46:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 945
IP address blocks: 2a0d:2582::/32 maxlen: 32
2a0d:2685::/32 maxlen: 32
2a0d:2584::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 12 Dec 2023 02:06:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:43:e3:3d:07:12:1a:2b:19:57:93:4e:d2:8b:49:2e:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73c69d04583500c5ef81136831237593e0bb86ce
Validity
Not Before: Dec 7 10:46:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3cfdfc27ed63b1be55a781b3445970f4c02b1797
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:68:28:6f:e4:6c:11:ba:a6:eb:8f:32:a1:ee:
d4:f6:30:ad:3d:ca:9d:12:50:f3:b5:e1:51:76:08:
58:8f:2a:cf:e3:c4:fe:c3:93:51:86:7d:64:58:4a:
cc:2f:51:c1:85:1c:81:0b:a7:4f:2e:9e:b1:28:43:
7d:7c:25:02:8f:26:af:ba:7e:f3:3a:79:89:3e:5d:
99:16:f8:b4:34:4b:e2:c3:02:b0:79:2f:6f:f3:32:
c7:7f:a8:08:25:3e:ad:be:17:d0:22:d4:24:1f:6d:
f9:35:d9:e0:bb:b4:42:ae:f3:d0:3f:cc:3a:f9:93:
64:99:77:86:d0:da:3c:02:be:ac:e3:ce:40:62:a5:
5c:b1:7b:6d:34:f1:b8:19:8e:18:11:6c:d4:bc:b5:
df:1a:99:37:f3:46:36:88:a2:8c:5a:2a:58:ff:c0:
36:5d:b0:5f:48:72:85:d5:37:67:8f:98:c8:0b:e0:
87:a4:40:05:5b:19:b1:11:76:91:75:71:b7:e7:47:
37:0e:d4:89:99:e7:13:c7:4f:e7:c7:ae:49:d9:8a:
f3:cd:29:2c:ee:92:2b:19:f9:4c:76:f9:42:96:f5:
c5:64:9c:2c:98:dd:15:29:38:fa:af:e1:86:b0:88:
08:17:1d:f5:9a:f9:1f:d6:eb:49:c6:01:70:34:32:
87:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:FD:FC:27:ED:63:B1:BE:55:A7:81:B3:44:59:70:F4:C0:2B:17:97
X509v3 Authority Key Identifier:
keyid:73:C6:9D:04:58:35:00:C5:EF:81:13:68:31:23:75:93:E0:BB:86:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8adBFg1AMXvgRNoMSN1k-C7hs4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/PP38J-1jsb5Vp4GzRFlw9MArF5c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/c8adBFg1AMXvgRNoMSN1k-C7hs4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:2582::/32
2a0d:2584::/32
2a0d:2685::/32
Signature Algorithm: sha256WithRSAEncryption
bd:74:6f:21:8b:b4:b2:35:a1:fb:9a:84:df:84:6c:f3:93:e8:
e5:34:f0:38:9e:e2:1c:b0:bd:8b:d3:64:68:02:39:3a:e0:df:
ed:d0:3a:40:6a:6b:e9:2e:0c:da:a6:ae:97:43:52:2b:ab:63:
6b:c6:92:6f:fc:82:95:15:86:4d:1a:e4:a3:c9:7e:34:1d:e1:
68:a0:ff:c4:40:4a:21:4f:bf:10:95:55:f0:ff:ec:5a:2c:41:
33:ef:c2:59:81:7e:a3:9b:97:97:d5:40:4a:f8:b2:5b:be:f4:
c0:d3:4f:74:84:78:1c:a2:c3:72:ff:37:df:64:77:97:41:25:
48:7f:4d:53:76:3e:1b:8d:dd:c3:10:a8:22:3d:e0:c5:07:d3:
64:08:bc:3d:ac:2b:e1:d6:71:b3:3a:8e:d6:17:e8:e8:d9:78:
98:6b:74:1c:55:6b:03:ed:08:b8:6b:e2:4d:14:c2:8d:bd:fe:
f2:52:3c:bd:ab:df:cb:c6:99:99:40:fa:f6:7b:bb:c4:c0:c0:
98:93:5c:6c:f5:cc:3d:9f:33:07:08:b6:2a:74:a5:e6:20:b5:
fd:0c:cd:82:19:ce:65:59:0a:ba:f8:6d:f6:96:d9:75:67:a0:
1a:16:85:b3:7f:95:39:73:8d:18:9e:8a:9a:08:0e:98:ad:90:
c9:b0:96:a4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYxD4z0HEhorGVeTTtKLSS5+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczYzY5ZDA0NTgzNTAwYzVlZjgxMTM2ODMxMjM3NTkzZTBi
Yjg2Y2UwHhcNMjMxMjA3MTA0NjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2ZkZmMyN2VkNjNiMWJlNTVhNzgxYjM0NDU5NzBmNGMwMmIxNzk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwGgob+RsEbqm648yoe7U9jCtPcqd
ElDzteFRdghYjyrP48T+w5NRhn1kWErML1HBhRyBC6dPLp6xKEN9fCUCjyavun7z
OnmJPl2ZFvi0NEviwwKweS9v8zLHf6gIJT6tvhfQItQkH235Ndngu7RCrvPQP8w6
+ZNkmXeG0No8Ar6s485AYqVcsXttNPG4GY4YEWzUvLXfGpk380Y2iKKMWipY/8A2
XbBfSHKF1Tdnj5jIC+CHpEAFWxmxEXaRdXG350c3DtSJmecTx0/nx65J2YrzzSks
7pIrGflMdvlClvXFZJwsmN0VKTj6r+GGsIgIFx31mvkf1utJxgFwNDKHEQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDz9/CftY7G+VaeBs0RZcPTAKxeXMB8GA1UdIwQY
MBaAFHPGnQRYNQDF74ETaDEjdZPgu4bOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYzhhZEJGZzFBTVh2Z1JOb01TTjFrLUM3aHM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82ZjZjZTItZTZlZS00ZTJhLTkwNWQt
ZjljYjBhN2IyMDZjLzEvUFAzOEotMWpzYjVWcDRHelJGbHc5TUFyRjVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82ZjZjZTItZTZlZS00ZTJhLTkwNWQtZjljYjBhN2IyMDZj
LzEvYzhhZEJGZzFBTVh2Z1JOb01TTjFrLUM3aHM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUAKg0lggMF
ACoNJYQDBQAqDSaFMA0GCSqGSIb3DQEBCwUAA4IBAQC9dG8hi7SyNaH7moTfhGzz
k+jlNPA4nuIcsL2L02RoAjk64N/t0DpAamvpLgzapq6XQ1Irq2NrxpJv/IKVFYZN
GuSjyX40HeFooP/EQEohT78QlVXw/+xaLEEz78JZgX6jm5eX1UBK+LJbvvTA0090
hHgcosNy/zffZHeXQSVIf01Tdj4bjd3DEKgiPeDFB9NkCLw9rCvh1nGzOo7WF+jo
2XiYa3QcVWsD7Qi4a+JNFMKNvf7yUjy9q9/LxpmZQPr2e7vEwMCYk1xs9cw9nzMH
CLYqdKXmILX9DM2CGc5lWQq6+G32ltl1Z6AaFoWzf5U5c40YnoqaCA6YrZDJsJak
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:39 2024 by rpki-client on console-fra.rpki-client.org